AVAYA Avaya Aura® Application Enablement Services R6.3 Server and Client Release Notes Issue 1.2 September 2016
INTRODUCTION This document introduces the Generally Available release of the Application Enablement (AE) Services Release 6.3 and describes important notes and known issues.
WHAT’S NEW IN AE SERVICES 6.3? •
•
•
• • •
•
Adjunct Switch Applications Interface (ASAI) enhancements: o Increased message rate limit on medium and large Communication Manager templates o Support for the multicast mechanism available in Communication Manager 6.3 o Increased event notifications limit on larger Communication Manager templates o Increased adjunct route requests on large Communication Manager templates o Increased ASAI associations DMCC enhancements o GetTimeOfDay request o Warning tone generation provided in a call for registered Device Media Call Control (DMCC) endpoints o Support for the Private Direct Number (DN) feature in Communication Manager 6.3 including the following new feature access codes: � AACC No Conference Activation feature access code � AACC One Conference Activation feature access code o Endpoint registration events o Warning tone generation provided in a call for registered DMCC endpoints o Time of Day DMCC API Security enhancements: o SHA512 encryption for password storage by default o SSH client support of SSHv2 protocol only Support for Communication Manager 6.3 Support for Microsoft Windows 8 AE Services Management Console enhancements: o Log Manager o DMCC Test o Support for Microsoft Internet Explorer 9 and Microsoft Internet Explorer 10 running on Microsoft Windows 8 Pro and Microsoft Windows Enterprise Command enhancements for the AE Services on System Platform Offer: o swversion command enhancement o getlogs command enhancement Release 6.3 September 2016
1
For additional information, please reference the Avaya Aura® Application Enablement Services Overview at https://downloads.avaya.com/css/P8/documents/100171739
SOFTWARE RELEASE VERSIONS Application Enablement Services Application Avaya Aura® Application Enablement Services 6.3 Software Only 32-bit and 64-bit in 32-bit compatibility mode - 700504571 Avaya Aura® Application Enablement Services 6.3 Hardware Bundled Upgrade for S8510 - 700504570 Avaya Aura® Application Enablement Services 6.3 on System Platform – 700504572 System Platform R6.3 – 700505971 Avaya Aura® AE Services 6.3 Virtualization Enablement (VE) vAppliance Avaya Aura® Application Enablement Services 6.3 CallVisor Local Area Network (CVLAN) Client Linux 32-bit and 64-bit in 32bit compatibility mode Avaya Aura® Application Enablement Services 6.3 CVLAN Client MS Windows 32-bit and 64-bit in 32-bit compatibility mode Avaya Aura® Application Enablement Services 6.3 Telephony Services Application Programming Interface (TSAPI) Client Linux 32-bit and 64-bit in 32-bit compatibility mode Avaya Aura® Application Enablement Services 6.3 TSAPI Client MS Windows 32-bit and 64-bit in 32-bit compatibility mode Avaya Aura® Application Enablement Services 6.3 TSAPI SDK Linux 32-bit and 64-bit in 32-bit compatibility mode Avaya Aura® Application Enablement Services 6.3 TSAPI SDK MS Windows 32-bit and 64-bit in 32-bit compatibility mode Avaya Aura® Application Enablement Services 6.3 Java Telephony Application Programming Interface (JTAPI) SDK Avaya Aura® Application Enablement Services 6.3 Web Service System Management SDK Avaya Aura® Application Enablement Services 6.3 Device Media Call Control (DMCC) .Net SDK 32-bit and 64-bit in 32-bit compatibility mode Avaya Aura® Application Enablement Services 6.3 Web Services - Telephony SDK 32-bit and 64-bit in 32-bit compatibility mode Avaya Aura® Application Enablement Services 6.3 DMCC XML SDK 32-bit and 64-bit in 32-bit compatibility mode Avaya Aura® Application Enablement Services 6.3 DMCC Java SDK 32-bit and 64-bit in 32-bit compatibility mode Avaya Aura® Application Enablement Services Product Management Information Bases (MIBs) Standard MIBs
Release 6.3 September 2016
File Name swonly-6.3.0.0.212-20130403.iso bundled-6.3.0.0.212-20130403.iso aes-6.3.0.0.212.iso vsp-6.3.0.0.18002.iso AES-6.3.0.0.212.20130403-e5000.ova cvlan-client-linux-6.3-334.i386.rpm
