Please Read: Before starting the Control Center upgrade/uninstall process, you must backup the entire "conf" directory found under Control Center install location. Please follow the steps below before upgrading: The following instructions apply to maintenance upgrades. 1. Stop Control Center engine 2. Back up the existing configuration data: If upgrading from 5.4.2.2 or prior, back up \conf directory found under Control Center install location. Backup your Control Center database. If upgrading from 6.0.0.0 or later, run exportConfig.sh/bat under \bin. The script creates a folder with all of the configuration data from the database and the conf folder. The location of this folder is conf-exported/{date_time}/conf. As per your need, for recovery purpopse, backup your existing Control Center database. 3. Proceed normally with installing the latest version of Control Center in original . (The installer would automatically un-install the previous version - but all of the configuration data will still be there). 4. On Unix, Linux platforms, run configCC.sh -------------------------------------------- List of Fixes (or Enhancements) included in Control Center 6.1.1.0 iFix04 (Released 07/31/2018) 1. IT25144/R568829 (2018-05-23) Description of issue: When the first ICC user with role superuser is a externally authenticated user, ICC is not able to connect to Cognos due to an authentication failure. Description of fix: Changed code to distinguish between a null password and an blank password so that the token is used during authentication. 2. IT25146/R569306 (2018-05-24) Description if issue: Data stored in CONFIG_JOBS related to configuration management jobs is not purged according to the system's purge settings when the database has been partitioned. Description of fix: Added logic to initiate the purge of configuration management jobs from CONFIG_JOBS when a partitioned database is used. 3. IT25131/R568413 (2018-05-25) Description of issue: When IBM Control Center is installed using a MSSQL instance name, subsequent runs of configCC gets array index error when trying to process the instance name. Description of fix: Modified configCC to handle MSSQL Instance names. Modified Install Anywhere to not allow back slash in MSSQL host name for Cognos database. 4. IT25218/R568634 (2018-06-01) Description of issue: Control Center displaying incorrect CD Secure Plus enabled setting in server list view. Description of fix: Properly handle values returned by CD servers. Note that CDU will require an update. 5. IT25263/R562272 (2018-06-06) Description of issue: Data collector utility incurs an out of memory when running. Description of fix: Changed logic to read data added to data collector output in chunks instead of a file at a time to avoid problems when extremely large files exist. New property, DC_BUFFER_SIZE, added, with a default of 100000000 (100MB), which may be adjusted via the script/bat file used to run the utility if necessary. 6. IT25093/R568223 (2018-06-14) Description of issue: Control Center 6.0.0.1 and 6.1 - Performance/Deadlocks. Description of fix: Deadlock occurring on MSSQL server caused by contention between the query that inserted data in to EVENTS and a second query that updated alert events related to an SLC that were to be automatically handled. The update event logic was made more efficient to reduce contention on the EVENTS database table. 7. IT25395/R570754 (2018-06-18) Description of issue: Records Missing from CC_PROCESS table. Description of fix: Malformed JSON documents received from an OSA server were noted in the engine log with no helpful information. Logic was added to include the ID of the event, the ID of the originating server, as well as the JSON document text in the exception that is logged. 8. IT25405/R570773 (2018-06-18) Description of issue: Arrived file route and delivery step names need to be unique to facilitate step based SLCs. Description of fix: Instead of just using ArrivedFile, Route and Delivery for step names, the arrived file key, route key, and delivery key values will be appended to the respective step names created to make them all unique. 9. IT25413/R570840 (2018-06-19) Description of issue: When an invalid response from the B2Bi server was received it's logged, and when that response contained a password, it was not obfuscated. Description of fix: Added a new XML element name, auth, to the list of elements whose values need to be obfuscated before they are logged. 10. IT25861/R568327 (2018-06-27) Description of issue: Required upgrade of current version of Websphere Liberty in order to address CVE-2016-1000031 (apache commons-fileupload). Original Websphere Security Bulletin: https://www-01.ibm.com/support/docview.wss?uid=swg22011428 Description of fix: Upgraded Liberty from 16.0.0.4 to 18.0.0.1. 11. IT25541/R571451 (2018-06-27) Description of issue: Required upgrade to current thirdparty components (quartz and jgoodies). Description of fix: Upgraded to the latest component jar files. 12. IT25517/R571053/R571448 (2018-06-29) Description of issue: SFG Data received from B2Bi repeatedly causing an exception resulting in ICC erroneously showing the server as down. Description of fix: Logic added to watch for this situation and avoid exceptions being incurred with no loss of data. 13. IT25622/R571843 (2018-07-09) Description of issue: Unable to use the CCAPI to retrieve server details for a server in a NEVER_CONTACTED status. Description of fix: Logic had been added to code used by the CCAPI and the Control Center EP and it should only run when running in an EP environment, otherwise an exception is thrown. Code was added to prevent this from occurring. 14: IT25397/R570710 (2018-07-06) Description of issue: Cognos schedules (not ICC schedules) are failing because they are authenticated using tokens and the token is deleted after being authenticated so they are not available for reuse. Description of fix: Changed the Cognos schedule authentication to use encrypted passwords and not tokens. Note, you will need to delete any existing Cognos schedule (the schedules created via the Cognos GUI, not those created via the ICC Java console GUI) and recreate them after installing this fix. 15. IT25542/R569559 (2018-07-06) Description of issue: When multiple Control Center Automated Reports use separate schedules with the same time, the reports can fail with an CANNOT_FORWARD_TO_ABSOLUTE_AFFINITY_NODE error. Description of fix: Modified the code to call the Cognos email logic inside the Cognos lock where the report is run instead of it running outside of the Cognos lock. 16. IT25712/R572061 (2018-07-23) Description of issue: Process summarization slow. Inefficient logic found in MQMFT node service logic, which may or may not be related, found. Description of fix: Logic that converts MQMFT data into IBM Control Center events was made more efficient. Also, logic was added to the Process summary service to cause it to output helpful metrics, once an hour, to the engine log file. Plus new warnings will be logged if the time it takes to summarize a process, or a file transfer, takes too long. Two new engine properties, MAX_TIME_TO_SUMMARIZE_PROCESS_WITHOUT_WARNING and MAX_TIME_TO_SUMMARIZE_FILE_TRANSFER_WITHOUT_WARNING, whose defaults are both 2000 (milliseconds), govern when those warnings would be logged. 17. IT25792/R572446 (2018-07-25) Description of issue: Sometimes java console users get error XQE-PLN-0148 when attempting to run a report and web console users get error DPR-ERR-2058 when going to the workspaces. Description of fix: ICC roles are only being added to Cognos accounts when the Cognos Authentication Module search method when it needs to be called with the first authentication to ensure its in place at the time needed. Added the loading of ICC users and roles to Cognos accounts at the time ICC connects to Cognos for the first time. 18. IT25676/R572148 (2018-07-27) Description of issue: Logic handling Server Component cluster events looks for the Server value in the event and throws an exception when it is not there. Also seeing ORA-02395 errors. Description of fix: Turns out the logic creating the Server Component cluster events used a string for server that actually gets translated when ICC runs in other countries, so it was changed to use a fixed constant of "ServerID" so this problem would not occur. For ORA-02395 errors, a new engine property, DO_NOT_CALCULATE_ROW_COUNTS, when specified with a value of TRUE, will tell ICC to not count the rows in its tables at startup and when the daily purge operation is done. 19. R571681 (2018-07-27) Description if issue: Handle new CDU initparm for file.ioexit. Description of fix: Added logic to support file.ioexit. 20. IT25868/R572233 (2018-07-17) IT25868/R572233 (2018-07-17) Description of issue: Required IBM JRE upgrade to address CVE-2018-2783 in the April 2018 Java CPU. Original IBM Java APAR article: https://www-01.ibm.com/support/docview.wss?uid=swg1IJ06343 Description of fix: Upgraded from 8.0.5.10 to 8.0.5.17. -------------------------------------------- List of Fixes (or Enhancements) included in Control Center 6.1.1.0 iFix03 (Released 05/22/2018) 1. IT24844/R567618 (2018-04-25) Description of issue: When executing configCC.sh on a Linux RedHat 6 system, the error messages displaying the required Cognos libraries erroneously displayed the following RedHat 7 libraries: glibc-2.17-55.el7 (both i686 and x86_64 packages) libstdc++-4.8.2-16.el7 (both i686 and x86_64 packages) nspr-4.10.2-4.el7 (both i686 and x86_64 packages) nss-3.15.4-6.el7 (both i686 and x86_64 packages) motif-2.3.4-7.el7 (both i686 and x86_64 packages) Description of fix: Corrected the error messages to display the following RedHat 6 libraries: glibc-2.12-1.166.el6_7.1 (both i686 and x86_64 packages) libstdc++-4.4.7-16.el6 (both i386 and x86_64 packages) nspr-4.9.2-1.el6 (both i386 and x86_64 packages) nss-3.14.0.0-12.el6 (both i386 and x86_64 packages) openmotif-2.3.3-5.el6_3 (both i386 and x86_64 packages) 2. T24806/R565294 (2018-04-28) Description of issue: B2B node status and adapter status changes are only updated in Swing connected to the EP monitoring B2B. Description of fix: Updated logic to handle update events related to server components initiated by another EP for all Swing consoles regardless of the EP they're connected to. 3. R567012 / IT24932 (2018-05-02) Description of issue: Sometimes the Control Center engine cannot connect to Cognos even when Cognos is up due to installationInfo error because CONFIG_DIR has not been set. Description of fix: If Cognos saves a credential or a trusted credential, and when Cognos is started that credential is used instead of the values from the URL, then CONFIG_DIR is not set since its not saved in the Cognos credentials. This fix saves the CONFIG_DIR in the Cognos credentials. 4. IT25081/R568293 (2018-05-05) Description if issue: The jar signing certificate used by Control Center are set to expire on June 21, 2018. Control will stop functioning on this date. You must upgrade to 6.1.1.0 iFix03 or later in order to correct this. Description of fix: Replaced the certificate used for signing the jar files with a multi-year expiration date. -------------------------------------------- List of Fixes (or Enhancements) included in Control Center 6.1.1.0 iFix02 (Released 04/16/2018) 1. IT24101/R562331 (2018-02-19) Description of issue: Issues using tag mapping when trying to map the process data value Description of fix: The logic did not attempt to copy the processData element from the event when setting the EVENTS.TAG_XML column, which meant the mapped value for it was not there when the summarizer logic ran. 2. IT24100/R562520 (2018-02-19) Description of issue: Events passed to the DefaultSummarizer summarize method were missing values for message ID, message short text, and CC name Description of fix: Updated the SQL used to select data from EVENTS, which is subsequently used to create the event data passed to the summarizer method, to retrieve MSG_ID, SHORT_MSG, and CC_NAME. 3. IT23965/R556985 (2018/02/28) Description of Issue: The SFG Route Detail by Producer report is very slow when there are a large number of row in the EVENTS table. For some customers, its taking 4 hours to run the report. Description of Fix: Modified the query used to get the SFG Route Detail by Producer report data for better performance. Performance should go from hours to minutes. Created a new V_SFG_ROUTE_PRODUCER_REPORT view with just the columns needed for the report. Updated scripts to create the new View when ICC is installed or upgraded. Updated ReportService.xml to add new reportRecordReadLimit parameter with a default of 100000. Modified the java console report sort panel to specify "Max Database Records to Read" instead of "Max Records Returned" for the SFG Route Detail by Producer report. Modified the SFG Route Detail by Producer report filter code to account for missing data. Removed the filter for Consumer / Consumer File Name / Status from the SQL and let the filtering be done by code. Changed the status filter to be a drop down list with Routed and Failed as the two Process Status choices. New ReportService.xml parameter: reportRecordReadLimit=100000 Description: Determines the maximum value that can be set on the java console SFG Route Detail by Producer report Sort panel, "Max Database Records to Read" field. Determines the maximum number of records read from the database when generating the report. For example, if ReportService.xml has reportRecordReadLimit=400000, and the SFG Route Detail by Producer report Sort panel has "Max Database Records to Read"=200000, then when the SFG Route Detail by Producer report is run, it will read 200,000 records from V_SFG_ROUTE_PRODUCER_REPORT to generate the report. And since the SFG Route Detail by Producer report usually creates one report row per multiple records read, the resulting report will have less than 200,000 rows. If the report does not have as many rows of data as you want to see, increase "Max Database Records to Read" (to a max of 400000) on the sort panel until you get the desired number of rows. 4. IT24259/R562910 (2018-03-02) Description of issue: The web console does not reflect the correct number of adapters for a B2Bi cluster in the Web console dashboard after one of the nodes is stopped. Description of fix: Addressed a logic problem that caused the database to not be updated appropriately when the number of adapters changed. 