Installation Instructions for Hot Fix C4E007

Linux for x64


Hot fix C4E007 addresses the issue(s) in SAS Fraud Management 4.4_M1 as documented in the Issue(s) Addressed section of the hot fix download page:

http://ftp.sas.com/techsup/download/hotfix/HF2/C4E.html#C4E007


C4E007 is a "container" hot fix that contains the following "member" hot fixes which will update the software components as needed.

D4U001  updates  SAS Fraud Management Common Macros 4.4_M1
C6G006  updates  SAS Fraud Management Decision Engine 4.4_M1***
C4F006  updates  SAS Fraud Management Mid-Tier 4.4_M1***
C6I003  updates  SAS Fraud Management Reporting History ETL Server Macros 4.4_M1
C8J002  updates  SAS Fraud Management Scoring Engine for zOS 4.4_M1***
C7Q002  updates  SAS Fraud Management System of Record DB Maintenance Macros 4.4_M1
C4G007  updates  SAS Fraud Management Transaction Extensions 4.4_M1***
C6H004  updates  SAS Fraud Transactional Analysis Engine 4.4_M1***

*** member hot fixes that have been updated since the previously released hot fix (C4E006)


See What is a container hot fix? in the Hot Fix FAQ for more information about container hot fixes.


HOT FIX COMPONENT HISTORY

Software Component Server C4E001 HF1 C4E002 HF2 C4E003 HF3 C4E004 HF4 C4E005 HF5 C4E006 HF6 C4E007 HF7
SAS FM Common Macros 4.4_M1 Batch Server (Unix) - - D4U001 - - - -
SAS FM Decision Engine 4.4_M1 Decision Server - C6G001 C6G002 C6G003 C6G004 C6G005 C6G006
SAS FM Mid-Tier 4.4_M1 Midtier - C4F001 C4F002 C4F003 C4F004 C4F005 C4F006
SAS FM Reporting History ETL Server Macros 4.4_M1 Batch Server (Unix) - C6I001 C6I002 - - C6I003 -
SAS FM Scoring Engine for zOS 4.4_M1 Decision Server - C8J001 - - - - C8J002
SAS FM System of Record DB Maintenance Macros 4.4_M1 Batch Server (Unix) - C7Q001 - C7Q002 - - -
SAS FM Transaction Extensions 4.4_M1 Decision Server (Unix), Rules Server (Unix), Scoring Server (Z64) C4G001 C4G002 C4G003 C4G004 C4G005 C4G006 C4G007
SAS Fraud Transactional Analysis Engine 4.4_M1 Transaction Analysis Server - C6H001 C6H002 C6H003 - - C6H004


IMPORTANT NOTE

CONFIGURATION: No automatic configuration scripting is included for this hot fix. If you have previously configured software installed, the SAS Deployment Manager may present a screen where you will see "Apply SAS Hot Fixes" and "Configure SAS Hot Fixes" options. On this screen, you must ensure that the "Configure SAS Hot Fix" option is *not* selected. If this option is automatically selected, please de-select it prior to proceeding with the SAS Deployment Manager Screens. Failure to do so could have unintended consequences when applying this hot fix.


PRE-INSTALLATION INSTRUCTIONS

  1. Important: If your current system is at 4.4M1 HF2 (Version 5 Release 9) or lower and your Multi-Entity History (MEH) database is Oracle, please read SAS Note 63933 carefully before beginning this hot fix install.
  2. Create a Deployment Registry report on each server:

    Before applying this hot fix, follow the instructions in SAS Note 35968 to generate a SAS Deployment Registry report.

    Commands to create the report:
    1. cd <SASHome>/deploymntreg
    2. <JAVA_HOME>/bin/java -jar sas.tools.viewregistry.jar

    Two files are created: DeploymentRegistry.txt and DeploymentRegistry.html. Either of these files can be used to verify that the appropriate product releases are installed on your system. The release number information in the Deployment Registry report should match the 'member' release number provided above for the software components installed on each machine in your deployment. In addition, you can determine the current hot fix level by comparing the HOT FIX COMPONENT HISTORY chart above with the hot fix entries in the Deployment Registry report.

