Date:2017-03-07
OS: Windows/Linux
Etrack Incidents: DI-1619, DI-3133, DI-3163, DI-3285, DI-3432, DI-3602, DI-3643,
DI-3689, 3901145, 3903491, 3907878
Errors/Problems Fixed:
DI-1619 - When editing a report, in the User Selection tab, if all the data
sources are selected, then the edit page becomes unresponsive.
DI-3133 - The idxwriter.exe process fails to create a tags database due
to a blank tag name and tag value provided in the CSV file.
DI-3163 - The scanner job abruptly stops when scanning a Box resource.
DI-3285 - The permission view takes longer to display information for Box
resources.
DI-3432 - The security of Data Insight has been enhanced to defend the
Cross-Site Scripting (XSS) vulnerability.
DI-3602 - On the left-hand side (LHS) tree view, the Activity, Files, and other
numerical slider filters display incorrect values.
DI-3643 - In the Permissions report output, the user incorrectly inherits the
permissions that are assigned to the built-in groups.
DI-3689 - The Social Network Map fails to render for the shares that have a
large number of active users.
3901145 - On migrating from EMC Celerra to EMC Isilon, Data Insight fails to
receive the sensitive files report from DLP. This issue is observed
due to a case mismatch in the access zone names.
3903491 - Data Insight ignores audit events from Isilon cluster due to case
mismatch in the filer name and the name configured in the Isilon Management
console.
3907878 - The Management Console displays incorrect run-time for the Data
Insight job.
Install/Uninstall Instructions:
Apply this rolling patch on all Data Insight servers with version 5.2
NOTE: Please keep a backup of the Data Insight files in the installation
directory. This will be required in case you want to manually rollback the
patch.
High Level Steps:
1. Apply the rolling patch on Management Server first, followed by all worker
nodes.
2. Next, apply patch to Windows File Server agents (if applicable).
3. Next, apply patch to Microsoft SharePoint agents (if applicable).
Patching Data Insight Management Server and worker nodes:
1. Log onto each server with Administrative privileges.
2. Unzip the patch files to a temporary folder. In this folder, locate the
rolling patch installer for the appropriate OS architecture. The installer
is called Veritas_DataInsight_windows_52RP1_5_2_1_9009_x64.exe
for 64 bit Windows OS,
Veritas_DataInsight_linux_52RP1_5_2_1_9009_RHEL6_x64.sh for 64 bit
Linux RHEL6 OS and
Veritas_DataInsight_linux_52RP1_5_2_1_9009_RHEL7_x64.sh for 64 bit
Linux RHEL7.
3. Launch the installer executable to install the rolling patch.
Patching Data Insight Windows File Server agents:
1. Unzip the patch files to a temporary folder. In this folder, locate the
rolling patch installer bundles for Windows File Server agents. The agent
bundle is called
Veritas_DataInsight_windows_winnas_52RP1_5_2_1_9009_x64.zip for 64 bit OS.
2. Log into the Data Insight Management Console with Server Administrator
privilege and upload the agent bundles to the appropriate Collector worker
nodes using "Upload Manager" page on the Settings tab.
3. Navigate to Filer details page for each configured Windows File Server from
the Settings tab, and click on "Upgrade Agent" button available on the top of
the page. This option is only visible if you have enabled the option to let
Data Insight install/upgrade agent for this filer.
4. Alternately, to manually patch a Windows File Server agent, log onto the
Windows File Server machine with Administrative privileges, unzip the agent
installer bundle in a temporary location, and launch the patch installer.
The patch installer is called
Veritas_DataInsight_windows_winnas_52RP1_5_2_1_9009_x64.exe
for 64 bit OS.
Patching Data Insight Microsoft SharePoint agent:
1. Log onto the SharePoint farm machine where the SharePoint agent has been
previously installed.
2. Uninstall the old agent using the "Add/Remove Programs" applet in Control
Panel.
3. Unzip the patch files to a temporary folder. In this folder, locate the
SharePoint agent installer. The installer is called
Veritas_DataInsight_sharepoint2007_52RP1_5_2_1_9009.exe for SharePoint 2007,
Veritas_DataInsight_sharepoint2010_52RP1_5_2_1_9009.exe for SharePoint 2010,
Veritas_DataInsight_sharepoint2013_52RP1_5_2_1_9009.exe for SharePoint 2013,
and
Veritas_DataInsight_sharepoint2016_52RP1_5_2_1_9009.exe for SharePoint 2016.
4. Launch the installer to install the new agent.
Additional Notes:
1. At this time, automated rollback of patch is not supported. To roll back the
patch manually:
a. Remember to take a backup of original files before you install the rolling
patch.
b. To roll back the patch, stop all Data Insight services, overwrite the
patched files with original files from backup, and restart the services.
2. To confirm if a system has been patched, check the version of Data Insight
using the Add/Remove Programs applet in the Control Panel.
3. Note that due to security vulnerabilities, Data Insight 5.2 has turned off
SSL and TLSv1 protocols. However, Windows File Server agents version 4.5 are
not compatible with TLSv1.1 and TLSv1.2 protocols. Thus, Windows File Server
agents stop communicating with the collectors that are upgraded to Data Insight
5.2RP1. To resume this communication, perform the following on each Windows File
Server agent node before or after upgrading the collectors to 5.2RP1:
a> Obtain the latest 32-bit Java Runtime Environment (JRE) binaries from the
Windows File Server agent version 5.2. Typically, they are located in the
jre folder of the agent version 5.2 installation. The default location is
C:\Program Files\DataInsight\jre.
b> Log on to the Windows File Server agent version 4.5 computer with the
Administrator privileges.
c> Stop the DataInsightComm and DataInsightWatchdog services on the agent.
d> Replace the old jre binaries on the agent with the ones obtained from
the Windows File Server agent node version 4.5. By default, the agent
version 4.5 JRE is located at C:\Program Files\Symantec\DataInsight\jre.
e> Start the DataInsightComm and DataInsightWatchdog services.
f> After few minutes, verify that the node's status is ONLINE on the Data
Insight console. The status is displayed at Settings > Data Insight Servers
page.