5. IT24261/R563562 (2018-03-05) Description of issue: When CCenterHttpsParms.properties file is also copied on the Desktop it overrides what is in the \users\ folder but updates aren't saved there Description of fix: Whereever CCenterHttpsParms.properties file is, when updates are made, they will be saved to the original location of the properties file now 6. IT24298/R561033 (2018-03-06) Description of issue: The Remote node for Connect:Direct processes is not able to be seen, or filtered on, in the Web console queued process view as it was in the Java console Description of fix: The ability to customize the Web console's queued process view was added like it currently exists for the Completed process and file transfer views, and a Filter button was added to the Queued process view also like the one that exists in the Complete process and other views. 7. IT24187/R562809 (2018-02-23) Description of Issue: Server is being pauses when a batch update fails with a SQL Exception when the database is temporarily unavailable. Description of Fix: The recovery logic is checking the batch level SQL error codes / SQL state against DatabaseProperties.xml to see if a retry is needed when it needs to check the underlying record level SQL exception. Modified the recovery logic to check the error codes / SQL states of the record level exception instead of the batch level exception. Also added additional logging to show the error codes / SQL state of the exception that causes the batch not to retry to help with debugging. 8. IT24187/R564687 (2018-03-16) Description of issue: A monitored SI server was paused by the application during a short DB maintenance outage and server monitoring had to be manually resumed. Description of fix: Added DB2 error state 40506 and error code -1476 values to /conf/services/system/DatabaseProperties.xml. Including these values in the file will cause the server to NOT be paused when the DB2 data base is temporarily unavailable. This a follow-on to fix R562809 (Server getting paused when database maintenance performed), which made changes to expose the above mentioned error codes from within a generalized SQL batch update failure/code. 9. IT24428/R510512 (2018-03-20) Description of issue: The descriptions on the API Get Completed File List are wrong for how to enter date format and time format Description of fix: Description and help text for time format was updated. Turns out the date format documentation is correct. 10. IT24455/R565261 (2018-03-22) Description of issue: Control Center failed to start because two monitored servers with the same name existed in the database. Description of fix: If two users connected to different EPs created monitored servers with the same name at the same time it was possible to create two entries in the CC_SERVER table with the same name. An additional check was added to the console logic to prevent this from occurring. 11. IT24457/R565273 (2018-03-22) Description of issue: Server-type column settings for Completed Processes view are not being applied when viewing processes in a server-specific group. Description of fix: Addressed logic issue by passing types of servers in the group, instead of null, to the table display view logic. 12. IT24454/R565267 (2018-03-22) Description of issue: When running Alerts report, handled time and comment date are in UTC instead of preferred time Description of fix: Updated the Cognos configuration file for the report to convert the handled time and comment date to the user's preferred time zone. 13. IT24491/R564697 (2018-03-22) Description of issue: Changing the cert label to be used for a secure plus node required entering the cert reporisitory pass phrase which is not required for z/OS keyrings. Description of fix: Only require the pass phrase when specifying a new key database file for z/OS. 14. IT24549/R565301 (2018-03-27) Description of issue: RESTful API for roles (sccwebclient/svc/roles/) not returning correct information Description of fix: Updated the logic that ascertains the roles a user should be able to view based on thier role, and those are the roles the API will now return. 15. IT24576/R561198 (2018-03-29) Description of issue: ICC Secure+ Trusted Certificates Report does not honor updates to server groups unless the engine is restarted and sometimes hangs when submitted by the GUI console. Description of fix: Changed the code to get the server group list of servers from the engine server group manager cache instead of the old proxy cache that is not kept up to date. Changed the engine code to get the trusted certificates from the configuration cache instead of submitting a CD refresh job which could fail and hang the report. 16. IT24595/R561809 (2018-04-03) Description of issue: Unable to import renewed Secure+ certificate. Description of fix: Update code to pass required import mode to target CD. 17. IT24671/R561114 (2018-04-10) Description of Issue: Cognos user shown in Cognos Connection and Cognos Viewer panels show the first ICC user with superuser role instead of the web console or java console user. Description of Fix: When validating user on Cognos URLs, send a rest request to the ICC Engine to properly validate the user. Note: When a user has been authenticated to Cognos, Cognos creates a cam_passport cookie for that user. Cognos only allows a Cognos name space to be authenticated to once per browser session. So, even with this fix, if you sign on to the web console and go to the Group or Personal workspace, that user is authenticated to Cognos and saved into the cam_passport cookie. If you then open another window in the same browser and sign on to the web console with a different ICC user and go to the Group or Personal workspace, Cognos will not authenticate the new user but use the already authenticated from the first browser window. Once the browser session ends and the cam_passport cookie is deleted, the next workspace URL will cause that user to be authenticated. This is also true for the user shown on the Cognos Connection panel. This is a normal feature of browsers, keeping authenticated users in cookies so the user does not have to be re-authenticated until the session expires. 18. IT24686/R565758 (2018-04-19) Description of issue: When clicking on a Sterling File Gateway process in the Web console Completed process view, an error message that says "A system error has occurred. Please contact your system administrator." is displayed. Description of fix: The issue was caused by a message key word whose prefix contained an invalid XML character - "Params/". The fix was to eliminate "Params/" prefix from the keyword name. 19. IT24569/R565795 (2018-04-03) Description of issue: Required upgrade to Java 8.0.5.10 to resolve Jan 2018 quarterly Java security issues. Description of fix: Upgraded to Java 8.0.5.10. -------------------------------------------- List of Fixes (or Enhancements) included in Control Center 6.1.1.0 iFix01 (Released 02/14/2018) 1. IT23241/R556186 (2017-12-13) Description of issue: Even when the Engine.log4j rootlogger is set to ERROR, INFO level messages are written to the logs by node services. Description of fix: Node service logic would log data at DEBUG level when tracing was enabled, or at INFO level when tracing was disabled. Fixed Node service logic to log at level set for rootlogger when tracing disabled. 2. R557669 (2017-12-13) Description of issue: The datacollector did not include the files in the Cognos/wlp/usr/servers/cognosserver/logs folder in its output. Description of fix: Updated the datacollector logic to include the files in the Cognos/wlp/usr/servers/cognosserver/logs folder in its output. 3. RTC 556229 (2017-12-02) Description of issue: FTP W3C logs can cause a NumberFormatException if cs_bytes and sc_bytes have a dash. Description of fix: Allow W3C logs to have a dash in cs_bytes and sc_bytes. 4. IT23437/R557585 (2017-12-12) Description of Issue: Get Active Alerts and Get Active Alerts by Severity API's don't return alert id so user can't use it to call Handle Alert API. Description of Fix: Add alert id to the Get Active Alerts and Get Active Alerts by Severity API results. 5. IT23471 / R554775 (2017-12-13) Description of Issue: Cognos scheduled reports do not always run due to authentication errors when ICC tokens expire. Description of Fix: Modified Cognos authentication to use encoded password for authentication instead of ICC token which are deleted after authentication. 6. IT23328/R556467 (2017-12-20) Description of issue: Connection error when trying to make HTTPS requests to the Control Center API tool using the Interactive Console (via launch page), the following error results: Error in interactive console display: "Remote host closed connection during handshake". Error in Websphere/Liberty message log: E CWWKO0801E: Unable to initialize SSL connection. Unauthorized access was denied or security settings have expired. Exception is javax.net.ssl.SSLHandshakeException: Client requested protocol TLSv1 not enabled or not supported. This error only occurs when restricting the web server to use TLSv1.2 (i.e. engine.properties contains TLSv1.2). Description of fix: During engine startup, ensure the WLP jvm.options file (located in /web/wlp/usr/servers/defaultServer/jvm.options) contains the following property: -Dcom.ibm.jsse2.overrideDefaultTLS =true. When the value is set to true, it has the effect to allow/use TLSv1.2. 7. R556861 (2017-12-28) Description of issue: Failed HTTP REST call from Cognos Authentication Provider to ICC Web Service does not show HTTP response code. And commons-codec-1.9.jar is not being copied to Cognos AAA/lib. Description of fix: Add logging to SCCVisa to display the HTTP REST response code when debugging is enabled. Changed installer to copy commons-codec-1.9.jar to Cognos AAA/lib. 8. R555829 (2017-11-14) Description of issue: Updating users and roles is slow. Description of fix: A small inefficiency was removed from one part of the logic used to update and create roles. 9. R555828 (2017-11-14) Description of issue: CCAPI based application was able to construct a user object that referenced a role that was not in the database causing Control Center to not be able to be successfully restarted. Description of fix: The user creation logic will now throw an exception, instead of proceeding, when the role it references is not found in the Control Center database. 10. IT23618/R558893 (2018-01-09) Description of issue: The following obsolete Cognos jar/script files caused multiple vulnerabilities to be flagged during a scan. /Cognos/webapps/p2pd/WEB-INF/lib/commons-fileupload-1.3.jar /Cognos/webapps/p2pd/WEB-INF/lib/shiro-core-1.2.1.jar /Cognos/webapps/p2pd/WEB-INF/lib/jython/Lib/tzparse.py Description of fix: Updated the Control Center installer to remove these files during install/upgrade, to ensure there are no future false positive hits against these files 11.IT23612/R558657 (2018-01-04) Description of Issue: When ulimit is not set properly, Cognos BIBusTKServer process runs out of thread resources, leaving potentially thousands of pids, if Cognos is left up for weeks and the ulimit issue is not corrected. Then when Cognos is stopped, ICC tries to kill all those pids as listed in the cogserver.log, resulting in long delays. Description of Fix: When ICC detects that cogserver.log has more than the typical number of pids, issue a warning messages that Cognos has installation issues and don't try to kill all the pids. When this issue is hit after this fix has been applied, the Engine log will show these two new messages: WARN CognosStopper - Not running the Cognos stopper script to kill PIDs since there are more PIDs than normal. WARN CognosStopper - Check your Cognos cogserver log and your ICC CognosReportService log for installation errors that should be resolved. 