3374462: Configure crashkernel memory for kernel core dump analysis

This will make kdump act in a manner similar to the older netdump mechanism: the capture environment will go up to runlevel 3 (where network connectivity is enabled) and will use the secure copy command scp to transfer the kernel core dump to a separate system.

2. for SLES11

add the network device to be used to the variable: KDUMP_NETCONFIG in /etc/sysconfig/kdump.

In order to automatically set up a network device, pass the option “auto”. This is also the default.

For a custom setup, pass a string that contains the network device and the mode (dhcp,static), separated by

a colon, for example: “eth0:static” or “eth1:dhcp”.

If you use “static”, you have to set the IP address with ip=ipspec. ipspec is <client>:<server>:<gateway>:<netmask>:<hostname>:<device>:<proto>

as boot parameter. See mkinitrd(8) for details.

Pass the dumping method and the destination directory to the parameter: KDUMP_SAVEDIR in /etc/sysconfig/kdump

Supported methods are:

FTP, for example “ftp://user:password@host/var/log/dump”

SSH, for example “ssh://user:password@host/var/log/dump”

NFS, for example “nfs://server/export/var/log/dump”

CIFS (SMB) , for example “cifs://user:password@host/share/var/log/dump”

See also: kdump(5) which contains an exact specification for the URL format.


7005894: IDM Remote Loader on Windows 2008 R2 and PWFilter firewall settings

The existing Windows Firewall configuration prevents the remote loader from receiving any password changes as captured by the PWFilter.dll on other Domain Controllers within the domain. To solve this problem, do the following:

On the Windows Server firewall, (required only on the server which hosts the Active Directory Remote Loader) add the following rules:

— Inbound Rules —

Name Group Profile Enabled Action Override Program Local Address Remote Address Protocol Local Port Remote Port Allowed Users Allowed Computers.

Rule 1

dirxml port 8090 IN Domain Yes Allow No Any Any Any TCP 8090 Any Any Any

Rule 2

dirxml process dirxml_remote.exe IN Domain Yes Allow No %SystemDrive%NovellRemoteLoaderdirxml_remote.exe Any Any Any Any Any Any Any

NOTE: The port number should be the port number specified on the Remote Loader configuration. So instead of 8090, it will be whatever you specified in the configuration.

No specific Outbound Rules are needed.

The rules can be given any name.

They rules must be assigned to at least the Domain profile.

If using the 64 bit remote loader, the path differs: %SystemDrive%NovellRemoteLoader64bitdirxml_remote.exe

The rules can be also added from the command line using the following commands, modifying the port and path as applicable:

netsh advfirewall netsh advfirewall firewall add rule name="dirxml port 8090" dir=in action=allow enable=yes profile=domain protocol=TCP localport=80
netsh advfirewall firewall add rule name="dirxml process dirxml_remote.exe" dir=in action=allow program="%SystemDrive%NovellRemoteLoaderdirxml_remote.exe" enable=yes profile=domain


7023600: IDM and 2019 Oracle Java Licensing Requirements

Questions and answers:

1. Will Micro Focus release updates for Oracle JDK 8 or JDK 11 for Identity Manager?

Answer: No, Identity Manager will be distributing the Azul Open JDK moving forward. Any improvements, fixes and security concerns will be addressed based on the Azul Open JDK.

2. What if you are using an older version of Java (release prior to January 2019) in Identity Manager? Will you be responsible for any additional license fees?

Answer: No. Only newer updates specific to Oracles JDK that are post January 2019 require and licensing. Further, the vendor that redistributes the Oracle JDK is responsible for the licensing. If you are using a version of Oracle JDK prior to January 2019, no additional licensing is required