PRODUCT: LANDesk(R) Software, Version 8.7 SP RELEASE: Service Pack 5 DATE: December 2007 This readme describes issues addressed in the LANDesk Software 8.7 Service Pack 5. ----------------------------------------------------------------------------- EXCEPT AS RESTRICTED BY LAW, THE SOFTWARE PROGRAMS CONTAINED IN THE FILE ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE OR FITNESS FOR A PARTICULAR PURPOSE. ----------------------------------------------------------------------------- ------------------------------ USING THIS README ------------------------------ This readme contains important information about Service Pack 5. It's divided into the following sections. * Installation procedure * Issues related to this patch * Issues resolved by this patch Make sure you at least read the "Installation procedure" section. You must follow the steps there to apply the service pack successfully in your environment. ------------------------------ INSTALLATION PROCEDURE ------------------------------ You need to install this service pack on all core servers, additional consoles, web console servers, rollup core servers, off-core inventory servers, and managed devices. The easiest way to update managed devices with the service pack is to use the Security and Patch manager tool. Make sure you exit the Management Suite Windows console before applying this service pack to core servers and additional consoles. We also strongly recommend that you back up your core server and databases before applying this service pack. --WARNING FOR CUSTOMERS WITH AN OFF-CORE INVENTORY SERVER-- BEFORE APPLYING THIS PATCH TO THE CORE SERVER MAKE SURE YOU STOP THE INVENTORY SERVICE ON THE OFF-CORE INVENTORY SERVER. FAILURE TO DO THIS CAN RESULT IN POSSIBLE DATABASE CORRUPTION. THIS PATCH UPDATES THE DATABASE TABLES AND IF AN OFF-CORE INVENTORY SERVER INSERTS A SCAN INTO THE DATABASE DURING THIS PROCESS, THE UPDATE MAY FAIL. For more information on off-core inventory servers and this service pack, see "Off-core inventory server issues" in the release notes that are part of the service pack documentation download. *** Due to the size of Service Pack 5 it may take a while to install. Please be patient. *** *** On the CORE SERVER *** 1. Extract Setup.exe from the patch and run it. NOTE 1: The status column for the patch update program may pause for a moment while updating large files. This is expected behavior, and progress will continue automatically as soon as these large files finish updating. NOTE 2: The percentage indicator updates on a per-component basis. Depending upon the number of components installed on the core server, the status can potentially update up to ten times for the patch. 2. When Setup finishes, reboot the core server. NOTE: If the Asset Manager add-on product is installed after installing SP5, or if other components are added to the core installation, the SP5 patch will need to be re-installed. *** On all OFF CORE INVENTORY SERVERS *** NOTE: After you've applied SP5 to the core server, you must apply SP5 to all off-core inventory servers, if you have any. 1. Extract Setup.exe from the core patch and run it on the off-core inventory server. 2. When Setup finishes, reboot the off-core inventory server. *** For all ADDITIONAL (REMOTE) MANAGEMENT CONSOLES not physically located on the core server *** 1. Extract Setup.exe from the patch and run it on the additional console. 2. When Setup finishes, reboot. *** On all WEB CONSOLE WEB SERVERS not physically located on the core server *** 1. Extract Setup.exe from the patch and run it on the Web console server. 2. When Setup finishes, reboot. *** On CLIENTS *** a. Use the Security and Patch Manager tool to automate the client update. -or- b. Use the Scheduled Tasks window to "push" a client configuration to client computers. -or- c. Launch WSCFG32.EXE on selected client computers. *** On SERVER MANAGER CLIENTS *** a. Use the Scheduled Tasks window to "push" a client configuration to client computers. -or- b. Launch SERVERCONFIG.EXE on selected client computers. NOTE 1: If you are installing the server agent, the computer will need to be rebooted for all of the monitoring information to be available. The "Reboot if necessary" option should be chosen if you can immediately reboot the server. If the option is chosen to not reboot, the product will not function properly until the server is rebooted. NOTE 2: If you are using custom Linux agent configurations, these will need to be rebuilt in the Agent Configuration tool. *** On ROLLUP CORES *** 1. Extract Setup.exe from the patch and run it. If your rollup core hosts the Web console, you also need to run Setup.exe for the Web console patch once the rollup core patch finishes. 2. When Setup finishes, reboot the rollup core server. ------------------------------------ ISSUES RELATED TO THIS SERVICE PACK ------------------------------------ * In order to manage local users and groups on the core server, the client will need to be installed. * To run a security and patch scan on the core server after applying the service pack, you will need to customize the CoreVulnerabilityScan.ini file in the ldmain\scripts folder. Then schedule it to run on the core server or install the client on the core. * A user will experience a delay in logging into the console if all of the following are true: RBA rights from Active Directory is being used. The Active Directory is large and/or complex in OU structure. The user name is a domain user of the Active Directory. The delay is directly proportionate to the size and complexity of the Active Directory used for the assigning of rights. This is in relation to CR00083286 * In order to use the new Software Distribution "Push" method on legacy, (pre-8.70) clients, you must choose the "Downgrade functionality to level of agent" option when you create the Push method. * WINDOWS PE License In order use the Windows PE option in Provisioning You MUST have a valid license for Windows PE. * Existing Vista clients with LANDesk Antivirus installed have an install issue that will cause the AV service, the inventory service, and the Vulscan service to stop functioning when upgraded using a push or pull of the client from the core. It is a 3rd party vendor install issue and is being fixed. To successfully upgrade existing clients, use the LD-8.7 SP5 Client patch and either apply it using patch manager or manually apply it to each client. You can also create a software distribution job to apply it. If you have clients in a broken state. Simply run (install drive)\Program Files\LANDesk\LDClient\Vulscan.exe /installAV /removeOldAV /noupdate /rebootaction=never /showui=false. This will correct the failed install. ======================================================================= ---------------------------------------- EXTENDED FUNCTIONALITY IN SP5 ---------------------------------------- ***Software Distribution*** A new Software Distribution Package Type of VBScript has been added. ---------------------------------------- NEW FEATURES IN SP3 (included in SP5) ---------------------------------------- *** Help *** There is a separate download on www.landesk.com for online help updates associated with new features in service pack 3. If you apply SP3 without updating the online help, you may encounter broken help links. After you've downloaded and updated the online help, see the "Introduction to LANDesk Management Suite 8" chapter for more information on what has changed in Management Suite with SP3. ------------------------------ Agent Configuration ------------------------------ Due to changes needed in the existing ldappl3.template the current file is renamed to ldappl3.template.bak in the ldmain folder before install creates a new one. Any changes made to the original ldappl3.template file will need to be added to the new one created by the service pack install. ------------------------------ Inventory Service ------------------------------ * Changes to the way the inventory scanner gathers BIOS information. The inventory scanner no longer uses the 16-bit inventory scanner to gather some BIOS information. By default, the scanner no longer reports on motherboard bus number and device attributes, and the size of attached floppy drives. Also, the inventory scanner no longer creates a hidden LDBIOS.TXT file on managed devices containing a list of BIOS strings. If you want the inventory scanner to once again report on these options and create the LDBIOS.TXT file, you can run the inventory scanner with the /do16 switch. * Wild cards are now available for use in configuring the exclude directories section. Old inventory scanners will not be able to use the wild cards. There may be an increase in unwanted software in the scan results returned by old scanners. Updating clients to the new scanner will alleviate the issue. ----------------------------------- LANDesk Application Virtualization ----------------------------------- * LANDesk Application Virtualization is a LANDesk Management Suite add-on product that is sold separately by LANDesk Software. LANDesk Application Virtualization uses Thinstall technology to virtualize an application, storing it in a single self-contained executable with the application and .DLL/device driver dependencies. When run, virtualized