NetIQaccess数据库修复

AccessManager4.
0Hotfix2Readme1AccessManager4.
0Hotfix2ReadmeApril2014TheAccessManager4.
0Hotfix2supercedesAccessManager4.
0Hotfix1andincludesanimportantsecurityfixtoresolvetheHeartbleedvulnerabilitybeingtrackedbyOpenSSLbugCVE-2014-0160.
Formoreinformationaboutthisvulnerability,seeUS-CertTechnicalAlert.
IfyouareonAccessManager4.
0,youarenotaffectedbytheHeartbleedvulnerability.
ButifyouareonAccessManager4.
0Hotfix1andhaveinstalledtheadditionalpackagetoenableTransportLayerSecurity(TLS)version1.
1and1.
2,thereisasecurityvulnerabilityintheversionofOpenSSLlibrarythatisusedbytheadditionalpackage.
Section1,"What'sNewinAccessManagerHotfix2,"onpage1Section2,"DeterminingIfYouAreAffectedByThisVulnerability,"onpage1Section3,"UpgradingtoHotfix2,"onpage2Section4,"ContactInformation,"onpage3Section5,"LegalNotice,"onpage31What'sNewinAccessManagerHotfix2ThishotfixincludesanimportantfixtoresolvetheHeartbleedbuginOpenSSLandalsoincludesallthesoftwarefixesinAccessManagerHotfix1.
Forthelistofsoftwarefixes,enhancementsandknownIssuesintheAccessManager4.
0andAccessManager4.
0Hotfix1releases,seeAccessManager4.
0ReadmeandtheAccessManager4.
0Hotfix1Readme.
2DeterminingIfYouAreAffectedByThisVulnerabilityTheIdentityServerandAdministrationConsoledonotuseOpenSSLandarethereforenotaffectedbytheHeartbleedvulnerability.
TheAccessGatewayusesOpenSSLtoprovidesupportforsecurecommunication.
TheAccessGatewayinAccessManager4.
0usesOpenSSL0.
9.
8andisthereforenotaffectedbytheHeartbleedvulnerability.
IfyouareonAccessManager4.
0Hotfix1andhaveinstalledtheadditionalpackagetoenableTransportLayerSecurity(TLS)version1.
1and1.
2,thereisasecurityvulnerabilityintheversionofOpenSSLlibrarythatisusedbytheadditionalpackageTodetermineiftheAccessGatewayissusceptibletotheHeartbleedvulnerability,executethefollowingstepsonallAccessGateway4.
0HF1servers:1OpenaterminalwindowandrunthefollowingcommandtodeterminetheversionofOpenSSL:rpm-qa|grepnacm2Ifthepackagelistdisplayedincludesthenovell-nacm-apache-openssl101f-2.
2.
24-400110package,thenthesystemisaffectedbytheHeartbleedvulnerability.
ThereforeitismandatorytoupgradetoAccessManager4.
0Hotfix2.
Formoreinformationaboutupgrading,seeUpgrading2AccessManager4.
0Hotfix2ReadmetoHotfix2.
Iftheoutputofthecommanddoesnotdisplaythenovell-nacm-apache-openssl101f-2.
2.
24-400110package,thenthesystemisnotaffectedbytheHeartbleedvulnerability.
ItisstillrecommendedthatyouupgradetoHotfix2asitincludessoftwarefixesintroducedinHotfix1.
3UpgradingtoHotfix2NOTE:EnsurethatyouarecurrentlyonAccessManager4.
0orAccessManager4.
0Hotfix1beforeupgradingtoAccessManagerHotfix2.
ToupgradetoAccessManager4.
0Hotfix2,downloadtheAM_400_HF2.
zipfilethatcontainstheAccessManagerPatchToolandthepatchfileusingthefollowingsteps:1GotoNetIQdownloadspage.
2UnderPatches,clickSearchPatches.
3SpecifyAM_400_HF2.
zipinthesearchboxanddownloadtheHotfixfile.
4UpgradeusingtheproceduredescribedinApplyingAccessManager4.
0HotfixPatchforLinuxandApplyingAccessManager4.
0HotfixPatchforWindows.
5OntheAccessGatewayserver,iftheoutputoftherpm-qa|grepnacmcommandincludesthenovell-nacm-apache-openssl101f-2.
2.
24-400110package,thenitisimportanttoreinstalltheAccessGatewaypackagestoenableTLS1.
1andTLS1.
2.
Formoreinformationaboutthis,seeSection2inEnablingTLS1.
1andTLS1.
2forAccessManager4.
0Hotfix2.
3.
1VerifyingVersionNumbersBeforeUpgradingYoucanupgradetoAccessManager4.
0Hotfix2ifyouareonAccessManager4.
0orAccessManager4.
0Hotfix1.
Beforeupgrading,itisimportanttoverifytheversionnumberoftheexistingAccessManagercomponents.
Thisensuresthatyouhavethecorrectversionoffilesonyoursystem.
3.
1.
1VerifyingVersionNumberifyouAreonAccessManager4.
01IntheAdministrationConsole,clickAccessManager>Auditing>Troubleshooting>Version.
2ExaminethevalueoftheVersionfieldtoseeifitdisplaysversion4.
0.
0-110.
3.
1.
2VerifyingVersionNumberifYouAreonAccessManager4.
