VAM V2.1A Release Notes November 2007 This document contains a list of new features and bug fixes that have been made since VAM V2.1. Revision/Update Information: This document supersedes the VAM V2.1 Release Notes r MultiNet is a registered trademark of Process Software. TCPware is a registered trademark of Process Software. SSH for OpenVMS is a registered trademark of Process Software. UNIX is a trademark of UNIX System Laboratories, Inc. All other trademarks, service marks, registered trademarks, or registered service marks mentioned in this document are the property of their respective holders. Copyright ©2005, 2006, 2007 Process Software, LLC. All rights reserved. Printed in USA. ACE/Agent, ACE/Server, Because Knowledge is Security, BSAFE, ClearTrust, Confidence Inspired, e-Titlement, Intelli-Access, Keon, RC2, RC4, RC5, RSA, the RSA logo, RSA Secured, the RSA Secured logo, RSA Security, SecurCare, SecurID, SecurWorld, Smart Rules, The Most Trusted Name in e-Security, Transaction Authority , and Virtual Business Units are either registered trademarks or trademarks of RSA Security Inc. in the United States and/or other countries. Copyright 1999-2001 The OpenLDAP Foundation, Redwood City, California, USA. All Rights Reserved. Permission to copy and distribute verbatim copies of this document is granted. Portions copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. Portions copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com). All rights reserved. If the examples of URLs, domain names, internet addresses, and web sites we use in this documentation reflect any that actually exist, it is not intentional and should not be considered an endorsement, approval, or recommendation of the actual site, or any products or services located at any such site by Process Software. Any resemblance or duplication is strictly coincidental. ________________________________________________________________ Contents ________________________________________________________________ CHAPTER 1 INTRODUCTION 1-1 __________________________________________________________ 1.1 TYPOGRAPHICAL CONVENTIONS 1-1 __________________________________________________________ 1.2 OBTAINING TECHNICAL SUPPORT 1-2 1.2.1 Before Contacting Technical Support 1-2 1.2.2 Sending Electronic Mail 1-4 1.2.3 Calling Technical Support 1-4 1.2.4 Contacting Technical Support by Fax 1-5 __________________________________________________________ 1.3 VAM FREQUENTLY ASKED QUESTIONS (FAQS) LIST 1-5 __________________________________________________________ 1.4 ACCESSING THE VAM PUBLIC MAILING LIST 1-5 __________________________________________________________ 1.5 PROCESS SOFTWARE WORLD WIDE WEB SERVER 1-6 __________________________________________________________ 1.6 DOCUMENTATION COMMENTS 1-6 1.6.1 Online Documentation 1-7 1.6.1.1 PDF Format, 1-7 1.6.1.2 Using Acrobat Reader, 1-7 ________________________________________________________________ CHAPTER 2 CHANGES AND ENHANCEMENTS 2-1 __________________________________________________________ 2.1 NEW FEATURES 2-1 __________________________________________________________ 2.2 DISK SPACE REQUIREMENTS 2-1 iii Contents ________________________________________________________________ CHAPTER 3 VAM 2.1 FIXES AND ENHANCEMENTS 3-1 ________________________________________________________________ CHAPTER 4 VAM 2.1 DOCUMENTATION CHANGES 4-1 ________________________________________________________________ TABLES 1-1 Typographical Conventions 1-1 1-2 System Information 1-3 2-1 Disk Space Requirements 2-1 iv _______________________________________________________ 1 Introduction These Release Notes describe the changes and enhancements made to the VMS Authentication Module (VAM) product in version 2.1A. This chapter describes conventions used in the VAM documentation set and the various methods to contact and receive technical support. o For information about product changes and enhancements in the VAM V2.1A Consolidated Distribution, refer to Chapter 2 of these Release Notes. o For information about changes to the documentation set, refer to Chapter 3 of these Release Notes. __________________________________________________________ 1.1 Typographical Conventions Examples in these Release Notes use the following conventions: ________________________________________________________________ Table 1-1 Typographical Conventions _______________________________________________________ Convention_______Example__________Meaning______________ Angle brackets Represents a key on your keyboard. Angle brackets Indicates that you with a slash hold down the key labeled or while simultaneously pressing another key; in this example, the A key. 1-1 Introduction Typographical Conventions ________________________________________________________________ Table 1-1 (Cont.) Typographical Conventions _______________________________________________________ Convention_______Example__________Meaning______________ Square brackets [FULL] Indicates optional choices; you can enter none of the choices, or as many as you like. When shown as part of an example, square brackets are actual characters you should type. Underscore or file_name or Between words