Installation Instructions for Hot Fix L50018

Linux for x64


Hot fix L50018 addresses the issue(s) in SAS Fraud Management 3.3_M1 as documented in the Issue(s) Addressed section of the hot fix download page:
https://tshf.sas.com/techsup/download/hotfix/HF2/L50.html#L50018

L50018 is a "container" hot fix that contains the following "member" hot fixes which will update the software components as indicated.
L70008  updates  SAS Fraud Management Alert Generation Server 3.3_M1
L55005  updates  SAS Fraud Management Common Macros 3.3_M1
L51017  updates  SAS Fraud Management Mid-Tier 3.3_M1 ***
L77002  updates  SAS Fraud Management Multi Entity History DB Maintenance Macros 3.3_M1
L53012  updates  SAS Fraud Management Reporting History DB Maintenance Macros 3.3_M1
L54004  updates  SAS Fraud Management Reporting History ETL Server Macros 3.3_M1
L68004  updates  SAS Fraud Management Scoring Engine 3.3_M1
L64008  updates  SAS Fraud Management System of Record DB Maintenance Macros 3.3_M1
L52010  updates  SAS Fraud Management Transaction Extensions 3.3_M1

*** member hot fixes that have been updated since the previously released hot fix (L50017)

See What is a container hot fix? in the Hot Fix FAQ for more information about container hot fixes.


HOT FIX COMPONENT HISTORY

Software Component Server L50001 HF1 L50002 HF2 L50003 HF3 L50004 HF4 L50005 HF5 L50006 HF6 L50007 HF7 L50008 HF8 L50009 HF9 N/A HF10 L50010 HF11 L50011 HF12 L50012 HF13 L50013 HF14 L50014 HF15 L50015 HF16 L50016 HF17 L50017 HF19 L50018 HF20
SAS FM Alert Generation Server 3.3_M1AGS L70001L70002-L70003L70004-L70005-L70006----L70007--L70008--
SAS FM Common Macros 3.3_M1Rules Server/AGS/JOSE L55001L55002-----L55003L55004----L55005-----
SAS FM Mid-Tier 3.3_M1Midtier L51001L51002L51003L51004L51005L51006L51007L51008L51009-L51010L51011-L51012L51013L51014L51015L51016L51017
SAS FM Multi Entity History DB Maintenance Macros 3.3_M1JOSE L77001L77002-----------------
SAS FM Reporting History DB Maintenance Macros 3.3_M1Rules Server/AGS L53001L53002-L53003-L53004-L53005L53006-L53007L53008-L53009L53010L53011-L53012-
SAS FM Reporting History ETL Server Macros 3.3_M1Rules Server/AGS L54001L54002--------L54003---L54004----
SAS FM Scoring Engine 3.3_M1JOSE L68001L68002--L68003---------L68004----
SAS FM System of Record DB Maintenance Macros 3.3_M1AGS L64001L64002-L64003-L64004-L64005L64006-L64007----L64008---
SAS FM Transaction Extensions 3.3_M1Rules Server/AGS/JOSE L52001L52002L52003--L52004-L52005L52006---L52007L52008-L52009-L52010-


PRE-INSTALLATION INSTRUCTIONS

  1. Create a Deployment Registry report:

    Before applying this hot fix, follow the instructions in SAS Note 35968 to generate a SAS Deployment Registry report.

    Commands to create the report:
    1. cd <SASHome>/deploymntreg
    2. <JAVA_HOME>/bin/java -jar sas.tools.viewregistry.jar

    Two files are created: DeploymentRegistry.txt and DeploymentRegistry.xml. Either of these files can be used to verify that the appropriate product releases are installed on your system. The release number information in the Deployment Registry report should match the 'member' release number provided above for the software components installed on each machine in your deployment. In addition, you can determine the current hot fix level by comparing the the software component information in the chart above with the Deployment Registry report.


INSTALLATION

  1. Backups:  Files delivered in this hot fix will be backed up during the installation process. However, it is good general practice to back up your system before applying updates to software.

    Backup the following:

    1. The <SASHOME> directory, including the <CONFIGDIR> directory
    2. Each database that will be updated by this hot fix. Review the POST-INSTALLATION INSTRUCTIONS section to determine if there are database updates.

    For a detailed list of updated files, see the hot fix manifest.  NOTE: The manifest is cumulative for all hot fixes for this release.

  2. Stop Servers:  The AGS server and the JOSE server must be stopped via the command line before installing this hot fix. In addition, all batch jobs running against the SAS FM databases should be paused.
  3. Important:  Install this hot fix using the same userid who performed the initial software installation.
  4. Install the hot fix using the SAS Deployment Manager:

    Hot Fix L50018 must be installed on each machine where the updated components of the product, listed above, are installed. During the installation process you may see references to all operating systems for which updates are provided in the hot fix. The installation process will determine the operating system and which component(s) of SAS Fraud Management 3.3_M1 require updating on the machine. See SAS Note 44810 for more details.