12. IT23603/R559220 (2018-01-04) Description of Issue: Cognos takes too long to start when there are lots (100s or 1000s) of ICC roles defined. Description of Fix: Rewrite the logic that maps ICC roles to Cognos roles to reduce the number of Cognos queries needed from several thousand to a dozen. And remove the updating of workspace permission on workspace folders if the folders already exist. 13. IT23628/R558939 (2018-01-06) Description of Issue: Getting IllegalArgumentException for DAY_OF_WEEK when trying to open any SLC Schedule or Rule using the web console. Caused by having monthly calendars defined that are set for the last day of the month or the last weekday of the month. Description of Fix: Modified the web console calendar summary logic to recognize when DAY_OF_WEEK setting is for the last day of the month or the last weekday of the month. 14. IT23638/R557097 (2018-01-05) Description of issue: The following obsolete Cognos script file caused multiple vulnerabilities to be flagged during a scan. /Cognos/webapps/p2pd/WEB-INF/lib/jython/Lib/stat.py Description of fix: Updated the Control Center installer to remove this file during install/upgrade, to ensure there are no future false positive hits against this file. 15. IT23618/R558893 (2018-01-09) Description of issue: The following obsolete Cognos jar/script files caused multiple vulnerabilities to be flagged during a scan. /Cognos/webapps/p2pd/WEB-INF/lib/commons-fileupload-1.3.jar /Cognos/webapps/p2pd/WEB-INF/lib/shiro-core-1.2.1.jar /Cognos/webapps/p2pd/WEB-INF/lib/jython/Lib/tzparse.py Description of fix: Updated the Control Center installer to remove these files during install/upgrade, to ensure there are no future false positive hits against these files 16. IT23672/R557556 (2018-01-09) Description of issue: Some criteria was missing in the rule filter selection drop down menu for BP (Business Process) and AFT (Advanced File Transfer) events. Description of fix: Added the missing property attributes to cause all BP and AFT event criteria to be presented in the rule filter selection drop down menu. 17. R559666 (2018-01-16) Description of issue: When viewing alert details, the related events shown may be for the wrong process when multiple processes have the same ID. Description of fix: Updated the query used to find the correct process events to use more than just the process ID. 18. IT23749/R557171 (2018-01-16) Description of issue: Updates made via a console connected to one EP to an Action's email details are not propagated to other EPs in the same cluster. Description of fix: When Action's email details are updated, a cluster event is now generated, and looked for by all EPs and appropriate updates are now performed. 19. IT23757/R559844 (2018-02-03) Description of issue: The following obsolete Cognos script files and a cdbrowser jar file caused multiple vulnerabilities to be flagged during a scan. /Cognos/webapps/p2pd/WEB-INF/lib/jython/Lib/commands.py /Cognos/webapps/p2pd/WEB-INF/lib/jython/Lib/imghdr.py /Cognos/webapps/p2pd/WEB-INF/lib/jython/Lib/this.py /Cognos/webapps/p2pd/WEB-INF/lib/jython/Lib/xml/dom/NodeFilter.py /web/wlp/usr/shared/apps/cdbrowser/cdbrowser.war/WEB-INF/lib/jasper-runtime-5.5.15.jar Description of fix: Updated the Control Center installer to remove these files during install/upgrade, to ensure there are no future false positive hits against this file. 20. R560640 (2018-01-24) Description of issue: Seeing ERROR OSCommand - cannot run program "winmsd" at EP startup in engine log when EP starts. Description of fix: Added one more OS type to the list of systems winmsd is not run on. 21. R560630 (2018-01-24) Description of issue: See empty error message when attempting to logon via Swing console. Description of fix: Updated the jar used for JAAS when running the console with the IBM JRE on Windows 10. 22. IT23835/R559392 (2018-01-25) Description of issue: Error occurred migrating installation from Windows Server 2008 to Windows Server 2012 R2. Description of fix: Fixed logic to allow migration from any Windows Server OS to another Windows Server OS. 23. IT23818/R558900 (2018-01-25) Description of issue: A MSSQL database was erroneously globalized when a new instance 2 of Control Center was installed using an exported conf from instance 1 -and- with a new/clean database. When instance 1 was originally installed, the user selected NO to the prompt: "Do you want your database to support globalization? If you select yes, your database size can increase significantly." The database in the original instance 1 was correctly NOT globalized. However, during the original installation, the following property was erroneously set in /conf/InstallationInfo.properties: CCENTER_MSSQL_GLOBAL=true (it should have been set to false). This is what caused the database in instance 2 to be erroneously globalized. Note: The globalization in instance 2 only occurred in this particular scenario (i.e. using an exported conf with a clean new database) during the install. Description of fix: Corrected the configuration logic to ensure the proper value is set in InstallationInfo.properties (true|false), per the user answer (yes|no). 24. IT23750/R559520 (2018-01-27) Description of Issue: Users are able to use Cognos Report via the java and web console before Cognos is fully ready because it's status is set to STARTED too soon. Description of Fix: Changed the code to only set Cognos status to STARTED after all configuration of Cognos is complete. 25. IT23913/R561229 (2018-02-06) Description of issue: When running the Monthly File Transfer Activity Report multiple rows for the same server were shown for each month. Description of fix: It was ascertained that there would be multiple rows for a single server in the report if it happened to have been assigned to more than one EP while monitored transfers transpired. The SQL used to build the report data was modified to address this feature so only one row per server would be produced. 26. IT23937/R559843 (2018-02-07) Description of issue: ICC takes a long time to connect to Cognos when there are lots of ICC Roles/Users defined. Also, reports with large number of rows could cause java heap OutOfMemory errors. Description of fix: When ICC queries Cognos for roles, its the Cognos authentication provider that gets the roles and it was not coded to honor the paging of roles. Paging was added to the authentication provider search method. Also, removed unnecessary calls to Cognos to get report output since it was not needed and was causing OOM errors. 27. IT23999/R561606 (2018-02-09) Description of Issue: The Data Collector and the configuration exporter is not exporting the correct version of JDBCService.xml. And the SQL retry logic for engine restart is comparing SQL state against DatabaseProperties.xml needRestart errorCodes value instead of needRestart errorStates. Description of Fix: Modified the exporter to export JDBCService.xml from conf instead of from CC_FILES. Changed the SQL retry logic to compare SQL state against DatabaseProperties.xml needRestart errorStates instead of against needRestart errorCodes. 28. IT24122/R561380 (2018-02-06) Description of fix: The truststore/keystore password, was sometimes displayed in the clear in the server properties panel for SI servers. Description of issue: Modified the logic to always mask the store password(s) in the display. -------------------------------------------- List of Fixes (or Enhancements) included in Control Center 6.1.1.0 (Released 12/15/2017) (6.1.0.2 base fixes ported to 6.1.1.0) 1. IT16841/R513400 (2016-09-20) Description of issue: Source file name incorrectly populated in MQ MFT File Transfer Report. Description of fix: Add filter to make MQ MFT File Transfer Report only select file transfer records from DB. 2. IT17040/R513947 (2016-09-27) Description of issue: Rules validation reports "actionId" as invalid in messages CRUL001E/CRUL003E when really the linked rule "resolutionActionId" -or- "nonResolutionActionId" is invalid. Description of Fix: Modified the logic to correctly report the element in error. 3. IT17057/R513930 (2016-09-27) Description of issue: SLCs did not work. Always said things did not start or end on time or never reported when things took too little or too much time. Description of fix: Changed the logic in EventMonitor to use a different technique for setting the limit on the events it retrieves from EVENTS. Instead of selecting where EVENT.SERIAL_NUM > CC_CONTROLLER.LAST_EVENT_SERIAL_NUM_PROC and EVENT.SERIAL_NUM <= (LAST_EVENT_SERIAL_NUM_PROC + 2500) the code just uses EVENT.SERIAL_NUM > CC_CONTROLLER.LAST_EVENT_SERIAL_NUM_PROC in conjunction with a "limit" based on the type of database being used (e.g. for Oracle WHERE ROWNUM <= 2500, for MSSQL SELECT TOP 2500, for DB2 FETCH FIRST 2500 ROWS ONLY). 4. IT16802/R511216 (2016-10-10) Description of issue:: The secure plus keys and attributes mismatch in EventVariables.properties and SCCNotification object. Description of fix: Set both the corresponding EventVariables.properties and RuleMatchMatchKeyInfo.properties in the notification for the following elements: CSPE/secureEnabled -and- CSPS/cipherSuite -and- CSPP/secureProtocol to allow for proper rule action variable substitution and rule matching. 5. IT16961/R510415 (2016-10-12) Description of issue: When doing tag mapping all events associated with a process are reviewed and processed, so if multiple process events have map values for the same tag, the tag will be set to the last value mapped. Description of fix: When doing tag mapping continue to do mapping for all events associated with a process, but when doing tag mapping for file transfers, give precedence to the file transfer events whose values are mapped to tags. 6. R516549 (2016-10-12) Description of issue: When TransactionSetID used as milestone parameter, CC did not find it because it only looked at proc start/end events for it. Description of fix: Added TransactionSetID to list of elements that imply a step type SLC milestone (not process). 7. R517297 (2016-10-12) Description of issue: Too many parameters were used in a query initiated on an MSSQL server when there were more than 2100 servers to retrieve data for. Description of fix: The method in Server used to retrieve a list of server entities given their name needed to be changed as it would try to obtain the data for too many servers via one query. The logic was changed to perform multiple queries and create a list from all of their results instead of one big query with multiple in clauses. The latter approach threw an exception "org.apache.openjpa.lib.jdbc.ReportingSQLException: The incoming request has too many parameters. The server supports a maximum of 2100 parameters. Reduce the number of parameters and resend the request." when more than 2100 servers were being monitored and CC was using an MSSQL server. 8. IT17445/R516302 (2016-10-12) Description of issue: When attempting to import a rule using the Web Client, the temporary file name is incorrectly created when running with some versions of Internet Explorer. Description of fix: Added code to strip off the file directory from the imported file name before creating the temporary file name. 9. IT17604/R516729 (2016-10-21) Description of issue: Sterling File Gateway message variables were not made into Control Center event variables and values but simply made a part of the Control Center event message text and therefore were not accessible for use in tag mapping. Description of fix: All Sterling File Gateway message variables and their values are now a part of each Control Center event. Sterling File Gateway message variables are prefixed by "FGMSG." to create their Control Center event element name. 10. IT17584/R518029 (2016-10-21) Description of issue: configCC fails, due to a null MAC address being returned. Linux kernels above 2.6.32 no longer use HWaddr and instead use ‘ether’ as the MAC identifier. An indication of this error occurring is the following message written to the console when configCC runs: "Unable to obtain MAC address: null". Description of fix: Added logic to provide multiple alternate methods of obtaining the MAC address, if the original method call returns a null value. 