Signiant Support

11.4 Managers+Agents Release Notes Print


Contents

Release Notes

Upgrading

New Features

Anomolies Fixed


Release Notes

This document details a summary of the Release Notes for Manager+Agents release version 11.4

If you are upgrading from prior releases, you should obtain the release notes for those versions to learn more about the features and issues in those releases.


Upgrading

Supported Upgrade Path

Signiant supports the following upgrade paths:

 

  • 9.0 and higher  to 11.4

If you are running a release prior to 9.0 please contact support for the upgrade path. If you are upgrading from a release prior to version 11.3, you should read the release notes for the interim releases (e.g. 10.0) prior to performing this upgrade.

IMPORTANT UPGRADE NOTE: Before performing any Manager upgrades, you must ensure you have twice the disk space available as currently required by the Postgres "data" directory. The "data" directory is located under ../dds/db/pgsql/ (Linux Managers) and \signiant\mobilize\db\pgsql (Windows Managers).

In 10.4 we added Signiant Manager support for Windows 64bit, for upgrade procedures, refer to the Manager and Agent Upgrade User's Guide. If you need to restore the Manager, follow the restore procedures detailed in the Restore Manager section in the Manager User's Guide.

Security: Enabling and Disabling SSL V3

Note: to disable SSL V3, your Signiant Manager and Agents must be running version 11.4

To improve Signiant Manager security, we have added the capability to enable or disable SSL V3. SSL V3 is disabled by default on new installations. Use the sslEnableDisable.pl script to manage SSL V3 communication.

If SSL V3 is disabled on your Signiant Manager and you have written Perl scripts that use the Net::SSL Perl module for HTTPS communication, you must modify your Perl script to use IO::Socket::SSL module.

If you have the  following line in your Perl script: use Net::SSL, do the following:

  1. Remove use Net::SSL.
  2. Insert the following:

if (eval {require IO::Socket::SSL;1})
{                       
     IO::Socket::SSL->import();          
     IO::Socket::SSL::set_defaults(SSL_verify_mode => SSL_VERIFY_NONE);
}
else
{
     require Net::SSL;
     Net::SSL->import();
}

                            
If the SSL verify mode needs to verify the server certificate, insert the following:

if (eval {require IO::Socket::SSL;1})
{                       
     IO::Socket::SSL->import();
          
     my $caCertString = '<PEM encoded CA certificate string>';
     require IO::Socket::SSL::Utils;
     IO::Socket::SSL::Utils->import('PEM_string2cert');
     my $caCertHandle = PEM_string2cert($caCertString);
     IO::Socket::SSL::set_defaults(
                 SSL_verify_mode => SSL_VERIFY_PEER,
                 SSL_ca => [$caCertHandle]
                 );
}
else
{
     require Net::SSL;
     Net::SSL->import();
}

  
With these changes, your Perl script will work without any further modifications.

Core Upgrade Considerations

The following section details core upgrade considerations.

Linux Shared Memory Size

Before installing or upgrading on Linux, make sure the maximum shared memory size is set to a minimum of 512 MB. If it is not, the database on the Manager will not start.

Type the following:

cat /proc/sys/kernel/shmmax

If the value is greater than 536870912 (512 MB), you do not need to do anything, and may proceed with the installation. If it is less than 536870912 (512 MB), make sure you do the following:

  1. Add the following to /etc/sysctl.conf:kernel.shmmax = 536870912

    This ensures that the change in the shared memory size will persist across server restarts. You need to reboot for this change to take effect. However, if you do not want to reboot at this time, you can follow step 2 to change the shared memory size during the current runtime.

  2. Type the following:

    echo 536870912 > /proc/sys/kernel/shmmax

Media Exchange Upgrade Considerations

No specific upgrade considerations are required for this release.

Browser Plug-In Support with the Media Exchange Java Applet

Note: This applies only if you're using Java. For information about the Signiant Transfer API, contact your account representative.

In order to use Media Exchange, you must permanently activate Java in your browser. Refer to the instructions below for each browser.

