Installation Instructions for Hot Fix P92011

Linux for x64


Hot fix P92011 addresses the issue(s) in SAS Fraud Management 4.1 as documented in the Issue(s) Addressed section of the hot fix download page:
http://ftp.sas.com/techsup/download/hotfix/HF2/P92.html#P92011

P92011 is a "container" hot fix that contains the following "member" hot fixes which will update the software components as indicated.
T12003  updates  SAS Fraud Management Alert Generation Server 4.1
R70006  updates  SAS Fraud Management Mid-Tier 4.1 ***
P94005  updates  SAS Fraud Management Reporting History DB Maintenance Macros 4.1***
P93008  updates  SAS Fraud Management Scoring Engine 4.1
R01004  updates  SAS Fraud Management Transaction Extensions 4.1***
Z11001  updates  SAS Fraud Management System of Record DB Maintenance Macros 4.1

*** member hot fixes that have been updated since the previously released hot fix (P92010)

See What is a container hot fix? in the Hot Fix FAQ for more information about container hot fixes.


HOT FIX COMPONENT HISTORY

Software Component Server P92001 HF1 N/A HF2 P92002 HF3 P92003 HF4 P92004 HF5 P92005 HF6 P92006 HF7 P92007 HF8 P92008 HF9 P92009 HF10 P92010 HF11 P92011 HF12
SAS FM Alert Generation Server 4.1 AGS - - T12001 - T12002 - - - - T12003 - -
SAS FM Mid-Tier 4.1 Midtier R70001 - R70002 R70003 R70004 - - - - R70005 - R70006
SAS FM Reporting History DB Maintenance Macros 4.1 Rules Server/AGS P94001 - - - P94002 - P94003 - - P94004 - P94005
SAS FM Scoring Engine 4.1 JOSE P93001 - P93002 P93003 - P93004 - P93005 P93006 P93007 P93008 -
SAS FM Transaction Extensions 4.1 Rules Server/AGS/JOSE R01001 - - R01002 - - - - - R01003 - R01004
SAS FM System of Record DB Maintenance Macros 4.1 AGS - - - - - - - - - Z11001 - -


PRE-INSTALLATION INSTRUCTIONS

  1. Create a Deployment Registry report:

    Before applying this hot fix, follow the instructions in SAS Note 35968 to generate a SAS Deployment Registry report.

    Commands to create the report:
    1. cd <SASHome>/deploymntreg
    2. <JAVA_HOME>/bin/java -jar sas.tools.viewregistry.jar

    Two files are created: DeploymentRegistry.txt and DeploymentRegistry.xml. Either of these files can be used to verify that the appropriate product releases are installed on your system. The release number information in the Deployment Registry report should match the 'member' release number provided above for the software components installed on each machine in your deployment. In addition, you can determine the current hot fix level by comparing the the software component information in the chart above with the Deployment Registry report.


INSTALLATION

  1. Backups:  Files delivered in this hot fix will be backed up during the installation process. However, it is good general practice to back up your system before applying updates to software.

    Backup the following:

    1. The <SASHOME> directory
    2. The <CONFIGDIR> directory
    3. Each database that will be updated by this hot fix. Review the POST-INSTALLATION INSTRUCTIONS section to determine if there are database updates.

    For a detailed list of updated files, see the hot fix manifest.  NOTE: The manifest is cumulative for all hot fixes for this release.

  2. Stop Servers:  The AGS server and the JOSE server must be stopped via the command line before installing this hot fix. In addition, all batch jobs running against the SAS FM databases should be paused.
  3. Important:  Install this hot fix using the same userid who performed the initial software installation.
  4. Install the hot fix using the SAS Deployment Manager (SDM):

    Hot Fix P92011 must be installed on each machine where the updated components of the product, listed above, are installed. During the installation process you may see references to all operating systems for which updates are provided in the hot fix. The installation process will determine the operating system and which component(s) of SAS Fraud Management 4.1 require updating on the machine. See SAS Note 44810 for more details.

    The hot fix will be applied using the SAS Deployment Manager (SDM). By default, the SDM will search in the <SASHOME>/InstallMisc/HotFixes/New directory for hot fixes to be applied, but will also prompt for a location if you have downloaded hot fixes to a different directory. Do NOT extract the contents of   P92011pt.zip into the selected directory. The hot fix installation process will extract the contents as needed.