cvlan-client-win32-6.3-334.zip tsapi-client-linux-6.3-334.i386.rpm
tsapi-client-win32-6.3-334.zip tsapi-sdk-linux-6.3-334.i386.rpm tsapi-sdk-win32-6.3-334.zip jtapi-sdk-6.3.0.121-2.zip smssvc-sdk-6.3.0.0.327.zip dmcc-dotnet-sdk-6.3.0.0.229-1.zip
telsvc-sdk-6.3.0.0.327.zip cmapixml-sdk-6.3.0.0.327.zip cmapijava-sdk-6.3.0.0.327.zip aesvcs-product-mibs6.3.0.0.327.zip standard-mibs-6.3.0.0.327.zip
2
IMPORTANT NOTES •
AE Services 6.3 supports Red Hat Enterprise Linux 5.0 Update 8 for 32-bit x86
•
AE Services 6.3 is compatible with the following Bundled Server: Dell 1950 (S8510)
•
AE Services 6.3 on System Platform is compatible with the following Servers: � IBM x3550 M2 (S8800) � Dell R610 (4GB RAM, H200 RAID Controller, 2x146 GB HDDs) � Dell R610 (6GB RAM, H700 RAID Controller, 2x300 GB HDDs) � HP DL360G7 (12GB RAM, P410i RAID Controller, 2x300GB HDDs)
•
AE Services 6.3 on System Platform is compatible with the following versions of System Platform: � System Platform R6.3.0.0.18002
•
AE Services 6.3 is compatible with the following Communication Manager Releases and Platforms: � Communication Manager 5.2.1 � Communication Manager 6.0.x � Communication Manager 6.2 � Communication Manager 6.3
•
Communication Manager 6.3 is compatible with the following AE Services Releases: � AE Services 6.3
Release 6.3 September 2016
3
Avaya SIP Endpoints Supported by AE Services Endpoint
Administered as
Endpoint Firmware
AE Services Release
9620 9640 9640G 9630G 9650 9608 9611 9621 9641
9620SIP 9640SIP 9640SIP 9630SIP 9600SIP 9608SIPCC 9611SIPCC 9621SIPCC 9641SIPCC
2.6 SP7 2.6 SP7 2.6 SP7 2.6 SP7 2.6 SP7 6.2.2 6.2.2 6.2.2 6.2.2
6.3 6.3 6.3 6.3 6.3 6.3 6.3 6.3 6.3
CM/ASM Pair CM- ES ASM Version Version 6.3 6.3 6.3 6.3 6.3 6.3 6.3 6.3 6.3
6.3.2 6.3.2 6.3.2 6.3.2 6.3.2 6.3.2 6.3.2 6.3.2 6.3.2
General Telephony
Agent Features
Yes Yes Yes Yes Yes Yes Yes Yes Yes
No No No No No Yes Yes Yes Yes
Note 1 - Agent Buttons Supported: Agent Login/Logout After Call Work (ACW) Auxiliary (AUX) Work Auto-In/Manual-in Release Agent Event Package (16CC)
Release 6.3 September 2016
4
Release History: Date Server Build 03/2007 47-3 06/2007 50-1 12/2007 31-2 04/2008 4.1.16 05/2008 19-4 08/2008 20-5 06/2009 31 09/2009 33 11/2009 98 02/2010 103 06/2010 105 08/2010 35 02/2011 20 03/2011 110 06/2011 30 10/2011 111 10/2011
31
03/2012 07/2012 11/2012
32 18 18
05/2013
212
Change(s) Release 4.0 Release 4.0.1 Release 4.1 Release 4.1.1 JTAPI Client/SDK Release 4.2 Service Pack R4.2.1 Service Pack R4.2.2 Service Pack R4.2.3 Release 5.2 Service Pack R5.2.1 Service Pack R5.2.2 Service Pack R4.2.4 Release 6.1 Service Pack R5.2.3 Service Pack R6.1.1 Avaya Aura® Application Enablement Services 5.2.3 Hardware Bundled Upgrade for S8510 Avaya Aura® Application Enablement Services 6.1.1 Hardware Bundled Upgrade for S8510 Service Pack R6.1.2 Release 6.2 Avaya Aura® AE Services 6.2 Virtualization Enablement (VE) vAppliance Release 6.3
Release 6.3 September 2016
5
KNOWN ISSUES AND WORKAROUNDS • AE Services on System Platform template upgrade where the AE Services Server uses a dual NIC configuration If the AE Services template is configured for a dual NIC, please execute the following steps in order to upgrade the AE Services on System Platform Offer template: 1. Document the AE Services template existing eth0 IP address, eth1 IP addresses, hostname, and netmask. This information can be obtained using the System Platform Management Console screen, “Server Management | Network Configuration”, in the section titled “Templates – AES”. 2. Backup the AE Services server data using the AE Services Management Console screen, “Maintenance | Server Data | Backup”. 3. Delete the current AE Services on System Platform Offer template using the System Platform Management Console screen, “Virtual Machine Management | Templates”. 4. Install the new AE Services on System Platform Offer template using the System Platform Management Console screen, “Virtual Machine Management | Templates”. During the install process, configure the network data using the information obtained in step 1. 5. Once the install successfully completes, restore the AE Services server data obtained in step 2 using the AE Services Management Console screen, “Maintenance | Server Data | Restore”.