  3. Backups:  Files delivered in this hot fix will be backed up during the installation process. However, it is good general practice to back up your system before applying updates to software.

    Backup the following on each Server:

    1. <SASHOME> directory
    2. <CONFIGDIR> directory
    3. Database(s) that will be updated by this hot fix. Review the POST-INSTALLATION INSTRUCTIONS: DATA TIER section to determine if there are database updates.

    For a detailed list of updated files, see the hot fix manifest.  NOTE: The manifest is cumulative for all hot fixes for this release.

  4. Stop Servers:

    1. Stop the OnDemand Decision Engine (ODE) server(s).
      $ cd <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/bin
      $ ./ose.sh stop
    2. Stop the Transactional Analysis Server (TAS).
      $ cd <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/analysis/bin
      $ ./tas.sh stop
    3. All batch jobs running against the SAS FM databases should be paused.


SERVER INSTALLATION

  1. Important:  Install this hot fix using the same userid who performed the initial software installation.
  2. Install the hot fix using the SAS Deployment Manager (SDM):

    Hot Fix C4E007 must be installed on each machine where the updated components of the product, listed above, are installed.

    The hot fix will be applied using the SAS Deployment Manager (SDM). By default, the SDM will search in the <SASHOME>/InstallMisc/HotFixes/New directory for hot fixes to be applied, but will also prompt for a location if you have downloaded hot fixes to a different directory. Do NOT extract the contents of   C4E007pt.zip into the selected directory. The hot fix installation process will extract the contents as needed.

    After copying C4E007pt.zip, follow the instructions for applying hot fixes in the SAS Deployment Wizard and SAS Deployment Manager 9.4: User’s Guide.

    For example:

    1. Set the DISPLAY environment variable, for example
      $ export DISPLAY=<displayname>:0
    2. From the SASDeploymentManager directory execute sasdm.sh

      $ cd <SASHOME>/SASDeploymentManager/9.4
      $ ./sasdm.sh

    Notes:

    The hot fix installation process generates the log file

    <!SASHOME>/InstallMisc/InstallLogs/IT_date-and-time-stamp.log
    For example, IT_2020-03-10-21.15.48.log. Each attempt to apply a hot fix results in the creation of a new log file giving detailed information regarding the installation process.

    Postexec log files are created after the installation is complete. These log files identify the files that were added, backed up, changed and removed. These log files include the 'member' hot fix id in the name of the file and are also written to the <!SASHOME>/InstallMisc/InstallLogs directory. There is one postexec log for each 'member' hot fix applied (member hot fixes are listed at the top of these instructions).


POST-INSTALLATION INSTRUCTIONS: SERVER TIER

    This section describes custom steps that depend on the starting version of your system before this hot fix was installed. Locate your starting version in the first column of the table below and perform only those steps listed in the second column for that version.

    Starting Version Steps
    4.4M1(No Hot Fix)
    or
    4.4M1 HF1
    or
    4.4M1 HF2

    Steps for upgrade from base 4.4M1 or HF1 or HF2 to HF7

    1. Update TAS Script Files:

      IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions.

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/analysis/bin directory.
      2. Copy these files:
        • esrt.sh
        • esrt_tests.sh
        • functions.sh
        • tas-esc.sh
        • tas.sh
        • wipeout.sh

        From: <SASHOME>/SASFraudTransactionalAnalysisEngine/4.4/Config/bin
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/analysis/bin

    2. Update TAS Server Property File:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/analysis/etc/tas.properties file.
      2. Merge the updates
        From: <SASHOME>/SASFraudTransactionalAnalysisEngine/4.4/Config/etc/tas.properties.orig
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/analysis/etc/tas.properties

    3. Update ODE Server Configuration Files:

      IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions.

      On each ODE Server:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/etc directory.
      2. Copy these files:
        • actions.xml
        • database.xml
        • log4j2-test.xml
        • ose.xml
        • post-score-actions.xml
        • jms.xml
        • redis.xml
        • txn.xml

        From: <SASHOME>/SASFraudManagementDecisionEngine/4.4/Config/etc
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/etc

    4. Update ODE Server Property File:

      On each ODE Server:

      Merge the updates
      From: <SASHOME>/SASFraudManagementDecisionEngine/4.4/Config/etc/ose.properties.orig
      To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/etc/ose.properties

    5. Update ODE Script Files:

      IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions.