0HotFix11IntheAdministrationConsole,clickAccessManager>Auditing>Troubleshooting>Version.
2ExaminethevalueoftheVersionfieldtoseeifitdisplaysversion4.
0.
0-110+HF1-139.
AccessManager4.
0Hotfix2Readme33.
2VerifyingVersionNumbersAfterUpgradingAfterupgradingtoAccessManager4.
0Hotfix2,verifytheversionnumberofthecomponentsusingthefollowingprocedure:1IntheAdministrationConsole,clickAccessManager>Auditing>Troubleshooting>Version2IfyouupgradedfromAccessManager4.
0,verifythattheVersionfieldtoseeifitdisplaysversion4.
0.
0-110+HF2-141.
3IfyouupgradedfromAccessManager4.
0Hotfix1toHotfix2,verifythattheVersionfielddisplaysversion4.
0.
0-110+HF1-139,HF2-141.
4ContactInformationOurgoalistoprovidedocumentationthatmeetsyourneeds.
Ifyouhavesuggestionsforimprovements,pleaseemailDocumentation-Feedback@netiq.
com.
Wevalueyourinputandlookforwardtohearingfromyou.
Fordetailedcontactinformation,seetheSupportContactInformationWebsite.
Forgeneralcorporateandproductinformation,seetheNetIQCorporateWebsite.
YoucanpostfeedbackintheAccessManagerforumonQmunity(http://community.
netiq.
com/forums/30.
aspx),ourcommunityWebsitethatalsoincludesproductnotifications,blogs,andproductusergroups.
Todownloadthisproduct,gotoAccessManagerontheAllProductsPage(http://www.
netiq.
com/products).
5LegalNoticeTHISDOCUMENTANDTHESOFTWAREDESCRIBEDINTHISDOCUMENTAREFURNISHEDUNDERANDARESUBJECTTOTHETERMSOFALICENSEAGREEMENTORANON-DISCLOSUREAGREEMENT.
EXCEPTASEXPRESSLYSETFORTHINSUCHLICENSEAGREEMENTORNON-DISCLOSUREAGREEMENT,NETIQCORPORATIONPROVIDESTHISDOCUMENTANDTHESOFTWAREDESCRIBEDINTHISDOCUMENT"ASIS"WITHOUTWARRANTYOFANYKIND,EITHEREXPRESSORIMPLIED,INCLUDING,BUTNOTLIMITEDTO,THEIMPLIEDWARRANTIESOFMERCHANTABILITYORFITNESSFORAPARTICULARPURPOSE.
SOMESTATESDONOTALLOWDISCLAIMERSOFEXPRESSORIMPLIEDWARRANTIESINCERTAINTRANSACTIONS;THEREFORE,THISSTATEMENTMAYNOTAPPLYTOYOU.
Forpurposesofclarity,anymodule,adapterorothersimilarmaterial("Module")islicensedunderthetermsandconditionsoftheEndUserLicenseAgreementfortheapplicableversionoftheNetIQproductorsoftwaretowhichitrelatesorinteroperateswith,andbyaccessing,copyingorusingaModuleyouagreetobeboundbysuchterms.
IfyoudonotagreetothetermsoftheEndUserLicenseAgreementyouarenotauthorizedtouse,accessorcopyaModuleandyoumustdestroyallcopiesoftheModuleandcontactNetIQforfurtherinstructions.
Thisdocumentandthesoftwaredescribedinthisdocumentmaynotbelent,sold,orgivenawaywithoutthepriorwrittenpermissionofNetIQCorporation,exceptasotherwisepermittedbylaw.
Exceptasexpresslysetforthinsuchlicenseagreementornon-disclosureagreement,nopartofthisdocumentorthesoftwaredescribedinthisdocumentmaybereproduced,storedinaretrievalsystem,ortransmittedinanyformorbyanymeans,electronic,mechanical,orotherwise,withoutthepriorwrittenconsentofNetIQCorporation.
Somecompanies,names,anddatainthisdocumentareusedforillustrationpurposesandmaynotrepresentrealcompanies,individuals,ordata.
4AccessManager4.
0Hotfix2ReadmeThisdocumentcouldincludetechnicalinaccuraciesortypographicalerrors.
Changesareperiodicallymadetotheinformationherein.
Thesechangesmaybeincorporatedinneweditionsofthisdocument.
NetIQCorporationmaymakeimprovementsinorchangestothesoftwaredescribedinthisdocumentatanytime.
U.
S.
GovernmentRestrictedRights:IfthesoftwareanddocumentationarebeingacquiredbyoronbehalfoftheU.
S.
GovernmentorbyaU.
S.
Governmentprimecontractororsubcontractor(atanytier),inaccordancewith48C.
F.
R.
227.
7202-4(forDepartmentofDefense(DOD)acquisitions)and48C.
F.
R.
2.
101and12.
212(fornon-DODacquisitions),thegovernment'srightsinthesoftwareanddocumentation,includingitsrightstouse,modify,reproduce,release,perform,displayordisclosethesoftwareordocumentation,willbesubjectinallrespectstothecommerciallicenserightsandrestrictionsprovidedinthelicenseagreement.
2014NetIQCorporationanditsaffiliates.
AllRightsReserved.
ForinformationaboutNetIQtrademarks,seehttp://www.
netiq.
com/company/legal/.
[ReturntoTop]