    The hot fix will be applied using the SAS Deployment Manager. By default, the SAS Deployment Manager will search in the <SASHOME>/InstallMisc/HotFixes/New directory for hot fixes to be applied, but will also prompt for a location if you have downloaded hot fixes to a different directory. Do NOT extract the contents of   L50018pt.zip into the selected directory. The hot fix installation process will extract the contents as needed.

    After copying L50018pt.zip, follow the instructions for applying hot fixes in the SAS Deployment Wizard and SAS Deployment Manager 9.3: User's Guide.

    Note:   If this hot fix has been previously installed, use the -reinstallhotfix option when running the SDM. If friendly fixes have been previously installed, use the -alwaysoverwrite option.


    The hot fix installation process generates the log file

    <!SASHOME>/InstallMisc/InstallLogs/IT_date-and-time-stamp.log
    for example, IT_2011-10-31-13.18.21.log. Each attempt to apply a hot fix results in the creation of a new log file giving detailed information regarding the installation process.

    Postexec log files are created after the installation is completed and identifies the files that were added, backed up, changed and removed. These log files include the 'member' hot fix id in the name of the file and are also written to the <!SASHOME>/InstallMisc/InstallLogs directory. There is one postexec log for each 'member' hot fix applied (member hot fixes are listed at the top of these instructions).


POST-INSTALLATION INSTRUCTIONS

  1. Update the Databases:

    Database updates are generally performed by the DBA. The files required are found in the Miscellaneous directory in the L50018pt.zip file and must be manually extracted and copied to a location accessible by the DBA.

    1. Create a "L50018pt" directory on your machine and unzip the contents of L50018pt.zip into that directory.
    2. Go to the L50018pt/Miscellaneous directory.
    3. Based on the table below, determine which files need to be run and copy those files to the appropriate database server. The instructions for each file should be reviewed before running each update.

      The SAS Deployment Registry report created in the PRE-INSTALLATION INSTRUCTIONS step can be used to determine the current hot fix level. Files included in previous hot fixes should NOT be run again.
    4. Vendor Database Hot fix File Instructions
      DB2RHHF1rpthist_db2_upgrade_3.3.1.1.tar RH_DB2 updates (1): Installation Instructions for RH_DB2 updates (1)
      DB2RHHF2rpthist_db2_upgrade_3.3.1.2.tar RH_DB2 updates (2): Installation Instructions for RH_DB2 updates (2)
      DB2RHHF5rpthist_db2_upgrade_3.3.1.5.tar RH_DB2 updates (3): Installation Instructions for RH_DB2 updates (3)
      DB2RHHF11rpthist_db2_upgrade_3.3.1.11.tar RH_DB2 updates (4): Installation Instructions for RH_DB2 updates (4)
      DB2SORHF1sor_db2_upgrade_3.3.1.1.tar SOR_DB2 updates (1): Installation Instructions for SOR_DB2 updates (1)
      DB2SORHF2sor_db2_upgrade_3.3.1.2.tar SOR_DB2 updates (2): Installation Instructions for SOR_DB2 updates (2)
      DB2SORHF5sor_db2_upgrade_3.3.1.5.tar SOR_DB2 updates (3): Installation Instructions for SOR_DB2 updates (3)
      DB2SORHF8sor_db2_upgrade_3.3.1.8.tar SOR_DB2 updates (4): Installation Instructions for SOR_DB2 updates (4)
      DB2SORHF9sor_db2_upgrade_3.3.1.9.tar SOR_DB2 updates (5): Installation Instructions for SOR_DB2 updates (5)
      DB2SORHF11sor_db2_upgrade_3.3.1.11.tar SOR_DB2 updates (6): Installation Instructions for SOR_DB2 updates (6)
      DB2SORHF14sor_db2_upgrade_3.3.1.14.tar SOR_DB2 updates (7): Installation Instructions for SOR_DB2 updates (7)
      DB2SORHF15sor_db2_upgrade_3.3.1.15.tar SOR_DB2 updates (8): Installation Instructions for SOR_DB2 updates (8)
      DB2SORHF16sor_db2_upgrade_3.3.1.16.tar SOR_DB2 updates (9): Installation Instructions for SOR_DB2 updates (9)
       