in hyphen file-name commands, indicates the item is a single ___________________________________________element._____________ __________________________________________________________ 1.2 Obtaining Technical Support Process Software provides technical support if you have a current Maintenance Service Agreement. If you obtained VAM from an authorized distributor or partner, you receive your technical support directly from them. You can contact Technical Support by: o Sending electronic mail (Section 1.2.2) o Calling Technical Support (Section 1.2.3) o Faxing a description of your problem to the Technical Support Group (Section 1.2.4) _____________________________ 1.2.1 Before Contacting Technical Support Before you call, or send email or a fax: 1 Verify that your Maintenance Service Agreement is current. 2 Read the online Release Notes completely. 1-2 Introduction Obtaining Technical Support 3 Have the following information available: o Your name o Your company name o Your email address o Your voice and fax telephone numbers o Your Maintenance Contract Number o OpenVMS architecture o OpenVMS version o VAM layered products and versions 4 Have complete information about your configuration, error messages that appeared, and problem specifics. 5 Be prepared to let a development engineer connect to your system, either with TELNET or by dialing in using a modem. Be prepared to give the engineer access to a privileged account to diagnose your problem. Use the following table as a template to record the relevant information about your system: ________________________________________________________________ Table 1-2 System Information _______________________________________________________ Your System Required_Information_______________Information_________ Your name Company name Your email address Your voice and fax telephone numbers System architecture VAX or Alpha OpenVMS version _________VAM_version____________________________________________ 1-3 Introduction Obtaining Technical Support Please provide information about installed VAM applications and patch kits. _____________________________ 1.2.2 Sending Electronic Mail For many questions, electronic mail is the preferred communication method. Technical Support via electronic mail is available to customers with a current support contract. Send electronic mail to support@process.com. At the beginning of your mail message, include the information listed in Section 1.2.1. Continue with the description of your situation and problem specifics. Include all relevant information to help your Technical Support Specialist process and track your electronic support request. Electronic mail is answered within the desired goal of two hours, during our normal business hours, Monday through Friday from 8:30 a.m. to 5:00 p.m., United States Eastern Time. _____________________________ 1.2.3 Calling Technical Support For regular support issues, call 800-394-8700 or 508- 628-5074 for support Monday through Friday from 8:30 a.m. to 7:00 p.m., United States Eastern Time. For our customers in North America with critical problems, an option for support 7 days per week, 24 hours per day is available at an additional charge. Please contact your Account Representative for further details. Before calling, have available the information described in Section 1.2.1. When you call, you will be connected to a Technical Support Specialist. Be prepared to discuss problem specifics with your Technical Support Specialist and to let that person connect to your system. 1-4 Introduction Obtaining Technical Support If our Support Specialists are assisting other customers and you are put on hold, please stay on the line. Most calls are answered in less than five minutes. If you cannot wait for a Specialist to take your call, please take advantage of our automatic call logging feature by sending email to support@process.com (see the Section on Sending Electronic Mail). _____________________________ 1.2.4 Contacting Technical Support by Fax You can send transmissions directly to Technical Support at 508-879-0042. Before faxing comments or questions, complete the steps in Section 1.2.1 and include all your system information at the beginning of your fax message. Continue with the description of your situation and problem specifics. Include all relevant information to help your Technical Support Specialist process and track your fax support request. Faxed questions are answered Monday through Friday from 8:30 a.m. to 7:00 p.m., United States Eastern Time. __________________________________________________________ 1.3 VAM Frequently Asked Questions (FAQs) List You can obtain an updated list of frequently asked questions (FAQs) and answers about Process Software products from the Process Software home page located at http://www.process.com. Choose the Service & Support link to access useful information on FAQs and patch ECOs. __________________________________________________________ 1.4 Accessing the VAM Public Mailing List Process Software maintains two public mailing lists for VAM customers: o Info-VAM@process.com o VAM-Announce@process.com 1-5 Introduction Accessing the VAM Public Mailing List The