applications run in an isolated environment without making changes to the Windows installation they're run on. Virtualized applications even run on locked-down devices without requiring additional privileges. For more information, see the documentation that accompanies LANDesk Application Virtualization. When you use LANDesk Application Virtualization with Management Suite, you can deploy and manage virtualized applications. ------------------------------ Provisioning ------------------------------ A full working version of the Provisioning component is included in SP3. ------------------------------ Vista Client ------------------------------ * Because intranet browser settings are turned off by default on Vista, and the internet settings conflict with intranet settings, accessing the Web portal is blocked. If you enable intranet settings and then re-launch the browser, the Web portal will launch. --------------------------------------- NEW FEATURES IN SP2 (included in SP5) --------------------------------------- ------------------------------ Role-based administration ------------------------------ * New agent configuration right - lets users view the agent configuration tool, create and edit agent configurations, and schedule agent configuration tasks. ------------------------------ Inventory ------------------------------ * Rollup Utility has a new option (enabled through a registry key) to only roll up IP addresses. This can be helpful in environments that need up-to-date IP address info, such as help desks. ------------------------------ Macintosh updates ------------------------------ * Inventory scanner enhancements - Now uses encryption and delta scans. Delta scanning reduces network bandwidth consumption by only sending changed inventory items. - Now looks in the "Custom Data" folder under the agent installation folder for XML files containing custom data that you want the inventory scanner to pass to the core server. This additional information appears in the inventory tree under the Custom Data node. - Added automatic software license monitoring application discovery for installed Macintosh applications. - The Vulnerability Scanner (ldpatch) is scheduled for reoccurring execution through Local Scheduler. Vulnerability Scanner execution includes updating the vulnerability files on the client, checking for vulnerabilities using the updated vulnerability files, and remediating any detected vulnerabilities set to Autofix on the core. - You can now remote control a Macintosh device from the LDMS Web console (on a Windows machine) by right-clicking the device and selecting "Remote control" ------------------------------ Software license monitoring ------------------------------ * Added automatic application discovery where possible for installed Macintosh applications. ------------------------------ OS deployment ------------------------------ * New toolbar buttons for Windows PE image management. Added dialogs allowing users to add drivers to a windows PE image, resize a Windows PE image, and change the wallpaper in a Windows PE image. * Added support for Windows Vista images in the Windows PE boot environment. * Added support for the Vista version of Sysprep. * When deploying the PXE proxy, it now registers with the Windows firewall. ------------------------------ Software distribution ------------------------------ * Added a "Published distribution packages" item to the Distribution packages tree. This contains published distribution packages from a rollup core. * LDAP groups now resolved at client rather than through a query, so admins don't have to wait for query to resolve. ------------------------------ Security and Patch Manager ------------------------------ * Forward vulnerability scan results to a rollup core in order to facilitate real-time status * Connection Control Manager - Password override feature (in the CCM device configuration) that lets administrators temporarily allow USB connections * Agent Watcher - Extended Device Discovery (EDD) is no longer required on remote devices in order to monitor their LANDesk services and agents with Agent Watcher ----------------------------- Connection control manager ----------------------------- * Administrators can use a password to override the blocked USB devices on a client. ------------------------------------- NEW FEATURES IN SP1 (INCLUDED IN SP5) ------------------------------------- ------------------------------ Software distribution ------------------------------ * New deferral options for Delivery Method dialog: - Show success or failed status to the end user - Administrator can select how long to delay - Max Number of times user can delay - Time out options - Wait for user to respond before continuing - Customizable HTML custom messages * New end user feedback options - System tray notification icon - Success or failure notification after a task * Active Directory Group targeting - New option to target Active Directory groups as part of a Policy - Client determines group membership and applies appropriate policies * New columns added: - IP Address - Fully Qualified Host Name ------------------------------ Software license monitoring ------------------------------ * Automatic package discovery - Users not required to manually define software products or import pre-defined content - Automatically discovered products are a reflection of what is found in the environment--No inapplicable content to deal with - Updates or patches to a software product automatically handled - Date product was discovered is tracked ------------------------------ Inventory ------------------------------ * Software scan options - Send All Executed Software - Gather all executed files without running a MODE=ALL scan - Send product definitions - Include all detected software products in the software inventory scan * LDAPPL exclude wildcards - Exclude a group of directories from inventory scan with a single entry - Includes support for environment variables in the path * Query "not like" operator - Return all values that are not like a specified value - Find deviations from a standard configuration ------------------------------ Profile migration ------------------------------ Vista readiness * OS settings migration - Capture and restore desktop settings, wallpaper and screen resolution - Preserve mapped drives and printers * Application migration - Settings and preferences - Common applications, including Microsoft Office - Migration from older versions of Office to Vista-ready Office 2007 * Document migration - Migrate My Documents folder - Move documents from selected directories ------------------------------ Macintosh updates ------------------------------ Intel platform support * Universal installer - Single installer handles both Intel and PPC-based clients - Full hardware and software scan when install completes * Full feature support - Inventory - Remote control - SLM - Software distribution - Patch management - LANDesk Trusted Access Inventory scanning * Enhanced scan enables better SWD targeting - Chassis type - Primary owner - Physical memory slots - LDAP location (10.3 and above) * Expanded scan options (ldappl3) - Macmode=xx switch separates Mac and Windows scan settings - Exclude directories option limits scan scope, reduces client impact - Forced scan now supported * Improved software scanning - Software in Applications folder listed as Application Suites in software inventory - Distinguish full installs from drag installs or simple file copies Remote control enhancements * Updated remote control agent - Uses same protocol as Windows - Feature equivalent to Windows * Integrated security (10.3 and up) - Certificate-based - Data obfuscation * RBA remote control settings - Central control of RC rights - Time constraints (days and times) - Leverages integrated security and scheduling * Expanded patch/security automation - Parallel patch management process support (stage and execute) - Multicast support for patch - Policy-based patch and security remediation - Custom vulnerability support * Automated scan/maintenance - Inventory, policy and patch scans can now be configured on a schedule - SWD cache cleanup can be scheduled ------------------------------ Role Based Administration ------------------------------ * Active Directory integration - Assign Scopes to Active Directory groups - Assign Zones to Active Directory groups * Role Based Zones ------------------------------ Handheld Manager ------------------------------ * Maintain control over mobile devices via carrier connection - Delete contacts and address book data - Delete email and email attachments - Lock a mobile device - Shut down a mobile device - Perform a soft reset of a device - Clear all memory with a hard reset - Erase removable memory cards - Blacklist and prevent installation of unauthorized software * Send commands to managed devices via right-click in the management console * Software inventory - Monitor what software is installed * Software blacklist - Configure software blacklist policies that prevent the installation and force the deletion of undesired software - Ensure corporate security policy is adhered to * History - View of all management transactions ------------------------------ Antivirus ------------------------------ * Detection and uninstall of other antivirus packages: Symantec, Trend, and McAfee * Access to the secondary database of Riskware (in addition to the Primary Malware database) * Right-click AV File/Folder "Scan Now" option in Windows Explorer * Control of manual scanning processor utilization using a slide-bar * Allow End-user to temporarily disable AV Real-time file scanning (5 min, 1 hr, or until reboot) * "Mini Scan" of Memory when virus definition files have been recently updated * Allow the user to minimize the scan window * Don't subordinate the Scan Window to the AV UI window, i.e. allow the user to go back and look at the AV UI even while a scan is running" * Added a "Pause Scan" button on the scanning window * Added original quarantined date to files in backup/quarantine ------------------------------ Server Manager ------------------------------ * HP server-specific features - Hardware Monitoring Fans Temperatures Chassis Identification Chassis Intrusion Redundancy Power Supplies Bios event logging - System Information Serial number - Storage Inventory Raid Controller Firmware and model Physical disks Logical disks RAID array status - Console Improvements Avocent DSView Integration Agent Configuration enhancements Alert Rules definitions Simplified configuration Intel vPro * System Defense - Configure filters to watch for "bad" patterns of traffic - Filters packets before they reach the operating system - Alert or take actions such as: - Isolate the system from the network - Filter allowed network traffic - Drop incoming packets * Agent Presence - Monitors the LANDesk agent to ensure it continues to run - If agent heartbeat is lost, alert or take an action such as reinstalling the agent ================================================================================ ------------------------------ ISSUES RESOLVED BY THIS PATCH ------------------------------ Advance Agent ------------------------------ CR00112194 -- Uninstalling an agent that was installed with the advance agent MSI is not removed completely. CR00117554 -- Pushing the advance agent will cause device to reboot if Vulscan.exe is running at the same time. ------------------------------ Fixed in previous SP release ------------------------------ CR00095439 -- Advance agent does not install on machines that already have a client. CR00103949 -- Agent upgrade from 8.6 to 8.7 SP1 is removing ConfiguredOn date if the console is also installed on that device. CR00105535 -- Agent watcher does not work on Japanese Windows NT Workstation 4.0 with SP6a. CR00104112 -- DefaultWindowsConfiguration.INI has a typo in it. CR00108227 -- Starting advance agent task results in LANDESK SOFTWARE.MSI being launched on the core. CR00112194 -- Uninstalling the agent that was installed with the Advance Agent MSI is not removed completely. Agent Configuration ------------------------------ CR00113706 -- JPN: LDSCNHLP.INI file not configured properly when logged in as non-admin user. CR00121520 -- Self-contained agent package fails to install if multiple EXEs are built at the same time. ------------------------------ Fixed in previous SP release ------------------------------ CR00094329 -- Custom data form manual update issue on inventory-only core. CR00095615 -- The file "JPNNTCFG.MRL" is created under the root directory on the C drive after the agent installation. CR00097586 -- Advance agent is blocked by softmon.exe when upgrading a client. CR00097875 -- Local scheduler task for inventory has the /RSTART=60 switch with the IP change filter. CR00100371 -- Local scheduler tasks get scheduled when they shouldn't be. CR00102649 -- Agent installation hangs when upgrading a machine with an agent on it. CR00106730 -- Agent watcher not posting data to core server. CR00106835 -- Agent deployment task status remain running at COLLCON.EXE. CR00107320 -- Custom data forms set to be manually downloaded are automatically downloaded with Japanese license. CR00108324 -- Uninstall of old antivirus product takes a very long time during agent install. CR00108925 -- LDMS without Security Suite blocks spyware with no way of disabling this option. CR00108945 -- Locally scheduled task for APM is still created when agent is installed without software distribution. CR00109102 -- LDMof.exe process hangs during the LANDesk agent installation. CR00109133 -- WSCFG32 consumes all the memory if PendingRename regkey has odd number of entries. CR00109978 -- Agent update task stays "active" even though failure occurred ('Cannot Find Agent'). CR00110321 -- LANDeskSecurityClient.exe fails when the LANDesk agent is installed. CR00110639 -- Pushing the agent out returns a Failed Status and a result of "Unable to contact the specified machine. The machine may be off or unreachable. CR00110977 -- Server agent configuration does not write core FQDN to agent configuration INI file. CR00113464 -- Agent uninstall not removing shortcuts on Japanese clients. CR00113715 -- Policy delivery tasks are not being added to the local scheduler tasks on agent installation. CR00113717 -- IP Security Scan icon is installed in the Start menu when only software distribution and remote control options are selected. CR00113910 -- "Windows File Protection" error on agent install when copying PSAPI.DLL. CR00114389 -- JPN: Wrong parameter added to Vulscan start menu shortcut. After patching the core the you must re-push your client to fix this defect. CR00115096 -- When activated as Inventory Only, it is not possible to schedule an agent installation. Alerting ------------------------------ ------------------------------ Fixed in previous SP release ------------------------------ CR00084262 -- If Japanese characters are in an e-mail title, alert mail cannot be sent. CR00097841 -- When double-clicking a system in the System Manager Web console, you get an error telling you the monitoring software is not installed. CR00107058 -- If you create a new rule-set for monitoring or alerting they do not show up in the agent config. CR00108421 -- If the database goes down the Alert service stops inserting alerts in the database, even when the database comes up again. AMS ------------------------------ CR00113203 -- Device monitoring sends a "device on" alert though it never came back on, then sends another "device off" alert. ------------------------------ Fixed in previous SP release ------------------------------ CR00094061 -- Emails being sent out that devices are offline, but the device is not going offline. CR00102437 -- Inventory Server not Loaded alert does not send out alerts. AMT ------------------------------ CR00118077 -- Multi-core AMT provisioning. CR00118802 -- Error when generating an AMT-ID on a GERMAN core. ------------------------------ Fixed in previous SP release ------------------------------ CR00114134 -- Discovery of AMT machines often fails to recognize them as AMT. Antivirus ------------------------------ CR00121823 -- Sophos Antivirus 7.0.2 is not recognized as an AV product by the inventory scanner. CR00002087 -- When scanning memory, antivirus ignores the manual exclusion list, silently removing files that should've been trusted. ------------------------------ Fixed in previous SP release ------------------------------ CR00097384 -- Installing LDMS AV on a workstation with MacAfee Enterprise 8i makes workstation unusable. CR00099326 -- Outlook XP SP3 generates an antivirus warning on every email. CR00099775 -- Windows Installer - "Please wait while Windows configures LANDesk(R) Software" message when starting an agent push. CR00102555 -- The default AV settings change without notice. CR00106700 -- AVservice seems to bog the system down when RTS is running in conjunction with offline file synchronization. CR00107066 -- LANDesk inventory scanner is not recognizing a device as an AMT device when System Manager component is not installed. CR00107068 -- AMT Credentials not obtained during the agent deployment when AMTConfig.exe runs. CR00107123 -- Outlook initializes slowly, even if email scanning is disabled. CR00107470 -- AMT Disable/Enable OS Network and Run Vulscan on startup do not work. CR00108542 -- LDoutlookplugin errors on loading with Outlook 2007. CR00109081 -- LDoutlookplugin runs 2 scanningprocess.exe when launching Outlook. CR00109127 -- Landesk AV does not remove Symantec 7.x on installation. CR00109701 -- Cannot start real-time scanner on Windows NT 4.0. CR00110212 -- Passive Vulnerability Scanner Nessus (www.nessus.org) creates a surge in memory utilization for the Agentless Discovery Service (AMTDiscService.exe). CR00111220 -- AutoCAD's ietiffrd80.dll is detected as a virus during a memory scan. CR00112106 -- LDOutlookAddin is causing Outlook to crash when using meeting requests. CR00112817 -- UpdateVirusDefinitions.exe fails with error code "UpdateVirusDefinitions.exe returned an error code: -2134114277 (0x80CC001B) Completed updating definitions". CR00113633 -- installav switch for vulscan needs to bypass preferred server. CR00114585 -- McAfee Pattern detection is incorrectly flagging new AV-pattern as "out of date". CR00115310 -- Later server OS's such as 2003 R2 report that the AV service is not running when updating pattern files. CR00119012 -- After upgrading a Vista agent to 8.7 SP4 from 8.7 SP3, the scanner hangs after install and Antivirus