MergePoint™ 5224/5240 Service Processor Managers Release Notes Version 3.1.0-3 May 11, 2007 This document outlines: 1. Update Instructions 2. Appliance Firmware Version and Language Support Information 3. Enhancements 4. Fixes 5. Known Issues ============================================================================= Update Instructions ============================================================================= Please refer to your Installer and Administrator Guide for detailed instructions to update the MergePoint 5224/5240 appliances to version 3.1.0-3. The firmware is based on the MergePoint 5224/5240 firmware V3.1.0, and serves as an upgrade to any previous V3.1.0 firmware or to Cyclades® OnBoard firmware V1.1.0 or any V3.0.0. An upgrade to the Cyclades OnBoard plug-in for DSView® 3 management software is not required. However, some new features of the MergePoint 5224/5240 appliance will not be available through DSView 3 software if the previous version of the plug-in is used. In order to have all features from MergePoint 5224/5240 firmware available through DSView 3 software, DSView 3 version 3.4 and MergePoint 5224/5240 plug-in for DSView 3 version 1.2.0 are required. An appliance firmware package to upgrade from DSView 3 software is also available. Before installing MergePoint 5224/5240 firmware version 3.1.0-3, please ensure that you have a backup of your existing configuration safely stored. The upgrade process works from Cyclades OnBoard appliance firmware V1.1.0, V3.0.0, V3.0.0-1, V3.1.0, V3.1.0-1 and V3.1.0-2. If upgrading from any other version, please first upgrade one of these versions before upgrading to V3.1.0-3. Optionally, you can upgrade to MergePoint 5224/5240 firmware V3.1.0-3 and restore the configuration to factory default. If you created or edited the expect script or service processors templates, the upgrade procedure may fail. If this is the case, please check the configuration upgrade log file (/etc/configuration/log) to see if there is any error. You may need to fix the affected files by either applying the changes again or using the original file provided in the MergePoint 5224/5240 firmware V3.1.0-3. ============================================================================= Appliance Firmware Version and Language Support Information ============================================================================= Appliance/Product Firmware Type Version Filename Language MergePoint 5224/5240 Opcode V_3.1.0-3 fl0569003.bin English ============================================================================= Enhancements ============================================================================= This is a patch release for MergePoint 5224/5240 firmware V3.1.0. There are no new features in this release. The version V3.1.0 is based on Cyclades OnBoard appliance firmware v3.0.0 and contains the following enhancements: 1. The Cyclades OnBoard appliance has been rebranded to MergePoint 5224/5240 Service Processor Manager. 2. DirectCommand: DirectCommand allows transparent access to the native user interface of a service processor (SP), while still enforcing the authentication and authorization rules defined in the MergePoint 5224/5240 appliance regarding access to that specific SP. DirectCommand can be used to access the SP’s native web interface, from which the user may access services provided by the SP, such as Virtual Media and remote KVM. 3. Support to IPMI 2.0 SPs. 4. Support to Sun ALOM SPs. 5. Web interface improvements: a. Access page shows one SP per line, providing a cleaner user interface. b. Additional SP information such as its IP address and device type are displayed, making it easier to identify the specific SP the user wishes to access. c. An action menu with the available functions for that SP is displayed right from the first access page, allowing faster access to the SP functionality. d. List of active sessions that allow admin users to see and close them. e. Configurable web interface timeout. 6. Ability to create new SP types or modify existing ones, which provides for more flexibility and ease of use when trying to communicate with SPs that are not standard or otherwise not supported by the MergePoint 5224/5240 appliances. The parameters that can be configured in an SP type include protocol (telnet, SSH or IPMI), DirectCommand settings and template type. 7. Configurable option to enable or disable multiple concurrent SoL sessions to a specific SP. 8. LDAP Group authorization retrieved from ‘memberof’ attribute, in addition to the ‘info’ attribute available in previous versions. 9. Support for AIDP (Avocent Install and Discovery Protocol). ============================================================================= Fixes ============================================================================= This release contains the following fixes: 1. ALOM Service Processors can now communicate with the MergePoint 5224/5240 appliances using SSH (as well as the already supported telnet method). 