Signiant Support

12.1 Signiant Manager and Agents Release Notes Print


Release Notes
Upgrading
Supported Upgrade Path
Supported Operating System Updates
Security: Managing SSL
Mac Agent Upgrade
Core Upgrade Considerations
Media Exchange Upgrade Considerations
Browser Plug-In Support with the Media Exchange Java Applet
New Features
Workflows
REST API
Growing File Support
Security
Performance
Media Exchange
Alarm Management
Look-and-Feel
Browser and Platform Support Changes
Limitations
System Port Range Changes for Windows
Anomalies Fixed
General Anomalies
Known Anomalies

Release Notes

This document details a summary of the Release Notes for the current release (12.1).

If you are upgrading from prior releases, you should obtain the release notes for those versions to learn more about the features and issues in those releases.

Upgrading


Supported Upgrade Path

Signiant supports the following upgrade paths:

  • 10.0 and higher  to 12.1

If you are running a release prior to 10.0 please contact support for the upgrade path. If you are upgrading from a release prior to version 12.0, you should read the release notes for the interim releases (e.g. 11.0) prior to performing this upgrade.

IMPORTANT UPGRADE NOTE: Before performing any Manager upgrades, you must ensure you have twice the disk space available as currently required by the Postgres "data" directory. The "data" directory is located under ../dds/db/pgsql/ (Linux Managers) and \signiant\mobilize\db\pgsql (Windows Managers).

In 10.4 we added Signiant Manager support for Windows 64bit, for upgrade procedures, refer to the Manager and Agent Upgrade Best Practices. If you need to restore the Manager, follow the restore procedures detailed in the Restore Manager section in the Manager User's Guide.

NOTE: For Mac upgrades, read Mac Agent Upgrade.

Supported Operating System Updates

NOTE: Manager and Agents 11.4 was the last major product release to include Manager support for Red Hat Enterprise Linux 5.

NOTE: Manager and Agents 12.0 is the last major release to include Agent support for Mac OS X 10.7 and 10.8

Security: Managing SSL

To improve Signiant Manager security, only TLS 1.1 and above are supported for Signiant web server communication. If you want to run a Signiant Manager with an SSL protocol lower than TLS 1.1, use setMinimumSSLVersion.pl.

If you're using Internet Explorer 9 or 10 and want to enable TLS 1.1 or TLS 1.2, do the following:

  1. In the Tools menu, select Internet Options.
  2. On the Advanced tab, enable Use TLS 1.1 and Use TLS 1.2. You can optionally disable Use SSL 3.0.
  3. Click OK.

Note: to enable SSL V3, your Signiant Manager and Agents must be running version 11.4, 12.0 or 12.1.

Because SSL V3 is disabled on your Signiant Manager and if you have written Perl scripts that use the Net::SSL Perl module for HTTPS communication, you must modify your Perl script to use IO::Socket::SSL module.

If you have the following line in your Perl script: use Net::SSL, do the following:

  1. Remove use Net::SSL.
  2. Insert the following:
    if (eval {require IO::Socket::SSL;1})
    {                       
         IO::Socket::SSL->import();
              
         IO::Socket::SSL::set_defaults(SSL_verify_mode => SSL_VERIFY_NONE);
    }
    else
    {
         require Net::SSL;
         Net::SSL->import();
    }
    							

If the SSL verify mode needs to verify the server certificate, insert the following:

if (eval {require IO::Socket::SSL;1})
{                       
     IO::Socket::SSL->import();
          
     my $caCertString = '<PEM encoded CA certificate string>';     
     require IO::Socket::SSL::Utils;
     IO::Socket::SSL::Utils->import('PEM_string2cert');
     my $caCertHandle = PEM_string2cert($caCertString);
     IO::Socket::SSL::set_defaults(
                 SSL_verify_mode => SSL_VERIFY_PEER,
                 SSL_ca => [$caCertHandle]
                 );
}
else
{
     require Net::SSL;
     Net::SSL->import();
}
						

With these changes, your Perl script will work without any further modifications.