    After copying P92011pt.zip, follow the instructions for applying hot fixes in the SAS Deployment Wizard and SAS Deployment Manager 9.4: User’s Guide.

    Note:   If this hot fix has been previously installed, use the -reinstallhotfix option when running the SDM. If friendly fixes have been previously installed, use the -alwaysoverwrite option.


    The hot fix installation process generates the log file

    <!SASHOME>/InstallMisc/InstallLogs/IT_date-and-time-stamp.log
    for example, IT_2011-10-31-13.18.21.log. Each attempt to apply a hot fix results in the creation of a new log file giving detailed information regarding the installation process.

    Postexec log files are created after the installation is completed and identifies the files that were added, backed up, changed and removed. These log files include the ‘member’ hot fix id in the name of the file and are also written to the <!SASHOME>/InstallMisc/InstallLogs directory. There is one postexec log for each ‘member’ hot fix applied (member hot fixes are listed at the top of these instructions).


POST-INSTALLATION INSTRUCTIONS

  1. Update the Databases:

    Database updates are generally performed by the DBA. The files required are found in the Miscellaneous directory in the P92011pt.zip file and must be manually extracted and copied to a location accessible by the DBA.

    1. Create a "P92011pt" directory on your machine and unzip the contents of P92011pt.zip into that directory.
    2. Go to the P92011pt/Miscellaneous directory.
    3. Based on the table below, determine which files need to be run and copy those files to the appropriate database server. The instructions for each file should be reviewed before running each update.

      The SAS Deployment Registry report created in the PRE-INSTALLATION INSTRUCTIONS step can be used to determine the current hot fix level. Files included in previous hot fixes should NOT be run again.
    4. Vendor Database Hot fix File Instructions
      DB2 SOR HF3 sor_db2_upgrade_4.1.0.3.tar SOR_DB2 updates: Installation Instructions for SOR_DB2 updates (1)
      DB2 SOR HF4 sor_db2_upgrade_4.1.0.4.tar SOR_DB2 updates: Installation Instructions for SOR_DB2 updates (2)
      DB2 SOR HF5 sor_db2_upgrade_4.1.0.5.tar SOR_DB2 updates: Installation Instructions for SOR_DB2 updates (3)
      DB2 SOR HF10 sor_db2_upgrade_4.1.0.10.tar SOR_DB2 updates: Installation Instructions for SOR_DB2 updates (4)
      DB2 RPTHIST HF5 rpthist_db2_upgrade_4.1.0.5.tar RPTHIST_DB2 updates: Installation Instructions for RPTHIST_DB2 updates (1)
      Oracle SOR HF1 sor_oracle_upgrade_4.1.0.1.tar SOR_Oracle updates: Installation Instructions for SOR_Oracle updates (1)
      Oracle SOR HF3 sor_oracle_upgrade_4.1.0.3.tar SOR_Oracle updates: Installation Instructions for SOR_Oracle updates (2)
      Oracle SOR HF4 sor_oracle_upgrade_4.1.0.4.tar SOR_Oracle updates: Installation Instructions for SOR_Oracle updates (3)
      Oracle SOR HF5 sor_oracle_upgrade_4.1.0.5.tar SOR_Oracle updates: Installation Instructions for SOR_Oracle updates (4)
      Oracle SOR HF10 sor_oracle_upgrade_4.1.0.10.tar SOR_Oracle updates: Installation Instructions for SOR_Oracle updates (5)
      Oracle RPTHIST HF5 rpthist_oracle_upgrade_4.1.0.5.tar RPTHIST_Oracle updates: Installation Instructions for RPTHIST_Oracle updates (1)
      Oracle RPTHIST HF10 rpthist_oracle_upgrade_4.1.0.10.tar RPTHIST_Oracle updates: Installation Instructions for RPTHIST_Oracle updates (2)


  2. (Step introduced in HF3, skip if already done -OR- if SSL will not be implemented)  AGS SSL Support for MQ

    Overview
    AGS has a requirement from several customers to support SSL client connection to WebSphere MQ Queue Managers.  Today, AGS only support SSL to Queue Managers used for XAMS.  This information covers the enhancement which will allow AGS to use SSL client connections to Queue Managers used for the inbound, SAF and Reject queues.