• AE Services Server mistakes Communication Manager error (-4) as “Recording Warning Tone” is no longer inserted after HA failover or DMCC Java process restart When the AE Services Server fails over to the HA standby (or the DMCC Java process restarts due to a critical error condition), the current DMCC station registrations are re-established, as expected. If there is a "Recording Warning Tone" currently inserted for that device, then the tone is also re-established. Since the Communication Manager already has the "Recording Warning Tone" inserted, it responds with an error code (-4) indicating that the tone is already set. Upon receiving this error code, the AE Services Server mistakenly assumes that the tone is no longer inserted. The existing call is also dropped in this process. This happens only when AE Services is connected to Communication Manager over CLANs.
• AE Services Session interaction with interchanges on duplicated Communication Manager media servers using the software duplication option Depending on the conditions under which a duplicated Communication Manager server pair utilizing software duplication interchange, AE Services sessions to that Communication Manager may be reset. All Java Telephony Application Programming Interface (JTAPI), Telephony Services Application Programming Release 6.3 September 2016
6
Interface (TSAPI), CallVisor Local Area Network (CVLAN), and DEFINITY LAN Gateway (DLG) associations with that Communication Manager will be lost and will have to be recovered. The probability of a session being reset is directly proportional to the message rate between an AE Services server and Communication Manager when the interchange occurs, and is equally as likely with a spontaneous interchange (caused by a hard failure) as with a requested interchange (caused by, for instance, a craft request). This issue affects all AE Services releases. Typically, the Link Resiliency feature introduced in AE Services 3.1 would allow AE Services sessions to survive such interchanges, and, with hardware duplication on Communication Manager, they still do. Starting with Communication Manager release 6.2, AE Services sessions will again survive controlled interchanges with software duplicated Communication Manager media servers (requires no change to AE Services release), but still will not survive uncontrolled interchanges. Controlled interchanges are those in which the duplicated Communication Manager media servers are communicating with each other throughout the interchange, and covers the majority of interchanges that take place. Uncontrolled interchanges occur when the physical linkage between the Communication Manager media servers is severed during the interchange process (typically caused by physical hardware failure on one of the media servers), and, as such, are not as prevalent as controlled interchanges.
• Caller and Callee Extension fields on the AE Services Management Console DMCC Test page can only accept 9 digits or less • When Communication Manager fails over to a Local Survivable Processor (LSP), any DMCC station registered to the Communication Manager via a CLAN could, potentially, end up registered to an Enterprise Survivable Server (ESS), instead of the LSP. This situation may occur when there is both an LSP and an ESS configured in the Survivability Hierarchy for the switch and the LSP has precedence over the ESS. Note, however, if the station is registered to Communication Manager via the Processor Ethernet (PE) link or the ESS has precedence over the LSP, then the station will end up registered to the correct node. Possible workarounds include: 1. Use the PE to register all of the DMCC stations, or 2. In the Survivability Hierarchy for the switch, do not use a mixture of ESS and LSP. If you must use a mix, ensure that the ESS has precedence.
Release 6.3 September 2016
7
• CVLAN Linux Client Before installing the CVLAN Linux client on a Red Hat Linux ES v5.0 system, a separate installation of the following RPM may be required: openssl097a-0.9.7a-9.el5_4.2.i386.rpm. This RPM may be available with the Red Hat Linux installation media and is also available for download at http://rpm.pbone.net.
• CVLAN Services Does Not Display Online If there are no CVLAN links administered, the CVLAN Service will appear as "OFFLINE" on both the AE Services summary page and the Status summary page of the AE Services Management Console. The status will change to "ONLINE" after you administer at least one CVLAN link. This is desirable behavior because it stops CVLAN from listening on a port that is not in use and stops that listening port from being reported as a risk on a security audit.