Mac Agent Upgrade

When you're upgrading to 12.1 from pre-12.0, upgrade-in-place cannot be used. If you're upgrading from 12.0 upgrade-in-place is supported.

To complete an initial upgrade to 12.1 on Mac Agents, do the following:

  1. In the Agent Installation User's Guide, follow the installation instructions in Installing the Agent on MAC-Based Systems (Chapter 2 Installing).
  2. In the Agent Installation User's Guide, follow the upgrading instructions in Upgrading on Mac (Chapter 3 Upgrading).

After manually installing and upgrading to 12.1 on Mac agents, you can use the upgrade-in-place procedure to upgrade to subsequent 12.x versions.

Core Upgrade Considerations

The following section details core upgrade considerations.

Linux Shared Memory Size

Before installing or upgrading on Linux, make sure the maximum shared memory size is set to a minimum of 512 MB. If it is not, the database on the Manager will not start.

Type the following:

cat /proc/sys/kernel/shmmax

If the value is greater than 536870912 (512 MB), you do not need to do anything, and may proceed with the installation. If it is less than 536870912 (512 MB), make sure you do the following:

  1. Add the following to /etc/sysctl.conf:kernel.shmmax = 536870912

    This ensures that the change in the shared memory size will persist across server restarts. You need to reboot for this change to take effect. However, if you do not want to reboot at this time, you can follow step 2 to change the shared memory size during the current runtime.

  2. Type the following:

    echo 536870912 > /proc/sys/kernel/shmmax

Media Exchange Upgrade Considerations

No specific upgrade considerations are required for this release.

Browser Plug-In Support with the Media Exchange Java Applet

Note: This applies only if you're using Java. For information about the Signiant Transfer API, contact your account representative.

In order to use Media Exchange, you must permanently activate Java in your browser. Refer to the instructions below for each browser.

Mozilla Firefox

To activate Java, do the following:

  1. In your Mozilla Firefox browser, click the red plugin icon in the address bar.
  2. In the message window that opens, from the Activate All Plugins drop-down menu, select Always activate plugins for this site.

Apple Safari

To activate Java, do the following:

  1. From the Safari menu, select Preferences and click the Security tab. Ensure Allow Plug-ins is enabled and then click Manager Website Settings.
  2. The Manage Website Settings panel displays the available plug-ins. Select Java and on the right, your Media Exchange website is displayed.
  3. Right-click your Media Exchange website and select Allow and Run in Unsafe Mode.
  4. When prompted, click Trust.

Internet Explorer

To activate Java, do the following:

  1. When you are prompted to run the application, enable Do not show this again for apps from the publisher and location above.
  2. Click Run.
  3. On the Security Warning message asking you to allow access, enable Do not show this again for this app and web site.
  4. Click Allow.

New Features


This section describes the new features associated with this release of the software.

Workflows

In our 12.1 release we have made a range of improvements to Workflows:

  • The View Jobs option has been added to the component right-click menu to allow users to view all scheduled jobs against the component.
  • Previously, administrators had to delete a component that needed to be edited, now administrators can unpublish this component, edit it and then publish it.
  • To support customization, administrators can create a new category or property on a per-component basis.

REST API

In 12.1, we have updated the REST API to include support for Agents, Agent Groups and Job Groups.

Growing File Support

To improve the management and transfer of large files, new options have been added to Media Mover to support the streaming of growing files. When enabled, in-progress files are transferred before the file is complete. This update ensures better file management and transfer efficiency for all large files.

Security

In this release, we have made the following security improvements:

  • To improve Signiant Manager security, only TLS v1.1 and above are supported for Signiant web server communication. If you want to run a Signiant Manager with an SSL protocol lower than TLS 1.1, use setMinimumSSLVersion.pl.
  • The Core openSSL has been updated to 1.0.2g.
  • The REST API has been updated to enforce firstname and lastname character restrictions.
  • Appropriate scripts have been updated for TLS to prevent invalid authentications.
  • We have tightened our JBoss functionality to eliminate any product vulnerabilities.
  • Web server communication over HTTPS is enforced.
  • To prevent invalid logins, users are given a new session ID upon authentication.
  • Password management has been updated to ensure that only sysadmin users can edit passwords and to enforce default minimum password requirements.
  • To work-around issues with Microsoft Internet Explorer and Google Chrome, the HTTP header options have been updated.
  • Our error messaging system has been improved to prevent the display and communication of proprietary information.

