Please Read: Before starting the Control Center upgrade/uninstall process, you mu- - st backup the entire "conf" directory found under Control Center install location. Please follow the steps below before upgrading: The following instructions apply to maintenance upgrades. 1. Stop Control Center engine 2. Back up \conf directory found under Control Center install location. 3. Proceed normally with installing the latest version of Control Center in original . (The installer would automatically un-install the previous version - but all of the configuration data will still be there). 4. On Unix, Linux platforms, run configCC.sh -------------------------------------------- List of Fixes (or Enhancements) included in Control Center 5.4.2.2 iFix02 (Released 05/22/2018) 1. IT25081/R568293 (2018-05-05) Description if issue: The jar signing certificate used by Control Center is set to expire on June 21, 2018. Control will stop functioning on this date. You must upgrade to 5.4.2.2 iFix02 or later in order to correct this. Description of fix: Replaced the certificate used for signing the jar files with a multi-year expiration date. -------------------------------------------- List of Fixes (or Enhancements) included in Control Center 5.4.2.2 iFix01 (Released 04/16/2018) 1. R548223 / IT22571 (2017-10-02) Description of issue: False Workflow SLC alerts. Workflow SLCs with a calendar schedule, and one or more duration milestones, were not terminating the milestone monitor logic at the end of the SLC's monitoring window, causing erroneous events to be generated if events that met the milestone criteria were received after the end of the SLC's monitoring window. Description of fix: Fixed the logic so the Workflow SLC's milestone monitors would be terminated at the end of the SLC's monitoring window. 2. IT21877/R546855 (2017-10-04) Description of issue: Unable to monitor C:D i/5 Description of fix: Stopped using host name for database name when making connection. 3. R552668/IT22774 (2017-10-12) Description of issue: The JCE unlimited strength policy files located in are overwritten during each install/upgrade. Description of fix: Updated the installer to preserve (copy) the unlimited strength policy files during upgrade. 4. R546048 (2017-10-13) Description of issue: The cogstartup.xml file was not being captured when the data collector ran Description of fix: Updated the path to the file to be "configuration" instead of "Configuration" as case matters on all systems except Windows. Also fixed path to the installation log file and included two new Cognos configuration files in data collector output per customer support request. 5. R554679 (2017-11-02) Description of issue: Cognos fails to start on Windows when there is a space in the installation directory path. This was caused by missing double quotes on a property specified in \Cognos\bin64\bootstrap_wlp_winx64.xml. Description of fix: Corrected bootstrap_wlp_winx64.xml to include the double quotes on the following property: "-Djava.security.properties=${install_path}/../conf/CC_java.security". 6. IT23154/R555154 (2017-11-14) Description of issue: Unable to select New York as a time zone for SLC schedules. Users can choose EST as a time zone for SLC schedules, but unlike New York, EST does not have Daylight Saving Time. Description of fix: Update thick client logic to allow the selection of New York as a time zone for SLC schedules. 7. IT24122/R561380 (2018-02-19) Description of fix: The truststore/keystore password, was sometimes displayed in the clear in the server properties panel for SI servers. Description of issue: Modified the logic to always mask the store password(s) in the display. 8. IT24569/R565795 (2018-04-02) Description of issue: Required upgrade to Java 7.0.10.20 to resolve Jan 2018 quarterly Java security issues. Description of fix: Upgraded to Java 7.0.10.20. -------------------------------------------- List of Fixes (or Enhancements) included in Control Center 5.4.2.2 (Released 09/12/2017) 1. IT00895 / R417898 Description of issue: The configuration JobName cannot be used as a variable within any script. Description of fix: Added the JobName to allow it to be used in a script such as an Action Email. 2. R421272/IT01096 Description of issue: The statistics filter in classic console does not display the results in case sensitive manner when Oracle is used as the database. Description of fix: For the fields (Source File, Destination File, Mailbox ID), the SQL query that's built uses an Oracle function to display the results in a case insensitive manner 3. IT01223/R420920 Description of issue: When a connection to a MQ server fails, the code attempted to retry. However it did not attempt to retry the connection. Description of fix: Null out the producer object so that the connection will be retried. 4. IC991814/R412747 Description of issue: Control Center engine stops monitoring an FTP node, if the file name that's transferred is named with a single quote. Description of fix: Added code to correctly parse the record, if the file is named with a single quote. 5. IT01485/R422128 Description of issue: Web Console doesn't allow handling of multiple alerts Description of fix: Set grid to allow multiple row selection and handle selection events. 6. R424150/IT01747 Description of issue: A user role with only view ability is able to stop and start SI adapters. Description of fix: Modified code to only permit users with manage privileges to start or stop SI adapters. 7. R424486/IT01817 Description of issue: Exceptions are thrown in a loop in the engine log, when the engine cannot establish a connection to a Connect: Direct node due to a bug. Description of fix: Modified the code to check for null values, in order for the engine to determine the next set of actions to take when, one of the nodes could not be contacted. 8. R424136/IT01746 Description of issue: Control Center shuts down when executing a user defined query/filter criteria for process history. Description of fix: Added code to execute the query only once, if its a query that's initiated by the UI. 9. R423910/IT01778 Description of issue: stopEngine.bat with the switch -np does not work when Control Center engine is started as a service. Description of fix: Added code to stop the service, along with the other processes. 10. R422241/IT01791 Description of issue: The netmap node entry values alt_comm_outbound and alternate_comminfo could not be cleared. Description of fix: Added code to specify the null data '˜[DATA]' which is a special value for the Application Interface for Java to indicate to the Connect: Direct node to clear the values. 11. IT00253/R413884/R425059 Description of issue: Views do not get created during the upgrade process when DB2 is used as the database. Description of fix: Added code to add missing views regardless of the database type, while configuring Control Center by running configCC. The engine will not come up, if any tables or views are missing. The user must run configCC in order for it to create any missing tables or views, during an upgrade process 12. IT01825 / R420900 Description of issue: There is currently no server status event generated that would indicate a connection attempt to a Connect:Direct server fails during engine startup. The customer frequently re-cycles Control Center and wants to generate an alert if the initial connection fails during startup. Description of fix: Created a new message id CNCD071E, which is only issued if a connection attempt to a C:D server fails during the very first attempt after the NodeService object is created during engine startup or when a new server is defined. If this occurs, a server status event will be logged in the EVENTS table, from which an alert could be generated. 13. IT01945 / R425809 Description of issue: MQ MFT report does not run when Server Name and Return Code are used as sort criteria. Description of fix: Modified the properties file to map the sort columns correctly. 14. IT01893 / R424562 Description of issue: No alerts are generated when the keys executingProcs or nonExecutingProcs are used as part of a rule match criteria. Description of fix: Removed the keys executingProcs and nonExecutingProcs from the RuleMatchKeyInfo.properties file. Users must use the message ids CCNS020E and CCNS030I to get notified, when queue limits are exceeded. 15. IT01745 / R423446 Description of issue: Control Center engine shuts down when a query times out because of a slow performing database. Description of fix: Added code to display how long the query took to execute, how many times it was executed, and when the execution started and ended to let the user know that its not the engine, but the database, that is the problem. 16. IT01746 / R424136 Description of issue: Control Center shuts down when executing a user defined query/filter criteria for process history. Description of fix: Added code to execute the query only once, if its a query that's initiated by the UI. 17. IT01778 / R423910 Description of issue: stopEngine.bat with the switch -np does not work when Control Center engine is started as a service. Description of fix: Added code to stop the service, along with the other processes. 18. IC99886 / R414066 Description of issue: Catalina.out file fills up when Cognos runs. Description of fix: Added code to get rid of the file during Control Center engine starup. 