msuters
Active Member
Hi all,
I'm applying SP22_S1 and JE7074, which together cause records in the
F98OWSEC table to be updated using the new encryption algorithm. The
special instructions appear to require me to:
1. Copy the F98OWSEC table to a new table
2. Create a new data source which refers to this copied table
3. Create new ODBC data sources on all clients and servers,
corresponding to the new data source.
4. Create new Object Configuration Mappings for F98OWSEC, pointing to
the new data source.
5. Change the JDE.INI file on the security server, directing the
security to the new data source
It seems to me the result of all this is to make PSFT /JDE write
security records to the copied F98OWSEC table, leaving the old table
un-used (and with the passwords all still written by the compromised
encryption algorithm). I'm uncomfortable with adding new data sources
and ODBC connections like this, just for one (or two) tables). I guess
my questions are:
Is this analysis correct? If so, why is it necessary to create new data
sources, mappings, etc, if in the end it's a copy of the F98OWSEC table
that is updated? Why not simply update the normal one, in place (after
taking a backup in case something goes wrong)?
(I can understand the need for two F98OWSEC tables in a multi-foundation
environment. But not if you have just one foundation.)
The special instructions mention doing all the same things to the
F98OWPU table also, in the EntOne8.9 environment, but that doesn't apply
in our case. What it didn't mention was that (it seems) you need to do
the same things to the F9312 table if you record logon history (as we
do).
Lastly, in my first attempt to install SP22_S1 and JE7074, I didn't do
any of the above steps. Users were able to log in OK, new users could be
created, as normal, the only thing that seemed to fail was when the
administrator tried to change the password of an existing user. Does
that experience fit with anybody's understanding?
Comments anybody?
Thanks in advance,
Mark Suters
ERP8, Update1, SP22_F1 (nearly SP22_S1!), Windows 2000, SP4, SQL Server
2000 SP2+, Citrix Metaframe XP
#####################################################################################
Note:
This message is for the named person's use only. It may contain confidential,
proprietary or legally privileged information. No confidentiality or privilege
is waived or lost by any mistransmission. If you receive this message in error,
please immediately delete it and all copies of it from your system, destroy any
hard copies of it and notify the sender. You must not, directly or indirectly,
use, disclose, distribute, print, or copy any part of this message if you are not
the intended recipient. Stockland and any of its subsidiaries each reserve
the right to monitor all e-mail communications through its networks.
Any views expressed in this message are those of the individual sender, except where
the message states otherwise and the sender is authorized to state them to be the
views of any such entity.
Thank You.
#####################################################################################
I'm applying SP22_S1 and JE7074, which together cause records in the
F98OWSEC table to be updated using the new encryption algorithm. The
special instructions appear to require me to:
1. Copy the F98OWSEC table to a new table
2. Create a new data source which refers to this copied table
3. Create new ODBC data sources on all clients and servers,
corresponding to the new data source.
4. Create new Object Configuration Mappings for F98OWSEC, pointing to
the new data source.
5. Change the JDE.INI file on the security server, directing the
security to the new data source
It seems to me the result of all this is to make PSFT /JDE write
security records to the copied F98OWSEC table, leaving the old table
un-used (and with the passwords all still written by the compromised
encryption algorithm). I'm uncomfortable with adding new data sources
and ODBC connections like this, just for one (or two) tables). I guess
my questions are:
Is this analysis correct? If so, why is it necessary to create new data
sources, mappings, etc, if in the end it's a copy of the F98OWSEC table
that is updated? Why not simply update the normal one, in place (after
taking a backup in case something goes wrong)?
(I can understand the need for two F98OWSEC tables in a multi-foundation
environment. But not if you have just one foundation.)
The special instructions mention doing all the same things to the
F98OWPU table also, in the EntOne8.9 environment, but that doesn't apply
in our case. What it didn't mention was that (it seems) you need to do
the same things to the F9312 table if you record logon history (as we
do).
Lastly, in my first attempt to install SP22_S1 and JE7074, I didn't do
any of the above steps. Users were able to log in OK, new users could be
created, as normal, the only thing that seemed to fail was when the
administrator tried to change the password of an existing user. Does
that experience fit with anybody's understanding?
Comments anybody?
Thanks in advance,
Mark Suters
ERP8, Update1, SP22_F1 (nearly SP22_S1!), Windows 2000, SP4, SQL Server
2000 SP2+, Citrix Metaframe XP
#####################################################################################
Note:
This message is for the named person's use only. It may contain confidential,
proprietary or legally privileged information. No confidentiality or privilege
is waived or lost by any mistransmission. If you receive this message in error,
please immediately delete it and all copies of it from your system, destroy any
hard copies of it and notify the sender. You must not, directly or indirectly,
use, disclose, distribute, print, or copy any part of this message if you are not
the intended recipient. Stockland and any of its subsidiaries each reserve
the right to monitor all e-mail communications through its networks.
Any views expressed in this message are those of the individual sender, except where
the message states otherwise and the sender is authorized to state them to be the
views of any such entity.
Thank You.
#####################################################################################