Mozilla Firefox

To activate Java, do the following:

  1. In your Mozilla Firefox browser, click the red plugin icon in the address bar.
  2. In the message window that opens, from the Activate All Plugins drop-down menu, select Always activate plugins for this site.
Apple Safari

To activate Java, do the following:

  1. From the Safari menu, select Preferences and click the Security tab. Ensure Allow Plug-ins is enabled and then click Manager Website Settings.
  2. The Manage Website Settings panel displays the available plug-ins. Select Java and on the right, your Media Exchange website is displayed.
  3. Right-click your Media Exchange website and select Allow and Run in Unsafe Mode.
  4. When prompted, click Trust.
Google Chrome

To activate Java, do the following:

  1. In the Address Bar, click the blocked plug-in icon.
  2. Enable Always allow plug-ins on Media Exchange Server name.
  3. Click Done.

Note: version 42 of Chrome automatically disables Netscape Plugin API (NPAPI), automatically disabling the use of browser plug-ins. A pop-up is displayed when Chrome 42 or higher is detected, instructing users how to enable NPAPI and unblock plug-ins.

Internet Explorer

To activate Java, do the following:

  1. When you are prompted to run the application, enable Do not show this again for apps from the publisher and location above.
  2. Click Run.
  3. On the Security Warning message asking you to allow access, enable Do not show this again for this app and web site.
  4. Click Allow.

New Features

This section describes the new features associated with this release of the software.

Signiant FIMS Compliant API Updates

To further extend our Signiant FIMS implementation the following improvements have been made:

  • Responding to customer feedback, agent group support has been added to the latest version of our API. Agent groups are the recommended best practice for all transfer endpoints and are required for load-balancing.
  • The API has been updated to include support for the FIMS 1.1 transfer standard.
  • In response to customer feedback, we have rewritten the Signiant FIMS Compliant API Developer's Guide. The updated guide now includes REST examples, detailed sections on job creation and management, and troubleshooting information.

Management APIs

We have improved our API support with the following:

  • A REST API that supports the automatic creation, editing and deletion of users, user groups and Media Exchange channels. The Signiant Manager REST API Developer's Guide provides complete details on how to use the schema and implement the API.
  • SOAP calls were enhanced to use agent hostname aliases.
  • The REST::Client module was added to our Perl distribution.
  • The getActiveFilename job was added to the SOAP Scheduler Service.

Security

In our 11.4 release, we have made the following security improvements:

  • To improve Signiant Manager security, we have added the capability to enable or disable SSL V3. SSL V3 is disabled by default on new installations. Use the sslEnableDisable.pl script to manage SSL V3 communication. For upgraded installations, the SSL V3 status is not impacted.
  • The Core openSSL has been updated to 1.0.2a.

Media Exchange

In response to customer requests and feedback, we've made a range of improvements to Media Exchange in 11.4:

  • Sent packages can now be modified and updated. Modifications including file additions, recipient changes, channel modifications and description changes trigger a notification that is sent to the recipient(s) or channels
  • Now, by default, the encryption prompt is enabled when using the Signiant Transfer API.
  • We have added Linux support for Signiant Transfer API (with Mozilla FireFox) on:
    • 64-bit CentOS 6, 7
    • 64-bit Red Hat Enterprise Linux 6, 7
    • Ubuntu
  • To improve load balancing, the agent list is now ordered based on the number of running jobs on each agent.
  • HTTP transport reliability has been improved.
  • Version 42 of Chrome automatically disables Netscape Plugin API (NPAPI), automatically disabling the use of browser plug-ins. A pop-up is displayed when Chrome 42 or higher is detected, instructing users how to enable NPAPI and unblock plug-ins.

Reporting and Logging

To further extend our reporting and logging functionality, we've added the following capabilities:

  • The Process Controller Trace has been updated to include log generation for the HTTP Server.
  • The FileTransferReport component now gives users the option of choosing HTML or CSV reports. These CSV reports are new for 11.4 and can be saved online in the Manager's log folder in the file_transfer_reports sub folder.

Operations and Support

We've made the following enhancements:

  • To ensure that critical customer database issues are not going unnoticed, we've added a database health check that monitors for any orphaned records.
  • We implemented SQL optimizations to preserve job arguments in the database.

Browser and Platform Support Changes

Added Manager and Media Exchange GUI browser support for:

  • Mozilla Firefox 36 and 37
  • Google Chrome 41 and 42
  • Apple Safari 8.0.4 and 8.0.5

We have also added Perl modules for REST, SOAP and SSL (with TLS support) and added support for Java 1.8 on all Manager and Agent platforms.

Limitations

This section contains information about limitations with the product.