is disabled. On some machines it will cause a blue screen. Application Policy Manager ------------------------------ CR00113021 -- Policies occasionally get stuck in a pending state. CR00114622 -- Policies targeted to a user do not display in the distribution portal when amclient is run silently as local system. ------------------------------ Fixed in previous SP release ------------------------------ CR00095338 -- Policy status is not preserved on upgrade for LDAP targeted policies. CR00096624 -- APM won't attempt to re-install a policy if the install was aborted partway through. ASIC Support ------------------------------ CR00110570 -- Itautec motherboard with ITE8718F ASIC shows bad CPU fan speeds. Asset Manager ------------------------------ CR00120283 -- Asset Manager no longer pulling the "Model" information from inventory when asset data is refreshed. ------------------------------ Fixed in previous SP release ------------------------------ CR00113374 -- Deleting an item associated with a computer deletes all associated items. CR00113471 -- Unable to edit the General section in Managed Sections under the Lease type in Contracts. CR00113598 -- FRA: Asset Manager console errors when clicking on Ordinateur. Connection Control Manager ------------------------------ CR00115170 -- Cisco VPN client is enabled and attempts to connect when CCM configuration is applied. CR00118059 -- "CTRL + SHIFT + UP-arrow" combo for CCM is not disabled when a "no password" config is pushed down. CR00001193 -- Usbmon.exe disables the key combination "Ctlr + Shift + Up arrow" in Excel since that key combination is used by Usbmon.exe. The Usbmon.exe hotkeys are now configurable via the Windows registry. ------------------------------ Fixed in previous SP release ------------------------------ CR00095390 -- Error occurs on Windows 2000 client after applying a device control configuration. CR00096678 -- "Wake up device" option should be OFF by default. CR00096854 -- Cannot add Assets in Asset Manager when using Firefox 1.5.x. CR00098006 -- USBMON is not listed in the Xtrace utility. CR00101580 -- NETRES.exe takes 90+ CPU usage when certain configurations are deployed to the client. CR00101891 -- Translation error on JPN CCM. CR00102354 -- In the advanced USB settings, additional lines are appearing. CR00104687 -- Re-pushing a connection control configuration may not complete successfully. CR00106768 -- FRA: Cannot add a detail to the General section of Computer in French Asset Manager. CR00107442 -- Got an error when create a report with character ' in name. CR00108908 -- NIC can be enabled after CCM is set to disable it. CR00114436 -- White list or blacklist only take effect on USB devices, not on the USB devices which detected as volumes. Console ------------------------------ CR00110010 -- Rebooting a client machine unlocks the desktop on that machine. CR00115010 -- With a large database, 8.7 SP3 consoles take up to 2-3 times longer to save a task than 8.7 flat consoles. CR00116487 -- Enhance WOL to send 'formatted frames' packet in addition to 'magic packet'. CR00117737 -- Sorting list views in the console while in SLM takes a long time. CR00122366 -- DEU: The inventory field "Last Hardware scan" is translated like Datum des Hardwarescans instead of Letztes datum des Hardwarescans. CR00122705 -- Prerequisite queries are ordered by creation order instead of alphabetically. CR00001229 -- In the console's Unmanaged Device list, you can't sort by IP Address if any UDD device doesn't have an IP Address. ------------------------------ Fixed in previous SP release ------------------------------ CR00073467 -- CON: Cannot delete users. CR00083286 -- The Win32 console is slow (over 5 minutes) when using Users tool and Active Directory. CR00096001 -- "Services" option is grayed out under Tools. CR00097848 -- Columns in the SLM Usage Report are not sorted correctly. CR00099454 -- Task moved to a group disappears from Common Tasks. CR00101709 -- Very slow console refresh in LDMS 8.7 when clicking on All Devices in the Network View. CR00104384 -- In German, the OS Deployment right is missing for users in the console Users | Assigned Rights dialog. CR00104384 -- OS Deployment right is missing in German 8.71 console. CR00106395 -- LDIM: Pending unmanaged devices does not appear in Win32 console. CR00108015 -- Opening My Computer>Remote Computers fails with prompt for Credentials. CR00108576 -- Patch Manager - If a user views the settings for any user in the Users tool, all admin privileges are removed from all users. CR00111918 -- Japanese core shows a gray screen when selecting two or more devices and viewing the Security and Patch Information. CR00114579 -- RBA: Active Directory access failed with password with stressed characters (à, é, è) in LANDesk User Tool. CR00114906 -- "Select"-button missing in Provisioning history on German cores. CR00115008 -- Unable to validate the "LDAP Query Options" on French version. CR00115497 -- Dragging a custom column set freezes the console. Database ------------------------------ CR00115874 -- Migration from LDMS 8.5 to LDMS 8.7 causes distribution packages to be incorrectly populated in the DB. CR00117377 -- SQL statement causing large performance hit on DBMS server. CR00124378 -- fileinfo_idn is being returned null causing rollup issues. ------------------------------ Fixed in previous SP release ------------------------------ CR00095375 -- Collation error when rolling up a Japanese database. CR00100129 -- Data in LegacyApmCmdLine gets cleared after task is started. CR00102358 -- SQL 2005 database is being slowed down by queries. CR00113843 -- Error "VideoMonitor.SERIALNUM" too small, at least increase 24. CR00114455 -- ER: Add an index on TaskAllowedMachines table to Datamart.xml. CR00114629 -- CoreDBUtil fails on rebuild all on the history table. Directory Manager ------------------------------ ------------------------------ Fixed in previous SP release ------------------------------ CR00107548 -- Directory Manager: restrict ability to connect AD to admins. Distribution Packages ------------------------------ ------------------------------ Fixed in previous SP release ------------------------------ CR00094689 -- Apache directories cannot be viewed when browsing in the distribution package window for the primary file and additional files. CR00096769 -- Distribution package created by a vulnerability repair aren't going into My distribution packages. CR00098490 -- LegacyApmGuid in PACKAGE table reverting to NULL. Handheld Manager ------------------------------ CR00114655 -- Installing the LDHM agent on a device sets the ldlaunch.ini task to GMT-8. ------------------------------ Fixed in previous SP release ------------------------------ CR00097002 -- HP thin client will not accept registry changes. CR00097101 -- Inventory data missing on host computer with Windows CE device. CR00101712 -- Cannot install LANDesk agent on a BlackBerry. CR00102319 -- Registry key for HandHeld Agent will not be removed after install if User is not an Admin. CR00108082 -- WinCE agent used with Wyse S30 devices are not collecting the system serial number. CR00110242 -- Symbol MC7094 Hand Held acts like it has a fake NIC, and reports wrong IP address. CR00113565 -- SWD tasks to handheld clients fail, because WCEtrigger.exe is not kicking off wcesdlnt.exe. Install/Uninstall ------------------------------ CR00110506 -- AOLNSRVR.EXE is vulnerable to crash and buffer overflow. ------------------------------ Fixed in previous SP release ------------------------------ CR00096169 -- Patch Manager custom groups are lost in the upgrade. Inventory ------------------------------ CR00115354 -- Vista clients do not report the primary owner field without running the inventory scanner manually. CR00118002 -- INV: Out of sync scans. CR00118075 -- After an exception that causes an inventory thread to restart, the rolling log shows connection errors. CR00118986 -- ldapp3.ini and template files disappear. CR00121920 -- Serial number not being displayed correctly in the console after SP4 upgrade. CR00123043 -- Inventory service stops inserting scan files into the database. CR00123470 -- Miniscan.exe reports are returning incorrect processor count to core server for Physical Processors. ------------------------------ Fixed in previous SP release ------------------------------ CR00093997 -- LDMS 8.6.1 agent does not display hard drive serial number under Fixed Drive in inventory. CR00095387 -- Inventory change alert for Device Name not working. CR00095432 -- Inventory scanner locking CPU at 98%. CR00095611 -- Mac scans generating database exception. CR00096028 -- 8.7 inventory scan fails on Windows 95B. CR00098999 -- If core cannot communicate to the database server, the inventory service throws a runtime error. CR00099460 -- Delta scan could create invalid entry for Computer.Software.Package. CR00099614 -- Sometimes firewall status is reported incorrectly in inventory. CR00101409 -- Creating a new string value in inventory does not apply to all devices. CR00101430 -- LDMS DB maintenance is not deleting duplicate computers. CR00102320 -- Inventory scans throwing database exception errors on the MSI hash. CR00102500 -- LDISCN32 causes excessive LDAP traffic requests to PDC. CR00103584 -- Inventory scanner does not gather ASIC data for System Manager. CR00104370 -- gatherproducts prompts for credentials when it doesn't have access to network shares. CR00104729 -- Clients remain in "Pending Unmanaged Client Deployments" after LDMS client is successfully installed. CR00104802 -- McAfee definition publish date is incorrect in inventory information. CR00105621 -- ldiscn32.exe was generating Dr Watson errors because of a truncated LDAPPL3.INI file. CR00105936 -- Inventory scanner can not get correct file size on very large files. CR00106493 -- Inventory scanner to collect NAV2007 information. CR00106715 -- '[Public]' shows as Primary Owner in inventory.