11. IT17560/R517464 (2016-10-21) Description of issue: GetCompletedFilesList REST API does not support search by partial file name. Description of fix: Add ability to support partial search by file name in GetCompletedFilesList REST API. 12. R518878 (2016-10-26) Description of issue: When performing meta data actions, or linked rule, or regular rule actions that include an email, OS command, or server command, for an event from an OSA type server - one that sends events to Control Center via the EPSDK, the action handling logic tries to ascertain the time zone of the server the event came from, but there was no support for that, so an exception occurred saying "No such operation: getTimeZone" Description of fix: Added a getTimeZone method for OSA servers that returns the time zone the EP is configured for since OSA servers do not currently tell CC their time zone. 13. R519583 (2016-10-28) Description of issue: The status of servers assigned to EPs that are down does not change even though their status is really unknown. Description of fix: The status of servers assigned to EPs that are down are changed to unknown. 14. IT17721/R514816 (2016-10-28) Description of issue: Error occurred when a single node Oracle RAC environment was specified first and user selects to not re-configure Cognos Report Service in their second time configCC. Description of fix: Check ORACLE_RAC_OR_SCAN_CONNECTION flag in the InstallationInfo.properties file to see whether it is an Oracle RAC environment. If it is, use the RAC URL template. 15. R517783 (2016-10-31) Description of issue: Control Center does not support two new IBM Connect Direct Functional Authority parameters, Client Authentication Client Access=Y|N and Client Source Addresses. These new IBM Connect Direct Functional Authority parameters are new in IBM Connect Direct Unix 4.2.0.2 iFix 17 and later and IBM Connect Direct Windows 4.7.0.4 iFix16 and later. Description of fix: Added Connect Direct's new Functional Authority parameters, Client Authentication Client Access=Y|N and Client Source Addresses, to the Control Centers console "Configure Servers > Functional Authorities..." menu item and to the CCAPI. 16. R519582 (2016-10-29) Description of issue: No audit log event generated, nor CNCD032E notification created, when an EP's policies are changed Description of fix: Generate an audit log event and a CNCD032E notification when an EP's policies are changed 17. R517781 (2016-11-01) Description of issue: Control Center does not support monitoring of IBM Connect Direct HSAO option for non-Unix platforms and does not support monitoring of IBM Connect Direct HSAO SSP bridging on any platform. Description of fix: Added support for monitoring IBM Connect Direct HSAO option and HSAO with SSP bridging options to Control Center when monitoring these releases of IBM Connect Direct: HSAO C:D Windows  4.7.0.4 and later HSAO Sterling Secure Proxy (SSP)   3.4.3 and later HSAO SSP C:D z/OS 5.2 PTF UI36302 and later HSAO SSP C:D UNIX (zLinux) 4.2.0.4 iFix 13 and later HSAO SSP C:D UNIX (Linux and AIX) 4.2.0.4 iFix 13 and later HSAO SSP C:D Windows 4.7.0.4 iFix 7 and later Note that Control Center 6.0.0.1 and later already supported HSAO option for C:D UNIX (Linux and AIX) 4.2.0.4 and later 18. IT17887/R519578 (2016-11-03) Description of issue: Logic showed batch update exceptions but not the next exception value when it was available during process summarization. Description of fix: Changed logic to show any "next" exceptions when they're available, but they, and the batch update exception they're associated with, are now only shown when debug level logging is on. More details about the issue are also logged now when debug level logging is on. Also a problem with recording any DVGs a starting process is tagged with was also fixed, which means all queued processes, not just Connect:Direct and Connect:Express processes, can now be seen by DVG restricted users when they should. 19. IT17848/R515213 (2016-11-08) Description of issue: Size/Volume of Files over Time widgets use UTC time instead of console preferred time zone. Description of fix: Add date time conversion in the widgets. 20. IT17880/R519899 (2016-11-09) Description of issue: When change made to rule matching logic, regex expressions were handled differently such that subsequences in the value to be checked would no longer match the specified expression. Description of fix: Update the change to the rule matching logic so that subsequences in the values to be checked would once again be matched by specified regex expressions without modifying them. 21. R521327 (2016-11-17) Description of issue: Getting "org.xml.sax.SAXParseException: The markup in the document following the root element must be well-formed." parsing error on B2B service definition when Control Center starts. Description of fix: If the B2B service xml had a xml header, metric records were being inserted after the xml header instead of after the service record. Modified logic that inserts metric records into B2B service definitions to insert it in the service element. 22. IT18252/R521109 (2016-11-23) Description of issue: When formatting the date time for emails the logic is formatting it in UTC now, the engine's time zone, instead of the time zone the engine was configured for. Description of fix: Use the time zone the engine was configured for when constructing date strings for user specified email text. 23. R522191 (2016-12-01) Description of issue: Web Server fails to start when Control Center engine starts due to Null Pointer Exception encountered trying to create web dataSource.xml from JdbcService.xml. Description of fix: Modified Web Container Helper to be able to handle empty JDBC Service location. 24. R522190 (2016-12-01) Description of issue: Standard SLC's with no server selected get loaded to Control Center during upgrade and cannot be corrected via the console. Description of fix: When Control Center starts, if it encounters an invalid Standard SLC, it will report the error in the engine log and stop the engine. The user can correct the SLC and restart the engine. This prevents invalid SLC from getting loaded to the database. Web and classic console do not allow you to create Standard SLC without a server. 25. R522188 (2016-12-01) Description of issue: When Control Center is loading email actions with missing smtpFromAddr element from the conf directory, parsing errors cause the engine to stop and any action after the invalid action is deleted from conf. Description of fix: When Control Center finds an action email in conf with a missing smtpFromAddr, set it to the email service from-address value. If Control Center finds an action that is invalid for any it can't correct, report the bad action in the engine log and stop the engine. Keep any action following the invalid action in the conf directory so that they can be loaded once Control Center is restarted. 26. R521243 (2016-12-02) Description of issue: Web Console warning pop up that shows when a Cognos Widget has changed is specific to the Active Alerts Widgets and it needs to apply to all widgets. Description of fix: Redesign of the Web Console warning popup that shows when a Cognos Widget has changed to be good for any widget. 27. R517782 (2016-12-02) Description of issue: Address security issues in Websphere Liberty 8.5.5.9 Description of fix: Updated Websphere Liberty to 16.0.0.3 28. IT18230/R522434 (2016-12-02) Description of issue: Control Center cannot establish a secure connection to SEAS (Sterling External Authentication Server) using TLSv1.2. When Control Center calls the SEAS API, the protocol is not set in the ssl parameter structure used to establish the secure connection. As a result, a default value of TLS is used. If the SEAS server is configured to use TLSv1.2, the connection is rejected, due to the mismatch in protocols. Description of fix: Added two new engine properties to allow both the secure protocol -and- cipher suite list to be configured for the secure connection between Control Center and SEAS. SEAS_SECURE_PROTOCOL=TLS | TLSv1.1 | TLSv1.2 Specifies the protocol(s) for secure connections between the engine and SEAS (Sterling External Authentication Server) Note: If this property is not specified, com.ibm.jsse2.overrideDefaultProtocol will be used as the protocol for SEAS secure connections SEAS_CIPHER_SUITES= Specifies a comma delimited cipher list for secure connections between the engine and SEAS (Sterling External Authentication Server) Example: SEAS_CIPHER_SUITES=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 For the Sun JSSE provider supported cipher suites, please refer to below link: http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider 29. R522193 (2016-12-03) Description of issue: Linked rules without a effective match get parsing error causing Control Center engine to not start. Description of fix: Modified code that loads rules, when the Control Center engine starts, to disable any linked rules and write a warning to the engine log: Warning: Rule was changed to no longer be a linked rule due to invalid linked rule values. If this rule should be a linked rule, edit it via the console. Rule: {rule name} 30. R522206 (2016-12-06) Description of issue: When upgrading to 6.1.0.1, if admin had a password other than the default, it gets reset back to the default. Description of fix: Changed code to use conf/users/admin.xml which has the users encrypted password instead of the admin template which has no password. 31. IT18588/R524276 (2016-12-23) Description of issue: Scheduled reports emails sometimes mixed information from 2 different reports. Description of fix: Synchronized the writing of a temporary file used to create report objects to prevent one reports execution from corrupting another report's email variables. 32. R524228 (2017-01-03) Description of issue: Future date scheduling for Functional Authorities does not work. Description of fix: Remove the code which re-initializes the date user specified in the future and set the time zone of the scheduled date to the time zone specified by the user. 33. R521082 (2017-01-03) Description of issue: Database Events Report from Cognos spanning two pages. Description of fix: Change the default PDF orientation of Database Events Report to landscape. 34. IT18646/R522171 (2017-1-04) Description of issue: REST API's allow for Cross Site Request Forgery attack. Description of fix: Removed old /rest/ REST API's that are no longer used since they were replaced with /svc/ REST APIs. 35. IT18667/R525006 (2017-01-04) Description of issue: The EventMonitor query was blocking multiple outstanding INSERT request against the EVENTS table. Description of fix: Optimized the offending query to avoid the blocking condition. 36. R525147 (2017-01-05) Description of issue: The "Concurrence Count' input field is limited to a max value of 99 on the Wildcard SLC Group Properties screen (General tab). Description of fix: Increased the max value to 999. 37. IT18683/R524872 (2017-01-08) Description of issue: The starting/ending year filter of Monthly File Transfer Report will not go beyond 2016. Description of fix: Adding 2017~2022 to the starting/ending year list. 38. IT18718/R524209 (2017-1-09) Description of issue: Error recovery logic that is triggered when the database is down causes MQMFT server's background task to stop running. And the sign on task that should restart the stopped task does not get started. Description of fix: Intercept the database error to make sure the stopped background task restart. And made sure a database error does not result in a MQMFT sign-on without a sign-off. 39. IT18765/R525592 (2017-1-11) Description of issue: ReportService.xml is not editable via Web Console System configuration > Properties so users cannot change Cognos max records returned. Description of fix: Added ReportService.xml to list of files that can be edited via Web Console System configuration > Properties 40. IT18848/R520980 (2017-01-16) Description of issue: CPU utilization can spike excessively during each SI adapter status poll interval. This was caused by some inefficient xml parsing logic introduced beginning with CC 6.1. Description of fix: Corrected the offending xml parsing logic to eliminate the CPU spikes during SI adapter status polling. 41. R526099 (2017-01-18) Description of issue: Address security issues in ActiveMQ 5.13.2. Description of fix: Upgraded ActiveMQ to 5.14.2. 42. R526883 (2017-01-19) Description of issue: User moves engine without updating the host specified for FileAgentService.xml file and then the EP will not start Description of fix: Rather than stopping startup, an error is logged to the FileAgentService log file and the invalid snmpListenerAddress is updated to be the address of the server the EP is running on. 43. R479724 (2017-01-19) Description of issue: There's currently a single configuration value in CCEngineService.xml, recordLimit, that controls the limit of records requested at one time from monitored servers. Description of fix: A new element was added to CCEngineService.xml - siRecordLimit, whose default is 4999, which can be used to control the limit of records requested at one time from monitored B2Bi servers. 44. IT18924 /R525569 (2017-01-23) Description of issue: Duplicate keys are being used when inserting data into the X_CHANGE_HISTORY table. Description of fix: Upgraded two new 10x jars, the Change History and User Management PAC jars, to version 2.3.0.7. 