      OracleMEHHF1meh_oracle_upgrade_3.3.1.1.tar MEH_Oracle updates: Installation Instructions for MEH_Oracle updates
      OracleRHHF1rpthist_oracle_upgrade_3.3.1.1.tar RH_Oracle updates (1): Installation Instructions for RH_Oracle updates (1)
      OracleRHHF2rpthist_oracle_upgrade_3.3.1.2.tar RH_Oracle updates (2): Installation Instructions for RH_Oracle updates (2)
      OracleRHHF5rpthist_oracle_upgrade_3.3.1.5.tar RH_Oracle updates (3): Installation Instructions for RH_Oracle updates (3)
      OracleRHHF9rpthist_oracle_upgrade_3.3.1.9.tar RH_Oracle updates (4): Installation Instructions for RH_Oracle updates (4)
      OracleRHHF11rpthist_oracle_upgrade_3.3.1.11.tar RH_Oracle updates (5): Installation Instructions for RH_Oracle updates (5)
      OracleSORHF1sor_oracle_upgrade_3.3.1.1.tar SOR_Oracle updates (1): Installation Instructions for SOR_Oracle updates (1)
      OracleSORHF2sor_oracle_upgrade_3.3.1.2.tar SOR_Oracle updates (2): Installation Instructions for SOR_Oracle updates (2)
      OracleSORHF3sor_oracle_upgrade_3.3.1.3.tar SOR_Oracle updates (3): Installation Instructions for SOR_Oracle updates (3)
      OracleSORHF5sor_oracle_upgrade_3.3.1.5.tar SOR_Oracle updates (4): Installation Instructions for SOR_Oracle updates (4)
      OracleSORHF8sor_oracle_upgrade_3.3.1.8.tar SOR_Oracle updates (5): Installation Instructions for SOR_Oracle updates (5)
      OracleSORHF9sor_oracle_upgrade_3.3.1.9.tar SOR_Oracle updates (6): Installation Instructions for SOR_Oracle updates (6)
      OracleSORHF11sor_oracle_upgrade_3.3.1.11.tar SOR_Oracle updates (7): Installation Instructions for SOR_Oracle updates (7)
      OracleSORHF14sor_oracle_upgrade_3.3.1.14.tar SOR_Oracle updates (8): Installation Instructions for SOR_Oracle updates (8)
      OracleSORHF15sor_oracle_upgrade_3.3.1.15.tar SOR_Oracle updates (9): Installation Instructions for SOR_Oracle updates (9)
      OracleSORHF16sor_oracle_upgrade_3.3.1.16.tar SOR_Oracle updates (10): Installation Instructions for SOR_Oracle updates (10)
       
      TeradataRPTHISTHF11teradata_rpthist_upgrade_3.3.1.11.tar RPTHIST_Teradata updates (1): Installation Instructions for RPTHIST_Teradata updates (1)


  2. (Step introduced in HF1, skip if already done)  Copy the updated SAS Fraud Management Reporting History DB Maintenance Macros files to the appropriate configuration directories.

    You must be logged in to the SAS Fraud Management ETL Server host machine as the configuration user.

    1. Navigate to $SASROOT/misc/fsmrh/data.
    2. Copy the frx_scd_column.csv to <implement_root>/dbloader/data/sas
    3. Copy the frx_scd_column_maint.csv to <implement_root>/dbmaint/data/sas
    4. Copy the frx_scd_column_upgrade.csv to <implement_root>/dbmaint/data/sas

  3. (Step introduced in HF2, skip if already done)  Set the test_area_path and test_area_path_webapp properties.

    A new property, test_area_path_webapp, has been created as part of this hot fix. This property is closely related to the property "test_area_path". Both properties can be found on the SAS Fraud Management web application under the Preferences tab. From the Preferences tab, select System Properties -> Rule Testing.

    The value for both of these properties needs to be set to a logical location that is shared between the server running WebSphere and the server hosting the SAS IOM Server. If the properties are not set correctly, rule testing may fail.

    It is suggested that the TestArea directory should be in the same location as the Estimates directory as defined in the properties "estimate_results_dir_sasiom" and "estimate_results_dir_webapp" found in the Preferences Tab under System Properties -> Estimation.

  4. (Step introduced in HF2, skip if already done)  Alternate connection method for Oracle Databases

    Use the following instructions if an alternate connection method from the Alert Generation Server (AGS) to an Oracle database is desired. 

    1. After applying this hot fix, edit $SASFMCP_IMPLEMENT_HOME/ags/etc/ags_env and insert this line at the bottom of the file:
      # export ORACLE_URL_TEMPLATE=jdbc:oracle:thin:@host:port:sid;
    2. Uncomment the line and save the file.
    3. Restart the Alert Generation Server.

    Note:  The host, port, and sid values in the URL will be substituted by AGS.