19. IT00388 / R416514 Description of issue: When a userid is deleted on Linux/Unix, the /conf/Users/user.xml file does not get deleted, if it contains any upper case characters. This is because the userid value in the file pathname is changed to lower case. In systems which are case sensitive, the file was not detected and consequently did not get deleted. Description of fix: Construct the file path name using the exact userid value that is being deleted (i.e. preserve the casing), when deleting the file. 20. IT00528 / R417208 Description of issue: Customer requested that 25 recently added C:X (Connect:Express) variables to Actions, also be exposed to the Rules Parameters selection menu. Additionally, the customer requested variables, plus one brand new C:X variable be added to SCC (SSLRC - SSL Return Code). Description of fix: Added the following CX.xxxxx variables to the RuleMatchKeyInfo.properties file. CX.CRCO=CRC Used CX.FAPI=User Description of the Transfer CX.FLAO=Interconnected File Agent is Active CX.FRLG=Local Record Length CX.MULT=Multi-Article is Used in Fpfu Data CX.NMGS=Network Message Size CX.PI11=PeSIT File Type CX.PI15=File Date and Time Creation CX.PID=Process Identifier of the Process that Executed the Request CX.PRIO=Transfer Priority CX.REQD=Request Accepted Date CX.REQR=Name of the Entity that Submitted the Request CX.RETN=Number of Retries CX.RSTA=Transfer Status CX.TCPA=Remote Node TCP/IP Address CX.TCPH=Remote Node Host Name CX.TCPP=Remote Node Port Number CX.TRTN=Translation Table Identifier CX.TYPC=Compression Type CX.TYPD=Data Type CX.TYPF=File Type CX.TYPN=Notification Type CX.TYPP=Partner Type CX.FTOP=Type-Structure-Mode Options CX.FTSU=Store Unique Option CX.SSLRC=SSL Return Return Code 21. R403070 Description of issue: The Connect:Direct servers implemented a new Secure+ version which provides support for TLS 1.1 and TLS 1.2 and additional Security Modes when FIPS enabled, as well as other security enhancements. Description of fix: Updated Sterling Control Center to work with Secure+ version 4 by updating the node configuration fields for Secure+ nodes, key certificates, trust certificates, and cipher suites. See the documentation for Connect:Direct for more information about new Secure+ configuration parameters. The following minimum Connect:Direct release levels are required to support TLS1.2. ?CD zOS 5.2 PTF UI18975 ?CD Windows 4.7.0.0 ?CD Unix 4.2.0.0 22. IT02683 / R430369 Description of issue: stopEngine -np does not cause a graceful shutdown. Description of fix: Modified the code to perform a graceful shutdown. 23. IT02735 / R430068 Description of issue: The SI File transfer report always shows the same nodeName (node1 or node2) for the ORIG_NODE, regardless of where the session was initiated. Description of fix: Modified the code to assign the values for session end point, and not default to nodeName, unless the protocol is SWIFTNET or AS2. 24. R424654 Description of issue: This is a customer request to capture and expose the CDzOS Job Name and Job Id to SCC as variables for actions and rules filter criteria. Description of fix: Added logic to include the CDzOS Job Name and Job id in the Actions pull-down menu and Rules filter criteria. Additionally, the Select Statistics function displays the z/OS Jobname and z/OS Jobid when viewing properties for PS, CT, RJ, RT and PT records in PNODE stat records. Co-Requisite: The following PTF must be applied to your corresponding CDzOS maintenance level in order to make these two new variables available to Control Center: Connect:Direct zOS 5.1.1 APAR PI19716 / PTF UI18989 Connect:Direct zOS 5.2 APAR PI20334 / PTF UI19094. 25. IT02229 / R425826 Description of issue: Invalid XML characters are not replaced from the event that's published to the JMS queue/topic Description of fix: Modified code to replace the invalid XML entity characters. 26. IT02934 / R432103 Description of issue: In a SI server definition, the option to override the server’s actual time zone is not honored, because the corresponding xml tag is never generated in the server.xml file. Consequently, the check box in the server “Settings?tab titled “Use This Time Zone And Ignore Server Provided UTC Offset?is always ignored (treated as false). Description of fix: Added the missing code to generate the xml tag: . 27. IT03049 / R432253 Description of issue: Adding a server or removing a server from a server group associated with a large number of SLC groups takes several hours. Description of fix: Modified the code that unnecessarily was taking long time to handle notifications. 28. IT03044 / R418228 Description of issue: Control Center engine generates an error (Could not create a stat record) when it cannot find a missing route record that is committed to the SI's database, after a certain time interval in the future. Description of fix: Added code on the engine side, to account for route records that are committed by SI in a clustered environment at a later time. 29. IT03109 / R433307 Description of issue: Invalid XML characters like (Unicode: 0x4) end up on the JMS queue. Description of fix: Added code to remove the invalid XML characters before publishing to the queue. 30. R436019 Description of issue: Test connection button for CD servers gets Null Pointer Exception (NPE) when invalid connection information used Description of fix: Added code to check if nodeService object is null to prevent the NPE. 31. IT03233 / R434079 Description of issue: Control Center shuts down when due to a SQL query that's used to fill up the completed process cache for a DVG. Description of fix: Optimized the SQL query by reducing the overall cost of the operation. 32. RTC438110 Description of issue: Audit log is available to restricted users. Description of fix: Added code to display the audit log information only to super users. 33. IT033335/RTC432250 Description of issue: Sterling B2B Integrator (SI) completed processes get stuck in the Queued Activity Monitor. This occurs when SI is installed on a cluster and, due to load balancing, a process starts on one node but finishes on another node in the cluster. Since the originating node is part of the criteria to identify a process, the start event is never matched to the end event. Such processes can remain stuck in the Queued Activity Monitor for approximately 24. hours. Description of fix: Pass node type when creating the ProcessInfo and if nodeType is SI, then set origNode to NO_NAME (as if it wasn't supplied). 34. IT03616/R435983 Description of issue: Control Center console locks up when adding a new server to a server group. Description of fix: Modified the code to display that the engine is running only when all the node services have started. The console throws an error message if the user attempts any CRUD operations on servers or server groups, before the engine is fully initialized. 35. R439004/IT04031 Description of issue: Control Center classic console does not display Sterling B2B Integrator related fields when specifying the Data Visibility Group criteria. Description of fix: Updated the RuleMatchKeyInfo.properties file to reflect SI fields. 36. R438725/IT03937 Description of issue: Upgrading Control Center 5.4.1.0 to 5.4.2.1 iFix01 fails with a SQL exception Description of fix: Fixed the code to create new tables, and alter old tables with new columns. 37. R438098 / IT04168 Description of issue: Process Name is inconsistent when monitoring BPs on a busy SI server. SCC maintains a map that associates the unique work flow ID to a single process name for each BP and uses that same process name for all corresponding statistics and events for that BP. During periods of high SI activity, thousands of BPs can be processed in a short time span. Occasionally, a BP map entry can prematurely age out and be overwritten, before the BP completes. When this occurs and the next work flow record is processed for the "aged out" BP, Control Center creates another map entry using the current value as the process name. If this is different than the original process name created at the start of the BP, it causes the process name discrepancy for all subsequent records for that BP. Description of fix: Increased the sizing factor from 2 to 15 in the boundedMap (bpIdMapping) to ensure the id/name entries remain in the map for the duration of all in-progress BPs. 38. R438110 / IT03897 Description of issue: Audit log is available to restricted users. Description of fix: Added code to display the audit log information only to super users 15. IT04373 / R432582 Description of issue: SCC incorrectly calculated the max partition date for DB2 zOS partitions, causing date range gaps in the partition keys. Description of fix: Corrected the logic which calculates the max partition date. 39. IT04031 / R439004 Description of issue: Control Center classic console does not display Sterling B2B Integrator related fields when specifying the Data Visbility Group criteria. Description of fix: Updated the RuleMatchKeyInfo.properties file to reflect SI fields. 40. IT04371 / R441303 Description of issue: cannot login to the classic console due to an InvalidClassException. Description of fix: Added a serial version UID for those classes that implement the Serializable interface. 41. IT04625 / R442808 Description of issue: Console launched from web launch page does not display welcomeMessage.txt. Description of fix: Added code to propagate welcomeMessage.txt to JNLP launcher. 42. IT04064 / R437377 Description of issue: Control Center reports do not work when installed on VMware clusters running AIX 6.1 installed on an IBM Power VM VIOS. Description of fix: Add the following environment variable LDR_CNTRL=MAXDATA=0x70000000 in order for the Cognos Metadata service to get enough process data space allocated. 