Limitations with Upgrades

Database Limitations

On upgrades, only Databases that were running prior to the upgrade procedure are restarted after the upgrade. This is to ensure that no data is lost during the upgrade, mainly in the case that customers have customized or tailored any out-of-the-box Database Collections. Even new Databases that have been added to an existing solution are not started by default.

Customer Modified Databases

If the system has modified out-of-the-box Database Collections, then it is the responsibility of the customer to manage any changes in the upgraded IR Database Collection. In this scenario, the following steps must occur

Identify any IR modified Database Collections, these are listed below

Compare against any customized Databases Collections

Merge any new fields from the upgraded IR Database Collection into the customized Database Collection

Restart the new customized Database Collection

New or Modified IR Database Collections

New Database Collections may have been added to an existing system if new features and capabilities have been added, in order to ensure that reporting and playback are available in the product, these must be started.

The same goes for modified Database Collections, the system does not check if running Database Collections have been changed in the upgrade, and only the old version is restarted. In order to take advantage of new data in the Collection, the upgraded Database Collection needs to be started.

To check and perform this, use the following steps.

Identify any configured systems that have new or modified Database Collections, these are listed below

If using the Web Application, go to the Administration tool

For each configured system identified in Step 1, tick the 'Start standard databases and threshold' checkbox.

Then click the 'Update' button to start the new Database Collections.


OR


If using the Windows Client, locate each of the Database Collection documents in the 'Knowledge' folder

Manually restart the Database Collections.

In this Release, the following databases have been modified or added to existing solutions:

Encryption Limitations

Web Application - Administration Tool

The Web Application - Administration tool has been modified to use the HMAC encryption algorithm using .NET.

Where older versions (10.2 and above, but below P11.0) are being managed, it will no longer be possible to update the PASSWORDS Configuration of older versions from the P11.x Web Application - Administration tool:

  • The PASSWORDS Configuration will not be visible in the configuration page;

  • Access to the URL for modifying the PASSWORDS Configuration will be blocked.

In addition, it will no longer be possible to add new systems to be monitored by older versions from the P11.x Web Application - Administration tool:

  • The expand button for importing configurations from the older versions is removed from the node navigation panel. Running the IRCNF command manually will also fail with the error: 'Node <nodename> is running Prognosis <version>. Unable to import configurations from versions of Prognosis prior to 11.0';

  • The 'Add System' button and 'Remote Credentials' section will be disabled for the older versions. Access to the URLs for adding system/adding remote credentials will also be blocked for these versions.

  • A warning message will be displayed: 'This node is running Prognosis x.x.x. Unable to add system to versions of Prognosis prior to 11.0'

File Transfer Utility (send to Web Application from Windows Client)

The file transfer utility from the Windows Client, using the ‘Send to Web’ function, will now use the .NET HMAC encryption algorithm, similar to the Web Application - Administration tool. This means that it will no longer be possible to ‘Send to Web” from version 11.0 or later to earlier versions.

PACE XML

Encryption for Pace XML has been updated to use the Microsoft CNG HMAC encryption algorithm.

PASSWORDS Configuration

Passwords have been updated to use the latest encryption algorithm. On upgrade, passwords stored in the PASSWORDS Configuration will be automatically updated to use the latest encryption mode. This has been done for MS Windows and UNIX/Linux. HPE NonStop is currently unaffected.

NETWORK Configuration

On upgrade from previous versions prior to 11.3, the following will apply:

  • The 'FORCE-LEGACY-CONNECTIONS’ statement in the NETWORK Configuration can be used on HPE NonStop, AIX and HP-UX servers to enable or disable encrypted connections. Encryption cannot be disabled on other platforms.

  • The ‘ALLOW-LEGACY-CONNECTIONS’ statement in the NETWORK Configuration can be used on any server type to allow unencrypted connections to be accepted from one or more remote HPE NonStop, AIX or HP-UX servers.

  • Upgrading from versions prior to 11.0 on an MS Windows server will add the ‘FORCE-FIPS-ENCRYPTION’ statement to the NETWORK Configuration. This will be disabled by default, to enable FIPS encryption it will be necessary to un-comment the ‘FORCE-FIPS-ENCRYPTION’ statement, for details refer to Enabling FIPS Encryption.

Provide feedback on this article