Info-VAM@process.com mailing list is a forum for discussion among VAM system managers and programmers. Questions and problems regarding VAM can be posted for a response by any of the subscribers. To subscribe to Info-VAM, send a mail message with the word SUBSCRIBE in the body to Info-VAM-request@process.com. You can retrieve the Info-VAM archives by anonymous FTP to ftp.multinet.process.com. The archives are located in the directory [MAIL_ARCHIVES.INFO-VAM]. The VAM-Announce@process.com mailing list is a one-way communication (from Process Software to you) used to post announcements relating to VAM (patch releases, product releases, etc.). To subscribe to VAM-Announce, send a mail message with the word SUBSCRIBE in the body to VAM-Announce-request@process.com. __________________________________________________________ 1.5 Process Software World Wide Web Server Electronic support is provided through the Process Software web site which you can access with any World Wide Web browser; the URL is http://www.process.com (select Service & Support). __________________________________________________________ 1.6 Documentation Comments Your comments about the information in these Release Notes can help us improve the documentation. If you have corrections or suggestion for improvement, please let us know. Be as specific as possible about your comments: include the exact title of the document, version, date, and page references as appropriate. You can send your comments by email to techpubs@process.com or mail them to: Process Software 959 Concord Street Framingham, MA 01701-4682 Attention: Marketing Director You can also fax your comments to us at 508-879-0042. Your comments about our documentation are appreciated. 1-6 Introduction Documentation Comments _____________________________ 1.6.1 Online Documentation The VAM documentation set is available in the product saveset in PDF format. The Release Notes are available in the product saveset in text format. _____________________________ 1.6.1.1 PDF Format The VAM documentation set has the following PDF files: o VAM_ADMIN.PDF (Administration and User's Guide) The PDF format is readable from a PC, a VAX or an Alpha system. Use Adobe Acrobat to read the PDF files from a PC. Your PC must have 386 architecture or later to use Adobe Acrobat Reader. You can get Acrobat Reader free from Adobe Systems' Website: www.adobe.com. _____________________________ 1.6.1.2 Using Acrobat Reader To read the PDF files using Acrobat Reader: 1 Double click Acrobat Exchange. 2 Choose Open from the File menu. 3 Select the .pdf file you want to open. 4 Use the menu bar at the top of the screen to navigate the document, or click a Table of Contents entry (on the left) to go directly to that information. Note The binocular icon opens search functions. The magnifying glass icon enlarges the text and illustrations. 1-7 _______________________________________________________ 2 Changes and Enhancements This chapter describes the changes and enhancements made for VAM 2.1A since VAM V2.1. __________________________________________________________ 2.1 New Features The following are new features for the VAM V2.1 release: o A sample program, VAM_AUTHENTICATE.C, has been added to the distribution. This will provide an example of doing a SecurID login for an application. __________________________________________________________ 2.2 Disk Space Requirements The following table shows the amount of disk space (in blocks) required for the installation of VAM 2.1: ________________________________________________________________ Table 2-1 Disk Space Requirements _______________________________________________________ Required to Platform_________Install__________Required_to_Run______ Alpha 47,000 11,000 I64 58,000 8,000 _________VAX______________47,000___________8,000________________ 2-1 _______________________________________________________ 3 VAM 2.1 Fixes and Enhancements The following DE's are addressed by this release: o DE 10590 - The IPV6 support for RADIUS was not complete. o DE 10606 - The ACESHR shareable image gets a SYSTEM VERSION MISMATCH when installed on OpenVMS AXP V6.2- 1H3. o DE 10623 - The LDAP utilities (e.g., ldapmodify, ldapsearch) get symbol vector table mismatch errors on some versions of OpenVMS AXP. o DE 10532 - The ACESHR shareable image gets a SYSTEM VERSION MISMATCH error when installed on OpenVMS AXP V6.2. o DE 10584 - VAM may allow access if a blank password was used. o DE 10609 - Mixed-case LDAP passwords were not allowed on OpenVMS AXP 6.3-2. o DE 10612 - If LDAP_ATTRIBUTE_BASE_DN and/or LDAP_ ATTRIBUTE_FILTER are incorrectly specified and at least one LDAP_ATTRIBUTE is specified in the configuration file, LOGINOUT could ACCVIO, denying access to the user attempting to log in. 3-1 _______________________________________________________ 4 VAM 2.1 Documentation Changes This chapter contains a summary of changes to the documentation for VAM V2.1A. o Changed the VAM version number to read V2.1A. o Miscellaneous changes based on customer feedback. o In chapter 4, "Using LDAP and VAM", references to "PEM-formatted PKCS#7" certificates have been changed to "PEM-formatted base64 (X.509)". 4-1