43. IT04581 / R443044 Description of issue: When upgrading to SCC 5.4.2.1 and using a DB2zOS database, the customer encountered two errors: ?Error executing DB2 SQL script, due to incorrect syntax (CREATE OR ALTER VIEW): DB2 SQL Error: SQLCODE=-199, SQLSTATE=42601, SQLERRMC=OR;ALIAS AUXILIARY AUX TRIGGER JAR TABLESPACE DISTINCT LARGE LOB, DRIVER=3.66.46 ?Error executing a DROP TABLESPACE command, due to omission of database-name. DB2 SQL Error: SQLCODE=-636, SQLSTATE=56016, SQLERRMC=32, DRIVER=3.66.46 Description of fix: ?Corrected the DB2 SQL syntax: Changed CREATE OR ALTER VIEW to DROP VIEW + CREATE VIEW. ?Corrected the DROP TABLESPACE command to specify the database-name (i.e. DROP TABLESPACE database-name.table-space-name) 44. IT04763 / R444327 Description of issue: Cannot create or update a Secure+ node entry. SPCG358E Invalid protocol value is displayed in the error message. Description of fix: Modified the code to specify the correct value. 45. IT04763 / R444327 / R436012 Description of issue (R444327): Active Alerts Monitor can take a long time to display the alerts. When using a MSSQL database, both the Completed Process and Active Alerts SQL queries result in a very inefficient database execution plan (a full table scan). These queries read the EVENTS table, which can often contain tens of millions of rows. The full table scan often results in a very long running query, sometimes causing SQL timeouts and requiring multiple retry attempts. This process uses a resource lock, causing other requesters to wait until the SQL request is completed. This is why a user sometimes has to wait a long time to see the alerts displayed in the console. Description of issue (R436012): Occasionally, a process remains in the Queued Activity Monitor after it has completed processing. Note: The description of these two issues (R44327 and R436012) with a single fix description below is correct and intentional (it is not a typo). Since both the “active alerts?and “queued / completed process?database queries are almost identical, the fix below corrected both issues. Description of fix: Added a new MSSQL index: CREATE INDEX EVENTS_ALERTS ON EVENTS (ALERT_DELETED, ALERT) INCLUDE (EVENT_ID, DATE_TIME, SEQ_NUM) This index was recommended by the MSSQL Optimizer and resulted in changing the execution plan FROM a full table scan TO an indexed seek. 46. IT04165 / R439936 Description of issue: Alerts are not displayed when launched from the Sterling B2B Integrator sub-tree Description of fix: Fixed the code that had incorrect object key set. 47. IT04982/R445321 Description of issue: Control Center throws a validation error if the remote user id for a Connect: Direct UNIX node has an exclamation mark in it. Description of fix: Modified the code to accept exclamation as a valid character. 48. IT05387 / R445005 Description of issue: The connection between IBM Sterling Control Center (SCC) and IBM Sterling External Authentication Server (SEAS) can become broken and SCC is unable to successfully re-establish the connection, preventing users from signing-on. SCC uses a persistent connection to SEAS, meaning an active session is established at all times. Occasionally, when an error is detected, the connection re-try logic is unable to re-establish the connection. Description of fix: Created a new system property to allow the SEAS connection to be either persistent or non-persistent. Using a non-persistent connection eliminates the possibility of socket errors on open connections, because a new connection is established each time a user signs-on. After installing this fix, when configCC is executed, the engine.properties file will be updated with the following entry. ########## SEAS_PERSISTENT_CONNECTION=true # true = maintain a persistent connection to SEAS at all times (default value) # false = connect/disconnect to/from SEAS each time a user signs on You can confirm persistent or non-persistent connections are in effect by viewing the SeasService_yyyymmdd_hhmmssnnn.log. The first line will indicate this. For example: dd mmm yyyy hh:mm:ss,nnn [main] - Using non-persistent connections (SEAS_PERSISTENT_CONNECTION=false) 49. R447786 Description of issue: When using secure connections between the engine and classic GUI -and- between the browser and web server (Websphere/Liberty), the SSLv3 protocol cannot be turned off for both of these connections. Description of fix: Added two new properties in install-dir/conf/engine.properties to set the protocol(s) to be used for secure connections. After installing this fix, when configCC is executed, the engine.properties file will be updated with the following two commented out entries (com.ibm.jsse2.overrideDefaultProtocol -and- WEBSERVER_SECURE_PROTOCOL). The default protocols are determined by the system. Uncomment either or both properties and set your protocols as desired. ########## # com.ibm.jsse2.overrideDefaultProtocol=TLS # Set the protocol(s) for engine <----> classic GUI secure connections # Example: SSLv3 | SSL_TLS | SSL_TLSv2 | TLS | TLSv1.1 | TLSv1.2 ########## # WEBSERVER_SECURE_PROTOCOL=TLS # Set the protocol(s) for browser <---> web server (web UI) secure connections # Example: SSLv3 | SSL_TLS | SSL_TLSv2 | TLS | TLSv1.1 | TLSv1.2 50. R447393 Description of issue: Alerts report does not generate output when there are a large number of alerts with comments specified. Description of fix: Modified the code to add the date/time values specified as part of the report criteria to the sub-query that retrieves values from a different table. This prevents the full table scan that occurs without the date/time criteria. For optimal results, suggest using a date/time criteria for the report definition. 51. IT05332 / R445650 Description of issue: Data visibility criteria pertaining to Sterling B2B Integrator does not work Description of fix: Corrected the RuleMatchKeyInfo.properties file by making sure the keys sync up with the values. 52. IT05479 /R447393 Description of issue: Alerts report does not generate output when there are a large number of alerts with comments specified. Description of fix: Modified the code to add the date/time values specified as part of the report criteria to the sub-query that retrieves values from a different table. This prevents the full table scan that occurs with out the date/time criteria. For optimal results, suggest using a date/time criteria for the report definition. 53. R448380 Description of issue: Need to obtain latest java security fixes. Description of fix: Upgraded java in SCC to IBM JRE 1.7.0 SR7 FP1. 54. IT05872 / R445112 Description of issue: Control Center engine start-up time unacceptable, when large number of servers are being monitored. Description of fix: Optimized the code to reduce the engine start-up time. 55. IT06169 / R451256 Description of issue: During an upgrade from 5.3 to 5.4.2.1, while executing upgrade script cc5040200_oracle_changes.sql, the keyword LOCAL was erroneously appended on a CREATE INDEX statement for a STAG database table. This resulted in error: ORA-14016: underlying table of a LOCAL partitioned index must be partitioned. Description of fix: Added a check to the logic to verify that LOCAL is only appended for a partitioned PROD table. 56. IT06229 / R450995 Description of issue: Default to Local Node was an option for the FIPS Enabled drop down list on the .Local node. Description of fix: Eliminated the Default to Local Node option on the .Local node 57. R451164 Description of issue: Several issues were found when DVGs were used in high volume database environments that impacted the performance of Sterling Control Center: User can specify initializeCachesAtStartup false in CCEngineService.xml, but this is not honored when the first Completed Processes Monitor is opened. User can't limit the query when initializeCachesAtStartup true is specified. User can't specify the limit for records retrieved when drilling down on file transfers from the web console dashboard. Certain database queries are inefficient in large volume database environments. Excessive interaction between the GUI and the SCC engine when updating the Active and Completed Alerts caches. Description of fix: initializeCachesAtStartup false is now honored even when first Completed Processes Monitor is opened. The user can now restrict the Completed Processes caches to the most recent nn days. completedCacheDaysFromDB nn can now be specified in the CCEngineServices.xml document to restrict the queries to fill in the cache to only the most recent nn days. The default is no limit. It is recommended that this setting be set to 7. The user can now specify the drill-down limit for file transfers in the web console dashboard. completedXferLimit nn can now be specified in the CCEngineServices.xml document to limit the results returned from the query. The default default is 1000. It is recommended that this limit be set to 100. The queries for drill-down for file transfers in the web console dashboard have been changed to provide for better performance. The queries used to fill in the Completed Processes caches have been changed to honor the completedCacheDaysFromDB setting in the CCEngineServices.xml document. The GUI updates the Active and Completed Caches more efficiently. 58. R447486 and R453619 Description of issue: Alerts would be coming in an hour late after daylight savings. Description of fix: Changed the way the time zone of a SI server is set within Control Center. First looks for the SI server's set time zone. If the server's time zone is not set, then it estimates the time zone of the SI server based upon the UTC offset. 59. IT06557 / R453489 Description of issue: Control Center stops monitoring a MQ server, when a MQ MFT event is processed with a date outside the partition date range. Description of fix: Added logic to ignore the event if the date falls outside of the partition date range. 