45. IT18632/R520920 (2017-01-27) Description of issue: The java master security properties file (i.e. /jre/lib/security/java.security) is overwritten each time Control Center is upgraded. Consequently, any user changes to the file are lost with each successive upgrade. Description of fix: Enhancement to preserve user changes to the master security properties file. Created a new file to override properties in the "master security properties file" located in /jre/lib/security/java.security. The override file is located in /conf/CC_java.security. Any properties specified in CC_java.security will override those specified in the master security properties file. CC_java.security is preserved across each Control Center upgrade. 46. IT19031/R527877 (2017-01-31) Description of issue: Node discovery did not utilize the LDNS values in netmap entries that specified them which resulted in no TCP address being shown for TCP nodes Description of fix: Changed the logic for TCP nodes to utilize the LDNS value in the netmap when no TCP address was specified. 47. IT19050/R528008 (2107-02-01) Description of issue: When an IOException is encountered writing to rep.xml, the reports in conf/reports/criteria the reports are moved to conf/reports/criteria/imported-yyyymmddss but not added to CC_REPORTS. And if there are any reports schedules defined in conf/reports/schedules, the start of the engine stops because the schedules are for reports that do not exist. Description of fix: If an IO Exception occurs when loading the reports, display the reason for IOException in log, keep the reports in conf/reports/criteria and stop the engine. Then the log can be used to determine the cause of the IOException and once fixed, (more space, permission, etc) the restarting of the engine will continue with the loading of the reports. 48. IT19058/R528011/R528185 (2017-02-03) Description of issue R528011: Unable to utilize event element queueId in email actions Description of issue R528185: Unable to utilize event element FG.WFID in email actions Description of fix: Added both items to the list of known event elements to allow variable substitution. 49. IT18992/R524197 (2017-01-24) Description of issue: Users want to continue to see Select Statistics in the Classic Console. Description of fix: Add option to Classic Console that lets users use either the web console or the classic console to view select statistics. Also added filter to Web Console Events, File Transfer and Process panels. 50. IT19107/R528322 (2017-02-04) Description of issue: Rule that has a server group in the criteria and the server group has no servers, gets a "XPath parenthesis not closed." error when engine starts. Description of fix: Made sure effective match generated for a rule that uses a server group with no servers has a matching end parenthesis by using a # character to indicate a empty server group instead of a blank. 51. IT19109/R521361 (2017-02-05) Description of issue: Not able to use optional secondary schema when Oracle database is used for Control Center. Description of fix: Add XML element to JDBCService.xml and CognosReportService.xml. 52. IT19176/R527840 (2017-02-08) Description of issue: Unable to logon to Control Center from the web UI when using a secure connection and SEAS is configured for TLSv1.1/2. Beginning with Control Center 6.1, the webserver connects directly to SEAS during user logon authentication (whereas in prior releases the engine was called to make the connection to SEAS for user authentication). The webserver jvm does not have visibility to SEAS related properties specified in engine properties. Consequently, this caused default SSL/TLS values to be set in the secure connection setup, causing SSL handshake failures. Description of fix: Modified the startup logic to update the webserver/Liberty jvm.options with the following SEAS engine.properties: SEAS_PERSISTENT_CONNECTION, SEAS_SECURE_PROTOCOL and SEAS_CIPHER_SUITES. This provides visibility to the properties allowing the intended secure connection values to be set. During product startup, these properties are either updated or removed from /web/wlp/usr/servers/defaultServer/jvm.options. If present in engine.properties, jvm.options is updated with the current values. If not present in engine.properties, the property is removed from jvm.options. 53. IT19136/R525881 (2017-02-08) Description of issue: Control Center engine stops by itself after a while when using X11 port forwarding. Description of fix: Added the following line in runEngine.sh -and- runEngineCold.sh scripts: "unset DISPLAY". 54. IT19235/R528272 (2017-02-10) Description of issue: Changes introduced in 6.1 caused the logic that ascertains which version of Connect:Direct configuration objects was the most current to fail. Description of fix: Rather than key off of the Configuration object's version ID value, the logic is now using the version's added time value. 55. IT19346/R527290 (2017-02-20) Description of issue: Seeing intermittent messages in log files that say "Transaction was deadlocked on lock resources with another process and has been chosen as the deadlock victim." Description of fix: Added logic to retry database transaction when this error occurs. 56. IT19378/R527882 (2017-02-23) Description of issue: Database temp space fills up file system. Description of fix: Provided new property variables in engine.properties to limit the database requests made by the EventMonitor logic - EVENT_MONITOR_EVENT_LIMIT_PER_RUN and EVENT_MONITOR_EVENT_COUNT_FOR_CATCHUP. 57. R530236 (2017-02-23) Description of issue: When SHRCNV is set to zero for a channel Control Center connects to for MQ monitoring, it never gets any messages Description of fix: Added logic to detect when the MQ channel we connect to has SHRCNV set to zero and the code now throws an exception with a helpful message that describes the problem, and solution, and fails the connection now. 58. IT19425/R530108 (2017-2-24) Description of issue: Web Console is not working when using Oracle RAC if JDBCService.xml has no keyword FAILOVER_MODE. Description of fix: Modified the code to look for keyword FAILOVER to determine if Oracle RAC is in use so that the Oracle RAC template can be used when creating the Web Consoles's dataSource.xml file. 59.IT19426/R530421 (2017-2-24) Description of issue: It appears the daily bulk data mover task is deleting partitioned data from table CC_ALERT that it shouldn't but we have been unable to determine why. Description of fix: Changed the bulk data mover task to skip running the partition purge just for table CC_ALERT when the runEngine script has Java option STOP_CC_ALERT_PURGE=TRUE set. 60. IT19488/R528793 (2017-03-01) Description of Issue: The logic that ascertains when it repeatedly got the same data from a Connect:Direct server was no longer resolving the issue when it occurred. Description of fix: Updated the resolution logic and added the generation of a warning message when this condition occurred. 61. IT19547/R530220 (2017-03-06) Description of Issue: Various unexplained errors in IBM Control Center engine logs Description of fix: Eliminated "Did not find corresponding step event" messages when caused by only finding a step end event for a failed file transfer and errouneous "INFO StreamConsumer - ERR-->'D:\Program' is not recognized" messages. 62. IT19536/R531648 (2017-03-06) Description of issue: The filter on the rules listing panel in the Java GUI console does not filter correctly when key "Match Criteria" is used. Description of fix: Modified parameter file so filter will look for key of "match" instead of "effectiveMatch" since effectiveMatch is not longer stored in the rules xml. Also fixed key "Linked Rule" which was also not working. 63. IT19426/R530421 (2017-03-14) Description of issue: The MSSQL query that determines how many partitions a table has does not work for partitioned tables that have been dropped and created. This results in losing data from the recreated table when the nightly bulk data mover runs. The upgrade script introduced by CC 6.1 dropped and recreated the CC_ALERT table. Description of fix: Changed the MSSQL query to be able to detect that a previously partitioned table has been dropped and recreated and therefore no longer partitioned. Added code to delete partition functions before recreating them for previously partitioned tables that have been dropped and recreated. Modified engine startup to notify user to run configCC if it detects some tables are partitioned but not all tables are partitioned via message "Not all Control Center database tables are partitioned. Run configCC.bat/sh to partition all tables." 64. IT19729/R532864 (2017-03-15) Description of issue: Control Center became hung up when EVENTS_SEQ in table CC_SEQUENCE became larger than the int max value of 2,147,483,647. Once this happens, CC will not be able to process any events. During engine startup, processing will go into a loop and the engine log will display the following as the last message: [CCEngine(CCenter)] INFO CCEngine(CCenter) - Event ID generator : com.sterlingcommerce.scc.agent.server.SequenceGenerator Description of fix: Corrected the logic to handle large numbers. 65. IT19746/R532967 (2017-03-15) Description of issue: If a customer who uses a partitioned MSSQL database, upgrades to a CC 6.1 release before CC 6.1.0.1 iFix03 March 15, 2017 build (with fix 530421), they can lose CC_ALERT data. Fix 530421 fixes the issue to prevent future loss of alert data but some customers want to rebuild lost alerts to CC_ALERT. This fix allows customer the option of rebuilding CC_ALERT database data from existing data in EVENTS / EVENTS_EXT tables. Description of fix: Added new engine.properities option true. If engine.properties, at engine start up, has the following, then all CC_ALERTS will be deleted and rebuilt from data in EVENTS / EVENTS_EXT: true true The code will then set IS_INITIALIZE_EXISTING_ALERTS to false so it will not continue to run on subsequent engine starts. This is intended as a one time execution to recover lost alerts for CC instances that use partitioned MSSQL and want to recover lost alerts. 66. R531842 (2017-03-15) Description of issue: Required upgrade to Java 7.0.10.1 to resolve Jan 2017 quarterly security issues. Description of fix: Upgraded to Java 7.0.10.1 67. IT19763/R533055 (2017-03-20) Description of issue: Unable to edit or save Simple SLCs due to error "Unrecognized Timezone: America/New York" Description of fix: Made "America/New York" time zone be handled properly. While the Eastern time zone continues to be a choice, the New York time zone supercedes it and is used in its place. 68. IT19773/R531836 (2017-03-21) Description of issue: Java console profile when saved in XML format in CC_FILES table, has invalid right ( ] ) and left bracket ( [ ) characters causing runDataCollector.bat/sh and exportConfig.bat/sh to list the profile as being invalid. Description of fix: Convert the brackets into valid XML characters. And add code to Java console to delete a users profiles found in CC_FILES table if the user is deleted. 69. R533437 (2017-03-22) Description of issue: Seeing instances of "com.microsoft.sqlserver.jdbc.SQLServerException: Transaction (Process ID xxx) was deadlocked on lock resources with another process and has been chosen as the deadlock victim. Rerun the transaction." for queries run against the EVENTS database table. Description of fix: Reduce contention on the EVENTS table by changing the query used by ProcessSummaryWorker.getEvents() to not lock EVENTS for MSSQL databases. 70. IT19963/R531556 (2017-03-30) Description of issue: Receiving multiple SLC false alerts. Description of fix: This particular issue was caused by the EventMonitor logic not getting all EVENT table data due to latency in writes to the database. A new engine.properties value was added named EVENT_MONITOR_EVENT_DELAY to address this. Valid values are integers from 0 thru 2,147,483,647. The unit for this value is milliseconds. Default is 0 which introduces no delay and is how the product currently behaves. The larger the value, the longer an event must have been processed before it will be passed on to the SLC service by the EventMonitor logic. 71. IT19889/R533373 (2017-04-04) Description of issue: Out of memory and node services falling behind in monitoring due to thread blocking. Description of fix: Changes made to queries used by process summarization logic to reduce result set size and therefore memory consumption. Changes also made to logic used to update queued process information for servers to reduce thread blocking. 72. IT20077/R534284 (2017-04-05) Description of issue: The following process summarization SQL update was found to be running a long time against an Oracle database: UPDATE CC_PROCESS SET PROC_STATUS = 'ended', ENDED = ? , QUEUE_NAME = NULL WHERE SERVER_ID = ? AND PROC_ID = ? AND PROC_NAME = ?. The explain plan used a table scan, when it should have used an index. Description of fix: Added a hint in the SQL command to use index CC_PROCESS_IDX3, when the database is Oracle. 