Date:2014-12-15

OS: Windows/Linux

Etrack Incidents: 3226294, 3328730, 3468688, 3550230, 3600287, 3601788, 3602680, 
3607863, 3613167, 3613699, 3627354, 3634825, 3638994, 3655521, 3658402, 3655801, 
3666745, 3667842, 3676254, 3682627, 3682927 

Errors/Problems Fixed:

3226294 - Display similar filtering for Dashboard as for Analytics view.  

3328730 - If a report fails or is canceled, the temporary activity index files 
generated during the report run in order to compute owner should get deleted.  

3468688 - Enhance performance of retrieval of subfolders and files under a path 
selected for archiving using Enterprise Vault.

3550230 - DQL: Query ignores some shares' data when Device ID is supplied.

3600287 - "DFS Filers with permissions" filter under user centric permissions
view does not show any device in list.

3601788 - DQL: Presence of same column twice in "Get" clause results in merge
failure.

3602680 - Indexer fails to process a SharePoint audit file, stating that Path '/'
can't be a file and hence unable to add event to index and exits with error=203.

3607863 - DQL: Query does not return values for multivalued attribute, such as 
dlp_policies, if you prefix the attribute name with object and do not provide 
FORMAT specifier.

3613167 - Maximum kernel ring buffer size changes to 0 when a template is used.

3613699 - Do not process 0 byte size files. Instead, delete them while salvaging
old DB files in collector folder by using salvage.exe. 

3627354 - Security event should not change last access timestamp for files and 
folders because many times, it does not get updated on file system.

3634825 - Show tooltip for DLP Policies column in Context Map. 

3638994 - While performing an Active Directory scan, when a user/group record is 
fetched from the Domain Controller and some of the required fields are missing, 
the scan should continue after logging an error. 

3655521 - winnas_util.exe crashes when the credential used to access the filer
is not part of Administrators group.

3658402 - On restore, undelete the path from Data Insight. 

3655801 - Index check exited with code 2 because of white space in Data 
Directory path.

3666745 - Scan end time is not correctly populated in GUI under Scanning 
Dashboard -> Scan History. 

3667842 - DataInsightFpolicy Service does not update credentials when switched
to run as Local System account.

3676254 - idxcheck should ignore non-indexed folders to check integrity. 

3682627 - Enterprise Vault Archiving: While running the CreateWorkflowDBJob, 
expansion of paths in temporary workflow database fails in some cases. 

3682927 - dqlexec fails to apply index on device.name = 'some_device'. 

NOTE: Incidents fixed in earlier rolling patches are listed at the end of this
document.

Install/Uninstall Instructions:

Apply this rolling patch on all Data Insight servers with version 4.0, with or
without earlier rolling patches applied.

NOTE: Please keep a backup of the Data Insight files in the installation 
directory. This will be required in case you want to manually roll back the 
patch.

High Level Steps:
1. Apply the rolling patch on the Management Server first, followed by all 
   worker nodes.
2. Next, apply patch to Windows File Server agents (if applicable).
3. Next, apply patch to Microsoft SharePoint agents (if applicable).

Patching the Data Insight Management Server and worker nodes:

1. Log on to each server with Administrative privileges.
2. Unzip the patch files to a temporary folder. In this folder, locate the 
   rolling patch installer for the appropriate OS architecture. The installer
   is called Symantec_DataInsight_windows_40RP4_4_0_0_7000_x64.exe for 64 bit 
   Windows OS, Symantec_DataInsight_windows_40RP4_4_0_0_7000_x86.exe for 32 bit
   Windows OS and Symantec_DataInsight_linux_40RP4_4_0_0_7000_x64.sh for 64 bit
   Linux OS.
3. Launch the installer executable to install the rolling patch.

Patching Data Insight Windows File Server agents:

1. Unzip the patch files to a temporary folder. In this folder, locate the 
   rolling patch installer bundles for Windows File Server agents. The agent
   bundle is called Symantec_DataInsight_windows_winnas_40RP4_4_0_0_7000_x64.zip
   for 64 bit OS and 
   Symantec_DataInsight_windows_winnas_40RP4_4_0_0_7000_x86.zip for 32 bit OS.
2. Log into the Data Insight Management Console with Server Administrator 
   privilege and upload the agent bundles to the appropriate Collector worker
   nodes using the "Upload Manager" page on the Settings tab.
3. Navigate to the Filer Details page for each configured Windows File Server 
   from the Settings tab, and click on "Upgrade Agent" button available at the
   top of the page. This option is only visible if you have enabled the option 
   to let Data Insight install/upgrade agent for this filer.
4. Alternately, to manually patch a Windows File Server agent, log on to the 
   Windows File Server machine with Administrative privileges, unzip the agent
   installer bundle in a temporary location, and launch the patch installer. 
   The patch installer is called 
   Symantec_DataInsight_windows_winnas_40RP4_4_0_0_7000_x64.exe for 64 bit OS,
   and 
   Symantec_DataInsight_windows_winnas_40RP4_4_0_0_7000_x86.exe for 32 bit OS.