60. IT06831 / R445312 and R451933 Description of issue: The GUI will load and then freeze for the customer. The GUI would take roughly 20 minutes before it becomes operational. Description of fix: Optimized the way the server list is used. 61. IT06904 / R454568 Description of issue: SCC shutdown due to a bad SQL query for a SI node. The invalid query originated from both "Select Statistics" and "Reports" resulting in invalid syntax (i.e. RET_CODE > '\'0\'' instead of RET_CODE > '0'). Description of fix: Corrected the logic which builds the WHERE clause to ensure the return code value is properly enclosed in single quotes for all operators. 62. IT07110 / R455783 Description of issue: If you have a rule that monitors when an MQ MFT agent is stopped, then when the rule is trigger it will cause about 100 alerts to be created. Description of fix: Changed the logic behind the MQ MFT monitoring so that looks for Agents with a status that contains STOPPED instead of matches STOPPED. 63. R454555 Description of issue: Control Center would launch to the http port for CDBrowser even when it was disabled. Description of fix: If the http port for CDBrowser is disabled, then it uses the secure port. 64. IT07203 / R439636 Description of issue: SCC's DB is required to be defined with UTF-8 encoding. However, data can be written into GIS's DB that is not UTF-8. When SCC retrieves this data from GIS and attempts to write it into SCC's DB, the DB rejects the data as not being valid UTF-8 characters. This, in turn, causes the SCC engine to come down. Description of fix: The fix converts all consecutive non-UTF-8 characters into ? characters. Any Rule or SLC that is looking for the invalid characters must be written with the understanding that the consecutive invalid UTF-8 characters will be represented as a single ? mark. 65. IT06216 / R449995 Description of issue: After removing a Connect:Direct node from Control Center, the following java error message was written to the engine log every 15 seconds: javax.management.InstanceNotFoundException: NodeServices:Name=xxxxxxxx,Type=1. This is a legacy error that occasionally occurs when the engine erroneously tries to get process information for a server definition that was recently deleted. Description of fix: Modified the logic to not run the ProcessGetterThread within the context of the engine. 66. IT07227 / R456679 Description of issue: MQMFT node is disconnected from Control Center. The original method used to clone MQMFTStatistic could result in a java.lang.StackOverflowError, if processing very large amounts of data. Description of fix: Coded a new optional method to clone the object. If the new way of cloning the object is required, the following property can be set in engine.properties: NewMFTClone=true 67. IT07727 / R457002 Description of issue: There were FG options for DVGs that were pointless. FG.ProducerPayload, FG.RouteCount, FG.ProducerFileStructure, FG.RoutingChannelTemplateName, FG.LayerCount, FG.LayerDescription, FG.LayerType, FG.LayerFilename, FG.PayloadName, FG.ConsumerContentType, FG.ConsumerType, FG.ConsumerMailboxPath are not useful to a DVG restricted user because these fields are not in the process start / process end of an event. Removed FG.Business Process Name from DVGs, metadata, and rules. The Business Process Name is mapped to the Process Name, so users should use that field instead. Description of fix: Removed FG options from DVGS: FG.ProducerPayload, FG.RouteCount, FG.ProducerFileStructure, FG.RoutingChannelTemplateName, FG.LayerCount, FG.LayerDescription, FG.LayerType, FG.LayerFilename, FG.PayloadName, FG.ConsumerContentType, FG.ConsumerType, and FG.ConsumerMailboxPath. Removed FG.Business Process Name option from DVGs, metadata and rules. 68. R460137 Description of issue: Customer requested that a new Rule Parameter and three new Action Variables be exposed in the corresponding pull-down selection menus. The Action variables are honored in Email, OS Command and Server Command actions. Description of fix: Added the following Rule selection criteria and Action variables: Rule Parameter: File Agent Message ID Action Variable: c_msg_ID=File Agent message ID Action Variable: c_srcFile=File Agent source file name Action Variable: c_stepName=File Agent rule name 69. R460482 Description of issue: A Connect:Direct server that consistently throws an "IOException in CommunicationsBuffer::Receive()" is causing Control Center to experience out of memory errors after many repeated statistics requests. (Typically, the C:D server will need to be restarted to get it out of this state.) Description of fix: Added logic to pause the node after this particular exception is thrown for a customizable number of times. A new property has been added to the engine.properties file which specifies the number retry attempts for this type of error, before the server is shunned: NUM_EX_BEFORE_SHUN_SERVER=nnn. 70. R462527 Description of issue: A CREATE TABLE command failed, when trying to run a Cognos report, using a DB2 LUW database: SQL Exception msg : DB2 SQL Error: SQLCODE=-622, SQLSTATE=56031, SQLERRMC=IN DATABASE. This was due to the "IN DATABASE" clause erroneously being inserted into the SQL command. This clause applies only to DB2zOS (not DB2 LUW). Description of fix: Corrected the code to insert the IN DATABASE clause when the database type is DB2zOS. 71. R458450 Description of problem: When launched from Sharepoint, the C:D Browser seems to hang when logging off the C:D server. Cause is code that calls a function in the window.opener. Description of fix: Added a try/catch block around the call to the window.opener function that ignores any error and allows the logoff to occur. 72. R463835 Description of issue: After upgrading Control Center to use JRE 1.7.0 SR8 FP10 and beyond, an exception is thrown when the web server (Liberty) tries to allow/use the SSLv3 protocol. Java now disables SSLv3 by default, so Control Center must not use SSLv3, by default. Description of fix: Set the engine property WEBSERVER_SECURE_PROTOCOL default value to TLS (instead of SSL_TLS). 73. R463835 Description of issue: SCC Web Console not showing results of selected options. This started occurring when 5.4.2.1 iFix03 was updated to use a newer java release (1.7.0 SR7 FP1 and beyond). The newer java releases disable SSLv3 by default. The CRE (Common Rendering Engine) used in 5.4.2.1 only honored SSLv3. Since the CRE expected to use only SSL and java now only allows TLS by default, an internal connection to CRE could not be established. Hence, any screens that implement gadgets could not be rendered properly. Description of fix: Updated CRE (Common Rendering Engine) to a version that allows TLS. 74. R463796 Description of issue: Cannot update disable.proxy.password.security on Control Center from the Full Text View. This was caused by the parameter missing from a list which defines the valid C:D Windows initparms. Description of fix: Added disable.proxy.password.security to the list of valid CD Windows initparms. 75. R459768 Description of issue: The tracing of a CD i5/OS node could not be updated without restarting the engine. Description of fix: Changed the monitor functionality to change the tracing level. 76. R460282 Description of issue: File Gateway entries that use UTF-8 compliant special characters can exceed the field length of database columns. Description of fix: Changed the way Control Center parses the information before inserting the information into the Events table. Truncates the information so that it fits within the Events tables field definitions.R467581 Description of issue: Some security vulnerabilities have been identified in older releases of Apache ActiveMQ. This functionality (ActiveMQ) is used in Control Center if JMS (Java Message Service) is configured. Description of fix: Upgraded Control Center to execute the latest release of Apache ActiveMQ. Additionally, made a code fix to allow JMS to be configured with the embedded broker option and execute properly. 77. R458295 Description of issue: Unable to sign on using a secure connection to a Connect Direct node using the built in CDBrowser. Description of fix: Changed the permissions of Liberty to access the keystore and truststore. NOTE: This fix has been updated. The update will be available in 5.4.2.1 iFix05, or can be downloaded from ECuRep. Contact support for more information. 78. R466051 Description of issue: When switching to partitioning on Oracle during an upgrade, configCC fails with SQL error (ORA-01722: invalid number). Description of fix: Corrected the SQL INSERT statement. 79. IT09589/R466949 (2015-06-24) Description of issue: When adding a server to a server group, if the server group is related to a number of SLCs, it will take long time to complete. Description of fix: Ignore the check of the schedule access when adding the server which reduce the time cost. 80. IT09663/R468471 (2015-06-24) Description of issue: By design, when Control Center is configured to emit events to a JMS queue, the JMS queue must always be available. If Control Center cannot contact the JMS queue to emit an event, it retries the operation and if the retries have been exhausted, the Control Center engine is brought down. Description of fix: To avoid this shutting down of the Control Center engine, two new properties may be added to the conf/engine.properties file: IGNORE_JMS_ERRORS=false|true (false is the default) IGNORE_JMS_ERRORS_RETRY_MINUTES=10|nn (n > 0, 10 is the default) With IGNORE_JMS_ERRORS=true specified, Control Center will ignore the retry specifications in the JMS configuration and, instead when there is a failure to connect to the JMS queue, will ignore the error. After getting an error, all attempts to emit events will be ignored until the retry minutes have expired, and then the next event to be emitted will cause Control Center to retry the connection. If this fails, Control Center will retry again after the retry minutes expires. Note: retrying on each event would cause an unacceptable slow-down of Control Center performance since each retry attempt involves a TCP time-out. When the JMS connection is first recognized as down, a new event is generated (Event Type 15, message id CJMS001E) to indicate that the JMS connection is down. When the JMS connection is subsequently available, another event is generated (Event Type 15, message id CJMS002E) to indicate that the JMS connection is up. Rules may be written against these events and appropriate action can be taken. While the JMS connection is unavailable, events will be lost (not emitted to JMS). Appropriate messages in the Control Center log indicate how many events were lost during each outage. 