System Port Range Changes for Windows

In order for the Signiant Manager and Agent software to run on Windows Server 2012, Windows 8, Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista , you must make a configuration change to the system port range. In most cases, there will be no adverse effects to making this change, so you can choose to have the Signiant installer make the change for you.

To comply with Internet Assigned Numbers Authority (IANA) recommendations, Microsoft has increased the dynamic client port range for outgoing connections in Windows Server 2012, Windows 8, Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista. The new default start port is 49152, and the default end port is 65535. This is a change from the configuration of earlier versions of Microsoft Windows that used a default port range of 1025 through 5000.

A full description of this change is available at: http://support.microsoft.com/kb/929851 and http://support.microsoft.com/kb/832017/nl.

What Change is Required?

The dynamic client port range should be changed to 49500-65535 in order to avoid potential conflicts with the Signiant software, which uses some TCP and UDP ports within the system default port range.

Instructions for Making this Change Manually

If you choose not to let the Signiant installer make this change for you, use the following netsh commands to set the dynamic port range to the Signiant-recommended values on a computer that is running Windows Vista or Windows Server 2008:

  • netsh int ipv4 set dynamicport tcp start=49500 num=16036
  • netsh int ipv4 set dynamicport udp start=49500 num=16036
  • netsh int ipv6 set dynamicport tcp start=49500 num=16036
  • netsh int ipv4 set dynamicport udp start=49500 num=16036

You can view the dynamic port range on a computer that is running Windows Vista or Windows Server 2008 by using the following netsh commands:

  • netsh int ipv4 show dynamicport tcp
  • netsh int ipv4 show dynamicport udp
  • netsh int ipv6 show dynamicport tcp
  • netsh int ipv6 show dynamicport udp

Anomolies Fixed

This section describes previous known anomalies that were fixed in this release.

General Anomalies

 

 

 

 

 

 

 

PR Description
PR-23864 Media Exchange channels with large amounts of packages are timing out.
PR-23974 The Media Gateway Dropbox Monitor job has a timing error.
PR-24998 Use third party extensions to verify and enforce the native plug-in update.
PR-24999 Update the maintenance log to include channel names instead of the channel ID.
PR-25111 A Media Exchange upload that fails does not attempt to contact another agent.
PR-25115 Media Exchange uploads to one directory but then tries to download from a different directory.
PR-25118 SOAP calls are failing or to take several minutes to complete.
PR-25129 Media Mover jobs are not deleting source files when the source directory has a name that is longer
than 248 characters.
PR-25133 Offline files are removed from the host when the files are not marked for transfer.
PR-25134 An Active Directory user logged in as domain/user cannot submit a package.
PR-25135 The default log retention value is 0, this should be 3.
PR-25140 Media Gateway Dropbox jobs are failing and returning a 500 error.
PR-25144 Media Exchange and Media Shuttle transfers fail when the agent's default directory has a trailing
backslash.
PR-25146 When network errors occur, Media Gateway Dropbox Monitor does not place files in _Retry.
PR-25148 The Signiant Manager is reporting a 'dds_schcint aborted by TIMEOUT' error on jobs.
PR-25159 Update the SOAP API documentation to include the job monitoring Knowledge Base article (KB0343).
PR-25160 When run on Windows, the Signiant Manager backup job does not work properly on large databases.
PR-25164 When the concurrency in Media Exchange groups is changed, this causes the "Use relays from group members" option
to be disabled.
PR-25168 HTTP transfer issues were solved with HTTP server fixes.
PR-25171 Update the SOAP documentation for getJobStatus.
PR-25179 SQL implementation for ESPN.
PR-25184 Workflow Gateway Dropbox does not communicate correctly over HTTPS.
PR-25195 The Web Server requires port 80.
PR-25199 The FIMS error message for a duplicate resourceID is incorrect and references the jobID.
PR-25200 The FIMS error message returned for an invalid agent name is not specific enough.
PR-25220 Media Exchange is displaying that download jobs are created by users who do not have Media Exchange permissions.
PR-25226 The Job View is slow to load when the Protocol column is selected.
PR-25229 Allow the event monitor to designate an alternate custom log directory.
PR-25232 Ensure that administrators are warned before enabling keyless mode and alert them that this mode is
not secure.
PR-25260 An upgrade from version 10.6 to 11.1 results in database errors.
PR-25291 Media Exchange users could not browse Active Directory service users.