Patching Data Insight Microsoft SharePoint agent:

1. Log on to the SharePoint farm machine where the SharePoint agent has been 
   previously installed.
2. Uninstall the old agent using the "Add/Remove Programs" applet in Control 
   Panel.
3. Unzip the patch files to a temporary folder. In this folder, locate the 
   SharePoint agent installer. The installer is called 
   Symantec_DataInsight_sharepoint_40RP4_4_0_0_7000.exe for SharePoint 2007, 
   Symantec_DataInsight_sharepoint2010_40RP4_4_0_0_7000.exe for SharePoint 2010, 
   and 
   Symantec_DataInsight_sharepoint2013_40RP4_4_0_0_7000.exe for SharePoint 2013.
4. Launch the installer to install the new agent.

Additional Notes:
1. At this time, automated rollback of patch is not supported. To roll back the
   patch manually:
   a. Remember to take a backup of original files before you install the rolling
      patch.
   b. To roll back the patch, stop all Data Insight services, overwrite the 
      patched files with original files from backup, and restart the services.
2. To confirm if a system has been patched, check the version of Data Insight
   using the Add/Remove Programs applet in the Control Panel.
   
Following ETrack incidents have not been fixed in this release, however 
workaround for these is as below:   

3371091	- Cannot select customattr.csv attributes in analytics configuration.

Workaround: Manually type the name of the CSV file in the text box.

Known Issue: After uninstalling Data Insight 4.0RP4, it is still shown in the
Programs and Features list in the Control Panel.

********************************************************************************
Incidents fixed in 4.0 RP3
********************************************************************************

3526059	- DQL executable segment faults for getting path.custodians from 
permissions.

3430061 - Size of a folder includes size of its immediate deleted files.	

3461399	- In case of a EMC Celerra device, audit events cannot be monitored for
shares having characters "'" and "&" in the share name.

3486041	- Site collections discovery fails in a SharePoint web application if
one of the site collections is blocked.	

3495091	- When exclude paths for open shares dashboard contain DFS paths, 
physical shares associated with DFS paths are getting excluded.	

3496290	- EmailUtils caches old value of SMTP host.

3506114	- For EMC Celerra, collector node should honor events where filer is
not able to send client IP address in xml packets.

3513106	- Handle crash in segment read, when there is segment file mismatch and  
segment size in database is more than the on-disk size.

3513899 - Data Aging report shows zero sum values when a file is created and 
then deleted before creating a folder at same level with same name.

3525525	- Unique path permissions report shows path with non unique permissions.	

3527342	- Support for getting paths with unique permissions in Entitlement 
Review Report.	

3528784	- Windows File Server fails to scan, and both filer and Scanner
credential test connections fail in Data Insight console.

3529478	- DQL query that contains non-English characters does not work.	

3551757	- Memory utilization on Linux indexers will not report any thing where 
used memory is greater than what can be reported.

3553253	- Data Insight Fpolicy service should ignore corrupted .tmp file for 
finalizing and move ahead and start the service, instead of refusing to start.

3523557 - report.exe crashes for non-existing path or a path with no activity.

3581620	- Data Insight Fpolicy service trying to connect to NetApp filer that
is no longer configured.

3559929	- Linux indexers are showing incomplete DQL reports and crashes with
exit code 139.

3586906	- New properties for not disconnecting filers due to high latency when 
not monitoring CIFS or NFS shares.	

3469487 - Dashboard report fails if index.db version is ahead of the
activity-index.

3497213 - Unable to save a filer if credentials used for adding filer have all 
digits in the username.

3495247 - For large number of SharePoint site collections, scan times out with 
exit code 200.

3497232 - Accessed By or Modified By metadata is not displayed on
Workspace > Overview tab.

3489902 - For large number of SharePoint site collections, audit times out with 
exit code 200.

3564835 - EMC Celerra share discovery should not discover NFS exports.

3524747 - Unblock master report thread in case output dbs are downloading from 
indexers.

3551731 - Linux Indexer keeps going into an unknown state in the console.

3486521 - DQL query "FROM activity GET path.owner.user.name" fails.

3553195 - Due to incorrect settings for thread queue and core pool size, only
one report can be downloaded in entire deployment.

3584907 - Compute memory consumption using "free" command instead of "top"
command.

3566272 - Entitlement Review Report with large number of custodians fails due
to memory leak.

********************************************************************************
Incidents fixed in 4.0 RP2
********************************************************************************

3322450 - Data Insight is unable to display domain local group as a member group
if it is added in local group of a Windows File Server or a NetApp    filer.

3333195 - Performance improvement to Indexer.

3338064	- DLP sensitive policy list filter doesn't work for "Like" or "Not like"
selection criteria.

3339324	- Controlpoint.exe is crashing.

3340194	- Incorrect membership for SharePoint local groups.

3341260	- DQL returns precision in the output. If file or share size is less 
than 1GB, then DQL returns size in GB as zero.

3341475	- Discover site collections with the correct URL in case of claims-based
authenticated web application URLs.

3346260	- DLP settings in Data Insight change after upgrading Data Insight from
4.0 to 4.0 RP1.