      On each ODE Server:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/bin directory.
      2. Copy these files:
        • ose.py
        • msgapi_pb2.py
        • ose.sh
        • jose.sas

        From: <SASHOME>/SASFraudManagementDecisionEngine/4.4/Config/bin
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/bin

    6. Update DBMS Configuration File:

      On each ODE Server:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/dbms/etc/initialLoad.xml file.
      2. Merge the updates
        From: <SASHOME>/SASFoundation/9.4/misc/fsmcm/dbms/etc/initialLoad.xml.orig
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/dbms/etc/initialLoad.xml

    7. Update DBMS Script File:

      On each ODE Server:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/dbms/bin/tdrddl.sh file.
      2. Merge the updates
        From: <SASHOME>/SASFoundation/9.4/misc/fsmcm/dbms/bin/tdrddl.sh.orig
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/dbms/bin/tdrddl.sh
    8. Update Common Point of Purchase (CPP) SAS File:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/batch/cpp/src/sas/cpp_autoexec.sas file.
      2. Merge the updates
        From: <SASHOME>/SASFoundation/9.4/misc/fsmetl/source/cpp_autoexec.sas
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/batch/cpp/src/sas/cpp_autoexec.sas

    4.4M1 HF3

    Steps for upgrade from 4.4M1 HF3 to HF7

    1. Update ODE Server Configuration Files:

      IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions.

      On each ODE Server:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/etc directory.
      2. Copy these files:
        • actions.xml
        • ose.xml
        • post-score-actions.xml

        From: <SASHOME>/SASFraudManagementDecisionEngine/4.4/Config/etc
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/etc

    2. Update ODE Server Property File:

      On each ODE Server:

      Merge the updates
      From: <SASHOME>/SASFraudManagementDecisionEngine/4.4/Config/etc/ose.properties.orig
      To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/etc/ose.properties

    3. Update ODE Script Files:

      IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions.

      On each ODE Server:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/bin directory.
      2. Copy these files:
        • ose.py

        From: <SASHOME>/SASFraudManagementDecisionEngine/4.4/Config/bin
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/bin

    4.4M1 HF4
    or
    4.4M1 HF5

    Steps for upgrade from 4.4M1 HF4 or HF5 to HF7

    1. Update ODE Server Configuration Files:

      IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions.

      On each ODE Server:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/etc directory.
      2. Copy these files:
        • actions.xml
        • post-score-actions.xml

        From: <SASHOME>/SASFraudManagementDecisionEngine/4.4/Config/etc
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/etc

    2. Update ODE Script Files:

      IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions.

      On each ODE Server:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/bin directory.
      2. Copy these files:
        • ose.py

        From: <SASHOME>/SASFraudManagementDecisionEngine/4.4/Config/bin
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/bin
    4.4M1 HF6

    Steps for upgrade from 4.4M1 HF6 to HF7

    1. Update ODE Server Configuration Files:

      IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions.

      On each ODE Server:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/etc directory.
      2. Copy these files:
        • actions.xml

        From: <SASHOME>/SASFraudManagementDecisionEngine/4.4/Config/etc
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/etc

    2. Update ODE Script Files:

      IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions.

      On each ODE Server:

      1. Back up the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/bin directory.
      2. Copy these files:
        • ose.py

        From: <SASHOME>/SASFraudManagementDecisionEngine/4.4/Config/bin
        To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>/bin


POST-INSTALLATION INSTRUCTIONS: DATA TIER

  1. Execute SAS Fraud Management DBMS Package to Update the Databases

    1. The following table describes the database changes for each hot fix. The DBMS script for each database will examine the current state of the database and apply the required changes for the all previous hot fixes and the current hot fix.