81. IT09354 / R464142 (2015-06-26) Description of issue: The Cognos UDF (User Defined Function) convertToUserPrefTZ parameter data type mismatch the data type on MSSQL DB which causes this issue. The Cognos UDF convertToUserPrefTZ accepts datetime as VARCHAR, but in MSSQL DB it is NVARCHAR. Description of fix: Cast datetime to VARCHAR in the Report to make convertToUserPrefTZ work. 82. IT10129 / R471147 (2015-07-17) Description of issue: All secure SEAS connections began failing after 1-2 days from engine startup. The keystore and truststore passwords were erroneously changed when retrieving the engine properties to be displayed in the classic GUI and web UI. The intent was to mask out the passwords for display purposes in a copy of the properties. However, the actual property was set to the mask characters, causing all subsequent secure SEAS connections to fail until the next engine re-cycle. Description of fix: Corrected the code to clone the properties and then update the copy to mask out the passwords. 83. IT10153 / R471753 (2015-07-17) Description of issue: When Control Center Engine receives invalid events (eg. PNODE name length > 255) from CD, when insert this event into database, there will be a SQLException thrown out that will cause the engine shutdown. Description of fix: Add the protection code before inserting the invalid event to database, that is truncate the invalid data to a max length before doing the insertion. 84. IT09952 / R470455 (2015-07-08) Description of issue: Sterling Control Center disconnects from MQ FTE Coordinator when Message is older than DB partition range Description of fix: If the log date is older than the minimum partition date, ignore the record and continue (do not SHUN the node); If the log date is newer than the maximum partition date, continue to SHUN the node 85. IT10451 / R473243 (2015-07-30) Description of issue: runEngineCold.sh misses parallel GC parameter compared with runEngine.sh, and also the order of other parameters is not same. Description of fix: Refactor runEngine.sh and runEngineCold.sh to the same JVM parameters with same order. 86 IT09664 / R461177 (2015-08-07) Description of issue: Control Center could not log on to a SI server when SOAP_SYNC_ONLY=true was set in the engine.properties file. The SI server replied with an empty document (i.e. no license info.). The license information is no longer used by Control Center and is obsolete. A decision has been made in gradually remove the getLicense request logic in future releases of SI. Description of fix: Created a new Control Center property for engine.properties: SI_SERVER_LICENSE=true | false (default value is true). When this property is set to false, Control Center will not issue a getLicense request to SI during logon and no license information will be present on the SI server license tab in the GUI. 87. IT08740 / R458295 (2015-08-07) Description of issue: Unable to sign on using a secure connection to a Connect Direct node using the built in C:D Browser User Interface. Description of fix: Changed the permissions of Liberty to access the keystore and truststore. Note that the truststore configured in C:D Browser must match the one defined in configCC. C:D Browser properties are now stored in web/wlp/usr/servers/defaultServer/cdbrowser and are maintained even when the CC engine is stopped/started. [A fix for this issue was originally released in 5.4.2.1 iFix03. This newer version of the fix solves the entire issue.] 88. IT10875 / R474392 (2015-08-24) Description of issue: When run Server Inventory Report, if the criteria contains a server whose description contains CRLF, the description will be split to two rows in csv data, and the last part of the description is treated as server name which is larger than 50 characters. Description of fix: Change the report csv data to list table as csv is too limited. For example, it now uses comma as the column separator and "\n" as the row separator which is unsafe because a single value (like description in this case) could contain comma or CRLF. 89. IT11104 / R468691 (2015-09-06) Description of issue: ConfigCC adding leading space to the RAC port number. Description of fix: It is caused by the DB info setting, especially oracle RAC. There is an extra white space in the value recorded in InstallationInfo.properties. Remove it. 90. IT10752 / R458864 (2015-07-23) Description of issue: The following error occurred when Control Center was trying to insert a record into the EVENTS table (DB2zOS database), as part of a batch insert (100 INSERT requests): Nested SQL exception[100]: Message: A NON-ATOMIC INSERT STATEMENT SUCCESSFULLY COMPLETED FOR SOME OF THE REQUESTED ROWS, POSSIBLY WITH WARNINGS, AND ONE OR MORE ERRORS SQLSTATE: 22529 Error code: -253 05 Mar 2015 13:08:56,896 284279010 [WRZN031F(1)] WARN RecoverableDAO - Exception while setting the Auto commit level back to original setting. Message:[jcc][t4][10335][10366][3.63.75] Invalid operation: Connection is closed. ERRORCODE=-4470, SQLSTATE=08003 05 Mar 2015 13:09:02,720 284284834 [WRZN031F(1)] INFO SCCEngine - com.ibm.db2.jcc.am.BatchUpdateException: [jcc][t4][102][10040][3.63.75] Batch failure. The batch was submitted, but at least one exception occurred on an individual member of the batch. Use getNextException() to retrieve the exceptions for specific batched elements. ERRORCODE=-4229, SQLSTATE=null Description of fix: Added a new property in engine.properties to allow the failed batch request to be re-tried as individual SQL INSERT requests. By re-trying each INSERT individually, the true SQL error will be exposed for each error. So this fix may resolve the retry failure in and of itself, by retrying as individual request, but more importantly, this will allow the ability to find root cause for each specific SQL error occurring in the original batch INSERT. RETRY_NON_DUP_EXCEPTION_IN_BATCH Specifices how to retry a database batch update request for non-duplicate errors true = retry a batch update request in batch mode (default value) false = retry a batch update request as individual SQL requests false can be used to expose the actual error of each failing request during retry 91. IT08341/R473286 (2015-09-11) Description of issue: In very rare case, if engine shut down abnormally and you have workflow SLC setup, the restarting of engine could be blocked by the exception on SLC monitoring window. Description of fix: Adjust the logic so exceptions on monitoring window due to abnormal shutdown will no longer block restart. 92. IT11091/R474900 (2015-09-14) Description of Issue: Report Date Time is converted to eastern time zone without considering Daylight Saving Time. Description of fix: Change report original time zone to time zone with offset, for example, EST is GMT-04:00 in Daylight Saving Time. 93. IT11391/R477831 (2015-09-22) Description of issue: Root Cause Analysis: Control Center engine shutdown due to SQLCODE=-401, SQLSTATE=42818 during initialization, after configuring Control Center to use a DB2zOS database. This was caused by incorrect DB2zOS SQL syntax in the WHERE clause [i.e. WHERE ......... PART_KEY >= TO_DATE(?, 'YYYY-MM-DD')]. An existing query was recently updated with modified syntax for all databases for performance improvement. The same query was erroneously used for both DB2 LUW and DB2zOS. Description of fix: Corrected the DB2zOS WHERE clause syntax to specify [WHERE ........ PART_KEY >= ?]. 94. IT11094/R476544 (2015-09-29) Description of issue: There are Oracle ORA-12899 errors in the engine log when run some report. Description of fix: Double quote the report csv data to handle data which contains comma or CRLF. 95. IT11555/R478353 (2015-10-02) Description of issue: The following SQL error occurred when running a "Netmap Connections Summary Report": ORA-01795: maximum number of expressions in a list is 1000. This occurs if the query contains more than 1000 items in an IN(......) clause when using an Oracle database. Description of fix: Modified the query to use multiple IN(.....) clauses , if needed, each containing 1000 items. 96. IT11401/R475815 (2015-09-16) Description of Issue: SCC takes an inordinate amount of time to stop once shutdown issued. Logs show there are nodes seem to be playing catch up and are still collecting stats, stopping engine appears to hang. Description of fix: Remove the synchronization in NodeService.stopExecutor which will occasionally cause stopping executor hang, and also stop node service when shutting down engine. 