K2 v7.4 (2017-11-19 Image)
(a yellow icon above, instead of green, indicates that this local document is not the latest -- the latest warnings are online)
Read this document for notes on bug fix or upgrade issues that warrant emphasis, explanation, or might otherwise be overlooked.
In addition to the specific warnings below, always consult the comprehensive list of all important bug fixes as documented in:
Partner Notes documents possible issues concerning any third party product which may have been purchased with pre-configured KeyServer control built in by the software publisher. [Note: the icon for a publisher supplied license certificate (.lic file) will appear in KeyConfigure's Licenses window with a green tint.]
KeyAccess versions up to 184.108.40.206 on Windows might not include certain editions of SQL Server in audit data (2017-10-08)
Versions of KeyAccess prior to 220.127.116.11 on Windows will only include the SQL Server program as part of the audit if that program has been executed on the client computer. Upgrade to version 18.104.22.168 as soon as possible to ensure that accurate audit data on SQL Server is collected.
KeyAccess 22.214.171.124 on Windows will send the fully qualified computer name (host.domain.org) instead of just the host name (2017-06-09)
The Windows version of KeyAccess 126.96.36.199 (and only that version) send the full computer name in contrast to previous versions, which sent only the host name. This can have an undesired effect on any computer group membership in externally managed groups, and on Division mapping for LDAP and Active Directory authentication methods. Upgrade to version 188.8.131.52 as soon as possible to avoid this potential problem, if you are using external groups or Division mapping. KeyAccess 184.108.40.206 reverts to the older default behavior.
KeyServer installers prior to 220.127.116.11 could potentially corrupt an internal database (2017-02-28)
As part of any server install or upgrade, the KeyServer installer runs KSdbConsist to check for and fix any problems in KeyServer's data. Earlier versions contain a bug that could corrupt one of the internal databases in such a way that the server would eventually crash. Upgrade to KeyServer 18.104.22.168 ASAP in order to fix any problems that might be present in existing data.
KeyAccess (Mac only) 22.214.171.124 changes how Stata is identified (2017-02-28)
Different editions of Stata are identified separately starting with KeyAccess 126.96.36.199. If you are using standard definitions of Stata products from PRS you will get the necessary updates for those products automatically, if PRS updates are enabled. If you have product definitions of your own that include Stata you should check that they contain the expected editions of the Stata programs, once you have installed the new KeyAccess on any Macs running Stata.
KeyAccess (Mac only) 188.8.131.52 through 184.108.40.206 have a bug that could cause a delay during user login (2016-12-10)
When a user logs in to a Mac, KeyAccess fails to connect immediately to KeyServer. The client will not be able to track or manage usage, and might block keyed programs, for a short time after user login. To avoid this problem, upgrade to KeyAccess 220.127.116.11 or higher as soon as possible.
KeyAccess 18.104.22.168 and 22.214.171.124 have a bug that records stand-alone AutoCAD using an identifier that is not in a product (2016-11-02)
Many AutoCAD-based programs are identified correctly by KeyAccess. For some stand-alone versions of AutoCAD, KeyAccess versions 126.96.36.199 and 188.8.131.52 might identify the main program in a way that it is not considered part of a Sassafras-defined (PRS) product. Upgrade to KeyAccess 184.108.40.206 to ensure that AutoCAD is properly identified in all cases.
KeyAccess 220.127.116.11 has a bug that could allow untracked offline usage of some policies (2016-10-12)
Policies set to have strict enforcement in certain cases would be allowed to run offline. To avoid this problem, upgrade to KeyAccess 18.104.22.168 or higher as soon as possible.
KeyAccess 22.214.171.124 through 126.96.36.199 have a bug that could cause the client to crash (2016-10-02)
If KeyAccess has been configured with a DNS name for KeyServer, and that name cannot be resolved to an IP address, the client process (KeyAccess service on Windows, "karl" daemon on Mac OS and linux) could crash. The client will not be able to track or manage usage until the service/daemon is relaunched, which happens automatically on computer restart (of course, with an unresolvable DNS name in place, the client was already not reporting data to the server). To avoid this problem, upgrade to KeyAccess 188.8.131.52 or higher as soon as possible.
KeyServer 184.108.40.206 and 220.127.116.11 might cause high memory utilization on Window Server 2008 -- upgrade to 18.104.22.168 to restore normal memory usage (2016-09-20)
Windows Server 2008 has a File System caching problem where very large files marked for "random access" will be mapped into virtual memory, causing high memory utilization on the system. This memory usage is accounted to the System, as it should be, so it is not clear that it is KeyServer's files that are being cached. The problem does not cause critical problems, although system performance can be sluggish.
KeyServer 22.214.171.124 can erroneously prevent clients from logging in -- upgrade to 126.96.36.199 ASAP to avoid this (2016-08-30)
KeyServer 188.8.131.52 has a bug where seats are not freed up in some cases, leading to clients being denied access to the server (and getting dialogs with errors such as KS-180). If you have this version of KeyServer installed, you should upgrade to 184.108.40.206 or higher ASAP so that correct usage events will be written. The one lasting side effect of this bug is that Histogram Login reports can show excessive logins.
Upgrade cautions when converting from a 7.3 installation (2016-08-10)
Read the Major Upgrade documentation!
K2 7.4 requires a new license certificate (server.lic) and new KeyConfigure. Before upgrading an older KeyServer version (6.2, 7.0, 7.1, 7.2, 7.3, etc) you must receive a new license certificate configured for 7.4 support -- a 7.3 or earlier certificate will not enable version 7.4.
The major version of KeyConfigure version and KeyServer version must match (e.g., first two digits must match). KeyConfigure 7.3 won't connect to KeyServer 7.4, KeyConfigure 7.4 won't connect to KeyServer 7.3.
Any KeyShadow installs must be discarded whenever the KeyServer process is upgraded. The KeyShadows must be recreated with a version 7.4 shadow certificate created by the version 7.4 KeyConfigure.