2. The DHCP configuration through the Command Line Interface (CLI) now supports multiple DHCP targets. 3. DirectCommand sessions now negotiate their SSH connections properly when the authentication/authorization process is performed by a remote server. 4. Changes in the order of firewall rules using the CLI are now effective immediately after a commit. 5. Multiple issues related to Ethernet failover being enabled were fixed: a. The SNMP trap agent field filled with an invalid IP address. b. Halting of SNMP daemon. c. DLS/DLA and events reporting IP address 0.0.0.0. 6. RSAII Service Processors with certain special characters in their system names (namely ‘#’, ‘-“ and ‘_’) can now communicate properly with the MergePoint 5224/5240 appliances. The list of supported characters now includes alphanumeric capitalized or not, spaces, plus ‘#’, ‘-“ and ‘_’. Fixes in previous patch releases include: 1. Zoneinfo files were updated to Jan/2007 versions in order to comply with the changes in the US Daylight Savings Time (Energy Policy Act of 2005). 2. Failure on upgrade from Cyclades OnBoard firmware V1.1.0 is now fixed. 3. SoL on DRAC now properly responds to <ENTER> keystrokes. 4. Java applets for Service Processor access and DirectCommand are signed by an official Avocent certificate. 5. Event notification reports syslog messages to DSView3 management software without failure. 6. List of SP families in the Web Interface is now dynamic, according to the SP families available in the appliance configuration. 7. Server-based group authorization now adds the authenticated user to the supplied groups only if the user was provided by the authorization server. NOTE: Before authorization, the remotely authenticated user will be removed from all groups in the current appliance configuration and re-added only to the groups provided by the authorization server. The users/groups configuration will not mix local users and remote users added by authentication servers. 8. SoL connection to ALOM works regardless of whether another user is connected in the host console. Additionally, V3.1.0 fixes the following issues: 1. Power Status command returns consistent response, regardless of the SP type. 2. Target device names can include capital letters. 3. Assign proper default broadcast address when configuring Ethernet interfaces. 4. Save correct user and password when configuring from Web Wizard pages. 5. Several issues configuring SNMP parameters from Web interface. 6. Removed ‘Back’ option from spshell menu when connecting directly to a target device. 7. Appliance sends event 58 to DSView 3 software every time a device console connection ends. 8. Connections to the appliance or to the SPs from DSView 3 software duplicated the end of line, causing the prompt to be shown twice. This is now fixed, and such connections display normally. ============================================================================= Known Issues ============================================================================= This release contains the following known issues: 1. Some SPs do not send any response to power on/off/cycle commands. These commands may result in an “empty” pop-up Web page. The same may happen with power status for iLO. 2. Target names cannot have spaces or tilde (‘~’). If a target name has spaces or tilde, the operation to push target names to DSView 3 software will fail. 3. The appliance’s IP address for the primary Ethernet interface (eth0) must be used in the Add Appliance Wizard. If the secondary Ethernet (eth1) or any of the sub-interface IP addresses are used, data logging and syslog event notification will not work. 4. Users with admin privileges can access either the MergePoint 5224/5240 plug-in for DSView 3 software or the MergePoint 5224/5240 WebUI, but not both. Since the appliance accepts only one admin user logged in at a time, admin users must be aware that they may be disconnecting a DSView 3 software session when choosing to take over another admin session when connecting to the appliance via WebUI or CLI. Halting a DSView 3 session may cause loss of configuration and/or failure in the DSView 3 operation. DSView 3 software will always take over another admin session, whether it is from the WebUI or the CLI, without warning. 5. If the condition to trigger a sensor alarm happens multiple times within the configured time interval for sensor alarms, the user will receive the sensor alarms at the right time, but there will be multiple alarms instead of just the last one. 6. Shared secret is not deleted from the configuration file when the IPSec connection is deleted. 7. Local/<any> authentication methods require local account. The authentication will succeed by providing either the local or the remote password, but the user must exist in the appliance local accounts for authorization purposes. 8. When upgrading from Cyclades OnBoard firmware V1.1.0 with no device configured, the MergePoint 5224/5240 firmware V3.1.0-1 will create an invalid device called 'uniqueid'. You can remove it by using either the Web interface or the CLI.