    Restrictions
    Customers using the XAMS feature of the AGS are affected by the following restriction.  AGS will not support different SSL options for the same AGS instance.  The limitation is related to the SSL Key Store and the password used to access that Key Store.  The same password and location must be used for the Key Stores defined for the XAMS queue manager and the queue manager used for the inbound, SAF and Reject queues.  NOTE:  The passwords are actually stored in the OMR (Metadata Server) and the passwords for XAMS user and the AGS MQ user (a new user id) must be the same.

    Configuration
    AGS will rely on several new configuration properties to manage the SSL connection in MQ.  These properties are:

    ags_mq_ssl_cipher_suite - Specifies the SSL Cipher Suite.  If not null, then SSL will be enabled.
    ags_mq_ssl_truststore - Specifies the location of the SSL TrustStore
    ags_mq_ssl_keystore - Specifies the location of the SSL KeyStore
    ags_mq_ssl_fips_required - Indicates if FIPS is required

    Metadata Server Configuration
    In addition, a new user group will be required to be added to the Metadata Server.  This user must have an account defined that will be used to specify the password required for the SSL KeyStore.  The account name must be “agsssl_”.  The AGS user must be a member of this group.  The account name is a “fictitious” account, that is, it is not a real OS account.

    SQL for new properties
    See the DDL package released with this hotfix.


  3. (Step needed only if "SAS Fraud Management Mid-Tier" component was updated)  Update the web application deployed to your application server:

    1. Re-build Web Applications

      In order for this step to execute correctly, the Metadata Server must be running.

      1. Set the DISPLAY environment variable, for example
        $ export DISPLAY=<displayname>:0
      2. Invoke the SAS Deployment Manager 9.4

        From the SASDeploymentManager directory execute sasdm.sh, for example

        $ cd <SASHOME>/SASDeploymentManager/9.4
        $ ./sasdm.sh
      3. Select a language in the Choose Language box
      4. Select Rebuild Web Applications
      5. Select Configuration Directory or Enter the Configuration Directory and Level that needs to be updated
      6. Specify Connection Information, including the sasadm User ID and Password
      7. Select SAS Fraud Management Mid-Tier as the Web Application to Rebuild
      8. Verify the information on the Summary screen and select Start
      9. Select Finish when the deployment is complete

      This process will update the Fraud Management ear in <CONFIGDIR>/Lev1/Web/Staging. A backup of the original ear file will be placed in the Backup directory.

    2. Re-deploy Web Application

      In order for this step to execute correctly, the Metadata Server must be running.

      1. Set the DISPLAY environment variable, for example
        $ export DISPLAY=<displayname>:0
      2. Invoke the SAS Deployment Manager 9.4

        From the SASDeploymentManager directory execute sasdm.sh, for example

        $ cd <SASHOME>/SASDeploymentManager/9.4
        $ ./sasdm.sh
      3. Select a language in the Choose Language box
      4. Select Deploy Web Applications
      5. Select Configuration Directory or Enter the Configuration Directory and Level that needs to be updated
      6. Specify Connection Information, including the sasadm User ID and Password
      7. Check the Allow the application server to stop checkbox
      8. Select SAS Fraud Management Mid-Tier as the Web Application to Deploy
      9. Verify the information on the Summary screen and select Start
      10. Select Finish when the deployment is complete

      See SAS 9.4 Intelligence Platform Middle-Tier Administration Guide for more details on deploying Web Applications.

  4. Start Servers:  Start the JOSE server and then the AGS server via the command line. Start any batch jobs that were paused before the installation.
  5. Create a final Deployment Registry report:

    Run a new SAS Depployment Registry report following the same steps as in the PRE-INSTALLATION INSTRUCTIONS. The new report files will overwrite the existing ones. To retain the old files, save them to a new location or rename them before running the commands.

    Please send a copy of the final Deployment Registry report to SAS Fraud Management support.



This completes the installation of hot fix P92011 on Linux for x64.