73. IT20068/R534376 (2017-04-05) Description of issue: During an upgrade installation, when a duplicate EP name is detected, the error message displays the existing EP elements from the database: 1) host name 2) MAC address 3) install location -and- 4) current host name 5) current MAC address. However, the error message is missing the current install location, making it more difficult to determine the root cause, when the user attempts to install/upgrade into a location different from the original/existing installation instance. Description of fix: Added current location to the error message. 74. IT20147/R534788 (2017-04-11) Description of issue: Using ICC, unable to modify CDW parameter "sess.total", see error 'Invalid value specified for parameter: sess.total Format:sess.total". Description of fix: Added sess.total to valid initialization parameters. 75. IT20142/R532568 (2017-04-14) Description of issue: When answering yes to Oracle RAC in the Cognos dispatcher section of configCC it always defaults back to no if there is only 1 node in the RAC as it is for the case of Oracle SCAN. Description of fix: Modified configCC to recognize Oracle RAC as a SCAN when there is only one host. 76. IT20267/R535610 (2017-04-18) Description of issue: When days are selected for weekly calendars via the web console, the day selected is not the day reflected in the summary text. Description of fix: Changed the web console calendar and format logic to use the same time zone. 77. IT20337/R534021 (2017-04-21) Description of issue: A Control Center 6101 to 6101 Windows installation/upgrade failed with the following error message: "The name (CCenterMM) that you specified is already used by another installation of IBM Control Center. More information: Engine name, CCenterMM, is already used by host xxxxx.xxxxx.xxxxx with MAC Address of xx-xx-xx-xx-xx-18 at install location xxxxxxxxxxxxxxxxx\conf. Current Host name is xxxxx.xxxxx.xxxxx with MAC Address of xx-xx-xx-xx-xx-17." This occurred because the MAC address on the machine had changed prior to the upgrade to use the backup NIC , causing the MAC to change from 18 to 17. Description of fix: Modified the Windows installation/configuration logic to be more forgiving and allow for this type of situation. Specifically, either the MAC -or- hostname (but not both) can be different, if the new MAC or hostname is not being used by any EP. 78. R536413 (2017-04-22) Description of issue: The version of Connect:Direct Browser packaged with Control Center is not at the latest fix level (currently 1502 iFix16). Description of fix: Updated Control Center with Connect:Direct Browser 1502 iFix19. 79. IT20377 /R536485 (2017-04-27) Description of issue: Database connection authorization failure occurred in Websphere/Liberty during Control Center startup. Reason: User ID or Password invalid. This was caused by a special character being included in the password (in this case an asterisk "*"). Special characters must be escaped in order to make sure they are treated as part of the password string (instead of a control character sequence). Description of fix: Insert an escape character for each of the following special characters contained in the password: \,^,&,*,@,[,],{,},:,=,!,-,(,),%,+,?,',~,|,$,.,#,_,<,>, and comma, prior to encoding/encrypting the password. 80. R536868 (2017-05-02) Description of issue: When SEAS DEBUG logging is turned on, the user password is erroneously logged in the clear. Description of fix: Mask the password in the logged auth request. 81. IT20425/R537310 (2017-05-02) Description of issue: Numeric Overflow SQLException occurring in ProcessSummaryWorker logic. Description of fix: Treat SERIAL_NUM value in result set as a Long instead of as an Integer. 82. R538195 (2017-05-10) Description of issue: Existing DataVisibilityGroups with criteria that reference a server group do not work. Description of fix: Changed startup logic to fill in the list of servers in DVG criteria that specify a server group when DVGs are loaded into the system. 83. IT20595/R536268 (2017-05-15) Description of issue: CD z/OS NETMAP node missing CCF parameters. CD Unix initparms missing TCQ check point max age. Secure+ templates unable to select TLS 1.1 or TLS 1.2. Description of fix: Added missing functions. Note that before updating CDZ netmap nodes, a netmap refresh must be performed to pickup any existing CCF settings. Also note that the CDZ netmap node summary screen will not show values for the CCF parms. Another fix will be created for this that includes a new cdjai.jar that is required. Lastly until the PTF for CDZ APAR AI81556 is applied, the compress.std.prime character can only be reliably set as an alphanumeric character, no blanks or other hex values. 84. IT20576/R538373 (2017-05-16) Description of issue: Control Center suddenly stopped collecting new events, although the product remained up and running. This occurred when all the values for sequence object EVENT_SERIAL_NUM_SEQ became exhausted. This issue only applies to a CC installation using a DB2 database. In DB2, the default data type for a sequence object is INT, so the MAXVALUE is 2147483657. This issue is not applicable to MSSQL or Oracle DBs, because the default data type is for a sequence object is BIGINT. Description of fix: See below for specific DB2 LUW and DB2 z/OS fix description/instructions: DB2 LUW: Modified the logic to explicitly define/re-define Control Center DB2 sequence objects with a data type of BIGINT for both new installs/upgrades. DB2 z/OS: Modified the logic to explicitly define Control Center DB2 sequence objects with a data type of BIGINT for new installs. NOTE: This fix does NOT self correct the sequence objects in an existing DB2 zOS data base during an upgrade. This will be addressed in a future fix. Therefore, you (or your DBA) must perform the following instruction/SQL commands to correct the sequence objects in an existing Control Center DB2 zOS data base instance: 1. SELECT MAXVALUE FROM SYSIBM.SYSSEQUENCES WHERE SEQNAME = 'EVENT_SERIAL_NUM_SEQ' AND MAXVALUE <= 2147483647 If a result is returned, execute the following SQL commands to redefine the sequence object: 1a. DROP SEQUENCE EVENT_SERIAL_NUM_SEQ 1b. CREATE SEQUENCE EVENT_SERIAL_NUM_SEQ AS BIGINT START WITH 2147483657 INCREMENT BY 1 2. SELECT MAXVALUE FROM SYSIBM.SYSSEQUENCES WHERE SEQNAME = 'CC_CLUSTER_EVENT_SEQ' AND MAXVALUE <= 2147483647 If a result is returned, execute the following SQL commands to redefine the sequence object: 2a. DROP SEQUENCE CC_CLUSTER_EVENT_SEQ 2b. CREATE SEQUENCE CC_CLUSTER_EVENT_SEQ AS BIGINT START WITH 2147483657 INCREMENT BY 1 3. SELECT MAXVALUE FROM SYSIBM.SYSSEQUENCES WHERE SEQNAME = 'UNPROC_EVENT_SERIAL_NUM_SEQ' AND MAXVALUE <= 2147483647 If a result is returned, execute the following SQL commands to redefine the sequence object: 3a. DROP SEQUENCE UNPROC_EVENT_SERIAL_NUM_SEQ 3b. CREATE SEQUENCE UNPROC_EVENT_SERIAL_NUM_SEQ AS BIGINT START WITH 2147483657 INCREMENT BY 1 85. IT20578/R538398 (2017-05-16) Description of issue: The web console workspace widgets sometimes get a XQE-GEN-0005 error on the select a date filter. Description of fix: Made UserPrefTZ thread safe by getting instance of SimpleDateFormat for each thread. 86. IT20635/R534885 (2017-05-17) Description of issue: When Cognos gets an CM-SYS-5192 error trying to get report parameters, the report is not sent via email to the recipients. Description of fix: Catch the CM-SYS-5192 exception and use empty report parameters so the report will be run and an email will be sent. 87. R538325 (2017-05-17) Description of issue: When a process name or number contained a single quote, invalid SQL was generated. Description of fix: Used a prepared statement to avoid issues when the values being queried contained non alpha numeric characters. 88. IT20708/R538752 (2017-05-22) Description of issue: There is no filtering in the web UI alerts/handled alerts display screen. The filtering capability was lost when these screens were moved from the classic swing console to the web UI, beginning with 6.1.0. Description of fix: Created a new engine property to allow Alerts/Handled Alerts filter selection. Update the engine.properties with following property and set to true to enable alert filtering: false. false = disable alert filtering in the web UI (default value) true = enable alert filtering in the web UI 89. IT20710/R538529 (2017-05-23) Description of issue: Upgrading 5.4.2.1 straight to 6.1.0.1 took an inordinate amount of time upgrading ROLL_UP table data, plus the data wasn't necessarily updated correctly. Description of fix: Moved logic that upgrades ROLL_UP table data to when Event Processor is started and used more efficient queries to do the upgrade only when necessary 90. IT20733/R539320 (2017-05-24) Description of issue: The NodeService logic that ascertains whether data to be added to EVENTS for partitioned database tables did not work correctly for servers assigned to/monitored by anything but the CEP Description of fix: Updated the logic used by the NodeService to function regardless of the EP type. 91. IT20752/R539324 (2017-05-25) Description of issue: statRecordIds can not update thru the web console Description of fix: The validation logic used by the web console for configuration files was changed to allow comments to be entered in all but property files like engine.properties 92. IT20780/R539694 (2017-05-30) Description of issue: Dashboard Environmental health widget contains multiple entries for each node type instead of just one Description of fix: Under abnormal conditions runs of configCC will cause erroneous rows of data to be added to the NODE_TYPE database table. Logic was changed to update existing rows in NODE_TYPE instead of inserting new ones when configCC is run under those conditions. 93. IT20717/R538661 (2017-05-30) Description of issue: You get a web console error if you try to display the perimeter servers or nodes for a B2Bi server Description of fix: Addressed the class cast exception that occurred when perimeter servers and nodes for a B2Bi server were to be displayed in the web console 94. R538790 (2017-06-01) Description of issue: Query used by ProcessSummaryWorker for Oracle databases was not as efficient as it could be Description of fix: Change made on 5-18 dropped the specification of DATE_TIME >= and DATE_TIME <= for Oracle databases. Change made today affected diagnostics only. SQL used with values substititued in it is now shown instead of just the prepared statement. 95.IT20847/R539135 (2017-06-05) Description of issue: Unable to select a new certificate label in a CDU or CDW secure plus node after Certicom was removed from Connect Direct. Description of fix: Recognize that the new security tool kit is in place and that a certificate pass phrase is not required. 96. IT20635/R534885 (2017-06-07) Description of issue: Some times when running Cognos report it gets a CMError on org/apache/commons/codec/binary/Base64 and the report does not run. Description of fix: Move the Control Center jars from Cognos's lib folder to a new Cognos's AAA/lib folder so that Cognos's codec class does not conflict with Control Centers codec class. 97. IT21022/R541545 (2017-06-13) Description of issue: When configCC is partitioning CD_STATS_LOG, it gets error "ORA-00932: inconsistent datatypes: expected DATE got NUMBER" because of the column order. Description of fix: Changed the partitioning insert SQL for CD_STATS_LOG to include the column names so order will not matter. 98. IT21038/R541373 (2017-06-14) Description of issue: "System Error Message" is displayed when a SEAS userid successfully logs on via the web console (i.e. the error message is in the foreground of the successful logon screen). Description of fix: Added guard code to prevent an erroneous nullPointerException during SEAS authentication, which caused the system error message to be displayed. 99. IT21042/R540955 (2017-06-16) Description of issue: Web Server group view count not compatible with over 1000 servers. Description of fix: Corrected code that generated the counts. 