Notes & Warnings

K2 v7.4 (2017-11-19 Image)  

(a yellow icon above, instead of green, indicates that this local document is not the latest -- the latest warnings are online)

Read this document for notes on bug fix or upgrade issues that warrant emphasis, explanation, or might otherwise be overlooked.

In addition to the specific warnings below, always consult the comprehensive list of all important bug fixes as documented in:

Component History (2017-11-19)

For information on the previous version, consult 7.3 Warnings & 7.3 History.

Partner Notes documents possible issues concerning any third party product which may have been purchased with pre-configured KeyServer control built in by the software publisher. [Note: the icon for a publisher supplied license certificate (.lic file) will appear in KeyConfigure's Licenses window with a green tint.]


KeyAccess versions up to 7.4.1.3 on Windows might not include certain editions of SQL Server in audit data (2017-10-08)

Versions of KeyAccess prior to 7.4.1.4 on Windows will only include the SQL Server program as part of the audit if that program has been executed on the client computer. Upgrade to version 7.4.1.4 as soon as possible to ensure that accurate audit data on SQL Server is collected.

KeyAccess 7.4.1.0 on Windows will send the fully qualified computer name (host.domain.org) instead of just the host name (2017-06-09)

The Windows version of KeyAccess 7.4.1.0 (and only that version) send the full computer name in contrast to previous versions, which sent only the host name. This can have an undesired effect on any computer group membership in externally managed groups, and on Division mapping for LDAP and Active Directory authentication methods. Upgrade to version 7.4.1.1 as soon as possible to avoid this potential problem, if you are using external groups or Division mapping. KeyAccess 7.4.1.1 reverts to the older default behavior.

KeyServer installers prior to 7.4.0.7 could potentially corrupt an internal database (2017-02-28)

As part of any server install or upgrade, the KeyServer installer runs KSdbConsist to check for and fix any problems in KeyServer's data. Earlier versions contain a bug that could corrupt one of the internal databases in such a way that the server would eventually crash. Upgrade to KeyServer 7.4.0.7 ASAP in order to fix any problems that might be present in existing data.

KeyAccess (Mac only) 7.4.0.7 changes how Stata is identified (2017-02-28)

Different editions of Stata are identified separately starting with KeyAccess 7.4.0.7. If you are using standard definitions of Stata products from PRS you will get the necessary updates for those products automatically, if PRS updates are enabled. If you have product definitions of your own that include Stata you should check that they contain the expected editions of the Stata programs, once you have installed the new KeyAccess on any Macs running Stata.

KeyAccess (Mac only) 7.4.0.2 through 7.4.0.5 have a bug that could cause a delay during user login (2016-12-10)

When a user logs in to a Mac, KeyAccess fails to connect immediately to KeyServer. The client will not be able to track or manage usage, and might block keyed programs, for a short time after user login. To avoid this problem, upgrade to KeyAccess 7.4.0.6 or higher as soon as possible.

KeyAccess 7.4.0.3 and 7.4.0.4 have a bug that records stand-alone AutoCAD using an identifier that is not in a product (2016-11-02)

Many AutoCAD-based programs are identified correctly by KeyAccess. For some stand-alone versions of AutoCAD, KeyAccess versions 7.4.0.3 and 7.4.0.4 might identify the main program in a way that it is not considered part of a Sassafras-defined (PRS) product. Upgrade to KeyAccess 7.4.0.5 to ensure that AutoCAD is properly identified in all cases.

KeyAccess 7.4.0.3 has a bug that could allow untracked offline usage of some policies (2016-10-12)

Policies set to have strict enforcement in certain cases would be allowed to run offline. To avoid this problem, upgrade to KeyAccess 7.4.0.4 or higher as soon as possible.

KeyAccess 7.4.0.0 through 7.4.0.2 have a bug that could cause the client to crash (2016-10-02)

If KeyAccess has been configured with a DNS name for KeyServer, and that name cannot be resolved to an IP address, the client process (KeyAccess service on Windows, "karl" daemon on Mac OS and linux) could crash. The client will not be able to track or manage usage until the service/daemon is relaunched, which happens automatically on computer restart (of course, with an unresolvable DNS name in place, the client was already not reporting data to the server). To avoid this problem, upgrade to KeyAccess 7.4.0.3 or higher as soon as possible.

KeyServer 7.4.0.0 and 7.4.0.1 might cause high memory utilization on Window Server 2008 -- upgrade to 7.4.0.2 to restore normal memory usage (2016-09-20)

Windows Server 2008 has a File System caching problem where very large files marked for "random access" will be mapped into virtual memory, causing high memory utilization on the system. This memory usage is accounted to the System, as it should be, so it is not clear that it is KeyServer's files that are being cached. The problem does not cause critical problems, although system performance can be sluggish.

KeyServer 7.4.0.0 can erroneously prevent clients from logging in -- upgrade to 7.4.0.1 ASAP to avoid this (2016-08-30)

KeyServer 7.4.0.0 has a bug where seats are not freed up in some cases, leading to clients being denied access to the server (and getting dialogs with errors such as KS-180). If you have this version of KeyServer installed, you should upgrade to 7.4.0.1 or higher ASAP so that correct usage events will be written. The one lasting side effect of this bug is that Histogram Login reports can show excessive logins.

Upgrade cautions when converting from a 7.3 installation (2016-08-10)

Read the Major Upgrade documentation!

K2 7.4 requires a new license certificate (server.lic) and new KeyConfigure. Before upgrading an older KeyServer version (6.2, 7.0, 7.1, 7.2, 7.3, etc) you must receive a new license certificate configured for 7.4 support -- a 7.3 or earlier certificate will not enable version 7.4.

The major version of KeyConfigure version and KeyServer version must match (e.g., first two digits must match). KeyConfigure 7.3 won't connect to KeyServer 7.4, KeyConfigure 7.4 won't connect to KeyServer 7.3.

Any KeyShadow installs must be discarded whenever the KeyServer process is upgraded. The KeyShadows must be recreated with a version 7.4 shadow certificate created by the version 7.4 KeyConfigure.