Recommended Recommended for all environments. Apply this update at the earliest convenience.



Similar documents
McAfee Host Data Loss Prevention 9.1 Cluster Installation Guide

McAfee Gateway 7.x Encryption and IronPort Integration Guide

Release Notes McAfee Risk Advisor Software For use with epolicy Orchestrator and Software

Product Guide Revision A. McAfee Secure Web Mail Client Software

McAfee epolicy Orchestrator 4.5 Cluster Installation Guide

Desktop Release Notes. Desktop Release Notes 5.2.1

McAfee VirusScan Enterprise for Linux Software

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

McAfee Optimized Virtual Environments for Servers. Installation Guide

Product Guide Revision A. McAfee Secure Web Mail Client Software

Release Notes for McAfee epolicy Orchestrator 4.5

epolicy Orchestrator Log Files

McAfee Risk Advisor 2.7

Product Guide. McAfee Security-as-a-Service Partner SecurityDashboard 5.2.0

McAfee Solidcore Change Reconciliation and Ticket-based Enforcement

Hardware Sizing and Bandwidth Usage Guide. McAfee epolicy Orchestrator Software

Total Protection Service

Implementing McAfee Device Control Security

Application Note. Configuring McAfee Firewall Enterprise for McAfee Web Protection Service

Release Notes for McAfee VirusScan Enterprise for Storage 1.0

McAfee Agent Handler

McAfee Host Data Loss Prevention Best Practices: Protecting against data loss from external devices

McAfee VirusScan Enterprise for Storage 1.0 Sizing Guide for NetApp Filer on Data ONTAP 7.x

McAfee GTI Proxy Administration Guide

McAfee Cloud Identity Manager

McAfee Total Protection Service Installation Guide

McAfee Enterprise Mobility Management 11.0 Software

McAfee Endpoint Encryption for PC 7.0

Installation Guide. McAfee Security for Microsoft Exchange Software

McAfee. Firewall Enterprise. Application Note TrustedSource in McAfee. Firewall Enterprise. version and earlier

Application Note Configuring Department of Defense Common Access Card Authentication on McAfee. Firewall Enterprise

McAfee Directory Services Connector extension

McAfee Cloud Identity Manager

McAfee Cloud Identity Manager

Upgrade Guide. McAfee Vulnerability Manager Microsoft Windows Server 2008 R2

Release Notes for McAfee(R) GroupShield(TM) version Patch 1 for Microsoft Exchange. Copyright (C) 2011 McAfee, Inc. All Rights Reserved CONTENTS

Installation Guide. McAfee SaaS Endpoint Protection 5.2.0

Verizon Internet Security Suite Powered by McAfee User Guide

Data Center Connector for vsphere 3.0.0

Installation Guide. McAfee epolicy Orchestrator Software

McAfee UTM Firewall Control Center Product Guide. version 2.0

Setup Guide. Archiving for Microsoft Exchange Server 2007

McAfee Enterprise Mobility Management 11.0 Software

McAfee SiteAdvisor Enterprise 3.5.0

McAfee Solidcore Product Guide

Setup Guide Revision B. McAfee SaaS Archiving for Microsoft Exchange Server 2010

Product Guide. McAfee epolicy Orchestrator Software

Installation Guide. McAfee VirusScan Enterprise for Linux Software

Best Practices Guide. McAfee Endpoint Protection for Mac 1.1.0

Setup Guide. Archiving for Microsoft Exchange Server 2010

Product Guide. McAfee SaaS Endpoint Protection 5.2.0

McAfee Content Security Reporter 2.0.0

McAfee Policy Auditor 6.0 software Product Guide for epolicy Orchestrator 4.6

Sophos Mobile Control Installation guide

Product Guide. McAfee Endpoint Security 10

For a list of supported environments for VirusScan Enterprise 8.7i on Microsoft Windows, see (McAfee) KnowledgeBase article KB51111.