• DMCC/TR87 cannot properly track call made to Vector Directory Numbers (VDNs) or hunt-groups When a call reaches a VDN and is answered on the far end by an agent or the call reaches a hunt group, Office Communicator will create a phantom screen pop and any further transfers will result in new screen pops. This is similar behavior to when a call is alerting on one station and is answered immediately on a different station; DMCC assumes it is a bridged station as there is no differentiation in behavior. Suppressing bridged call appearances for the station (or VDN) alleviates the issue unless the stations involved are SIP stations.
• DLG Links DLG links may be OFFLINE after recovery from an abnormal shutdown.
• DLG Service Does Not Display Online If there are no DLG links administered, the DLG Service will appear as "OFFLINE" on both the AE Services summary page and the Status summary page of the AE Services Management Console. The status will change to "ONLINE" after you administer at least one DLG link. This is desirable behavior because it stops DLG from listening on a port that the customer is not using and stops that listening port from being reported as a risk on a security audit.
Release 6.3 September 2016
8
• File corruption can occur when the system experiences an ungraceful shutdown. The following steps should be taken to prevent an ungraceful shutdown: Do not disrupt the system power. An Uninterruptible Power Supply (UPS) or other type of uninterruptable power backup is a requirement with AE Services running on System Platform. See Chapter 2 of the Installing and Configuring Avaya Aura® System Platform product documentation on support.avaya.com. � Sudden loss of power causes an ungraceful system shutdown which can lead to file system corruption. This includes pressing the power button or unplugging the server. See PSN 2987u for additional details. � AE Services running on an S8800 Server can experience a non-maskable interrupt (NMI). This can cause an ungraceful shutdown. See PSN 2965u for additional details. Refer to PCN 1716B Supplement 1 for details on how to remediate this problem.
• H.323 registration recovery fail after High Availbility (HA) failover or AE Services restart An H.323 registration may not be recovered when Communication Manager fails over to either an ESS or LSP. This may occur if the registration was previously recovered through DMCC Service Recovery because of a System Platform HA failover or DMCC JVM restart.
• IPv6 issue with the DMCC Java SDK When attempting to connect to the AE Services server's IPv6 address using the DMCC Java SDK from Microsoft Windows, the user will see the following error message: "java.net.SocketException: Permission denied: connect" Oracle is tracking this issue with IPv6 addresses for Java NIO channels on Windows. Currently there is no workaround. This issue will be addressed in a future release of Microsoft Windows.
• AE Services Management Console is unable to select and use compressed IPv6 address in “Networking | AE Services IP (Local IP) form Configuring AE Services to IPv6 in the LocalIP form will fail and the AE Services Management Console displayed IPv6 Address will be the same as the /sbin/ifconfig output IPv6 address. The following workaround is recommended: 1. Login to the AE Services server Linux console using SSH 2. Using the su command, switch to the root user, sroot or root (i.e. su sroot) 3. Using the su command, switch to the avaya user (i.e. su avaya) 4. As the avaya user, execute the command: psql –p 5430 mvap 5. Run the following command to change Client Connectivity: UPDATE parameters SET localip='IPv6 IP' where hostname=’localhost’; 6. Run the following command to change Switch Connectivity: UPDATE parameters SET switchip='IPv6 IP' where hostname=’localhost’; Release 6.3 September 2016
9
7. Run the below command to change Media Connectivity: UPDATE media_properties SET local_ipaddress_1='IPv6 IP' where hostname=’localhost’; 8. \q 9. exit
• The networking utility “netconfig” does not support IPv6 on Bundled servers After installing the Bundled server, the line “NETWORKING IPV6=yes” is not added to the file /etc/sysconfig/network. The following workaround is recommended: Add “NETWORKING IPV6=yes” to /etc/sysconfig/network. This will allow configuration of the IPv6 address in AE Services Management Console.
• The Microsoft Office Communicator (OC) client does not reestablish phone integration automatically when the AE Services server is restarted This is a known problem in OCS 2007 R2 that does not exist in LCS 2005. The following workaround is recommended: 1. The first attempt to make a call from an active OC client after an AE Services restart will fail. Click the “retry” button to re-establish phone integration and also make the call. 2. Call events will not be reported to an active OC client after an AE Services restart. To re-establish phone integration, sign-out of OC client and then signin again.