3346852	- Disabled shares should be grayed out in the workspace like they are in
the Settings page.

3349797	- Server column missing in email alerts.

3360081	- idxwriter.exe can crash if it needs to reopen the index while 
processing scan files.

3360996	- Ability to ignore disabled filers in reports.

3362626	- DLP policies count and DLP policies name filters are not working at 
          folder level.

3363542	- DataInsightWinnas service is consuming high memory.

3365338	- DiscoverSharesJob never completes in a large distributed environment.

3366466	- Pull the sidhistory attribute from Active Directory.

3366484	- Scanner.exe crashes if file system type is not supported.

3368584	- adcli.exe crashes when adding sidhistory attribute.

3370111	- Provide option to clear all selected resources from the page selection
view in report wizard.

3372289	- Index DB need not do an integrity check for every version.

3374567	- DQL throws syntax error if arguments of the "formatdate" function are
incorrect.

3375441	- In reports, if copy report output step returns failure, then highlight
the last run status accordingly, and show the warning icon.
		  
3383035	- Duration function in DQL returns nothing if there is no space between 
number and unit.

3383281	- Data Insight 4.0 RP1 fails to display SharePoint version.

3386721	- Add missing filters from version 3.0.1 to Context Map on the Workspace
          tab.

3392016	- Update default sqlite page size to 32k for better performance.

3393618	- GUI freezes completely if you try to assign disabled user as custodian
          on a path.
		  
3401723	- Unable to set "Ignore accesses made by LocalSystem accounts" property
          for a Windows File Server.

3401763	- Permission recommendation workflow is not getting fired in Data Insight
          4.0 RP1.

3409975	- In case of data selection for reports, CSV upload times out for large 
          number of paths.

3412719	- Check if .Net 3.5 framework is installed on the Collector node for 
          SharePoint Servers.

3415120	- Reduce fragmentation in index copy operation.

3417580	- Incremental scan behavior is not consistent with full scan in case of 
          reparse points.

3425797	- Custom cron schedule is not updated in GUI if it is changed using
          command line.

3429196	- Indexers not deleting older filehash and dirhash files on VxFS.

3429442	- adcli.exe corrupts the member hash in a certain scenario, when we 
          encounter failed or disabled domains.

3430935	- Exclusion of Administrators@Filer group removes unrelated user entries
from report output along with members of the Administrators@Filer group.
		  
3431613	- Add New Policy wizard does not work.

3434169	- Access summary for paths - fix report design for SharePoint and NFS 
          paths.

3434502	- Provision to exclude filers from control point process.

3435182	- Access details for paths - BuName and BUOwner value not getting mapped
to all records.

3436563	- Cannot add SharePoint site collection with a space in the name. GUI 
          shows invalid URL message.

3441213	- Double quotes in query causes DQL to fail on a Linux Indexer.

3444977	- Fix exception handling in web service during scan operation.

3446036	- Windows File Server agent share scan exits with error code 5 in case
the Scanner credentials are from different domains.
		  
3446438	- Reports > Select action does not show option to archive.

3453007	- Scanner does not go in throttle mode even if the latencies are high 
          on the filer.					

						
********************************************************************************
Incidents fixed in 4.0 RP1b
********************************************************************************

3346255 - Issue fetching list of sensitive paths from DLP when DLP is configured
with Kerberos authentication.

3348844 - Data Insight does not always recommend the correct patch number 
          applicable for a server node.

3348991 - Permission reports consume excessive memory.


********************************************************************************
Incidents fixed in 4.0 RP1
********************************************************************************

2781513 - Access Pattern Map showing information in GMT for date as today.

3313610 - SharePoint - Enhance Local user scan job for 10000 site collections.

3098137 - Adding Folder Depth dropdown in Access Summary User/Path reports.

3164625 - EVClient - In case of WinNAS cluster, evclient sends the cluster name 
          as parameter to EV which returns an error for all paths.

3211411 - Wildcard support in Exclude Rules for access events in case of 
          SharePoint is not implemented.

3218248 - Path Permission report does not exclude Administrators group.

3219246 - Entitlement report - Exclude Group/user does not work.

3227205 - Inactive folders query should exclude deleted paths.

3257392 - Reports - parallelism for reports through GUI.

3263375 - Set control point depth analysis to 5 by default.

3272517 - Reports - Custom report output: Exclude column does not work with CSV 
          output format.

3276079 - Enhance Access Summary report to allow for Depth Parameter.

3280454 - Provide option to copy report output to network file-share for 
          reports.

3281612 - Enhancement in Sensitive job to do CSV based sensitive file import.

3284683 - Discovery of sharepoint webapp with 10000 site collection times out.

3292056 - Change the Event details of "Exit Code 1: Incorrect function".

3292723 - Add pagination to SharePoint scanner and sharepoint webservice when it
fetches websites and lists within a site collection.
 
3281984 - Windows File Server agent registration fails with status code 500.
		  
3298390 - Fetch local users from Netapp filers.

3302069 - Reports - redirect output to a network file share (only supports local
drive currently).

3303981 - Do not delete SharePoint audit logs during specified period.