      Vendor Database Hot fix Updates
      DB2 MEH HF2 Add stored procedures to support signature retrieval and updates from the ODE.
      Oracle MEH HF2
      • Introduce use of Oracle Packages for some stored procedures.
      • Add package procedure to support signature updates from ODE. Signature retrieval for Oracle delivered previously.
      DB2 and Oracle SOR HF2
      • Add new table FCM_ESTIMATE_RULE.
      • Add new properties: template.callScript.maxSize, analyst.memo.maxSize, analyst.memo.enableHTML.
      • Hide the fulfillment.enabled, fulfillment.white.list.alert.types, fulfillment.white.list.multiOrgIds properties.
      • Drop check constraint FCM_ENTITY_DETAIL_METADATA.CK_ENTITY_DETAIL_METADATA4.
      • Add TEMPLATE_CONTENT column to FCM_FIELD_DEFINITION and FCM_TEMPLATE tables.
      • Populate TEMPLATE_CONTENT column in FCM_TEMPLATE table from TEMPLATE_TEXT column.
      • Add MEMO_CONTENT and MEMO_PREVIEW columns to FCM_ALERT_FULFILLMENT table to support larger memo fields.
      • Populate MEMO_CONTENT and MEMO_PREVIEW columns in FCM_ALERT_FULFILLMENT table from MEMO_TEXT column.
      • Modified insert_alert_action, save_alert_fulfil, save_alert procedures to support FCM_ALERT_FULFILLMENT table changes.
      • (Oracle only) Introduce use of Oracle Packages for some stored procedures.
      DB2 and Oracle MEH HF3
      • Fix code in Oracle Packages that introduces deadlocks in High insert contentious scenarios.
      Oracle MEH HF3
      Please read SAS Note 63933 regarding this update.

      Important: If you have partition compression enabled, you must follow the steps in the SAS Note to manually add the database column to these tables before running the mehddl.sh to update the MEH.

      • Add Z_CONV_ID Column to FMH_Z_DATA and FMH_Z_DATA_00 - FMH_Z_DATA_33 tables to support Signature migration.
      • Add V_CONV_ID Column to FMH_V_DATA and FMH_V_DATA_00 - FMH_V_DATA_33 tables to support Signature migration.
      Oracle SOR HF3
      • Grant CREATE TABLE authorization to SAS_SOR_BATCH in Oracle.
      DB2 and Oracle SOR HF3
      • In initial load, the default grid has rqo_tran_date_alt and rqo_tran_time_alt fields in field_order=3. They should be 1 and 2 repectively. This change fixes the field_order.
      • Add OPERATIONAL_STATE column to FCM_RULE table to support disabling rules. 0- Not Disabled;1=disable for execution ;2=disabled for decisions.
      • Add CK_RULE_OPSTATE check constraint on OPERATIONAL_STATE column to FCM_RULE table.
      • Add the new privilege DISENARULE.
      • Add the new privilege "DISENARULE" to "Senior Rules Editor" role and the "Rules Administrator" role.
      • Add OPERATIONAL_TIME_LIMIT column to the FCM_RULE table to identify maximum expected rule execution time in microseconds.
      • Add the new property rule_time_limit.
      • Add the 375 characters srp_rule_overtime column to the SRP segment.
      • Update the SRP segment set SEGMENT_OSE_IO_TYPE "U".
      Oracle TDR HF3
      • Grant CREATE TABLE authorization to SAS_TDR_BATCH in Oracle.
      DB2 and Oracle TDR HF3
      • Add missing DUA Segments columns to the FCM_CCNM, FCM_CSNM, FCM_LCNM, FCM_MANM, FCM_NANM, FCM_SLNM tables.
      DB2 SOR HF4
      • Assign authorization to the temp tablespace to the SAS_SOR_APP role.
      DB2 MEH HF5
      • Cluster the primary key indexes on the FMH_V_DATA and FMH_Z_DATA partitioned tables. The change impacts new databases only.
      Oracle MEH HF5
      • Queries are changed from dynamic to static in the Oracle packages.
      Oracle TDR HF7
      • Update the decode_base64_signature function.