Performance

We've made a number of performance improvements in 12.1:

  • The Agent transfer restart delays have been reduced in order to allow restarts to occur more quickly after unavailable slave Agents become available.
  • We've made a range of Resource Management robustness and performance improvements.
  • Job scheduling has been improved to maximize performance.

Media Exchange

In response to customer requests we've made the following updates:

  • Improved guest user account functionality, specifically allowing guest users to extend their account expiration date.
  • The Transfer APIv2 and Signiant App experience has been improved to allow for better handling of Signiant App availability events and broader browser support.
  • Media Exchange Agent load balancing has been updated to include the ability to drop one or more of the busiest Agents from the list.

Alarm Management

To improve our alarm functionality, we've added the following capabilities in 12.1:

  • Job Group alarms have been updated to allow administrator control over how many consecutive failures trigger an alarm.
  • Administrators can now stay up-to-date with the status of their SSL Certificate status with email alerts prior to certificate expiration.

Look-and-Feel

We've made the following enhancements:

  • Job Views have been updated to include the Job Name filter to the Job Group definition.
  • The Job Group and Job View columns have been updated to have consistent naming and ordering.
  • Using Save As, administrators can now easily create a copy of a Job Group.
  • Health Check has been improved to provide better scheduler log analysis by taking into account scheduler restarts.
  • Health Check can now be customized by allowing administrators to select the data to be retrieved by the process.
  • In Health Check, a new column has been added to indicate if a node is a Media Exchange Web Server.
  • To manage the number of users and groups displayed when editing organization permissions, administrators can filter the Name column.
  • In response to customer feedback, we've ensured that Menu ordering is preserved during an upgrade.
  • To better support our customers, we've updated the Mail Server Connection mode to allow administrators to select the appropriate mail server encryption level.
  • To improve management of Daylight Savings Time cutover periods, Job scheduling has been improved.

Browser and Platform Support Changes

Added Manager and Media Exchange GUI browser support for:

  • Mozilla Firefox 44 - 46
  • Apple Safari 9.0.3 and 9.1

To use the Signiant App for Interactive Transfers the following browsers are recommended:

  • Google Chrome 48 - 50
  • Microsoft Edge (HTML 12, 13)

We have added RedHat Linux 7 cluster support.

Limitations

This section contains information about limitations with the product.

System Port Range Changes for Windows

In order for the Signiant Manager and Agent software to run on Windows Server 2012, Windows 8, Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista , you must make a configuration change to the system port range. In most cases, there will be no adverse effects to making this change, so you can choose to have the Signiant installer make the change for you.

To comply with Internet Assigned Numbers Authority (IANA) recommendations, Microsoft has increased the dynamic client port range for outgoing connections in Windows Server 2012, Windows 8, Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista. The new default start port is 49152, and the default end port is 65535. This is a change from the configuration of earlier versions of Microsoft Windows that used a default port range of 1025 through 5000.

A full description of this change is available at: http://support.microsoft.com/kb/929851 and http://support.microsoft.com/kb/832017/nl.

What Change is Required?

The dynamic client port range should be changed to 49500-65535 in order to avoid potential conflicts with the Signiant software, which uses some TCP and UDP ports within the system default port range.

Instructions for Making this Change Manually

If you choose not to let the Signiant installer make this change for you, use the following netsh commands to set the dynamic port range to the Signiant-recommended values on a computer that is running Windows Vista or Windows Server 2008:

  • netsh int ipv4 set dynamicport tcp start=49500 num=16036
  • netsh int ipv4 set dynamicport udp start=49500 num=16036
  • netsh int ipv6 set dynamicport tcp start=49500 num=16036
  • netsh int ipv4 set dynamicport udp start=49500 num=16036

You can view the dynamic port range on a computer that is running Windows Vista or Windows Server 2008 by using the following netsh commands:

  • netsh int ipv4 show dynamicport tcp
  • netsh int ipv4 show dynamicport udp
  • netsh int ipv6 show dynamicport tcp
  • netsh int ipv6 show dynamicport udp

Anomalies Fixed

This section describes previous known anomalies that were fixed in this release.