  5. (Step introduced in HF14, skip if already done -OR- if SSL will not be implemented)  AGS SSL Support for MQ

    Overview
    AGS has a requirement from several customers to support SSL client connection to WebSphere MQ Queue Managers.  Today, AGS only support SSL to Queue Managers used for XAMS.  This information covers the enhancement which will allow AGS to use SSL client connections to Queue Managers used for the inbound, SAF and Reject queues.

    Restrictions
    Customers using the XAMS feature of the AGS are affected by the following restriction.  AGS will not support different SSL options for the same AGS instance.  The limitation is related to the SSL Key Store and the password used to access that Key Store.  The same password and location must be used for the Key Stores defined for the XAMS queue manager and the queue manager used for the inbound, SAF and Reject queues.  NOTE:  The passwords are actually stored in the OMR (Metadata Server) and the passwords for XAMS user and the AGS MQ user (a new user id) must be the same.

    Configuration
    AGS will rely on several new configuration properties to manage the SSL connection in MQ.  These properties are:
    ags_mq_ssl_cipher_suite Specifies the SSL Cipher Suite.  If not null, then SSL will be enabled.  In testing, ags_mq_ssl_cipher_suite property value was set to SSL_RSA_WITH_3DES_EDE_CBC_SHA while the MQ Channel SSL Cipher Spec was set to TLS_RSA_WITH_3DES_EDE_CBC_SHA.
    ags_mq_ssl_truststore Specifies the location of the SSL TrustStore
    ags_mq_ssl_keystore Specifies the location of the SSL KeyStore
    ags_mq_ssl_fips_required Indicates if FIPS is required
    ags_mq_channel Optional, depending on your configuration you may need to create a separate MQ channel dedicated to SSL.

    Metadata Server Configuration
    In addition, a new user group will be required to be added to the Metadata Server via the SAS Management Console.  The group name can be anything, agsssl_Group for example.  Once you have the group created click the Accounts tab and create a new account by Clicking New. There are two fields to complete, User ID and Password.  The user ID must follow the convention agsssl_<AuthDomain>.  The <AuthDomain> should be the authentication domain your AGS user is in.  The password should be the same password of your java keystore that was created to facilitate the SSL encryption.  This account is only in the SAS Management Console and does not need to be created at the operating system level.  Last, select the authentication domain in the drop down box associated with your installation.

    SQL for new properties
    See the DDL package released with this hotfix.

  6. (Step needed only if "SAS Fraud Management Mid-Tier" component was updated)  Update the web application deployed to your application server:

    1. Re-build Web Applications

      In order for this step to execute correctly, the Metadata Server must be running.

      1. Set the DISPLAY environment variable, for example
        $ export DISPLAY=<displayname>:0
      2. Invoke the SAS Deployment Manager 9.3

        From the SASDeploymentManager directory execute sasdm.sh, for example

        $ cd <SASHOME>/SASDeploymentManager/9.3
        $ ./sasdm.sh
      3. Select a language in the Choose Language box
      4. Select Rebuild Web Applications
      5. Select Configuration Directory or Enter the Configuration Directory and Level that needs to be updated
      6. Specify Connection Information, including the sasadm User ID and Password
      7. Select SAS Fraud Management Mid-Tier as the Web Application to Rebuild
      8. Verify the information on the Summary screen and select Start
      9. Select Finish when the deployment is complete

      This process will update the Fraud Management ear in <CONFIGDIR>/Lev1/Web/Staging. A backup of the original ear file will be placed in the Backup directory.

    2. Re-deploy Web Applications

      If the environment is not configured to auto deploy, perform the following steps manually after the hot fix has been applied to the Midtier server and the applications have been rebuilt via the SAS Deployment Manager:

      From the WebSphere Console:
      1. Uninstall the SAS Fraud Management application under applications
      2. Install new SAS Fraud Management application from either a local file system on "PC" or from a remote file system "On the WebSphere server"
        1. Click ADD
        2. Select Local or Remote. Remote will be located under <CONFIGDIR>/Lev1/Web/Staging
        3. Add new application, assign proper JDBC and JMS resources as defined per your configuration.
        4. Once application is installed, a restart of the WebSphere Application server must be completed.

      3. Logon to Fraud Management Midtier to test.

      See SAS 9.3 Intelligence Platform Middle-Tier Administration Guide, Chapter 7, for more details on Re-deploying Web Applications.

  7. Start Servers:  Start the JOSE server and then the AGS server via the command line. Start any batch jobs that were paused before the installation.
  8. Create a final Deployment Registry report:

    Run a new SAS Depployment Registry report following the same steps as in the PRE-INSTALLATION INSTRUCTIONS. The new report files will overwrite the existing ones. To retain the old files, save them to a new location or rename them before running the commands.

    Please send a copy of the final Deployment Registry report to SAS Fraud Management support.



This completes the installation of hot fix L50018 on Linux for x64.