100. IT21094/R540907 (2017-06-20) Description of issue: Some times when attempting to create new High Watermark Report from the console, the console often hangs at the first step and the console has to be terminated to release it. Description of fix: Moved code to prevent deadlock issue with Swing AWT lock and ControlCenterProxy lock. 101. IT21137/R539290 (2017-06-24) Description of issue: When the Cognos Connection scheduling feature is used to run a report, the feature fails due to authentication failure. Description of fix: Modified the Control Center custom authentication provider to properly create a trusted credential which is needed for the Cognos scheduling feature since a user may not be signed on when the report schedule runs. 102. IT21206/R541851 (2017-06-26) Description of issue: Cannot logon to the web client if all the following conditions exist: 1) the engine is running on Windows 2) the database is MSSQL 3) the database password contains a special character of !. This began occurring in 6101 iFix04. Description of fix: Corrected the command string used to call the Websphere/Liberty password encoder, such that the database password string is now always enclosed in double quotes. This ensures database passwords containing spaces or special characters are properly encoded/encrypted and saved in the dataSource.xml. 103. IT21203/R540706 (2017-06-26) Description of issue: 6.1.0.x Swing console required more heap space than the 5.4.2.1 version when connected to a system monitoring the same number of servers. Description of fix: Multiple changes made to both make the console logic use less memory and be more responsive when connected to a system monitoring a large number of servers. 104 IT20329/R533179 (2017-06-27) Description of issue: SQL used by EventMonitor for MSSQL databases was inefficient. And handling of alerts via the Web Console got errors due to deadlocks on CC_PROCESS table. Description of fix: Restructured the SQL for MSSQL to be more efficient. Removed CC_PROCESS queries from the Web Console Handle Alert function. Also provided property to allow FileAgent and SLC service to get events directly from the Rule service in single EP environments - BYPASS_EVENT_MONITOR_FOR_EVENTS 105. IT21224/R542675 (2017-06-28) Description of issue: When multiple rows are selected in the Node Configuration Management view they may be deselected in just a few seconds Description of fix: Corrected logic that was causing the deselection to occur 106. R543460 (2017-06-30) Description of issue: If the CEP never sees that an EP started, it will never reassign its reassignable monitored servers to another EP. Description of fix: Added a new engine property, TIME_TO_START_EPS_MINUTES, whose default is zero, to tell the CEP how long it should wait, in minutes, before it may reassign reassignable servers from an EP that is down, even if never saw that EP running. When TIME_TO_START_EPS_MINUTES is zero, the default, the CEP will never reassign a stopped EP’s reassignable servers unless that EP was seen to have been running. 107. IT21094/R540907 (2017-07-05) Description of issue: Some times when attempting to create new High Watermark Report from the console, the console often hangs at the first step and the console has to be terminated to release it. Description of fix: Changed to using async invokeLater instead of invokeAndWait to prevent dead lock between Control Center Proxy lock and AWT event lock. 108. IT21325/R543207 (2017-07-07) Description of issue: No automatic method to reduce number of conf-exported directories. Description of fix: Add Installation.properties item to specify number of directories to retain, MAX_CONFIG_EXPORTS_TO_RETAIN=nn. 109. R534577 (2017-07-12) Description of issue: Log entries from EventProcessorMonitor are filling up the engine log files. Description of fix: An update was made to the logic, and the Engine.log4j file, so that log entries made by EventProcessorMonitor go to their own log file now. 110. R536386 (2017-07-13) Description of issue: PSIRT Advisory 7801 - 10x session id not updated with each request Description of fix: Get a new session with each web console sign on. 111. IT21499/R541929 (2017-07-19) Description of issue: There are world writable files in the "/tmp/.com_ibm_tools directory" on the server where IBM Control Center runs. The customer installation does not allow world writable files on their servers. The transient files created in this directory are generated by the IBM Java Attach API. This feature is enabled by default in the jvm. This issue only applies to Windows, Linux and AIX platforms, because the Java Attach API is specific to IBM (does not apply to SolarisSPARC). Description of fix: Created a new InstallationInfo.properties property called COM_IBM_TOOLS_ATTACH_ENABLE=NO|YES to allow the Java Attach API feature to be disabled when the engine and all other CC related java processes run. Instructions to disable the Java Attach API: 1. Install 6101 iFix06 or later 2. Add the following property to /conf/InstallationInfo.properties: COM_IBM_TOOLS_ATTACH_ENABLE=NO 3. Run configCC.sh|bat 4. Additionally, if you have the SCCFTPAgent installed, you will need to manually update two separate instances of a file named options.default, located in that JRE directory. Add the following property to the options.default files which correspond to your platform/OS in the list below: -Dcom.ibm.tools.attach.enable=no \jre\bin\default\options.default Windows \jre\bin\compressedrefs\options.default Windows ------------------------------------------------------------------------------ /jre/lib/amd64/default/options.default Linux /jre/lib/amd64/compressedrefs/options.default Linux ------------------------------------------------------------------------------- /jre/lib/ppc64/default/options.default AIX /jre/lib/ppc64/compressedrefs/options.default AIX 112. R545347 (2017-07-28) Description of issue: Not able to run reports from the Web Console if the CC_CLUSTER_EVENT key is greater than 2147483647. Description of fix: Modified code so the Web Console running of a report checks for a long key instead of a integer key. 113. R546298 (2017-07-28) Description of issue: System Error reported to WebUI when adding comments or handling multiple alerts. Description of fix: Add a one millisecond wait to ensure times are unique. -------------------------------------------- List of Fixes (or Enhancements) included in Control Center (6.1.0.2 iFix01 fixes ported to 6.1.1.0) 114. IT21662/R546594 (2017-08-01) Description of issue: On Windows x64, after upgrading IBM Control Center to 6.1.0.2 GA the 'exportConfig.bat' file fails. The fix for defect 541929 erroneously introduced a double quote on the following line: SET JAVA_SYSTEM_VAR=%JAVA_SYSTEM_VAR% Dcom.ibm.tools.attach.enable=no". This issue/fix only applies to Windows. Description of fix: Corrected exportConfig.bat (i.e. removed the double quote). 115. IT21876/R544723 (2017-08-07) Description of issue: System unable to keep up with events from B2Bi server Description of fix: Added more information to B2Bi metrics, made calls by the node service logic to the process summary service to notify it when processes start and end, asynchronous, made logic that inserts data into EVENTS table more efficient by speeding up the string truncation logic that ensures we do not attempt to insert too much data in each column, and made logging by the EventProcessMonitor less onerous. 116. IT21877/R546855 (2017-08-07) Description of issue: Unable to monitor C:D i/5 Description of fix: Stopped using host name for database name when making connection. 117. IT21966 /R547450 (2017-08-10) Description of issue: Customer could not run the installer on one particular machine even after clearing tmp space. Description of fix: Increased the installer max heap size from 1.5GB to 3GB. 118. IT21972/R545468 (2017-08-11) Description of issue: Cannot logon to the web client if all the following conditions exist: 1) the engine is running on Windows and 2) the DB password contains a special character other than ^, @, [, ] ,{, } ,! or ;. Description of fix: Created a Windows only default special character list for the Websphere/Liberty password encoder so that only ^, @, [, ] ,{, } ,! and ; are encoded before calling the encoder. Added ; and / to the Unix default special character list. With this fix, a Windows or Unix database password with any of these special characters works: ~!@#$%^&*()_+{}|:<>?-=[]\;,./ Also, the default Windows and Unix special character list can be overridden by putting attribute WLP_PW_ENCODER_SPECIAL_CHARACTERS in /conf/installationInfo.properties. Prior to this fix, WLP_PW_ENCODER_SPECIAL_CHARACTERS was expected to be in engine.properties, but when a database password is set such that the Websphere/Liberty password encoder fails, the user can not sign on to the ICC web console to change engine.properties. Therefore, it has also been added to installationInfo.properties, which can be edited with a text editor. If WLP_PW_ENCODER_SPECIAL_CHARACTERS is in both engine.properties and installationInfo.properties, the value in installationInfo.properties takes precedence. Note that engine.properties is shared by all EP's in a multi-EP installation since it is in the database table CC_FILES. However, installationInfo.properties is on the file system so there is one per EP. If WLP_PW_ENCODER_SPECIAL_CHARACTERS is in installationInfo.properties in a multi-EP installation, it need to be in all EP's installationInfo.properties. After applying this fix, you should not have to set WLP_PW_ENCODER_SPECIAL_CHARACTERS at all. Its only provided in case a database type/JDBC Driver/special character combination is ever hit that is not handled by the default settings for WLP_PW_ENCODER_SPECIAL_CHARACTERS. The default setting for Windows is ^,@,[,],{,},!,; The default setting for Unix is \\,^,&,*,@,[,],{,},:,;,/,=,!,-,(,),%,+,?,',~,|,$,.,#,_,<,>,COMMA If WLP_PW_ENCODER_SPECIAL_CHARACTERS is set in engine.properties or installationInfo.properties, it will be shown in the Engine_{timestamp}.log as: INFO WLPPasswordEncoder - WLP_PW_ENCODER_SPECIAL_CHARACTERS: {value from installationInfo.properties or engine.properties} If WLP_PW_ENCODER_SPECIAL_CHARACTERS is NOT set in engine.properties or installationInfo.properties, it will be shown in the Engine_{timestamp}.log as: INFO WLPPasswordEncoder - Using default special characters: {default setting for Windows or Unix} And finally, this fix corrected a Cognos issue where, if the Cognos database password had special characters & or < or >, Cognos would not start. 119. IT21995/R546946 (2017-08-14) Description of issue: Process summarization not keeping up Description of fix: Changed prepared statement to not use variables and query performance increased 120. IT22092/R547769 (2017-09-11) Description of issue: After upgrade to 6.1 non latin characters in ICC object descriptions were inadvertently changed to HTML numeric character references and then ICC would not start Description of fix: Added logic to catch and change HTML numeric character references found added to the Control Center objects' .XML configuration files prior to them being used. Also created utility program, fixConfigData, to change numeric character references that made it in to the CC_FILES database table back to the characters they were in ICC object descriptions and other fields. 121. IT22094/R546731 (2017-10-18) Description of issue: When MSSQL clustered database used by ICC was shutdown momentarily, ICC did not recover after it was restarted, and had to be restarted itself Description of fix: Added logic to watch for this situation and recover when it occurs. Additional logic added 2017-10-18. 122. IT21529/R537557 (2017-08-24) Description of issue: Security Risk due to Authentication Bypass Using HTTP Verb Tampering Description of fix: Modified Control Center Web Console servlet to only allow HTTP POST, PUT, DELETE and GET verbs. 123. R538511 (2017-08-24) Description of issue: CD for z/OS CCF netmap parameters not displaying in summary screen. Description of fix: Correct the code to properly display the values. 124. IT22169/R548071 (2017-08-31) Description of issue: Web Console's Individual Server panel is slow when a server is selected due to unnecessary file transfer count query. And the process tab query does not need to specify both the server ID and the server type. Description of fix: Remove the file transfer count query and change the process query to just include the server ID and not the server type. 125. IT22227/R540218 (2017-08-31) Description of issue: Completed Connect:Direct processes occasionally being left in the queued process view Description of fix: Created new logic to handle updates to the queued process data in CC_PROCESS. The new logic is activated by adding the engine property UPDATE_QUEUED_PROCESS_NEW_LOGIC with a value of TRUE to engine.properties 126. IT22323/R544407 (2017-09-08) Description of issue: Newly completed file transfers were not being summarized and therefore were not being shown in the dashboard file transfer activity over time widget or cognos file transfer volume widgets. Description of fix: Updated the logic used by the default summarizer that was errouneously thinking new transfers had already been counted due to the fact it had previously seen transfers done by the same process while events for that process had been purged from the EVENTS database table. This is only an issue for Connect:Direct and Connect:Enterprise because their process numbers are not always unique. 