Sophos Mobile Control Startup guide. Product version: 3.5

McAfee epolicy Orchestrator

McAfee SiteAdvisor Enterprise 3.5 Patch 2

User Self-Service Configuration Overview

Sophos Mobile Control Startup guide. Product version: 3

WatchDox for Mac User Guide

Mobile Iron User Guide

McAfee Public Cloud Server Security Suite

McAfee SaaS Archiving

Sophos Mobile Control Installation guide. Product version: 3.5

Release Notes for McAfee(R) VirusScan(R) Enterprise for Linux Version Copyright (C) 2014 McAfee, Inc. All Rights Reserved.

McAfee Cloud Single Sign On

McAfee EETech for Mac 6.2 User Guide

UP L18 Enhanced MDM and Updated Protection Hands-On Lab

DameWare Server. Administrator Guide

McAfee VirusScan Enterprise 8.8 software Product Guide

Setup Guide Revision A. WDS Connector

Advanced Configuration Steps

Data Center Connector for OpenStack

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

How To Encrypt Files And Folders With A Password Protected By A Password Encrypted By A Safesafe (Mafee) (Eeff) 4

Installation and Administration Guide

McAfee Enterprise Mobility Management 12.0 Software

McAfee Asset Manager Console

Sophos Mobile Control Installation guide. Product version: 3.6

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

Mobility Manager 9.5. Users Guide

McAfee Host Intrusion Prevention Patch 6 Software

Product Guide. McAfee SaaS Endpoint Protection (October, 2012 release)

GO!Enterprise MDM Device Application User Guide Installation and Configuration for BlackBerry

GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android

POC Installation Guide for McAfee EEFF v4.1.x using McAfee epo 4.6. New Deployments Only Windows Deployment

Sophos Mobile Control User guide for Apple ios. Product version: 2 Document date: December 2011

JAMF Software Server Installation Guide for Windows. Version 8.6

NetIQ Advanced Authentication Framework - Smartphone Applications

Sophos Mobile Control Installation guide. Product version: 3

Polycom CMA System Upgrade Guide

Sophos Mobile Control Super administrator guide. Product version: 3

McAfee Endpoint Security Software

NotifyMDM Device Application User Guide Installation and Configuration for Windows Mobile 6 Devices

Transcription:

Release Notes McAfee Enterprise Mobility Management 11.0 Patch 4 About this document About this release Bug fixes and enhancement Installation instructions Files affected by patch Troubleshooting installation issues Known issues Finding product documentation About this document Thank you for choosing this McAfee product. This document contains important information about the current release. We strongly recommend that you read the entire document. About this release Release date 18 March 2014 Files included EMM11.0Patch4.exe Developed for use with EMM 11.0.x Urgency rating Recommended Recommended for all environments. Apply this update at the earliest convenience. Bug fixes and enhancements This section provides a description of the fixes and enhancements included in this patch. Patch 4 Bug fixes BZ#945332 Self-service EMM portal failed to load and/or many Android devices couldn t provision after applying Patch 2 or later on some non-us locale EMM Servers.

