maintenance:releases:7.2.0_20210330
Differences
This shows you the differences between two versions of the page.
| maintenance:releases:7.2.0_20210330 [2021/03/30 06:47] – created yspeerte | maintenance:releases:7.2.0_20210330 [2024/07/03 12:31] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | {{indexmenu_n> | ||
| + | |||
| + | ====== NetYCE 7.2.0 Build_20210330 ====== | ||
| + | ====== Release notes ====== | ||
| + | Date: 2021-03-30 | ||
| + | |||
| + | |||
| + | \\ | ||
| + | <WRAP widths 60% box safety> | ||
| + | ===== Enhancement ===== | ||
| + | </ | ||
| + | |||
| + | ==== Node groups ==== | ||
| + | <WRAP indent> | ||
| + | Node groups are used to dynamically select the desired nodes for a task using given criteria. | ||
| + | These criteria are implemented using Rules consisting of Conditions. The conditions accept | ||
| + | lists of strings (with or without wildcards) to match the different values. And as long as | ||
| + | these lists consists of single words, the whitespace separator being used causes no problems. | ||
| + | |||
| + | However, when trying to use a condition match string that included spaces proved to be impossible. | ||
| + | To resolve the issue, conditions now accepts lists of strings where the values may be enclosed | ||
| + | in quotes. By using quotes around values using spaces the lists can be properly separated. | ||
| + | </ | ||
| + | |||
| + | ==== Compliance REST signal ==== | ||
| + | <WRAP indent> | ||
| + | Changed CMPL REST-api signal config to use < | ||
| + | sending a fixed-format Rest/Json post, the message payload can now be custom formatted | ||
| + | using a number of '< | ||
| + | </ | ||
| + | |||
| + | ==== HP C7 file transfer ==== | ||
| + | <WRAP indent> | ||
| + | When transferring a (configuration) file from a HP Comware7 device, the use of the | ||
| + | ' | ||
| + | to their extensively modelled nodes was time consuming. | ||
| + | |||
| + | To relieve this problem, we created an option to add the missing vpn to transfer command | ||
| + | based on a Tweak specific to a node-type or class. | ||
| + | </ | ||
| + | |||
| + | ==== Aruba MM vendor module ==== | ||
| + | <WRAP indent> | ||
| + | The new vendor module 'Aruba MM' was added to support the Aruba Mobility Master Controller family | ||
| + | of devices. | ||
| + | </ | ||
| + | |||
| + | |||
| + | \\ | ||
| + | <WRAP widths 60% box safety> | ||
| + | ===== Change ===== | ||
| + | </ | ||
| + | |||
| + | ==== IPsec GRE api ==== | ||
| + | <WRAP indent> | ||
| + | In version 7.2 the form supporting IPsec GRE tunnels was dropped from the product as | ||
| + | it was designed to support a specific customer design that was phased out. | ||
| + | |||
| + | In its stead two XCH API calls were created to provide continued support of this | ||
| + | design during its migration phase. | ||
| + | </ | ||
| + | |||
| + | ==== Compliance traps ==== | ||
| + | <WRAP indent> | ||
| + | The optional SNMP Traps that can be issued on a changing Compliance status are now ' | ||
| + | by default. Here the ' | ||
| + | message by replacing the server address with the node address. | ||
| + | |||
| + | The SNMP Trap will use the node ip-address instead of the NetYCE server as the source if the | ||
| + | node-fqdn can be resolved using the DNS in an ipv4 address. Otherwise the NetYCE server will | ||
| + | be used as the source address. | ||
| + | |||
| + | If this functionality is not desired, it can be disabled using the signal_cmpl.conf setup file. | ||
| + | </ | ||
| + | |||
| + | |||
| + | \\ | ||
| + | <WRAP widths 60% box safety> | ||
| + | ===== Fix ===== | ||
| + | </ | ||
| + | |||
| + | ==== Compliance fixes ==== | ||
| + | <WRAP indent> | ||
| + | A fair number of relatively minor fixes and improvements were incorporated | ||
| + | in the NCCM and Compliance modules: | ||
| + | * Front-end fix for error on condition include change | ||
| + | * Nccm daemon fix for misaligned condition types | ||
| + | * Fixes in compliance reporting entries | ||
| + | * Fixed compliance report filenames and detail levels | ||
| + | * Front-end fix for report templates with both a policy id and a group name | ||
| + | * Front-end fox in report vendor type search | ||
| + | * You can now search for a numerical status in the cmpl api | ||
| + | * Modified the report details for multiconfig compliance | ||
| + | * Bug fix in compliance reporting XCH api call | ||
| + | * Fixed the hyperlink in the compliance signal report details | ||