97. IT12004/R480598 (2015-10-26) Description of issue: When user tries to use the Sterling B2B Integrator Dashboard sign on, it does not open a valid page. Description of fix: Change link for B2Bi dashboard to go directly to the URL instead of using redirect, since B2Bi no longer allows CC to automatically sign in. 98. IT12009/R478059 (2015-11-10) Description of issue: When the Connect:Direct Browser is executed in the Control Center environment, it is creating a different directory structure for the files rather than writing them into the structure where the browser is installed. A directory of “controlcenter?(lower case) was created at the same level as the main “ControlCenter?(mixed case) install directory. This issue occurs in Unix/Linux, since directory and file names are case sensitive on those platforms. Incorrect directory created (outside the ) controlcenter/Error! Hyperlink reference not valid. Correct normal location: ControlCenter/Error! Hyperlink reference not valid. Description of fix: When creating the property files for C:D Browser configuration, don't change the path to lowercase letters, which causes an extra directory structure in UNIX. 99. IT12290/R479816/R483566 (2015-11-18) Description of issue: R479816 - stopEngine.bat -np does not backup conf, trigger engine shutdown rule and log engine shutdown message CCTR083E. Description of issue: R483566 - stopEngine.bat|sh -np does not remove the statistics checkpoint file: /conf/services/system/StatisticsService.xml at shutdown, causing long running recovery processing during the next engine startup. Description of fix: Allow user specify a default stop engine np user id in engine.properties, and this user id will be used to shutdown the engine, because it is not possible to issue an graceful shutdown with no userid/password on Windows. This also resolves R483566 on Linux/Unix. 100. IT12358/R483573 (2015-11-18) Description of issue: Role cannot have Manage DVG permission even if the role has no server or DVG restrictions. Description of fix: Check whether there is any DVG restrictions when validating the DVG restrictions. If there is no DVG restrictions, remove "visibilityGroups" element. 101. IT11971/R480265 (2015-10-21) Description of issue: SCC logs flooded with CCNS061E. Description of fix: Add CCNS061E log switch "CCNS061E_ERROR_LOG" in engine.properties to indicate whether log CCNS061E error or not. 102. R483772 (2015-11-25) Description of issue: Address security issues in Websphere Liberty 8.5.5 Description of fix: Updated Websphere Liberty to 8.5.5.6 103. R482542 (2015-11-25) Description of issue: The Connect:Direct Browser user interface failed to connect via TLSv1.0, which was finally traced down to the lack of the -Djsse.enableCBCprotection=false JVM option. CDBrowser secure connections began failing after the last JRE upgrade in ContorlCenter. Description of fix: Updated /wlp/usr/servers/defaultServer/jvm.options with -Djsse.enableCBCprotection=false. 104. IT12898 /R477362 /IT12897 /R482987 (2015-12-17) Description of issue: The execution of getting completed processes for DVG timeout, after 60 times retries, engine shutdown. Description of fix: Use partitioned column DATE_TIME in the SQL for partitioned Oracle DB optimization, and optimize the get data logic to first get last 7 days data, if the last 7 days data satisfies the max rows specified, stop searching. 105. IT12993/R487831 (2016-01-11) Description of issue: Getting empty data for the column 'MAILBOX_FLAGS' from view 'V_CE_STATS_LOG'. Description of fix: Make an additional CmulistRequest to C:E and get the mail box flags in response. 106. IT13177/R475879 (2016-01-13) Description of Issue: The normal authentication does not work for Exchange server given the fact that CC5.3 is using an older version of java mail library. Description of fix: Now updated the authentication to adopt ssl so that both old lib in cc5.3 and new lib in cc6.1 work for Exchange server. 107. R491912 (2016-02-22) Description of issue: stopEngine.sh does not stop all of the processes on a Solaris cluster. Description of fix: Change every non-Windows platform away from ./startup.sh to ./cogconfig.sh -s to start Cognos, and from ./shutdown.sh to ./cogconfig.sh -stop to stop Cognos in cogconfigSCC.sh. 108. IT13937/R492291 (2016-02-22) Description of issue: Control Center build after 2016 Jan. 13 can no longer send emails. Description of fix: Add support for SMTP anonymous log on: if email user and password is specified, adopt strict security; if email user or password is not specified, then go back to old logic, weak policy. 109. IT13935/R480491 (2016-02-22) Description of issue: Sterling Control Center reporting function not working with Cognos https enabled since applying 5.4.2.1 iFix05. Description of fix: Upgrade Cognos to 10.2.1.4. 110. R489154 (2016-01-14) Description of issue: HTTP Response Splitting in WAS (Webshpere Application Server) Description of fix: Upgrade Control Center to WAS Liberty 8.5.5.8 111. IT13944/R489149 (2016-01-21) Description of issue: Required upgrade to Java 7.0.9.30 to resolve Jan 2016 quarterly security issues. Description of fix: Upgraded to Java 7.0.9.30 112. 480093 (2016-02-11) Description of issue: The runDataCollector should not copy the SCCRootPass.enc and SCCRootPassDigest files. These files are the installation's encrypted master key and hash value. They are not required for IBM support. Description of fix: Excluded these files from the data collector output zip file. 113. IT14006/R482502 (2016-02-25) Description of issue: After DST changed, the Recent File Transfer widget is not showing information day before DST change. Description of fix: In a timezone with DST, setting the begin of day for the calendar with make the time in millions different, which causes the time in millions mismatch when putting the statistics to the restful JSON. So removed the extra call of CommonDateUtil.setBeginOfDay(cal) when getting statistic value from days array. 114. IT13982/R489457 (2016-03-09) Description of issue: ERROR RecoverableDAO - Operation failed. The index entry of length 910 bytes for the index 'EVENT_FILE_SEARCH' exceeds the maximum length of 900 bytes. This occurred when the index contained data that caused the length of the index key to exceed the max length of 900 in MSSQL (i.e. DEST_FILE and SOURCE_FILE - column width is 1020 for each). Description of fix: (Applies only to MSSQL) Modified the index to move SOURCE_FILE and DEST_FILE from the key to the include columns as follows: Old: CREATE INDEX EVENT_FILE_SEARCH ON EVENTS(DATE_TIME, SEQ_NUM, XFER, NODE_ID, NODE_TYPE, SOURCE_FILE, DEST_FILE) New: CREATE INDEX EVENT_FILE_SEARCH ON EVENTS(DATE_TIME, SEQ_NUM, XFER, NODE_ID, NODE_TYPE) INCLUDE(SOURCE_FILE, DEST_FILE) 115. IT14132/R480832 (2016-03-04) Description of issue: Many DB duplicate errors (ORA-00001 on Oracle) occurs when monitoring a C:D server whose UTC delta is greater than Control Center's. Description of fix: Set UTC delta value to the UTC delta value of monitored server instead of Control Center when adding a server in Control Center. 116. IT14370/R495445 (2016-03-16) Description of issue: After fix R487831, batch status flags (Mailbox Flags) are not consistently populated in Conntect:Enterprise Unix statistics records (CE_STATS_LOG table). The fix attempted to pair up each stat record request with a batch directory listing request and populate each stat record with the corresponding Mailbox Flags. However this logic was flawed. There is not a way to reliably populate each stat record with the batch status flags at the time of the event. Description of fix: Removed the original fix 487831. There will be no alternative fix since there is no way to pair up all CEU stat records with the correct status flags at the time of the event. 117. IT14405/R494467 (2016-03-22) Description of issue: Control Center is looking for a license key in the INITPARMS file, which no longer exits because IBM had development remove the need for license keys. Description of fix: Add code to handle no license key scenario. 118. IT14511/R490253 (2016-03-28) Description of issue: SI server repeatedly disconnects from Control Center every few minutes and displays up-down-up-down due to a null pointer exception being thrown, due to a missing route event key in a FileGateway record. The following display shows the top few lines of the offending stack trace: java.lang.NullPointerException at com.sterlingcommerce.scc.agent.services.node.gis.FgHistoryHandler$RouteEventRecordByTimeComparator.compare(FgHistoryHandler.java:1964) at com.sterlingcommerce.scc.agent.services.node.gis.FgHistoryHandler$RouteEventRecordByTimeComparator.compare(FgHistoryHandler.java:1955) Description of fix: Added guard code to detect the missing key and prevent the exception. 119. IT14515/R484727 (2016-03-30) Description of issue: Potentially Inactive Netmap Entries Report & Potentially Missing Netmap Entries Report run failed with CDIS012E error in Engine log. Description of fix: Adding node type in getNodeIdsForNodeDiscoveryReports method of ReportsTierBehavior class to get node id list, so that the node id list will only contain the node id with specified node type. 120. IT14717/R497595 (2016-04-08) Description of issue: Error happened while running "Alerts Report". Description of fix: Change the length of COMMENTS column in alert report table matching the length in EVENT_COMMENTS table. 121. IT14439/R495894 (2016-04-15) Description of issue: Address security issues in Websphere Liberty 8.5.5.8 Description of fix: Updated Websphere Liberty to 8.5.5.9 122. IT14434/R495891 (2016-04-15) Description of issue: Upgrade embedded Connect Direct interface component to support new features in Connect:Direct Description of fix: Upgraded the following embedded components : CD JAI Version to 1.1.00 Fix 000019 General Availability Build April 12 2016 09:27 CD Browser to Version 1502 iFix16 123. IT14437/R495732 (2015-04-18) Description of issue: Address security issues in Apache ActiveMQ 5.11.1 Description of fix: Updated Apache ActiveMQ to 5.13.2 124. IT14661/496364 (2016-04-05) Description of issue: A pop-up window starts flashing across the screen when trying to view alert comment history in Swing Console. Description of fix: Remove the focus listener which causes the issue because there is another selection listener which is enough to display the comment. 