• OCS Integration and Microsoft Certificate Authorities (CA) When using Microsoft as the CA, Microsoft recommends using an Enterprise CA. The Enterprise CA template used to create the AE Services certificate must have the Enhanced Key Usage (EKU) field specified appropriately (Server and Client Auth or neither). The LCS/OCS AE Services integration uses Mutual TLS (MTLS) to authenticate server-to-server SIP communication. On an MTLS connection, the server originating a message and the server receiving it exchange certificates from a mutually trusted CA to prove the identity of each server to the other. The server certificate used for MTLS on both servers must either not specify an Extended Key Usage (EKU) or specify an EKU for Server and Client Authorization. When the EKU is not specified the certificate is not restricted to a particular usage. However when the Key Usage field is specified and the EKU is specified as Server and Client Auth, the certificate can only be used by the server for mutual server and client based authentication purposes. If an EKU with only Server Auth is specified, in this scenario, the connecting server certificate will fail authentication and the MTLS connection will not be established. Release 6.3 September 2016
10
The Standalone CA, which may also be used (but is not Microsoft recommended), does not provide configurable templates including some additional features and must adhere to the same certificate generation rules in regards to the EKU field. Note that this statement doesn't preclude administrators from using non-Microsoft CAs (e.g. VeriSign). •
Process to Change the Server Date and Time When the server time is changed by more than five minutes, several of the AE Services must be restarted. While these services will be restarted on their own, the following procedure is recommended for changing the AE Services Bundled, Software-Only, or Virtualization Enablement (VE) vAppliance server time: 1. Log into the AE Services Management Console. 2. Select "Maintenance | Service Controller". 3. Set the check boxes for the ASAI Link Manager, CVLAN Service, DLG Service, Transport Layer Service and TSAPI Service, and then click on "Stop". 4. When the confirmation screen is displayed, click on "Stop". 5. Select "Maintenance | Date Time/NTP Service", make the appropriate changes on the web-page and click "Apply Changes". 6. When the confirmation screen is displayed, click on "Apply". 7. Select "Maintenance | Service Controller". 8. Set the check boxes for the ASAI Link Manager, CVLAN Service, DLG Service, Transport Layer Service and TSAPI Service, and then click on "Start". For the AE Services on System Platform server, refer to the Administering Avaya Aura® System Platform document at http://support.avaya.com/css/P8/documents/100171730
• Security Issues �
AE Services R6.3 does not allow the System Platform LDAP integration feature to be disabled. This will be provided in AE Services R6.3.1.
�
The AE Services Management Console screen “Security | PAM | PAM Password Manager” may display the incorrect information for the External LDAP option on the System Platform offer. The External LDAP option is displayed as enabled when the page is loaded regardless if External LDAP is actually enabled or disabled. The screen is incorrectly indicating the local System Platform administrative user integration access point as an External LDAP configuration. While in this state, a submission of the PAM Password Manager screen will enable External LDAP, based on the settings configured on the Enterprise Directory screen and disable the System Platform administrative user integration access into the AE Services VM.
Release 6.3 September 2016
11
This issue presents a possible security issue for customers that do not want to use the External LDAP option. The following action is highly recommended: 1. As a root user in the AE Services VM, execute the following command to disable login access of the System Platform administrative users (i.e. admin) into the AE Services VM: /opt/mvap/bin/configureNssLdap2Module.sh oamdisable If the System Platform administrative user (i.e. admin) was previously used to access the AE Services VM and you would like to continue to use this same username for login access to the AE Services VM, continue to the next step. 2. A system administrative user will need to be added into the AE Services VM if one does not currently exist. Please see the section, “Account Management – Linux user accounts”, in Chapter 5 of the AE Services Administrative and Maintenance Guide for instructions on how to add a system administrative user to the AE Services server.
• Single Step Transfer Call The Single Step Transfer Call service does not work reliably when transferring a call to a mobile device.
• SIP Issues �
When a call alerting at a SIP station is redirected to a monitored SIP station, the SIP station monitor may not receive an alerting event.
�
When using 3rd party call control to make a call on a SIP endpoint to a VDN that has a vector step to collect digits after an announcement, the announcement will not be played and the digits entered will not be forwarded.
�
When using 3rd party call control to make a call using a Communication Manger TAC (Trunk Access Code), the call will fail on a SIP phone if the Communication Manager does not have a TN2602AP board. Please note, it is not common practice to use TAC dialing to access trunks. The Automated Alternative Routing (AAR) and Automated Route Selection (ARS) routing features are recommended methods of accessing trunks.