Error in the Event Viewer: Unexpected Application Error System.Web.HttpException: The file '/emmportal/default.aspx' has not been pre-compiled, and cannot be requested. Error in the IIS log for Android Provisioning issue: POST /EmmPortal/AndroidAgent/authenticateme.droidlist - 443-11.22.33.44 Apache-HttpClient/UNAVAILABLE+(java+1.4) 302 0 0 78 Error on the app for Android Provisioning issue: We re unable to connect to the McAfee EMM server. Please try again later BZ#948573 EMM hub registration failed with epo 5.1 even after applying Patch 1 on some non-us locale EMM Servers. Error in the Orion log for EMMHub registration: servlet.controllerservlet - Exception thrown by ActionBean:com.mcafee.emm.util.RestException: Could not decrypt data. Bug 948641 - After an update configuration password for the WiFi connection was not pushed correctly to the Android devices. Enhancement: Added an option to log warning messages when Default EMM Admin account authentication failed or a locked out EMM Admin account tried to register EMM Hub on epo. Warning in Event Viewer: EMM.Hub.BasicAuthManagerCheckAccessCore: Failed Authentication, dest: https://epomdm.tuev.at/emmhub/rest.svc/registerepo Unlock Admin user accounts during Patch installation if they were locked out before the installation. Bug 952879 - As per ios 7.1 documentation, increased the field size for PushMagic and UnlockToken column in EMM Database. Patch 3 Bug fixes BZ#900040 - Push Notifier did not report an error when its GCM connection failed. BZ#903240 - Configuring the native email client failed on Android devices, such as the Motorola Droid Razr Maxx HD or a Droid Motorola Droid Razr M XT907, where User Agent string of email client does not contain expected embedded spaces. Error in the EventViewer: Blocking connection from device as the deviceid doesnt exist on our system/unable to calculate the deviceid, activesyncid:androidcxxxxxxxx BZ#903243 - Duplicate unprocessed pending actions caused a failure of the User Compliance and the MDM Requery Threads resulting in intermittent push notification delays. BZ#911855 - For Android devices, the Unlock Mobile Action generated a temporary passcode that did not match the profile passcode criteria.

BZ#917966: Push Notifier crashed while trying to send an MDM push notification in the rare case when an ios device s MDMAPNI value was empty in the EMM database. Error in the EventViewer: EMMPushNotifier.PushNotifier Unexpected exception in worker threadsystem.nullreferenceexception" BZ#923928 - Users were erroneously going out of compliance and loosing email sync. In most cases the NoncomplianceReason is PolicyUpdate and AwaitingEpoPolicy. BZ#929885 - PDF and DOCX file attachments failed to open on several LG devices models (such as LG Optimus L9) when using the native Android email client. Error in the email client: Download fails to open Patch 2 Bug fixes BZ#918638: Jailbreak detection stopped working on ios devices upon upgrade to ios 7. Patch 1 Bug fixes BZ#911691: Could not establish a connection when adding the EMM Hub as a registered server to epo 5.1. BZ#904486: EMM Hub Application Pool terminated unexpectedly causing loss of email sync and loss of communication with devices. Installation instructions Before you begin You must have EMM 11.0.X installed. You must have administrator rights on the Windows system. You must back up the EMM database - to facilitate recovery/rollback. If EMM components are installed on virtual machines, take snapshots of all servers to facilitate recovery/rollback. Important: The patch must be applied to the McAfee EMM components in a specific order. Follow the instructions appropriate to your configuration: If all McAfee EMM components are installed on the same server, see Single server installation. If McAfee EMM components are installed in an Enhanced Security Model (i.e. on a separate Internal and External server), follow the instructions in Dual server installation.

If McAfee EMM components are installed in a High Availability (HA) configuration, follow the instructions in High Availability (HA) installation. If McAfee EMM components are distributed across multiple servers, follow the instructions in Custom installation. Single server installation 1 Copy EMM11.0Patch4.exe installer to the server where the McAfee EMM components are installed. 2 Run as administrator EMM11.0Patch4.exe. 3 IIS restarts automatically. 4 Clear the web browser cache before using the EMM. 5 Required for epo 5.1 (or later) customers only: If Patch 1 was not previously applied (i.e. if the EMM version number is currently 11.0.0.46999), then from the epolicy Orchestrator console, perform either of the following (which obtains and saves a new certificate): Select Menu Configuration Registered Servers, highlight the EMM HUB server, select Actions Edit and then click Save. Select Menu Configuration Registered Servers, highlight the EMM HUB server, select Actions Delete and then click Yes. Then re-add the EMM HUB server as a Registered Server. Dual server installation 1 Copy EMM11.0Patch4.exe installer to the internal server where the McAfee EMM Internal components are installed. 2 Run as administrator EMM11.0Patch4.exe. 3 IIS restarts automatically. 4 Copy EMM11.0Patch4.exe installer to the external server where the McAfee EMM External components are installed. 5 Run as administrator EMM11.0Patch4.exe. 6 IIS restarts automatically. 7 Clear the web browser cache before using the EMM. 8 Required for epo 5.1 (or later) customers only: If Patch 1 was not previously applied (i.e. if the EMM version number is currently 11.0.0.46999), then from the epolicy Orchestrator console, perform either of the following (which obtains and saves a new certificate): Select Menu Configuration Registered Servers, highlight the EMM HUB server, select Actions Edit and then click Save. Select Menu Configuration Registered Servers, highlight the EMM HUB server, select Actions Delete and then click Yes. Then re-add the EMM HUB server as a Registered Server.