125. IT15566/R503808 (2016-06-08) Description of issue: Address security issues in 10x HTTPS response headers. Description of fix: Updated response headers with proper configuration settings. 126. IT14907/R492146 (2016-04-22) Description of issue: SCC does not refresh configuration versions after Daylight saving time ends. Description of fix: Adjust the next scheduled job delay according Daylight saving time change. 127. R499813 (2016-04-22) Description of issue: Running User Role report gives "ORA-12899: value too large for column..." in Engine log. Description of fix: Change the length of DESCRIPTION column in user role summary report table from 50 to 255. 128. IT14992/R499167 (2016-05-04) Description of issue: Alert Report does not run because of query timeout. Description of fix: Improve the query by adding date filter and alert filter. 129. R501141 (2016-05-05) Description of issue: Monitoring of MQMFT servers not keeping up with activity Description of fix: Fixed faulty logic that determined when we should and should not wait for the polling interval before checking for more messages from the server. 130. IT15360/R501305 (2016-05-17) Description of issue: Automated Report intermittently display UTC time on "Date Time" column instead of local time. Description of fix: Replace "#sq($account.parameters.timezone)#" expression in report definition with specific time zone. 131. IT15407/R500660 (2016-06-01) Description of issue: Database queries used to recover data missed that is used to create Statistics service roll up table data timed out. Description of fix: When the Statistics Service recovery logic runs, limit how far back the system will look for data for servers that have yet to have any data summarized to just five days. A new engine property (MAX_DAYS_STATS_DATA_TO_RECOVER) has been created which allows this value to be adjusted. Specify the following in /conf/engine.properties. # MAX_DAYS_STATS_DATA_TO_RECOVER=5 # Specifies the maximum number of days the Statistics service recovery logic will go back for data # for a server for which no previously summarized data exists in the ROLL_UP table. Default is 5. # This value only affects the recovery logic for the statistics service and it does not affect # servers that have summarized data in the ROLL_UP table. 132. IT15418/R499726 (2016-05-25) Description of issue: Trying to run a SFG Route Detail by Producer Report in Control Center using multiple Producers and getting no output. Description of fix: Add code to handle "|" operator for "Match", "Doesn't Match", "Contains", "Wildcard" while building the report output of SFG Route Detail by Producer Report. 133. IT15402/R500705 (2016-05-25) Description of issue: SLC Summary Report does not complete and has error "String or binary data would be truncated" in Engine log. Description of fix: The actual content length of MATCHING_PROPERTIES column is bigger than the length it was defined in cognos_tables.properties. So change the definition of MATCHING_PROPERTIES from MATCHING_PROPERTIES @VARCHAR@(4000) to MATCHING_PROPERTIES @CLOB@. 134. IT15541/R493319 (2016-06-01) Description of issue: EBICS is not listed in the protocol list when defining a B2Bi server. Description of fix: Add EBICS to the protocol list that Control Center can monitor. 135. IT15537/R502948 (2016-05-31) Description of issue: Batch file /bin/StopHtmlAdaptor.bat is missing from Control Center Windows installation. Description of fix: Updated the Control Center Windows installer to correctly copy the file to the bin directory. 136. IT15564/R503793 (2016-06-02) Description of issue: Required upgrade to Java 7.0.9.40 to resolve April 2016 quarterly security issues. Description of fix: Upgraded to Java 7.0.9.40 137. IT15426/R501409 (2016-06-07) Description of issue: After upgrading to java 8.0_91, users cannot log on to the Control Center classic console via webstart and also cannot create/modify saved reports, when their "user.dir" property value points to the java install directory . Beginning with this java release, users are restricted from creating/updating files within the java install directory. This resulted in a java IOException when the Control Center GUI code (running on the user's local machine) attempted to save the .profile, CCenterHttpsParms.properties, and temporary files created when updating saved reports. Note: "user.dir" and "user.home" are system properties set by the jvm (java virtual machine) environment, not by Control Center. Description of fix: Modified log on logic to ignore the exception when .profile and CCenterHttpsParms.properties cannot be created/updated, to use the path location in "user.home", instead of "user.dir". Also modified the report create/update logic to use the "user.home" value for temporary files. 138. IT15241/R501505 (2016-06-27) Description of issue: PART_KEY value for CE_STATS_LOG database table based on UTC, not local time, like other database PART_KEY values. Description of fix: Problem resolution: Make the PART_KEY computation logic used for CE_STATS_LOG be consistent with other tables, which are based on local time, not UTC. 139. IT15871/R504434 (2016-06-30) Description of issue: Cognos doesn't work when Control Center and Cognos database is configured for MSSQL, which is connected by \. The database connection failure is caused by an incorrectly formatted datasource connection string. Description of fix: Corrected the datasource connection string. 140. IT16639/R508878 (2016-08-18) Description of issue: The priority number is not correct when using duplicate or create function to generate a new rule until the console is exited and restarted. Description of fix: Update the relative priority for each metadata rule after new metadata rule is created. 141. IT16802/R511216 (2016-10-10) Description of issue:: The secure plus keys and attributes mismatch in EventVariables.properties and SCCNotification object. Description of fix: Set both the corresponding EventVariables.properties and RuleMatchMatchKeyInfo.properties in the notification for the following elements: CSPE/secureEnabled -and- CSPS/cipherSuite -and- CSPP/secureProtocol to allow for proper rule action variable substitution and rule matching. 142. IT16841/R506208 (2016-09-01) Description of issue: Source file name incorrectly populated in MQ MFT File Transfer Report. Description of fix: Add filter to make MQ MFT File Transfer Report only select file transfer records from DB. 143. IT17040/R513947 (2016-09-15) Description of issue: Rules validation reports "actionId" as invalid in messages CRUL001E/CRUL003E when really the linked rule "resolutionActionId" -or- "nonResolutionActionId" is invalid. Description of Fix: Modified the logic to correctly report the element in error. 144. R512031 (2016-10-03) Description of issue: When Node Configuration job errors are logged they do not include the name of the monitored server the job ran for. Description of fix: The logged node configuration jobs will now include the server ID they ran on. 145. IT17721/R514816 (2016-11-07) Description of issue: Error occurred when a single node Oracle RAC environment was specified first and user selects to not re-configure Cognos Report Service in their second time configCC. Description of fix: Check ORACLE_RAC_OR_SCAN_CONNECTION flag in the InstallationInfo.properties file to see whether it is an Oracle RAC environment. If it is, use the RAC URL template. 146. IT18024/R516945 (2016-11-17) Description of issue: Cognos tomcat process is still alive after Control Center engine stopped on Windows platform. Description of fix: Add code to kill Cognos tomcat process if it is alive after Control Center engine stopped on Windows platform. 147. IT18230/R522434 (2016-12-02) Description of issue: Control Center cannot establish a secure connection to SEAS (Sterling External Authentication Server) using TLSv1.2. When Control Center calls the SEAS API, the protocol is not set in the ssl parameter structure used to establish the secure connection. As a result, a default value of TLS is used. If the SEAS server is configured to use TLSv1.2, the connection is rejected, due to the mismatch in protocols. Description of fix: Added two new engine properties to allow both the secure protocol -and- cipher suite list to be configured for the secure connection between Control Center and SEAS. SEAS_SECURE_PROTOCOL=TLS | TLSv1.1 | TLSv1.2 Specifies the protocol(s) for secure connections between the engine and SEAS (Sterling External Authentication Server) Note: If this property is not specified, com.ibm.jsse2.overrideDefaultProtocol will be used as the protocol for SEAS secure connections SEAS_CIPHER_SUITES= Specifies a comma delimited cipher list for secure connections between the engine and SEAS (Sterling External Authentication Server) Example: SEAS_CIPHER_SUITES=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 For the Sun JSSE provider supported cipher suites, please refer to below link: http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider 148. R522815 (2016-12-02) Description of issue: Address security issues in Websphere Liberty 8.5.5.9 Description of fix: Updated Websphere Liberty to 16.0.0.3 149 T18588/R519868 (2016-12-20) Description of issue: Future date scheduling for Functional Authorities does not work. Description of fix: Remove the code which re-initializes the date user specified in the future and set the time zone of the scheduled date to the time zone specified by the user. 150. R521082 (2017-01-03) Description of issue: Database Events Report from Cognos spanning two pages. Description of fix: Change the default PDF orientation of Database Events Report to landscape. 