-with Novell client. CR00107000 -- Inventory service keeps crashing every 2 to 3 days. CR00107043 -- McAfee 8.5 only report back very limited and wrong inventory information. CR00107331 -- INV: Need the ability to send in other data with the miniscan.exe. CR00107666 -- Running an inventory scan hangs on gatherproducts.exe. CR00107910 -- Solaris: Scanner does not report directories that have a NFS file mount in them correctly. CR00108028 -- SLM data is deleted when a new product definition is added in a full scan. CR00108493 -- Runtime error when the scanner runs on some IBM ThinkCentre computers. CR00108538 -- Cannot stop LANDesk Inventory Server Service after error. CR00108549 -- Inventory scanner is not distinguishing between 2 files with the same name and size but different versions. CR00108751 -- INV: Miniscan reporting System - Serial Number as "NOT Available" on IBM T series laptops. CR00109202 -- SP2 broke the off-core inventory server. CR00109270 -- LDISCN32.exe will not execute on a Vista client without a user giving it administrator credentials. CR00109394 -- Miniscan updating wrong subnet mask and subnet broadcast address. CR00109963 -- Additional logging needed for when Inventory Service modifies the LDAPPL3 files. CR00109963 -- Additional logging needed for when Inventory Service modifies the LDAPPL3 files. CR00110037 -- Buffer overrun on IBM Blade Server running Terminal Server. CR00111146 -- ER: Add/track first inventory scan date for clients. CR00112758 -- invdelta not updating if Do Delta is disabled. CR00113316 -- Missing product hash definition in scans crashes DB connection. CR00114342 -- Put the client device ID into Event ID 3. CR00114345 -- Inventory server service experiences a C++ error immediately after DB maintenance completes. CR00114425 -- Inventory scanner causing excessive NDS LDAP. CR00114557 -- Fujitsu inventory items. CR00114632 -- Packages with long file names are being duplicated in the inventory of machines. CR00114849 -- Inventory scan accesses the floppy drive. CR00115354 -- Vista clients do not report the primary owner field without running the inventory scanner manually. CR00115506 -- 'Domain Name' and 'Login Name' are missing from inventory scans on Windows Vista devices. CR00115708 -- Miniscan in WinPE is not reporting the serial number on Lenovo M55. CR00115898 -- Inventory scanner does not report Trend Antivirus/PC-Cillin 2007 on Vista. IPMI ------------------------------ CR00113710 -- ID LED cannot be turned off via IPMI. CR00113984 -- IPMI voltages incorrect for Apennines server running RedHat. CR00114027 -- Add support for multiple IPMI drivers. ------------------------------ Fixed in previous SP release ------------------------------ CR00097457 -- Cannot retrieve IPMI sensor data from Linux agents. CR00100807 -- GSM: OOB power commands fail. Licensing ------------------------------ CR00114448 -- Core activation tool does not remember HTTP-based proxy setting. ------------------------------ Fixed in previous SP release ------------------------------ CR00097471 -- softmon.exe faults after Windows agent is removed and system is rebooted. CR00101215 -- License for customer does not keep check boxes in client config. CR00105620 -- If you activate with a LDSS license only, the option for CCM is grayed out under the users section. CR00107229 -- When user selects the "Don't remind me of this product expiration again" checkbox an error is generated. Linux ------------------------------ CR00116771 -- Linux RPM package command lines are not properly added. CR00121161 -- Inventory scanner on Linux is reporting incorrect values regarding the disk space. CR00123574 -- AIX - Customer reports crash on IBM AIX Inventory Scanner when he tries to run it on AIX 5.3. ------------------------------ Fixed in previous SP release ------------------------------ CR00100989 -- Inventory scanner does not run on AIX 5.2 or 5.3. Local Accounts ------------------------------ ------------------------------ Fixed in previous SP release ------------------------------ CR00097407 -- servicehost.log file shows password in clear text when changing local account passwords. Macintosh ------------------------------ CR00119059 -- Apps are not getting blocked on Mac clients. CR00119701 -- (See Notes) The SDCache is not being purged by ldcron. CR00120068 -- Agent config is corrupting the Netinfo database on Jaguar and Panther clients. CR00121523 -- OSD will fail when the terminal is run from the local drive. CR00123469 -- Cannot install pkg.zip through a custom definition. ------------------------------ Fixed in previous SP release ------------------------------ CR00096063 -- Context menu actions not working on Macintosh devices. CR00098210 -- Previous crontab is deleted when the LANDesk client is installed. CR00100753 -- Cannot open Macintosh agent after installation. CR00103302 -- Inventory scan will not launch on a forced scan. CR00103486 -- MAC: LDAP Location is reported wrong in inventory for Macs that are in AD. CR00105852 -- Mac: -o does not work any more with the command line. CR00106724 -- JPN - MAC agent installation doesn't complete with JPN iBook G4 OSX 10.3.9. CR00107298 -- MAC: LDSCAN Crashes when real basic is installed on the system in Jaguar. CR00107315 -- MAC: On Japanese the scanner will not complete on Panther. CR00107332 -- MAC: Package name is empty on some applications. CR00107979 -- MAC: Inventory scans are completing on the client but do not get sent in to the core server. CR00108547 -- Usage data does not get sent up to the core with delta scans. CR00109488 -- Existing .pkg files with the same name in the LDCACHE folder are not being overwritten during a software distribution task. CR00109517 -- Mac scans won't go into the database. CR00110120 -- MAC: remote control screen blanking does not work. CR00110149 -- Files in "To be excluded" are not excluded from the Mac inventory scan. CR00110160 -- Software distribution fails when using a policy. CR00111132 -- MAC OS client 10.3.9 LDAP location is not reporting the location. CR00111156 -- MAC: Application suites do not show up in inventory for Macintosh. CR00111585 -- MAC: Software distribution to a OS 9 client does not work. CR00113397 -- LDSCAN is not reporting the correct processor speed on newer Intel Mac Pros. CR00113495 -- Delta scan does not send updated custom data. CR00113625 -- MAC: If an application is a blank space or the name is to long the scan will go into error scan. CR00113943 -- MacOSDXserve.pkg does not set the password for user LANDesk correctly. CR00113983 -- Zombie ldcron processes. CR00114148 -- MAC: ldcron tasks are not removed from inventory when they have been removed from ldcron.xml. CR00115525 -- The latest Mac build does not report the file versions as 8.70.x.x but 8.7.x.x. CR00115802 -- MAC: OSD will not complete if the volume that is restored has a t at the end of the name. Management Gateway ------------------------------ CR00121085 -- The .0 file and the .crt file in the keys directory are not being updated properly. ------------------------------ Fixed in previous SP release ------------------------------ CR00095717 -- When using the self-contained .exe to remote control a system through the gateway, you get challenged for credentials. CR00097998 -- RCClient.exe cannot be connected to through Management Gateway remote control if you download the .exe from the Gateway Web site. CR00107304 -- Software distribution does not work through the gateway when using core server name instead of FQDN. CR00106642 -- Using LDDHCP or LTA to repair a client changes the registry for the cache directory to ldclient. CR00111621 -- Machine list refreshes to fast on the RC viewer for customer that has over 600 machines running a resident RC agent. MBSDK ------------------------------ CR00114154 -- MBSDK: Added a new call to IDAL. Monitoring ------------------------------ CR00114274 -- The ldgetservicepermormanceinfo crashes on XP workstation with no paging file. ------------------------------ Fixed in previous SP release ------------------------------ CR00096263 -- ldcpu.exe hits buffer overrun error on Harwich 800T. CR00097784 -- LDSM: LDlogs.exe taking 99% CPU on client and not returning any info to the console. OS Deployment ------------------------------ CR00118902 -- Modify PXE rep behavior when responding to PXE client DHCPDiscover request. CR00120061 -- drvmap.exe fails if media card reader is present. CR00120288 -- OSD with WinPE using dynamic naming convention is skipping numbers. CR00122245 -- OSD performance issues caused by using old startrom. ------------------------------ Fixed in previous SP release ------------------------------ CR00058143 -- Change to AUTODETE.EXE needs to be made for PXE booting stability. CR00095529 -- LDSleep missing from WinPE and LDLinux scripts causes imaged machines to not install the agent and leaves the machine logged on as admin. CR00095677 -- Browse button takes you to the wrong location when creating an OSD script. CR00095688 -- The command line for a deploy script always uses Ximage. CR00095697 -- Ximage.exe is now ImageX and has a slightly different syntax. CR00096508 -- Imagealw and Restall.bat are older versions. CR00096513 -- WinPE does not call Restall.bat with a multi partition image. CR00096865 -- Runbatch.exe always reports successful status back even upon failure. CR00097367 -- WINPE has a blank boot menu intermittently. CR00097959 -- Last partition does not get extended when restoring images via Windows PE. CR00098005 -- OSDRep.msi has no option to install only certain boot options and some options cannot be removed. CR00100352 -- OSD: Custjob.exe leaking memory when waiting on REMPING. CR00101002 -- TFTP service fails to load with error 21. CR00104108 -- OSD writes HAL info to SYSPREP.INF incorrectly. CR00104991 -- Legacy OSD script copied into 871 causes OSD window to gray out. CR00101002 -- TFTP service fails to load with error 21. CR00103306 -- Downloading the OSD Image files through SDCLIENT takes much longer than a regular file copy when deploying the PXE Rep. CR00106702 -- Remove files that are left behind on the root of C: after laying down an image using OSD. CR00106742 -- PXEMENUSTART menu fails to allow scrolling for a large number of scripts. CR00106934 -- Unable to use WinPE 2.0 to validate PE license for LDMS 8.7 SP2. CR00107028 -- Default preboot environment is not sticking when set. CR00111711 -- Unable to run scripts from the PXE Boot Menu. Patch Manager ------------------------------ CR00118430 -- ReadRegValue stripping quotes off string. CR00120935 -- Can't exclude an application that is being run from a UNC or mapped drive path. CR00115998 -- Cannot detect Norton 10.1.4.4000 real-time protection status. CR00116342 -- Softmon service is keeping Symantec Antivirus from starting. CR00117557 -- Interactive Services Dialog pops-up during Patch remediation on Vista clients. CR00120617 -- Disparate results in #-s detected between Patch Manager and the reporting tools. CR00122267 -- Bulk insert/update to improve performance of processing vulnerability results. CR00123621 -- Minimum version for Trend Micro 7.x used in AV100 is not detecting correctly. CR00123831 -- After installing PAT-12050887.4.zip an entry is put into the RunOnce registry key. The next time the machine boots it takes 3-5 min and the user has no UI until it is finished. CR00002084 -- After a patch has been installed on a client and that client is rebooted, Vulscan re-scans the client against all patches in SCAN rather than a group specified by the Agent Behavior. CR00004395 -- Latest definitions are not being scanned for. ------------------------------ Fixed in previous SP release ------------------------------ CR00012746 -- Security and Patch Manager field 'File Name' is blank for all entries. CR00095059 -- Users can cancel forced reboot with Security and Patch manager. CR00095151 -- Product ID not refreshing in cache. CR00095253 -- Unblocking a blocked app does not work. CR00096259 -- SKYPE.EXE is not blocked if it is renamed. CR00096846 -- DEU: Security and Patch information not showing up for clients. CR00096861 -- Patch Vulnerabilities widget in the Executive Dashboard displays incorrect percentages. CR00096995 -- Items added to compliance or alert groups cause previously entered items to not be scanned for. CR00098969 -- Options in scan and repair setting still take effect even though it was already grayed out. CR00099331 -- Uninstall Patch option should be disabled when patch is not "un-installable". CR00100426 -- Definitions are removed from group when content is updated. CR00101513 -- Custom definition does not retain changes after using "Update" button. CR00101931 -- Scanned and Detected columns populate slowly, and sometimes not at all. CR00102357 -- Definition not repairable after importing status with VAMiner. CR00102473 -- Vulscan needs to be able to download enuvulscan.dll when the actual Language dll does not exist CR00102478 -- Unable to obtain peer name 10057. CR00102635 -- Vulscan fails to scan a Windows 95 Winsock 2 machine. CR00104459 -- Client starts a vulscan with autofix, although the option 'autofix' is not checked in the end user setting. CR00105248 -- LDAVHLP.DLL is not detecting McAfee 8.0i Patch 13. CR00105307 -- After installing a server agent on a server, the first patch that is applied always reboots the server. CR00106726 -- On a Windows 20003 core server running a vulscan cannot post the scan to the database. CR00106822 -- Using the multi-select option to repair with multicast does not multicast all patches. CR00106893 -- Vulscan /removeoldav throws an ldavhlpr.dll error removing McAfee 8.0i. CR00107143 -- vulscan /removeoldav does not completely uninstall eTrust AV. CR00107345 -- Patch Manager can't create policies to repair tasks. CR00107395 -- JPN: The Configure button under custom variables in the security and patch scan section of the agent shows wrong Japanese. CR00108000 -- Repairing a patch as a policy creates a delivery method with feedback enabled. CR00108603 -- Application completion error when shutting down NT 4.0 SP6a and 95 B client. CR00108754 -- placing items in the runonce key with softmon.exe does not work with VBScripts. CR00109257 -- When viewing Security and Patch information for multiple computers, patch information in the viewable area says ' N/A' under the 'Downloaded' field. CR00111106 -- Run command failed by 8.7 vulscan.exe while Using "RegDelete" method to delete Regedit value. CR00112746 -- Security and Patch Manager field 'File Name' is blank for all entries. CR00113463 -- Profile Migration: Default local user account password will not work. CR00113661 -- Stage and repair tasks in Patch Manager cannot fall back to the core if the files are not in the local cache or on local peers. CR00114094 -- German. "Scan and Repair settings" window Repair tab missing the "If no end user response" Timeout field. CR00114710 -- ER: ST000016 could track the weak password but do not write the weak password into vulscan.log. CR00114839 -- Vulscan is downloading behaviors even if they customer is not licensed. CR00115696 -- Agent deployment fails after applying certain post SP3 patches. Profile Migration ------------------------------ CR00122518 -- LDPROFILE.EXE throws an error on Czech Windows XP when AD user profiles are stored on the domain. ------------------------------ Fixed in previous SP release ------------------------------ CR00100467 -- Localization issue in Profile Migration dialog. CR00107905 -- ldprofile.exe /put is failing on network files when the /get skips network files. CR00109455 -- Profile migration fails to migrate printers but does not log any failure. CR00109611 -- Profile Migration is failing when files in the recycle bin change size. CR00110864 -- Printer migration fails if temp directory is missing. Provisioning ------------------------------ CR00113727 -- Remote console - Network view, right-click on a device and click Manage Variables or Provisioning History and l then cancel, you are no longer connected to the database so you cannot affect anything in the console. CR00113947 -- 32-bit console crashes when creating scheduled task. CR00114014 -- Delivery method does not get passed when running from Provisioning method8 CR00114220 -- Provisioning - Cannot use an account with "#" when mapping a drive. CR00114429 -- Provisioning agent does not run after rebooting into target OS. CR00115939 -- Provisioning - Import Install script truncates MassStorageDrivers section. Query ------------------------------ CR00114096 -- French core: Column selection window in an LDMS Query displays too small to view the columns selected. CR00114458 -- FRA: SP3 breaks queries for "Ajout/Suppression de Programmes"(Application Suites). ------------------------------ Fixed in previous SP release ------------------------------ CR00100055 -- JPN: Inventory entry name is changed to English from Japanese on version 8.7. CR00101217 -- Query selects correct data when ran but selects all devices when put into a scheduled task. CR00106672 -- Queries saved with Custom Data Form data do not retain custom data fields. CR00108341 -- Query does not report correct results when using "Not Like" and the value is from custom data. Remediation ------------------------------ ------------------------------ Fixed in previous SP release ------------------------------ CR00090969 -- Command line can't unzip Acrobat patch file. Remote Control ------------------------------ CR00112841 -- FRA: Users who try to remote control a machine get an Authentication Window if their password contains special characters as “é”. CR00119317 -- Permission required if user logged in causes "Asking for user permission" prompt on Vista clients. CR00121025 -- The remote control under LDMS 8.7 over a WAN link is really slow compared to previous version. CR00123967 -- Problem in remote control option setting in agent