High Availability (HA) installation 1 Copy EMM11.0Patch4.exe installer to all the internal servers where the McAfee EMM Internal components are installed. 2 Run as administrator EMM11.0Patch4.exe on each internal server (one server at a time). 3 IIS restarts automatically. 4 Copy EMM11.0Patch4.exe installer to all the external servers where the McAfee EMM External components are installed. 5 Run as administrator EMM11.0Patch4.exe on each external server (one server at a time). 6 IIS restarts automatically. 7 Clear the web browser cache before using the EMM. 8 Required for epo 5.1 (or later) customers only: If Patch 1 was not previously applied (i.e. if the EMM version number is currently 11.0.0.46999), then from the epolicy Orchestrator console, perform either of the following (which obtains and saves a new certificate): Select Menu Configuration Registered Servers, highlight the EMM HUB server, select Actions Edit and then click Save. Select Menu Configuration Registered Servers, highlight the EMM HUB server, select Actions Delete and then click Yes. Then re-add the EMM HUB server as a Registered Server. Custom installation If McAfee EMM components are split amongst multiple servers, apply the patch in this order: 1. Each server with a McAfee EMM Hub 2. Each server with a McAfee EMM Portal 3. Each server with a McAfee EAS Filter 4. Each server with a McAfee EMM Push Notifier Apply the patch only once per server. If a server has multiple McAfee EMM components installed, there is no need to apply the patch multiple times. Servers that have McAfee EMM components other than those listed do not need to be patched. 1 Copy EMM11.0Patch4.exe installer to the server. 2 Run as administrator EMM11.0Patch4.exe. 3 IIS restarts automatically. 4 Clear the web browser cache before using the EMM 5 Required for epo 5.1 (or later) customers only: If Patch 1 was not previously applied (i.e. if the EMM version number is currently 11.0.0.46999), then from the epolicy

Orchestrator console, perform either of the following (which obtains and saves a new certificate): Select Menu Configuration Registered Servers, highlight the EMM HUB server, select Actions Edit and then click Save. Select Menu Configuration Registered Servers, highlight the EMM HUB server, select Actions Delete and then click Yes. Then re-add the EMM HUB server as a Registered Server. After applying the patch Action by the device end-users is required only when Patch2 was not applied earlier and end-user did not perform the below mentioned steps after applying Patch 2. Actions required by ios users: For provisioned devices that upgraded to ios 7 or upgrade to ios 7 in the future, inform users that the following actions are required: Configured ios 7 devices using the McAfee EMM ios app v4.8 or later: 1. Launch the McAfee EMM App and sign in. 2. If presented with the User Agreement screen, follow prompts to re-provision device. If User Agreement screen is not displayed then users can skip the reprovisioning process; just press the device s home button. Configured ios 7 devices using the McAfee EMM ios app v4.7.x or older: 1. Update to McAfee EMM ios app v4.8 or later (via the App Store). 2. Launch the McAfee EMM App and sign in. 3. If presented with the User Agreement screen, follow prompts to re-provision device. If User Agreement screen is not displayed then users can skip the reprovisioning process; just press the device s home button. Users who do not perform the above after the patch is applied will continue to operate the same as before the patch was applied. Jailbreak Detection functionality is not regained until the above actions are performed. New ios 7 Devices Configuring new ios 7 devices require McAfee ios app v4.8 or later. Verifying installation You can verify that this patch installed correctly by confirming the version number is 11.0.4.52827. This can be done by any of the following: From epo Console go to Server Settings, select EMM Server Settings and click on System Settings you will be automatically logged into the EMM Console. Under General Settings verify the version displayed is 11.0.4.52827.

