Hot fix P04009 addresses the issue(s) in SAS Enterprise GRC 5.1_M5 as documented
in the Issue(s) Addressed section of the hot fix download page:
http://ftp.sas.com/techsup/download/hotfix/HF2/P04.html#P04009
P04009 is a "container" hot fix that contains the following "member" hot fixes which will update the software components
as needed.
P03009 updates SAS Enterprise GRC Administrative Tools 5.1_M5
P02009 updates SAS Enterprise GRC Mid-Tier 5.1_M5
V23001 updates SAS Enterprise GRC Server 5.1_M5
Before applying this hot fix, follow the instructions in SAS Note 35968 to
generate a SAS Deployment Registry report, then verify that the appropriate product releases are installed on your system. The
release number information in the Registry report should match the 'member' release number information provided above for the
software components installed on each machine in your deployment.
The hot fix downloaded, P04009pt.zip, includes the updates required for all components listed above on all applicable operating systems. To apply this hot fix on multiple machines, you can either save P04009pt.zip on each machine or save it in a network location that is accessible to all machines.
Do NOT extract the contents of P04009pt.zip. The hot fix installation process will extract the contents as needed.
The hot fix will be applied using the SAS Deployment Manager. By default, the SAS Deployment Manager will search in the <SASHOME>/InstallMisc/HotFixes/New directory for hot fixes to be applied, but will also prompt for a location if you have downloaded hot fixes to a different directory.
After downloading P04009pt.zip, follow the instructions for applying hot fixes in the SAS Deployment Wizard and SAS Deployment Manager 9.3: User's Guide.
The hot fix installation process generates the log file
<!SASHOME>/InstallMisc/InstallLogs/IT_date-and-time-stamp.logfor example, IT_2011-10-31-13.18.21.log. Each attempt to apply a hot fix results in the creation of a new log file giving detailed information regarding the installation process.
Postexec log files are created after the installation is completed and identifies the files that were added, backed up, changed and removed. These log files include the ‘member’ hot fix id in the name of the file and are also written to the <!SASHOME>/InstallMisc/InstallLogs directory. There is one postexec log for each ‘member’ hot fix applied (member hot fixes are listed at the top of these instructions).
The content of this hot fix is listed in the hot fix manifest.
SAS Security Updates
SAS Security Updates are applied during the initial installation of your software. In order to maintain the latest level of security offered by SAS, security updates should be applied and/or re-applied after any changes to your software, including installation of hot fixes. The current SAS Security Updates for all releases of SAS are available at http://ftp.sas.com/techsup/download/hotfix/HF2/SAS_Security_Updates.html. Please re-apply security updates in accordance with the SAS Security Updates and Hot Fixes document available on the SAS Security Updates web page.
For each product installed, click the link to be redirected to post-installation instructions.
P03009 updates SAS Enterprise GRC Administrative Tools 5.1_M5
P02009 updates SAS Enterprise GRC Mid-Tier 5.1_M5
V23001 updates SAS Enterprise GRC Server 5.1_M5
P03009 updates SAS Enterprise GRC Administrative Tools 5.1_M5
Perform the following steps to ensure the administrative tools are running with the latest updates.
to
<SASCONFIGDIR>/Applications/SASEnterpriseGRCAdministrativeTools/5.1/dbscripts/picklist
and overwrite the current contents.
P02009 updates SAS Enterprise GRC Mid-Tier 5.1_M5
Re-build and Re-deploy Web Application
This hot fix requires that the WebApp be rebuilt and redeployed. Use the following steps to perform this post-installation task:
Step 1: Re-build Web ApplicationClean up the Application Server cache. Please contact your Administrator for detail steps specific to your application server.In order for this step to execute correctly, the Metadata Server must be running.
1.1 Invoke the SAS Deployment Manager 9.3
From the SASDeploymentManager directory launch sasdm.sh.
SAS Deployment Manager is installed in the following default location:<SASHOME>/SASDeploymentManager/9.31.2 Select a language in the Choose Language box
1.3 Select Rebuild Web Applications
1.4 Select Configuration Directory or Enter the Configuration Directory and Level that needs to be updated
1.5 Specify Connection Information, including the sasadm User ID and Password
1.6 Select Enterprise GRC MidTier 5.1 as the Web Application to Rebuild
1.7 Verify the information on the Summary screen and select Start
1.8 Select Finish when the deployment is complete
This process will update the Enterprise GRC MidTier 5.1 ear in <SASCONFIGDIR>/Web/Staging.
A backup of the original ear file will be placed in the directory below:
<SASCONFIGDIR>/Web/Staging/Backup
Step 2: Re-deploy Web ApplicationsRe-deploy the web applications based on the instructions for the web application server you are using.
Notes:
monitor.incidentAllocation.enable = false
monitor.incidentMonetaryBreakdown.enable = false
By default, both values are true. A restart of the SAS Enterprise GRC MidTier server is required for this change to take effect.
monitor.controlTesting.canDeleteAcceptedTest = true
By default, the value is false, and accepted tests cannot be deleted or unloaded.