configuration. ------------------------------ Fixed in previous SP release ------------------------------ CR00090165 -- Options UI in Japanese remote control viewer is corrupted. CR00095359 -- ISSuser does not show username of account logged in to system. CR00098918 -- Logging in to Windows NT 4.0 clients through remote control is very slow. CR00099626 -- The remote control viewer shows "SYSTEM" as the current remote username in the connections message box. CR00102523 -- Unable to remote control a Windows 95b machine as the device does not have a remote control icon after the ping discovery occurs. CR00104125 -- Alternate names aren't being passed to the client when requiring permission during remote control. CR00104535 -- Remote sessions incorrectly disconnected do not become available again until restart. CR00107266 -- Certificate-based remote control session causes a Dr. Watson error on rcgui.exe. CR00107269 -- JPN: garbled (Japanese) characters showing up on the client when the reboot was selected on RC. CR00108656 -- Web console remote control does not use machine name as an option to determine the machine to be remote controlled. CR00108904 -- IP address string is causing a disconnect before the integrated security authentication. CR00108984 -- JPN: After installing the client on a Windows NT system, if you logon after that with a guest account the remote control icon does not display. CR00109368 -- Permission to remote control window is not appearing on a logged-off machine with agent configured with remote control permissions: Permissions required. CR00109650 -- The RC status window (by right clicking on RC icon in a system tray on Windows95B) shows garbled Japanese characters. CR00109928 -- Failed to remote control client machine which has special Chinese characters. CR00110159 -- Cannot close a program by clicking the X during a RC session with the blank screen option enabled. CR00110475 -- Unable to remote control after the "enable old agent compatibility" prompt. CR00110926 -- Attempting to remote control a DNS alias of an agent causes another user's remote control session to end without prompt. CR00111297 -- Add/Remove Programs Uninstall does not fully remove the RC viewer on both Windows 2000 and Windows XP workstations. CR00111914 -- Remote control cannot pass the 'ctrl+alt+del' to Microsoft Vista. CR00112367 -- CoC - Enhancement request: RC custom text notification. CR00112494 -- Windows XP client machines are not remote controllable for 2 minutes after remote control service starts if terminal services is disabled on the XP services. CR00112634 -- Remote control permission window keeps showing on console. CR00113043 -- When using RC DRAW on a client, if the client disconnects their session using right-click on "Floating Desktop Icon" the pictures drawn remain on screen until a) the machine reboots b) a restart of the LANDesk Remote Control service. CR00113131 -- Can't simultaneously remote control a device that has an existing RDP session. CR00113543 -- Remote controlling a client with Eudora Emailer and hitting CTRL + ALT + M (Full Screen) deletes currently selected e-mails. CR00113781 -- Cannot reboot client machine after using chat feature. CR00114476 -- If a new version of ISSCNTR.EXE is released, systems that run ISSCNTR.EXE from the web console never get the new version. CR00114809 -- On an managed machine - In the taskbar, it used to show "Your computer is being controlled by DOMAIN\USERNAME". It now shows "Your computer is being controlled by Not Connected\Not Connected". Reporting ------------------------------ CR00113928 -- Some English descriptions need to be modified. CR00115930 -- Ad hoc reports (through queries) cannot be run. CR00118120 -- In the 'Itemized security report for each device' report, a client shows as not complaint even though it is managed by an accepted server. CR00118665 -- Canned report 'Computer Operating Systems' reports Vista and XP 64-bit machines with the wrong OS. CR00121214 -- Reports that have scopes applied do not retain the scope when the report is printed. ------------------------------ Fixed in previous SP release ------------------------------ CR00095065 -- Error in report "Computer Operating Systems" if Windows 98 is selected. CR00095114 -- UDD reports contain the wrong records. CR00097344 -- Global Report setting does not retain metric settings. CR00098484 -- The start time is not being logged in the Remote Control History for Managed Computer report. CR00101671 -- Report - "Changes in Detected Vulnerabilities over time" times out when database contains large amounts of records. CR00102169 -- Antivirus Program Summary report not working properly. CR00104327 -- McAfee 8.0.0 not reported in Antivirus Program Summary report. CR00106807 -- Remove Hr:Min:Sec AM part in Virus Definition Date field. CR00106887 -- Change anti virus soft version checking rule. CR00106890 -- Description change request in Itemized security report. CR00107194 -- Create query, and export it to CSV from report window by choosing 'Selected items', the extra column 'ID' will add. CR00107256 -- Screen saver password setting info in Itemized security report is not accurate sometimes. CR00107256 -- Screen saver password setting info in Itemized security report is not accurate sometimes. CR00107322 -- Security Compliance by device report is not formatted correctly. CR00107463 -- DEU: Export button is missing in German reports. CR00108712 -- Policy-Supported Push Delivery Status by Task report doesn't display status. CR00109541 -- ER: Reports are incorrect when querying on machines with identical NetBIOS names. CR00111441 -- Repeated content displayed in SecuritySummary report csv type. CR00113478 -- ER: Reports - The policy delivery status by task report is wrong. CR00113670 -- Report values in preview mode are formatted differently when the report is run. Role-based Administration ------------------------------ CR00119804 -- Zones functionality not available on a clustered installation. ------------------------------ Fixed in previous SP release ------------------------------ CR00095239 -- Edited scopes do not save if there is an apostrophe in the query. CR00098771 -- When creating a scope it appends a *(wild card) to the end so you can't name another scope close to that scope or it will grab both scopes. CR00101644 -- Cannot log into the 32-bit console via a RDP session. CR00104226 -- Active directory inherited rights aren't applying to users, direct rights do. CR00108162 -- Login to AD prevented if login name has symbol like !. CR00108320 -- ER Select multiple users in User tool. CR00109977 -- User right changes do not prevent users from opening certain tools. CR00111386 -- If a user is assigned UDD rights (only) in RBA they are getting OSD as well. CR00112916 -- Add sort function in the user\scope view. CR00113532 -- Cannot see "Device View" list in the Web console with a Patch Manager ONLY license and no LANDesk administrator right. CR00113548 -- Cannot access Users section in RBA after connecting to Active Directory. CR00113665 -- Copy and Paste function does not work in the queries section unless you are a LANDesk administrator. CR00120175 -- 60 second delay while AD tries to enumerate -- really slow. Rollup ------------------------------ CR00119936 -- Rollup core server won't rollup data. ------------------------------ Fixed in previous SP release ------------------------------ CR00107778 -- Synchronizing packages from the rollup core to the child cores fails if one of the packages has over 2000 'additional files'. CR00111729 -- Getting database error when running dbrollup.exe. Scheduler ------------------------------ ------------------------------ Fixed in previous SP release ------------------------------ CR00094952 -- SCHEDQRY opens up 500+ connections to the Oracle DB during LDAP query resolution. SDK ------------------------------ ------------------------------ Fixed in previous SP release ------------------------------ CR00095241 -- Context menu actions not working on Windows Server 2000. Server Configuration ------------------------------ CR00120504 -- On core server with LDAV and Server Manager installed, new server manager agents have LDAV jobs in local scheduler even though LDAV is not installed on servers. ------------------------------ Fixed in previous SP release ------------------------------ CR00099010 -- Localization issue in Server Manager agent config screen. CR00111312 -- Psapi.dll file gets copied to system32 directory and then overwritten when deploying server agent. Software Distribution ------------------------------ CR00115555 -- Software distribution jobs sporadically fail with "Failed to download all additional files". CR00116474 -- FR: On French clients, the AMClient installation notice doesn't show the package name. CR00117075 -- Changing the owner of a task that is contained in a personal group disappears. CR00117829 -- APM failures. CR00121945 -- Ability to prevent non-admin users from deleting LDAP Queries/ LDAP Target Queries from Directory Manager. CR00121980 -- Removing one machine from a scheduled task removes others. CR00123084 -- Optional run once policy is not working properly. ------------------------------ Fixed in previous SP release ------------------------------ CR00086353 -- ER: Allow machines