General Anomalies

PR Description
PR-22060 FTP Component directory copying is incomplete.
PR-24222 The Job Details page needs to be fault tolerant.
PR-24477 The Job or Agent resource control concurrency value is incorrect when jobs are in a Running Queued state.
PR-24519 Page reloads are triggered when editing a Job within a Job Group.
PR-24548 Using Media Exchange on Windows 7 with Internet Explorer 10 results in a TypeError.
PR-25099 Have the default expiry date auto-fill during Guest User creation.
PR-25180 Daylight Savings is causing Job creation to be delayed by one hour.
PR-25356 The Suspend and Resume buttons are greyed out in the Job List view.
PR-25410 Cannot browse the file system when the Agent field on a template is hidden.
PR-25420 The FIMS Fault Notification does not contain the FaultType object.
PR-25468 Legacy templates are displaying incorrectly.
PR-25618 Health Check fails when the log folder is changed.
PR-25636 Update Media Exchange support for path length to 254 characters.
PR-25640 Update the confirm package deletion messaging.
PR-25647 Harden the passwords for JBoss troubleshooting utilities.
PR-25668 Viewing Job Groups causes an "Idle in Transaction" connection.
PR-25690 The Agent Group list is not sorted correctly in a multi-agent query.
PR-25695 The automatic refresh of the Alarm screen results in a long list of alarms being displayed.
PR-25696 The View button on an Agent monitoring alarm does not do anything.
PR-25728 Media Exchange Desktop uploads are not being delivered.
PR-25739 Media Exchange login request results in web logs not recording the IP addresses.
PR-25750 Jobs are stuck in a queued state and not being run.
PR-25755 White space in the file system causes some inconsistent browsing results.
PR-25768 The FIMS Manage Request object: ManageJobRequest should not contain the manageJob object.
PR-25794 Need to prevent Maintenance from creating "psql_xxx"in the /tmp folder.
PR-25801 itc-auth.pl can fail when the destination directory is a Windows root directory.
PR-25802 On Media Exchange, we need a way to disable 'single-port' UDP behavior for transfers.
PR-25805 ppsql does not work over the /usr/bin symbolic link after upgrading to 12.0.
PR-25822 The Flight Workflow Job report displays the file delivery date as 1969 when the operating system is in Spanish.
PR-25827 dds_pmu is failing when installed on RedHat 6.7.
PR-25836 Maintenance is not able to delete old template backups.
PR-25852 Update Media Shuttle support for path length to greater than 254 characters.
PR-25858 After a transfer restart, the Statistics on the Job Details screen are not accurate.
PR-25859 A multi-agent query displays success when there is no agent connectivity.
PR-25863 When the Signiant Manager is rebooted on Centos 7.2, services are not restarted.
PR-25864 Emails with recoverable errors are sent when no files are sent.
PR-25873 Transfer restarts should be immediate rather than the current six minute delay.
PR-25889 Cannot draw Workflow menus when the parent ID is invalid.
PR-25909 Provided more clear information in the Delivery Log details in the Signiant Manager GUI.
PR-25925 The DeleteFiles component error command calls SigSetOutput without including SolutionsStdHeaderPerl.
PR-25928 Improve Media Exchange agent load balancing.
PR-25929 Unable to publish solution to Alarms group when there are items without sort_order in the database.
PR-25931 The Job Completion widget does not list job views that are visible by the user.
PR-25934 There is an authentication failure in the Flight Workflow when the secret key contains a trailing slash.
PR-25940 The Linux install script should only attempt to install on the appropriate version.
PR-25941 The Job Group column "Time in Queue" does not match the Job Queue column "Queued For".
PR-25944 Workflows can be published under duplicate menu items.
PR-25961 A generic Media Exchange user is able to change an admin user's password.
 

Known Anomalies

This section lists known anomalies and any workarounds that may be available.