| + | * Cleaned up the report details for configuration rules | ||
| + | * Added report details to report view for policy reports | ||
| + | * Added optional runtime statistics to the nccmd daemon for tuning purposes: Change Nccm_lookup variable Nccm_stats' | ||
| + | * Compliance report on ' | ||
| + | * Added a timestamp column to the cmpl condition edit form | ||
| + | * Condition evaluation time streamlined giving better performance | ||
| + | * Enhancements to the 'new logic' form | ||
| + | * Compliance policy test timeout catch | ||
| + | * Nccm daemon optimizations to reduce memory load | ||
| + | * Condition exclude match now logs the exact line that has matched | ||
| + | * All excluded lines are now reported with a threshold of 20 | ||
| + | |||
| + | </ | ||
| + | |||
| + | ==== Cisco IOS vendor ==== | ||
| + | <WRAP indent> | ||
| + | Some Cisco IOS devices are using a different on-screen layout to display their | ||
| + | version output. The fix now detects and extracts the firmware version from | ||
| + | either layout. | ||
| + | |||
| + | </ | ||
| + | |||
| + | ==== Huawei CE/S vendors ==== | ||
| + | <WRAP indent> | ||
| + | Some device types use a different on-screen confirmation prompt than others which caused time-outs | ||
| + | on some transactions. Now either format is detected. | ||
| + | |||
| + | On devices using a different hostname than used in the NetYCE node, the configuration backup | ||
| + | file was using an incorrect filename. | ||
| + | </ | ||
| + | |||
| + | ==== Cookie failure ==== | ||
| + | <WRAP indent> | ||
| + | Browsers keep improving their security levels enforcing older and newer guidelines. One of them, | ||
| + | ' | ||
| + | </ | ||
| + | |||
| + | ==== Ldap/AD password failure ==== | ||
| + | <WRAP indent> | ||
| + | After an AD or Ldap password change some users could no longer login to NetYCE. The reason | ||
| + | proved to be the inclusion of a backslash (\) character in the new password. These backslashes | ||
| + | are commonly incorporated password generated by a tool. | ||
| + | |||
| + | As these backslashes require a ' | ||
| + | ' | ||
| + | This is now corrected. | ||
| + | </ | ||
| + | |||
| + | ==== Aruba MC vendor ==== | ||
| + | <WRAP indent> | ||
| + | Aruba MC view config failed to show any configuration lines. Resolved the issue by adding | ||
| + | the missing web formatter to the module | ||
| + | === Vendor session timeout == | ||
| + | |||
| + | When interacting with some devices that use a sub-prompt the session would not properly timeout | ||
| + | if this prompt was not ' | ||
| + | |||
| + | The handling of timeouts was extended to include these situations. Now, when an unexpected | ||
| + | (sub-)prompt is presented, an < | ||
| + | If the same prompt is encountered six times in a row (1 minute), the session is aborted. | ||
| + | </ | ||
| + | |||
| + | ==== ' | ||
| + | <WRAP indent> | ||
| + | The string ' | ||
| + | substitution fails. This flag was chosen over ' | ||
| + | |||
| + | But as it turns out, not unique enough. Customers that created templates which included the | ||
| + | ' | ||
| + | To resolve this issue, the handling of this flag was altered to make this distinction in | ||
| + | context. Using the XXXXX string in templates is now supported without raising errors, | ||
| + | but the flag will still be highlighted in red when using the various tools. | ||
| + | </ | ||
| + | |||
| + | ==== Site-type name fix ==== | ||
| + | <WRAP indent> | ||
| + | It was found that the front-end accepted Site_types with a slash (/) in its name. When using | ||
| + | web-technologies, | ||
| + | to prevent them from getting lost when communicating with the server. This was properly | ||
| + | incorporated as expected, but not once but twice. In the message routing these slashes | ||
| + | resulted in the server receiving a name it should not find in the database preventing returning | ||
| + | the correct data. | ||
| + | |||
| + | This problem was resolved for the site-types to support existing customer configurations. Other | ||
| + | instances where slashes are currently accepted will be modified to deny them. | ||
| + | </ | ||
| + | |||
| + | ==== Huawei_S Hardware-model ==== | ||
| + | <WRAP indent> | ||
| + | During job execution the Hardware-model of the device is read using a version command. On some | ||
| + | Huawei models this led to inaccurate model names. | ||
| + | |||
| + | The issue was resolved resulting in improved accuracy of hardware model determination. | ||
| + | </ | ||
| + | |||