�
If Communication Manager does not have a TN2602AP board, the media encryption on the SIP endpoint should be disabled. The SIP endpoint transport type must be set to TCP or UDP. If transport type is set to TLS, the 3rd party call control application may fail during transfer and conference.
�
The Single Step Transfer Call service does not work reliably for SIP stations.
�
Going off-hook on a SIP station followed by on-hook does not generate an INITIATED event. Release 6.3 September 2016
12
�
Using 3rd party call control when a call is made from a SIP station, the INITIATED event is slightly delayed as compared to other station types. Subsequent events are not delayed.
�
ACD calls that are delivered to SIP endpoints are generating Alerting Event reports that do NOT contain the split/skill extension from the associated call.
�
Avaya has observed intermittent problems with SIP endpoints in the 2.6SP4 and prior releases particularly with scenarios that result in Computer Telephony Integration (CTI) requests that occur within a short time span of other CTI requests. It is currently not known when these issues will be completely addressed, but it is anticipated that future endpoint releases will address them fully.
• Transport When a switch connection is deleted, the action is incomplete and any switch connections that are added may not function properly. Workaround: Restart AE Services (or at least the Transport Layer Service) after deleting a switch connection.
• TSAPI Linux Client Before installing the TSAPI Linux client on a Red Hat Linux ES v5.0 system, a separate installation of the following RPM may be required: openssl097a-0.9.7a-9.el5_4.2.i386.rpm. This RPM may be available with your Red Hat Linux installation media, and is also available for download at http://rpm.pbone.net.
• Local WebLM Server Port Number Upgrading to AE Services 6.2 from an earlier release of AE Services may have configured the local WebLM server to use port 443. Most AE Services customers will see improved WebLM performance if the port number is changed from 443 to 8443. Use this procedure to change the port number for the local WebLM server to 8443: 1. Use a web browser to log into the Application Enablement Services Management Console. 2. Select "Licensing | WebLM Server Address". 3. If the value of the WebLM IP Address is 127.0.0.1 and the value of the WebLM Port is 443, change the value of the WebLM Port to 8443 and click on "Apply Changes". 4. When the confirmation screen is displayed, click on "Apply".
Release 6.3 September 2016
13
After changing the WebLM Port, restart several of the AE Services: 1. Select "Maintenance | Service Controller". 2. Set the check boxes for "ASAI Link Manager", "CVLAN Service", "DLG Service", and "TSAPI Service", and click on "Restart Service". 3. When the confirmation screen is displayed, click on "Restart".
• WebLM Session May Hang Performing one of the following actions on WebLM may hang the session. 1. Repeatedly uninstalling and installing licenses 2. Repeatedly refreshing the licensing page The current session should be closed and a new session opened.
• WebLM Enterprise Model – Using HTTPS Run this workaround if all three of the following conditions are true: 1. The master WebLM Server, which hosts the Enterprise License File (ELF), is not co-located with an AE Services server. The master WebLM server is either a standalone server or it is co-located in System Platform’s CDOM. 2. The local WebLM servers are co-located with AE Services. 3. HTTPS is in use for communication between the master and local WebLM servers (for example, to push an Allocation License File (ALF) to the local WebLM server on AE Services). The Enterprise Web Licensing WebLM patch, “importCertToWebLm.zip”, is available on the AE Services CD/DVD ISO media. On the Hardware Bundled DVD, the patch is located in the “Patch” directory. On the Software Only CD, the patch is located in the root directory of the media. On the AE Services on System Platform DVD, the patch is located in the “licenses” directory. 1. Download importCertToWebLm.zip files to your EWL server. 2. Unzip the file. 3. Follow the directions in the README to install.
Release 6.3 September 2016
14
KNOWN ISSUES AND WORKAROUNDS FOR AE SERVICES ON SYSTEM PLATFORM System Platform issues affecting the AE Services on System Platform server are listed in the System Platform R6.3 release notes at https://downloads.avaya.com/css/P8/documents/100171752
Release 6.3 September 2016
15
RESOLVED ISSUES IN AE SERVICES RELEASE 6.3 • AE SERVICES Modified the default LDAP bind connection timeout from 120 to 20 seconds. When the Enterprise Directory screen is configured with an IP Address that is not pingable, the login access response would be delayed until the bind connection attempt timeout.
• AE Services Management Console The IP address validator used by AE Services Management Console now allows an address which contains the 255 octet.
• CVLAN CLIENT LIBRARIES AND SDKS Beginning with AE Services 6.3.0, the CVLAN Windows Client library and SDK are supported on Windows 8 Enterprise and Windows 8 Pro.