151. IT18683/R524872 (2017-01-08) Description of issue: The starting/ending year filter of Monthly File Transfer Report will not go beyond 2016. Description of fix: Adding 2017~2022 to the starting/ending year list. 152. IT18588/R524276 (2016-12-23) Description of issue: Scheduled reports emails sometimes mixed information from 2 different reports. Description of fix: Synchronized the writing of a temporary file used to create report objects to prevent one reports execution from corrupting another report's email variables. 153. R526099 (2017-01-18) Description of issue: Address security issues in ActiveMQ 5.13.2. Description of fix: Upgraded ActiveMQ to 5.14.2. 154. IT18632/R520920 (2017-01-30) Description of issue: The java master security properties file (i.e. /jre/lib/security/java.security) is overwritten each time Control Center is upgraded. Consequently, any user changes to the file are lost with each successive upgrade. Description of fix: Enhancement to preserve user changes to the master security properties file. Created a new file to override properties in the "master security properties file" located in /jre/lib/security/java.security. The override file is located in /conf/CC_java.security. Any properties specified in CC_java.security will override those specified in the master security properties file. CC_java.security is preserved across each Control Center upgrade. 155. IT19031/R527877 (2017-01-31) Description of issue: Node discovery did not utilize the LDNS values in netmap entries that specified them which resulted in no TCP address being shown for TCP nodes Description of fix: Changed the logic for TCP nodes to utilize the LDNS value in the netmap when no TCP address was specified. 156. IT19058/R528011/R528185 (2017-02-03) Description of issue R528011: Unable to utilize event element queueId in email actions. Description of issue R528185: Unable to utilize event element FG.WFID in email actions. Description of fix: Both queueId and FG.WFID were added to EventVariables.properties. 157. IT19136/R525881 (2017-02-08) Description of issue: Control Center engine stops by itself after a while when using X11 port forwarding. Description of fix: Added the following line in runEngine.sh -and- runEngineCold.sh scripts: "unset DISPLAY". 158. R530236 (2017-02-23) Description of issue: When SHRCNV is set to zero for a channel Control Center connects to for MQ monitoring, it never gets any messages Description of fix: Added logic to detect when the MQ channel we connect to has SHRCNV set to zero and the code now throws an exception with a helpful message that describes the problem, and solution, and fails the connection now. 159. IT19536/R531648 (2017-03-06) Description of issue: The filter on the rules listing panel in the Java GUI console does not filter correctly when key "Match Criteria" is used. Description of fix: Modified parameter file so filter will look for key of "match" instead of "effectiveMatch" since effectiveMatch is not longer stored in the rules xml. Also fixed key "Linked Rule" which was also not working. 160. R532291 (2017-03-09) Description of issue: Installation of 5421 failed due to OOM errors. Description of fix: Increased the max heap size in the 5421 installers from .5GB to 1.5GB to match that of 6.x installers. 161. R531842 (2017-03-06) Description of issue: Required upgrade to Java 7.0.10.1 to resolve Jan 2017 quarterly security issues. Description of fix: Upgraded to Java 7.0.10.1 162. IT19669/R525901 (2017-03-14) Description of issue: Numerous repeated error messages filled the web server console.log, when the restful API healthStatus check was executed every few minutes. This was caused by the web server erroneously listening for events from the engine each time the web server made a connection to the engine for each rest API call. The following snippet shows the first few lines of the repeating exception stack trace messages written in the console.log: [err] java.lang.NoSuchFieldError: com/sterlingcommerce/scc/common/SCCNotification.dvgDataMgr [err] at com.sterlingcommerce.scc.common.SCCNotification.readObject(SCCNotification.java:2377) [err] at sun.reflect.GeneratedMethodAccessor36.invoke(Unknown Source) Description of fix: Changed the logic in the web server to not listen for events from the engine. 163. IT20147/R534788 (2017-04-17) Description of issue: Using ICC, unable to modify CDW parameter "sess.total", see error 'Invalid value specified for parameter: sess.total Format:sess.total". Description of fix: Added sess.total to valid initialization parameters. 164. R536413 (2017-04-22) Description of issue: The version of Connect:Direct Browser packaged with Control Center is not at the latest fix level (currently 1502 iFix16). Description of fix: Updated Control Center with Connect:Direct Browser 1502 iFix19. 165. R535504 (2017-04-21) Description of issue: On Linux/UNIX systems, the /bin/nohup.out file keeps growing and affecting performance of engine. Description of fix: On UNIX/Linux environments, each time engine is started, the previous nohup.out file is backed up with the name of nohup.out_yyyy-mm-dd_hh-mm-ss. The five most recent backups are kept. 166. R536868 (2017-05-02) Description of issue: When SEAS DEBUG logging is turned on, the user password is erroneously logged in the clear. Description of fix: Mask the password in the logged auth request. 167. IT20635/R534885 (2017-05-18) Description of issue: When Cognos gets an CM-SYS-5192 error trying to get report parameters, the report is not sent via email to the recipients. Description of fix: Catch the CM-SYS-5192 exception and use empty report parameters so the report will be run and an email will be sent. 168. IT20663/R536798 (2017-05-19) Description of issue: Reports are not including some z/OS managed nodes. Description of fix: Refresh nodes status in cache so reports recognize nodes as being secure plus and active. 169. IT20847/R539135 (2017-06-02) Description of issue: Unable to select a new certificate label in a CDU or CDW secure plus node after Certicom was removed from Connect Direct. Description of fix: Recognize that the new security tool kit is in place and that a certificate pass phrase is not required. 170. IT21137/R539290 (2017-06-22) Description of issue: When the Cognos Connection scheduling feature is used to run a report, the feature fails due to authentication failure. Description of fix: Modified the Control Center custom authentication provider to properly create a trusted credential which is needed for the Cognos scheduling feature since a user may not be signed on when the report schedule runs. 171. IT21224/R542675 (2017-06-29) Description of issue: When multiple rows are selected in the Node Configuration Management view they may be deselected in just a few seconds Description of fix: Corrected logic that was causing the deselection to occur 172.R426529 (2017-07-14) Description of issue: MQMFT.Source checksom misspelled in Rule key values list Description of fix: Corrected the spelling of Source where incorrect in RuleMatchKeyInfo.properties file 173. IT21499/R541929 (2017-07-19) Description of issue: There are world writable files in the "/tmp/.com_ibm_tools directory" on the server where IBM Control Center runs. The customer installation does not allow world writable files on their servers. The transient files created in this directory are generated by the IBM Java Attach API. This feature is enabled by default in the jvm. This issue only applies to Windows, Linux and AIX platforms, because the Java Attach API is specific to IBM (does not apply to SolarisSPARC). Description of fix: Created a new InstallationInfo.properties property called COM_IBM_TOOLS_ATTACH_ENABLE=NO|YES to allow the Java Attach API feature to be disabled when the engine and all other CC related java processes run. Instructions to disable the Java Attach API: 1. Install 6101 iFix06 or later 2. Add the following property to /conf/InstallationInfo.properties: COM_IBM_TOOLS_ATTACH_ENABLE=NO 3. Run configCC.sh|bat 4. Additionally, if you have the SCCFTPAgent installed, you will need to manually update two separate instances of a file named options.default, located in that JRE directory. Add the following property to the options.default files which correspond to your platform/OS in the list below: -Dcom.ibm.tools.attach.enable=no \jre\bin\default\options.default Windows \jre\bin\compressedrefs\options.default Windows ------------------------------------------------------------------------------ /jre/lib/amd64/default/options.default Linux /jre/lib/amd64/compressedrefs/options.default Linux ------------------------------------------------------------------------------- /jre/lib/ppc64/default/options.default AIX /jre/lib/ppc64/compressedrefs/options.default AIX 174. IT21877/R548186 (2017-08-18) Description of issue: Unable to monitor C:D i/5 Description of fix: Stopped using host name for database name when making connection. 175. R479724 (2017-01-31) Description of issue: There's currently a single configuration value in CCEngineService.xml, recordLimit, that controls the limit of records requested at one time from monitored servers. Description of fix: A new element was added to CCEngineService.xml - siRecordLimit, whose default is 4999, which can be used to control the limit of records requested at one time from monitored B2Bi servers.