with duplicate names to be part of a policy. CR00092014 -- Cache override option for SDCLIENT not working through Management Gateway. CR00094143 -- It's now possible to disable CUSTJOB processing of LOCEXEC commands. Local commands can be disabled by creating a DWORD value named 'DisableLocalCmds' and setting it to a non-zero value under the 'HKEY_LOCAL_MACHINE\SOFTWARE\Intel\LANDesk\LDWM\CustJob' registry key. CR00096746 -- When multicasting dependent packages, only the primary package is multicast. CR00097468 -- 8.1 clients not resolved in 8.7 and 8.6.x until they run AMCLIENT /APM. CR00097885 -- After installing "Japanese" Package Builder using JPNSETUP.EXE, the installed Package Builder is in English. CR00100951 -- When the user runs a policy distribution & has our antivirus installed the distribution fails. CR00102197 -- Adobe Flash Player 9 plugin does not function without administrator privileges after installing LDMS 8.7.1 agent. CR00102541 -- Policies ran through the LANDesk gateway do not send status back to the core. CR00103440 -- Balloon window notifies users of OSD operations (should be silent). CR00103454 -- Policy-based delivery does not work when using custom Device IDs from ldiscan.cfg file. CR00104998 -- Conti: SchedQry.exe /allqueries takes up to 6 hours after migration to 8.71 not allowing tasks to run. CR00105841 -- ER: Need ability to define port along with preferred server. CR00106133 -- TMCSVC.EXE crashes when outputting file list. CR00106137 -- Cached files that pass expiry time are not getting deleted from cache or the registry. CR00106270 -- Preferredserver.dat does not get created when using Management Gateway for software distribution. CR00107142 -- All subnets are parsed when targeting a task for only one MDR. CR00107453 -- "Add New Group" option is greyed out in Scheduled Tasks for customers with a Patch-only license. CR00107685 -- Need the ability to pass Novell Authentication information when using preferred servers. CR00108090 -- APM Service will stop responding to requests from amclient until restarted. This happens frequently (2-3 times/week). CR00108229 -- Balloon notification says "Installing Software" when its uninstalling. CR00109340 -- WOL targets the wrong NIC in laptops. CR00109798 -- AD lookup by amclient is causing excessive network traffic. CR00109973 -- TMC does not check for space before downloading file. CR00110034 -- Softmon.exe crash occasionally. CR00110417 -- Global scheduler hang causes tasks to remain in Waiting state. CR00110846 -- Uninstall fails for any package built with Package Builder. CR00110928 -- Amclient has 3 minute delay in contacting core when running on Windows NT. CR00111920 -- Policy tasks started from a remote console fail 40% of the time. CR00112278 -- Synchronization between Scripts directory and Oracle database times out in Web console. CR00112488 -- Software distribution to Windows Vista client with UAC enabled fails. CR00112577 -- Schedldapresolver needs to processes all policies. CR00113033 -- Amclient not applying certain policies when launched by the local scheduler. CR00113458 -- SWD: Preferred server missing from Preferredservers.dat. CR00113621 -- SWD: Software distribution task built with incorrect levels value. CR00114139 -- ER: Ability to define the path of the log file for an MSI install. CR00114421 -- AMCLIENT making full-tree NDS-requests - causes NDS to grind to a halt / AMCLIENT taking forever to proceed. CR00114501 -- Custom deferral message breaks Push and Policy-Supported Push. CR00114620 -- Policy-based software distribution randomly fails. CR00114653 -- SWD: SDCLIENT.EXE fails to download files from redirected URL’s that contain spaces. CR00114792 -- SDCLIENT can no longer work through LDMG with Vodafone G3 Software. CR00114898 -- SDClient.exe exception when installing application with feedback. CR00116474 -- FR: On French clients, the AMClient installation notice doesn't show the Package Name. Software License Monitoring ------------------------------ CR00115955 -- GatherProducts.exe is seeking the floppy drive and remains active for about 2hrs. CR00116030 -- Unable to import licenses in SLM when two automatically discovered products have the same name. CR00119191 -- SLM compliance group installations do not report correctly when scopes are applied. CR00122646 -- Softmon giving Dr. Watson errors at startup and shutdown. CR00124021 -- SLM: Adding files to custom product definition causes the console to crash or become unresponsive. ------------------------------ Fixed in previous SP release ------------------------------ CR00072699 -- Importing SLM data from an 8.1 core does not show the files being monitored for a licensed product. CR00097851 -- After choosing "Not in product", the list of files disappears in SLM. CR00098346 -- Softmon reports the wrong user. It reports administrators vs administrator. CR00102645 -- Files missing after canceling an edit. CR00103704 -- SOFTMON does not block applications run from network shares. CR00104690 -- Automatically discovered products are not populating with the correct machines. CR00109354 -- Product is being disassociated from a client when the hash changes. CR00112969 -- SLM Compliance Group shows different results from the individual application within the compliance group. CR00113479 -- Client will disappear from an automatically discovered product even if the software is still installed on the machine. CR00113720 -- SLM Windows console is extremely slow during refresh. CR00113794 -- SLM: "OleMainThreadWndName" error when shutting down a Windows NT 4 client. CR00113799 -- Applications blocked by SLM run after the executable is renamed. CR00114329 -- Importing licenses from an XML file does not function in 8.7 SP3. CR00115955 -- GatherProducts.exe is seeking the floppy drive and remains active for about 2hrs. Trusted Access ------------------------------ CR00118200 -- If a custom definition is used for compliance but cannot be repaired it does not get published. ------------------------------ Fixed in previous SP release ------------------------------ CR00100373 -- LTA is sending the primary NIC address in the DHCP inform packet. CR00103565 -- LANDesk content cannot be used for compliance in LDDCHP or NAC. CR00115007 -- LTA NAC - Cannot schedule an inventory/vulscan through right-click in the Console. Unmanaged Device Discovery ------------------------------ CR00114651 -- UDD scans have lost results function since 8.5 with printers. ------------------------------ Fixed in previous SP release ------------------------------ CR00066317 -- (UDD) scan time, date and number of times is incorrect due to removal and rediscovery of a device. CR00095176 -- UDD can't detect client if certain double-byte character is in the workgroup name. CR00099526 -- Ambiguous error message when setting up discovery parameters. CR00100218 -- Localization issue in XDD dialog. CR00100558 -- XDD will not resolve any device names. CR00106960 -- XDD Creates duplicates in UDD list. CR00110401 -- XDD file processing is causing excessive handles in scheduler service. CR00110984 -- XDD is crashing 2003 servers. Web Console ------------------------------ CR00114102 -- Web Console performance becomes extremely sluggish after connecting to Active Directory in RBA. CR00116482 -- Security log is not viewable from the server info view. CR00117144 -- No option to use Management Gateway remote control in off-core Web console. CR00118389 -- WEB: Unable to delete machines from an off-core Web console server. CR00122135 -- Error message when Accessing Scripts in Web Console in Cluster configuration. ------------------------------ Fixed in previous SP release ------------------------------ CR00080521 -- 'Vulnerability Threat Overview' report errors for users with a limited scope. CR00087504 -- Unable to view the scheduled task in the Web console. User has 1400+ scheduled tasks. CR00091353 -- Script error in the Web console when trying to edit a software distribution job. CR00096974 -- FRA: Error when saving new column configurations in the Web console. CR00099525 -- Security Suite widgets in the Executive Dashboard cause database performance to degrade to the point that database calls will time out throughout the product. CR00102652 -- Scan from Web console throws error "Collector returned status 404 on Provider /lvl1inventory." CR00106947 -- Rollup core Web console, replicate to cores fail as "Task Handler encountered an error" for public queries. CR00111075 -- Cannot right click on a system and get an inventory scan from a machine in the Web console unless LSM is installed. CR00111216 -- Remote control fails from "All Devices" but works properly from "Remote Control". CR00113341 -- Sort Application Suite list by Name or allow user to sort by any column. CR00114803 -- WEB: "A DropDownList cannot have multiple items selected" error occurs when running a report. *Other names and brands may be claimed as the property of others. LANDesk retains the right to make changes to this document or related product specifications and descriptions at any time, without notice. LANDesk makes no warranty for the use of this document and assume no responsibility for any errors that can appear in the document nor does it make a commitment to update the information contained herein.