• CVLAN AND DLG SERVICES � Beginning with AE Services 6.3.0, the CVLAN and DLG Services use version 6.3.1 of the WebLM C++ client library.
� Previously, if the active AE Services license file was uninstalled and replaced with a new AE Services license file, in some scenarios the license mode of the CVLAN and/or DLG Services was properly updated.
• DMCC Service � An option was added to the “Hold Call Configuration” administration page to
prevent calls from being held by Microsoft Lync and Office Communicator(OC) clients. Check this box if you want AE Services to refuse holdCall requests from Microsoft Lync and Microsoft OC clients. When the checkbox is enabled, Microsoft Lync and OC users can only place calls on hold via the device. This option is disabled by default.
� When disconnecting from the Service Provider in the Java SDK, additional
threads continued to run in the JVM preventing the client application from exiting, especially from within the Tomcat environment. To resolve this issue, after the client application calls the Service Provider disconnect(true) method, the client application must then call the new Service Provider method stopServiceProvider().
• JTAPI � When attempting a two-party call between monitored stations, a disconnect event was missing. This issue has been resolved.
Release 6.3 September 2016
16
� When a call was made to “LucentAddress.cancelFowarding()”, the thread hung. This issue has been resolved.
� JATPI now handles out of memory errors without aborting critical JTAPI threads.
� In a JTAPI application with multiple providers, if one provider went Out Of Service (due to lost network connectivity between the client and AE Services Server, for example), event delivery for events from the other providers was also stopped. Any events received from the other providers were not delivered to the client application. This issue has been resolved in R6.3.
• .NET Service �
Modified the EstablishedEvent handler to provide support for NetworkCallingDevice and NetworkCalledDevice in the EstablishedEvent.
�
Modified the DeliveredEvent and EstablishedEvent handlers to retrieve the UserEnteredCode data from each event.
�
Modified the way a malformed XML message is handled by the socket layer. In prior releases, the SDK would close the socket instead of dropping the message.
�
Modified the socket layer to access its internal Dictionary object in a thread safe manner.
• Security �
AE Services Management Console no longer offers to remember passwords on the login page.
�
Cookie vulnerabilities have been resolved.
�
The AE Services network interface has been hardened to improve the way the system reacts to network reconnaissance scans.
�
Mitigated a TLS vulnerability.
�
Disabled support for medium strength ciphers in Tomcat.
�
The following Apache Tomcat security issues have been incorporated into Release 6.3: 1. Important: Denial of service CVE-2012-2733 2. Bypass of security constraints CVE-2012-3546 3. Bypass of CSRF prevention filter CVE-2012-4431
Release 6.3 September 2016
17
�
The following PostgreSQL security update has been incorporated into Release 6.3: PostgreSQL 2012-08-17 Security Update Release
�
The following Red Hat Linux security issues have been incorporated into Release 6.3: 1. [RHSA-2012:1265-01] Important: libxslt security updateUpdate https://rhn.redhat.com/errata/RHSA-2012-1265.html 2. [ [RHSA-2012:1323-01] Important: kernel security and bug fix updatehttps://rhn.redhat.com/errata/RHSA-2012-1323.html 3. [RHSA-2012:1512-01] Important: libxml2 security updatehttps://rhn.redhat.com/errata/RHSA-2012-1512.html 4. [RHSA-2012:1149-01] Moderate: sudo security and bug fix updatehttps://rhn.redhat.com/errata/RHSA-2012-1149.html 5. RHSA-2012:1207-01] Moderate: glibc security and bug fix updatehttps://rhn.redhat.com/errata/RHSA-2012-1207.html 6. [RHSA-2012:1288-01] Moderate: libxml2 security updatehttps://rhn.redhat.com/errata/RHSA-2012-1288.html 7. [RHSA-2012:1590-01] Moderate: libtiff security updatehttps://rhn.redhat.com/errata/RHSA-2012-1590.html 8. [RHSA-2013:0122-01] Moderate: tcl security and bug fix updatehttps://rhn.redhat.com/errata/RHSA-2013-0122.html 9. [RHSA-2013:0125-01] Moderate: wireshark security, bug fix, and enhancement- https://rhn.redhat.com/errata/RHSA-2013-0125.html 10. [RHSA-2013:0130-01] Low: httpd security, bug fix, and enhancement update- https://rhn.redhat.com/errata/RHSA-2013-0130.html
• SNMP � The SNMP subagent now recovers from database restart. In past releases, recovery was intermittent.
