IZ14998: WINDOWS RM AGENT DOES NOT TRANSLATE MEMBERID/TARGET_ACCOUNTID FR OM SID WHEN READING EVENTLOG

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Problem Description:
    .
    The Tivoli Risk Manager agent on Windows does not
    translate Member ID and Target Account ID from Security
    Identifier (SID) format into domain account name format
    when reading from the Eventlog
    Example of required conversion:
    Member ID: %{S-1-5-21-1482476501-527237240-725345543-1003}
    Target Account Name: Backup Operators
    Target Domain: Builtin
    Target Account ID: %{S-1-5-32-551}
    VERSUS
    Member ID: HOLSTON\tmersrvd
    Target Account Name: Backup Operators
    Target Domain: Builtin
    Target Account ID: BUILTIN\Backup Operators
    The suggested resolution is to use "ConvertStringSidToSid
    () function to convert %{S-1-...} strings to a SID
    structure, then call LookupAccountSid() to create an
    account string. These APIs are supported on Windows 2000,
    XP and 2003, according to the MSDN site
    http://windowssdk.msdn.microsoft.com/en-
    us/library/ms718710.aspx.  Header file is Sddl.h
    and the DLL to link with is Advapi32.dll.
    In order to "see" the SID API definitions in < Sddl.h >, it
    is necessary to #define _WIN32_WINNT  >= 0x0500 in the
    source before including the header file.
    .
    Failing Component: "custom" winHIDs
    .
    Customer Recreate Environment:
    .
    Note well: Customer rep does not have original winHIDs but
    a custom winHIDS..."TRM patterns /XML files"
    
    Win2003 SP1
    TRM 4.2 Fixpack1
    .
    Database: N/A
    TME Framework: N/A
    Install Method: N/A
    TEC Server: N/A
    TEC Gateway: N/A
    TEC UI Server: N/A
    TEC Console: N/A
    Risk Manager Server: 4.2 fp1
    Risk Manager Gateway: 4.2 fp1
    Risk Manager Agent: 4.2 fp1
    Websphere Server: N/A
    Endpoint Level: N/A
    TMR / TEC Same Machine: N/A
    Affected Locale: ALL
    .
    Collected Information:
    .
    Refer to text file on ECUREP
    .
    Last Known Good Level: N/A
    Level 3 Acknowledged: JR
    .
    Recreate Steps:
    .
    Install customer custom winHIDs (or original
    winHIDs also..as the same problem should exist in both) and
    capture output of "sendToFile" at the rmagent to check the
    values generated for Target Account ID and MemberID:
    Correct values:
    Member ID: HOLSTON\tmersrvd
    Target Account ID: BUILTIN\Backup Operators
    Incorrect values: (showing no conversion of SID)
    Member ID: %{S-1-5-21-1482476501-527237240-725345543-1003}
    Target Account ID: %{S-1-5-32-551}
    

Local fix

Problem summary

  • FIx delivered as TRM LA0002
    

Problem conclusion

  • Problem solved
    

Temporary fix

Comments

APAR Information

  • APAR number

    IZ14998

  • Reported component name

    TIVOLI RISK MGR

  • Reported component ID

    5698RMG01

  • Reported release

    420

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2008-02-07

  • Closed date

    2008-03-25

  • Last modified date

    2010-11-03

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    TIVOLI RISK MGR

  • Fixed component ID

    5698RMG01

Applicable component levels

  • R420 PSY

       UP



Rate this page:

(0 users)Average rating

Document information


More support for:

Tivoli Risk Manager

Software version:

420

Reference #:

IZ14998

Modified date:

2010-11-03

Translate my page

Machine Translation

Content navigation