    2. Log on to the ODE Server as the SAS installation user.
    3. Change to the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/dbms/bin directory.
    4. (Optional) To preview the SQL for the changes that will be applied to each database, run the following commands:
      $ ./mehddl.sh preview
      $ ./sorddl.sh preview
      $ ./tdrddl.sh preview
    5. Run the database update scripts. Check each log for errors. By default, the logs are in <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/dbms/logs directory.
      $ ./mehddl.sh update
      $ ./sorddl.sh update
      $ ./tdrddl.sh update
      Notes:
      • You can run all three <db>ddl.sh scripts whether there are database changes or not. The DBMS package will determine what updates are needed and skip the rest. If you prefer, you can use the chart in the begining of this section to determine which databases have changes between your starting hot fix level and ending hot fix level and then run only scripts for those databases.
      • If a script fails with a checksum error, clear the checksums for the failed database:
        $ ./mehddl.sh clearCheckSums
        $ ./sorddl.sh clearCheckSums
        $ ./tdrddl.sh clearCheckSums
      • You can update the logging level and log file location the database properties files located in the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/dbms/etc directory.


POST-INSTALLATION INSTRUCTIONS: MID TIER

  1. Update the web application deployed to your application server:

    IMPORTANT: Perform this step only if "SAS Fraud Management Mid-Tier" component was updated by this hot fix.

    1. Re-build Web Applications

      In order for this step to execute correctly, the Metadata Server must be running.

      1. Set the DISPLAY environment variable, for example
        $ export DISPLAY=<displayname>:0
      2. Invoke the SAS Deployment Manager 9.4

        From the SASDeploymentManager directory execute sasdm.sh, for example

        $ cd <SASHOME>/SASDeploymentManager/9.4
        $ ./sasdm.sh
      3. Select a language in the Choose Language box
      4. Select Rebuild Web Applications
      5. Select Configuration Directory or Enter the Configuration Directory and Level that needs to be updated
      6. Specify Connection Information, including the sasadm User ID and Password
      7. Select SAS Fraud Management Mid-Tier as the Web Application to Rebuild
      8. Verify the information on the Summary screen and select Start
      9. Select Finish when the deployment is complete

      This process will update the Fraud Management ear in <CONFIGDIR>/Lev1/Web/Staging. A backup of the original ear file will be placed in the Backup directory.

    2. Re-deploy Web Application

      In order for this step to execute correctly, the Metadata Server must be running.

      1. Set the DISPLAY environment variable, for example
        $ export DISPLAY=<displayname>:0
      2. Invoke the SAS Deployment Manager 9.4

        From the SASDeploymentManager directory execute sasdm.sh, for example

        $ cd <SASHOME>/SASDeploymentManager/9.4
        $ ./sasdm.sh
      3. Select a language in the Choose Language box
      4. Select Deploy Web Applications
      5. Select Configuration Directory or Enter the Configuration Directory and Level that needs to be updated
      6. Specify Connection Information, including the sasadm User ID and Password
      7. Check the Allow the application server to stop checkbox
      8. Select SAS Fraud Management Mid-Tier as the Web Application to Deploy
      9. Verify the information on the Summary screen and select Start
      10. Select Finish when the deployment is complete

      See SAS 9.4 Intelligence Platform Middle-Tier Administration Guide for more details on deploying Web Applications.


POST-INSTALLATION: START SERVERS

  1. Redeploy Rules Files in SAS Fraud Management Web Application:

    Log in to the web application as a user with the privilege to deploy rules on the Console tab. Deploy all the existing rules files.

  2. Start Servers:

    1. Start the TAS server. Confirm there are no errors in the log.
      $ cd <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/analysis/bin
      $ ./tas.sh start tail
    2. Start the ODE server(s). Confirm there are no errors in the log.
      $ cd <CONFIGDIR>/Lev1/Applications/SASFraudManagement/4.4/<Auth-Domain>/engine/Server<n>bin
      $ ./ose.sh start tail
    3. Start any batch jobs that were paused before the installation.
  3. Create a final Deployment Registry report on each server:

    Run a new SAS Deployment Registry report following the same steps as in the PRE-INSTALLATION INSTRUCTIONS. The new report files will overwrite the existing ones. To retain the old files, save them to a new location or rename them before running the commands.

    Please send a copy of the final Deployment Registry report to SAS Fraud Management support.


This completes the installation of hot fix C4E007 on Linux for x64.


Copyright 2017 SAS Institute Inc. All Rights Reserved.