� Modified the SNMP daemon to not use the IPv6 protocol if IPv6 is disabled. • TSAPI Client Libraries and SDKs � Beginning with AE Services 6.3.0, the TSAPI Windows Client library and SDK are supported on Windows 8 Enterprise and Windows 8 Pro.
� Previously, the TSAPI client libraries could cause a TSAPI application to crash if the application called acsOpenStream() and the serverID parameter value provided by the application did not point to a ServerID_t value.
� Previously, deadlock could occur within the TSAPI Windows Client library when the TSAPI Spy was running.
� Beginning with AE Services 6.3.0, values reported by the TSAPI Linux Client library CSTATRACE mechanism are no longer truncated to 35 characters. Release 6.3 September 2016
18
� Beginning with AE Services 6.3.0, CSTA Route Used Events are properly labeled as “CSTARouteUsedEvent” (instead of “CSTARouteUsedRequest”) in the TSAPI Spy and CSTATRACE trace output.
� Within the TSAPI Windows Client library, error handling for OpenSSL errors has been improved.
� Beginning with AE Services 6.3.0, the TSAPI client libraries use version 1.4.6 of the Apache Portable Runtime (apr and apr-util) libraries instead of version 1.3.2.
• TSAPI Service � Previously, deadlock could occur within the TSAPI Service during an acsCloseStream() request.
� Previously, the TSAPI Service could crash during an acsOpenStream() request if the client connection was closed while the user was being authenticated by the Pluggable Authentication Module (PAM) and authentication failed.
� Previously, the TSAPI Service could crash when processing an ASAI Alerting event for a call that had been routed off-switch and was then redirected to a local extension.
� Beginning with AE Services 6.3.0, the TSAPI Service will replace a dynamic device ID for the alerting device with a static device ID when processing an ASAI Alerting event for a call that had been routed off-switch was then redirected to a local extension.
� The value of the calling device reported in the CSTA Established event has been improved for certain scenarios where a call is unparked.
� The TSAPI Service now consistently uses information provided in the ASAI Conferenced and ASAI Transferred events to determine the device ID type of each party on the call.
� Previously, if a TSAPI application invoked the cstaAnswerCall() service on behalf of a monitored station and the TSAPI Service was unable to acquire a second ASAI Domain Control for that station, the call would be answered, but the connection state reported in the resulting CSTA Established event was CS_NONE instead of CS_CONNECT.
Release 6.3 September 2016
19
� The Route Register Request service allows an application to re-register as the routing server for the same routing device as long as the new Route Register Request is made from a stream opened with the same login ID, application name, and client IP address as the stream used to make the original Route Register Request.
� If there are no other active route registrations for the Tlink at the time that the application re-registers as the routing application, then with AE Services 6.2.0, the application will not be registered as the routing server for the device, even though the application receives a CSTA Route Register Req Confirmation event. (Applications that register as the routing application for two or more devices should not experience this issue.) With AE Services 6.3.0, an application that receives a CSTA Route Register Req Confirmation event after re-registering as the routing server for the same routing device will, in fact, be registered as the routing server for the device.
� Previously, in some Single Step Conference Call scenarios where the conference call participants are being monitored and controlled by different AE Services servers, the TSAPI Service did not always send a CSTA Connection Cleared event to all of the station monitors when one of the call participants dropped off of the call.
� Previously, the local connection state of the queried device did not always appear first in the CSTA Snapshot Device Confirmation event.
� Previously, a CSTA Snapshot Call Confirmation event might report that a static device ID had device ID type DYNAMIC ID.
� Previously, the TSAPI Service could incorrectly release the license associated with a station extension if the stream that is holding the license is aborted while the station is active on a call.
� Several error messages and trace messages logged by the TSAPI Service have been improved.
� Several improvements have been made to messages logged in g3trace files. � Beginning with AE Services 6.3.0, the TSAPI Service uses version 6.3.1 of the WebLM C++ client library.
� Beginning with AE Services 6.3.0, the TSAPI Service uses version 1.7.0 of the Santuario C++ XML Security library.
Release 6.3 September 2016
20
� Beginning with AE Services 6.3.0, the TSAPI Service uses version 3.1.1 of the Xerces C++ library.
� The g3peek utility has been enhanced to report the number of objects in each map.
� The “CAS ID” field has been removed from the g3peek RDO Information form.
� The g3peek utility has been enhanced to provide licensing information for PBX, Client Application Session (CAS), and ASAI Association (AAO) objects.
Release 6.3 September 2016
21