Record of installation The messages generated by this patch display in a Command Prompt window and are also saved to the mcafee/emm folder (typically C:\Program Files (x86)\mcafee\emmplatform) in a file named PatchFiles<Datetime> (example: PatchFiles201310170507). Files affected by patch This patch modifies or replaces the following files. The files are automatically backed up to their same folder as a.bak file. This patch also modifies several SQL database tables and stored procedures. Component: EASFilter: EMMHub: \TrustDigital-Server-ActiveSync\bin\EMM.Domain.dll \TrustDigital-Server-ActiveSync\bin\EMM.Proxy.Iphone.dll \bin\win32\ EMM.CertAuth.dll \bin\x64\emm.certauth.dll \bin\app_global.asax.dll \bin\app_global.asax.compiled \bin\emm.hub.dll \bin\emm.domain.dll \bin\emm.domain.contracts.dll \bin\emm.datalayer.dll \bin\emm.datalayer.contracts.dll \bin\emm.deveicemgmt.dll EMMPortal: \bin\win32\emm.certauth.dll \bin\x64\emm.certauth.dll \bin\emm.portal.dll \bin\app_global.asax.dl \bin\app_global.asax.compiled \bin\iphone.dll \bin\iphone.svc.cdcab7d2.compiled \bin\public.dll \bin\emm.domain.dll \bin\emm.domain.contracts.dll \bin\root.dll \bin\legacy.dll EMMPushNotifier: EMM.Domain.dll EMMPushNotifier.exe EMMServiceMonitor:

EMM.Domain.dll EMM Database: dbo.deviceprofile.sql dbo.deviceprofile_insert.prc dbo.deviceprofile_get.prc dbo.device_getprovisionedprofile.sql dbo.device_getudidfromdeviceprofile.sql dbo.androiddevicematch.prc dbo.device_requerymdmdevices.sql RemoveRedundantPolicyTags.sql TDSystemVersionHistory_Update.sql dbo.devicemdmpendingmanagedapps_sendpush.prc dbo.pushnotification.sql dbo.pushnotification_insert.prc UnlockEMMAdminUser.sql Troubleshooting installation issues Common issues encountered during/after installation None. Recovering from a failed installation 1. Stop IIS on all EMM servers. 2. Revert EMM database to the backup taken before installing the patch. 3. Revert all EMM severs to snapshot taken before installing the patch. This will automatically restart IIS 4. Pre-patch operations should begin. Known issues For a list of known issues in this product release, see this McAfee KnowledgeBase article: KB81493. Finding product documentation McAfee provides the information you need during each phase of product implementation, from installation to daily use and troubleshooting. After a product is released, information about the product is entered into the McAfee online KnowledgeBase. 1 Go to the McAfee Technical Support ServicePortal at http://mysupport.mcafee.com. 2 Under Self Service, access the information you need:

To access... User documentation Do this... 1 Click Product Documentation. 2 Select a Product, then select a version. 3 Select a product document. KnowledgeBase Click Search the KnowledgeBase for answers to your product questions. Click Browse the KnowledgeBase for articles listed by product and version.

COPYRIGHT Copyright 2014 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies. TRADEMARK ATTRIBUTIONS AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. LICENSE INFORMATION License Agreement NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information