APAR status
Closed as program error.
Error description
Problem Description: . The Tivoli Risk Manager agent on Windows does not translate Member ID and Target Account ID from Security Identifier (SID) format into domain account name format when reading from the Eventlog Example of required conversion: Member ID: %{S-1-5-21-1482476501-527237240-725345543-1003} Target Account Name: Backup Operators Target Domain: Builtin Target Account ID: %{S-1-5-32-551} VERSUS Member ID: HOLSTON\tmersrvd Target Account Name: Backup Operators Target Domain: Builtin Target Account ID: BUILTIN\Backup Operators The suggested resolution is to use "ConvertStringSidToSid () function to convert %{S-1-...} strings to a SID structure, then call LookupAccountSid() to create an account string. These APIs are supported on Windows 2000, XP and 2003, according to the MSDN site http://windowssdk.msdn.microsoft.com/en- us/library/ms718710.aspx. Header file is Sddl.h and the DLL to link with is Advapi32.dll. In order to "see" the SID API definitions in < Sddl.h >, it is necessary to #define _WIN32_WINNT >= 0x0500 in the source before including the header file. . Failing Component: "custom" winHIDs . Customer Recreate Environment: . Note well: Customer rep does not have original winHIDs but a custom winHIDS..."TRM patterns /XML files" Win2003 SP1 TRM 4.2 Fixpack1 . Database: N/A TME Framework: N/A Install Method: N/A TEC Server: N/A TEC Gateway: N/A TEC UI Server: N/A TEC Console: N/A Risk Manager Server: 4.2 fp1 Risk Manager Gateway: 4.2 fp1 Risk Manager Agent: 4.2 fp1 Websphere Server: N/A Endpoint Level: N/A TMR / TEC Same Machine: N/A Affected Locale: ALL . Collected Information: . Refer to text file on ECUREP . Last Known Good Level: N/A Level 3 Acknowledged: JR . Recreate Steps: . Install customer custom winHIDs (or original winHIDs also..as the same problem should exist in both) and capture output of "sendToFile" at the rmagent to check the values generated for Target Account ID and MemberID: Correct values: Member ID: HOLSTON\tmersrvd Target Account ID: BUILTIN\Backup Operators Incorrect values: (showing no conversion of SID) Member ID: %{S-1-5-21-1482476501-527237240-725345543-1003} Target Account ID: %{S-1-5-32-551}
Local fix
Problem summary
FIx delivered as TRM LA0002
Problem conclusion
Problem solved
Temporary fix
Comments
APAR Information
APAR number
IZ14998
Reported component name
TIVOLI RISK MGR
Reported component ID
5698RMG01
Reported release
420
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2008-02-07
Closed date
2008-03-25
Last modified date
2010-11-03
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TIVOLI RISK MGR
Fixed component ID
5698RMG01
Applicable component levels
R420 PSY
UP
Rate this page:
Average rating
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.