127. R538200 (2017-09-11) Description of issue: configCC fails with error "Cannot overwrite own certificate" when ICC is configured with a trust store and a key store that are the same. Description of fix: Modified configCC to only copy the ICC trust store to the ICC JRE trust store and if the ICC trust store is the same as the ICC JRE trust store, don't do the copy at all. 128. R549999/IT22329 (2017-09-11) Description of issue: Message ID is not one of the key choices for Data Visibility Group criteria. Description of fix: Added Message ID as a key choice when creating Data Visibility Group criteria. If the message Id needed, for example FG_0411, is not in the drop down list, it can just be typed in. 129. R549773/IT22449 (2017-09-21) Description of issue: Imported Rules via the web console do not preserve exported rule priority. Description of fix: Added check box option, "Preserve exported priority", to web console import Rules panel to allow the user to specify if they want to keep the rules in the exported order or not. This option will only show on the import rules web console if the rules were exported by an IBM Control Center instance that has this fix applied. This is because the rule exporter had to be changed to save the priority to the exported zip file in order for the importer to know the original priority. 130. R550272/ IT22448 (2017-09-21) Description of issue: Hourly CC_CLUSTER_EVENT purge job is getting Oracle error ORA-22295 Description of fix: Changed SQL from a DELETE with a WHERE IN (n,n,n,n...) clause to a DELETE with WHERE CREATION_DATE < {date-12-hours-ago} 131. R548223 / IT22571 (2017-10-02) Description of issue: False Workflow SLC alerts. Workflow SLCs with a calendar schedule, and one or more duration milestones, were not terminating the milestone monitor logic at the end of the SLC's monitoring window, causing erroneous events to be generated if events that met the milestone criteria were received after the end of the SLC's monitoring window. Description of fix: Fixed the logic so the Workflow SLC's milestone monitors would be terminated at the end of the SLC's monitoring window. 132. R542538/IT22686 (2017-10-05) Description of issue: When using SEAS/LDAP authentication, web console users have to hit login twice to successfully log on as the first one fails but the second one succeeds without having to change the user ID or password. Description of fix: Make sure the persistent connection to SEAS is still connected before trying to send the authentication request to SEAS. 133. R552375/IT22701 (2017-10-05) Description of issue: When using the Recent file transfer activity API the values returned are always null. Description of fix: The logic used to create the JSON data to be returned was fixed. 134. R552668/IT22774 (2017-10-11) Description of issue: The JCE unlimited strength policy files located in are overwritten during each install/upgrade. Description of fix: Updated the installer to preserve (copy) the unlimited strength policy files during upgrade. 135. R546048 (2017-10-13) Description of issue: The cogstartup.xml file was not being captured when the data collector ran. Description of fix: Updated the path to the file to be "configuration" instead of "Configuration" as case matters on all systems except Windows. Also fixed path to the installation log file and included two new Cognos configuration files in data collector output per customer support request. 136. R549997/IT22801 (2017-10-16) Description of issue: Sterling Control Center web console locks up when changing time frame parameters. Description of fix: The issue was actually occurring when a search value was specified on the completed file transfer view and the time frame parameters were changed, which caused a new search on the completed file transfers database table (CC_FILE_TRANSFER) to be initiated. Two changes were made - The search queries initiated from the completed file transfer view were changed to query fewer columns to increase query speed (likewise for the handled and active alert views and the queued process view), and the database isolation level for queries initiated by the web console was changed from "repeatable read" to "read committed" to reduce database locking. 137. R552307/IT22828 (2017-10-16) Description of issue: Multiple event elements identified as not being populated into email notifications. Description of fix: The following variables were added to Key list for Rules match, Metadata rules and Event variables for E-Mail list: FGMSG.AFTRouteId,FGMSG.AFTRouteWorkFlowId,FGMSG.BusinessProcessName,FGMSG.CandidateCount,FGMSG.ConsumerCode,FGMSG.ConsumerContentType,FGMSG.ConsumerFilename,FGMSG.ConsumerFileSize,FGMSG.ConsumerMailboxPath,FGMSG.ConsumerMessageId,FGMSG.ConsumerName,FGMSG.ConsumerType,FGMSG.Context,FGMSG.CreateMailboxIfMissing,FGMSG.DestinationMessageName,FGMSG.Directory,FGMSG.FtpRenameFile,FGMSG.LayerCount,FGMSG.LayerDescription,FGMSG.LayerFilename,FGMSG.LayerType,FGMSG.MailboxPath,FGMSG.MessageAdditionEventCode,FGMSG.PayloadName,FGMSG.PrimaryDocumentId,FGMSG.ProducerCode,FGMSG.ProducerFilename,FGMSG.ProducerFileSize,FGMSG.ProducerFileStructure,FGMSG.ProducerMailboxPath,FGMSG.ProducerMessageId,FGMSG.ProducerName,FGMSG.ProducerPayload,FGMSG.ProducerUserId,FGMSG.ProfileId,FGMSG.Protocol,FGMSG.RouteCount,FGMSG.RoutingChannelTemplateKey,FGMSG.RoutingChannelTemplateName,FGMSG.TransportBP,FGMSG.UseGlobalMailboxes,FGMSG.WorkflowId. 138. R521197 (2017-10-18) Description of issue: Tag mapping does not work when SFG events are received before process start or after process end Description of fix: This is an occasional issue with SFG processes. To address it, a new engine property was added, SUMMARIZE_MILLIS_DELAY_FOR_PROCS, which allows a user to specify an amount of time, in milliseconds that ICC will wait before summarizing a completed process. The default value for this property is zero. If you find this issue occurring in your environment you may add SUMMARIZE_MILLIS_DELAY_FOR_PROCS to the existing engine.properties data with a value that tells ICC how long to wait, in milliseconds, before initiating summarization for processes that end. You should make the value just long enough to ensure all events for an ended process have been received before summarization is performed. 139. IT22863 /R552371 (2017-10-23) Description of issue: Scheduled node configuration refresh jobs running twice per day, one hour apart. Description of fix: Correct DST logic. 140. IT22916 /R550648 (2017-10-25) Description of issue: Unable to run Sterling File Gateway Detail by Producer report with more than 10000 rows. The report does not show all data and gets OOM error if the report row limit is increased beyond 10000. Description of fix: Rewrote the logic that gathers the data for the report to remove an unneeded and inconsistent query. Made sure the report honors the record limit as set via the java console for the report. The following parameters control the running of the Sterling File Gateway Detail by Producer report: A) The JDBC_DRIVER_MAX_ROWS parameter that controls how many records are read at one time from the data base when paging thru tables with large amounts of data. Defaults to 10000. Can be changed by editing engine.properties via the web console Properties panel to add value {yourNewLimit} B) The ICC console Report Sort panel which allows the user to specify how many rows they want to see on the report via the "Max Records Returned" parameter. Defaults to 5000 or new limit as set by C below. Can be changed by editing the saved report definition via the console Report Sort panel. C) The 5000 parameter that determines the max value that users can specify in the "Max Records Returned" field when defining a report via the console. Defaults to 5000. Can be changed by editing ReportService.xml via the web console Properties panel to add value {yourNewLimit} D) The Cognos web server JVM heap size. Defaults to -Xmx768m To increase the Cognos web server JVM heap size, edit Cognos/configuration/cogstartup.xml and set the memory value in the dispatcherMaxMemory element and restart Cognos: 4096 141. IT22985/R552794 (2017-10-31) Description of issue: The keystore/truststore passwords are not encrypted in the /web/wlp/usr/servers/defaultServer/bootstrap.properties file. Description of fix: Modified the code to correctly encrypt the passwords during engine startup. 142. R547481 (2017-11-03) Description of issue: Running Database Events report sometimes causes SQL errors when data collected for XML_STRING column has more than 4000 characters. Description of fix: Changed temporary table XML_STRING column, created for Database Events report, from varchar(4000) to clob. 143. R554679 (2017-11-02) Description of issue: Cognos fails to start on Windows when there is a space in the installation directory path. This was caused by missing double quotes on a property specified in \Cognos\bin64\bootstrap_wlp_winx64.xml. Description of fix: Corrected bootstrap_wlp_winx64.xml to include the double quotes on the following property: "-Djava.security.properties=${install_path}/../conf/CC_java.security". 144. IT23022/R551461 (2017-11-03) Description of issue: The following obsolete Cognos jar/script files caused multiple vulnerabilities to be flagged during a scan. /Cognos/webapps/p2pd/WEB-INF/lib/commons-fileupload-1.3.jar /Cognos/webapps/p2pd/WEB-INF/lib/shiro-core-1.2.1.jar /Cognos/webapps/p2pd/WEB-INF/lib/jython/Lib/tzparse.py Description of fix: Updated the Control Center installer to remove these files during install/upgrade, to ensure there are no future false positive hits against these files. -------------------------------------------- List of Fixes (or Enhancements) included in Control Center (6.1.0.2 iFix02 fixes ported to 6.1.1.0) 145. R555643 (2017-11-14) Description of issue: The secure plus node common name field may have embedded spaces, but CC does not enclose the value in quotes causing the CDAIJ to generate a parsing error. Description of fix: Enclose the value in quotes. Note that CDZ needs a fix to accept a value with a space in it, but CDW and CDU handle it correctly. 146. IT23116/R554387 (2017-11-08) Description of issue: CCAPI based application was able to construct a user object that referenced a role that was not in the database causing Control Center to not be able to be successfully restarted. Description of fix: The user creation logic will now throw an exception, instead of proceeding, when the role it references is not found in the Control Center database. 147. IT23115/R554086 (2017-11-08) Description of issue: Updating users and roles is slow. Description of fix: A small inefficiency was removed from one part of the logic used to update and create roles. 148. IT23150 /R555537 (2017-11-14) Description of issue: Java console users do not have their session invalidated when they lose connectivity to the java console due to inactivity or due to issuing the shutdown of IBM Control Center via the console. Description of fix: Update the code that recognizes when a console user times out or when a user issues the shutdown command, to so that the user's session can be invalidated in the user session table. 149. IT23199/R555668 (2107-11-16) Description of issue: Cognos is sending a email that says the "Apple Push Notifications certificate has expired or is about to expire" to mobile.administractor@cognos.ibm.com Description of fix: Updated Cognos with a new the Apple Push Notifications certificate that expires August 21, 2018. If a ICC user wants to update the certificate without installing this fix, they can do so via these instructions: http://www-01.ibm.com/support/docview.wss?uid=swg24034258 Also, they can change the Cognos mobile administrator email address via the Cognos Administration mobile tab. They can signon to Cognos Administration by using the ICC Console, Tools > IBM Cognos Connection link. 150. R556161 (2017-11-16) Description of issue: Web server (WLP) could not connect to the database on zLinux. Description of fix: Corrected the code to allow a successful database connection on zLinux. 151. R556220 (2017-11-17) This is a follow-up fix to original enhancement APAR IT18632 / RTC 520920 which added the ability to override properties in the java master security file. A new property was included in various files (runEngine / runEngineCold / etc.) to specify the override file. In the original fix, runEngine$.lax should have also been modified to allow the property to take effect when Control Center is running as a Windows service. Description of fix: Added property/value -Djava.security.properties=../conf/CC_java.security to /bin/runEngine$.lax. 152. IT23241/R556186 (2017-11-21) Description of issue: Even when the Engine.log4j rootlogger is set to ERROR, INFO level messages are written to the logs by node services. Description of fix: Node service logic would log data at DEBUG level when tracing was enabled, or at INFO level when tracing was disabled. Fixed Node service logic to log at level set for rootlogger when tracing disabled. 153. R557008 (2017-11-29) Description of issue: Swing reconnect logic does not trigger when event processor it's connected to stops Description of fix: Added an additional check for connection exceptions to the logic that initiates the reconnection logic