SAMEORIGIN - only allows current site to frame content
ALLOW-FROM uri - only allows the page to be framed from the specified origin (may not be supported on all browsers)
DENY - prevents any domain from framing the content (not recommended)
none - turn off header, do not set any value (default)
monitor.tasklist.excludedtypes=TestPlan
By default, the value is empty.
monitor.tasklist.includedraftincidents=true
By default, the value is false.
monitor.controlTesting.verifyTestDefinitionPermissionUponOpeningTests=true
By default, the value is false.
monitor.controlTesting.verifyTestDefinitionPermissionUponOpeningTests=true
By default, the value is false.
monitor.controlTesting.testDefinitions.resetStatusInNewWorkflow=falseBy default, the values are true.
monitor.controlTesting.tests.resetStatusInNewWorkflow=false
monitor.ora.searchIncludesAllColumns=falseBy default, the value is true, and all columns in the table are used when searching.
monitor.controlTesting.workflow.promptChangeReasonOverride=trueBy default, the property is false. When setting to true, it is recommended that the workflow template for tests and test definitions be updated to have the "GRC_PROMPT_CHANGE_REASON" data object with a value of "Yes" at the root level, and then selectively disable the change reason by setting the value on individual transitions.
monitor.controlTesting.testDefinitions.checksControlsAndIssuesForIsModified=trueBy default, the property is false.
monitor.tasklist.exclude.TestDefinition=validationStateCd1,validationStateCd2By default, this value is empty.
# List of acceptable embedded urls.IMPORTANT: This option is enabled by default with the values shown above, even though it may not be shown in configdata.properties. After installing the HF, you must check your menu XML for any menu items with embed="true", append them to the default property values. For example:
# If urls start with / the context root is prefixed before checking
# Otherwise an exact match is used.
monitor.embed.whitelist=/CPBDocumentation?docType=COMPONENTS&topLevel=true,/CPBDocumentation?docType=FUNCTIONS&topLevel=true,/CPBDocumentation?docType=DIRECTIVES&topLevel=true,/CPBDocumentation?docType=PROPERTIES&topLevel=true
monitor.embed.whitelist=/CPBDocumentation?docType=COMPONENTS&topLevel=true, /CPBDocumentation?docType=FUNCTIONS&topLevel=true,/CPBDocumentation?docType=DIRECTIVES&topLevel=true, /CPBDocumentation?docType=PROPERTIES&topLevel=true,<menu-option1>,<menu-option2>Although not recommended, this option may be disabled altogether by setting monitor.embed.whitelist=OFF
monitor.query.canQueryOptimizationEnabled=trueBy default, the optimization is off (false).
monitor.query.optimizeRecentTestsQuery=trueBy default, the optimization is off (false).
monitor.query.optimizeRecentTestResultsQuery=trueBy default, the optimization is off (false).
monitor.redirect.whitelist=<url1>,<url2>,<url3>,…It can specify a comma-separated list of URLs, where each URL is either a full URL (http://www.sas.com), or a URL relative to the SASEnterpriseGRC context root, which must start with “/”. After applying the hotfix, you should examine your “MainNavigationMenu.xml”, and add entries to this list of any menu option with the sas-sso attribute set to “true”. Although not recommended, you may also specify a value of “OFF” to disable enforcement. By default, the property is empty.
monitor.query.recentAssessmentCutoffDays=<num_of_days>where <num_of_days> is the age of the assessment’s answer sheet in days. By default, the value is -1, and all assessments will be shown.
monitor.controlTesting.newTestsLocation=useCustomThe default value is “useControl”, which uses the control location. The value “useTestDef” uses the test definition’s location.
monitor.query.virtualPositionOptSize=<position_count>where <position_count> is the number of positions to examine together in a group. This should be set between 100 and 1000. The default value is “-1”, which disables the optimization.
monitor.query.optimizeTestPlanTaskList=trueBy default, both options are false, and the optimizations are disabled. When set to true, the system will optimize the SQL queries used to load tests into the task list for either test plans or audit objects.
monitor.query.optimizeAuditTaskList=true
V23001 updates SAS Enterprise GRC Server 5.1_M5
Copy SAS Changes to <SASCONFIGDIR>
The following files have been updated as part of the this hotfix but are not directly copied to the <SASCONFIGDIR>.
Copy the files below from
<SASHOME>/SASFoundation/9.3/ormonitormva/ucmacros/orm_add_cust_fields.sas
<SASHOME>/SASFoundation/9.3/ormonitormva/ucmacros/orm_all_cust_fields.sas
<SASHOME>/SASFoundation/9.3/ormonitormva/ucmacros/orm_pivot_datatype.sas
to
<SASCONFIGDIR>/Lev1/Applications/SASEnterpriseGRCServerCfg/5.1/Source/ucmacros/orm_add_cust_fields.sas
<SASCONFIGDIR>/Lev1/Applications/SASEnterpriseGRCServerCfg/5.1/Source/ucmacros/orm_all_cust_fields.sas
<SASCONFIGDIR>/Lev1/Applications/SASEnterpriseGRCServerCfg/5.1/Source/ucmacros/orm_pivot_datatype.sas
This completes the installation of hot fix P04009 on 64-bit Enabled Solaris.
Copyright 2019 SAS Institute Inc. All Rights Reserved.