Change Download Preference

Current Preference
Change Preference to:

CA ControlMinder 12.8 - CumulativeFix-1 (CF1) Server FIXLIST

No. Module Problem summary Package OS Cause of the problem Conditions Solution or workaround Reproduction steps
1 ENTM Fixes a Cross Site Scripting vulnerability issue for element ScrollPosX, ScrollPosY, and facesViewId. Also fixes an application error for element task.tag AN01542 All request parameters were not encoded prior to sending the request to server      
2 ENTM Fixes an Enterprise Management Server related issue where users could not log in through CA SiteMinder. AN01572 All We have a caching mechanism in place, which is not getting cleared when user is logging in through site minder UI but when user is logging in without site minder we are doing it in FrameworkLogin filter after authenticating the user. For Site minder integrated environment this filter will be disabled so it will not go through our authentication process as a result cache will not be cleared.   Clear the cache when the user is login with site minder authentication Issue#1
1. Create a new admin role with a member rule “who are members of (group "^=^=GROUP_NAME=^=^" )"
2. Active Directory is having the group defined in above rule with a member in it.
3. Remove the user from the group and login to the ENTM using site minder, user is still able to see the access defined for the user within the group.
Issue# 2
1. Login to ENTM using system manager role with site minder authentication.
2. Create the same role with the same member rule as mentioned in last mail.
3. Go to View user and check for the admin role of the user, we will be able to see the admin role created as the user is in the group.
4. Remove the user from the group in AD.
5. Go to View user and check for the admin role of the user, we should not be able to see the admin role created as the user is not in the group now, but customer is seeing the role in the user admin roles section.
3 ENTM Fixes a Report Agent issue where messages that exceeded 30MG caused the  Enterprise Management Server to stop responding and generated an Out Of Memory error message. AN01746 All       1. Messages consumed from the queue( not as single thread in case of a large messages consumed a lot of memory.
2. Repairing and the validation process of message are consumed a lot of memory
3. Message are saved to local temp file 4 times if failure occur consumed a lot of disk space.
4. Message are send to DLQ(dead latter queue) after 4 attempts in case of a large messages consumed a lot of memory.
5. Hibernate batch size was configure to 25 this normal but in case of large file we want release the session.
4 ENTM When reset user password with Password Must Change is checked, page is throwing error string index out of bound, this will occur only if base urn in idmmanage is not having the port number AN02009 All When reset user password with Password Must Change is checked, page is throwing error string index out of bound, this will occur only if base url in idmmanage is not having the port number     1. Configure ENTM with Apache reverse proxy or with IIS such a way that you don't need to provide port number while accessing ENTM Apache Reverse Proxy: Listen on port number 443 or 80 in httpd.conf so that you can access the ENTM URL without providing port number
2. Update Base URL in IDMMANAGE Access ENTM URL without port number
3. Login with superadmin and reset password for any sam user and select change password on next login
4. logout as superadmin and login as sam user Expected Result: it must redirect to page to reset password Actual Result: Page show String index out of bound exception
5 ENTM Fixes a issue where spaces in ENTM passwords were not supported though Windows policy permitted spaces AN02013 All     Code Changes: To allow spaces between characters for password 1. Create an windows Agentless Endpoint.
2. Create a disconnected privileged account for the same endpoint and provide the password with spaces.
Expected Result: Account must be created as windows policy is allowing spaces between characters.
Actual Result: Server is throwing error saying password does not match the policy requirements.
6 ENTM Fixes low priority application login vulnerability issues  reported by App Scanner . AN01895 All Problem reported by app scanner is Cacheable SSL Page Found      
7 ENTM Fixes an issue where in report last check out and last password change time doesn't sync with CABI machine time. AN01921 All       1.Change the ENTM,BO machine time to GMT+8
2.Checkout and Checkin Privileged account
3.Run the capture snapshot
4.Create a Report(Report-=^English-=^Shared Account Management(SAM) and click and Shared Accounts by Endpoint.
5.Check the report will observe in report lastcheckout and lastpassword change time doesn't sync with cabin machine time.
8 ENTM Fixes a problem during Checkout Operations via AutoLogin (i.e. RDP) where third party tools such as RDP and PUTTY are not launched and it repeatedly checks-out silently.  AN01988 All Login Application Job does cleanup activity of invalid tickets which are leftover,  every 60 seconds.      
9 ENTM Fixed a problem where email notification functionality is not implemented for cancel event AN01263 All       1. add email event on Management Console On Management Console, navigate to [Environments] - [ac-env] - [Advanced Settings] - [E-mail] and select following events from [event] drop down list and click [Add]. Then, click [Save] and [Restart].
2. log into EntM WebUI as requester
3. create request Privileged Account Request navigate to [Home] - [My Accounts] - [Privileged Account Request] and create request. -=^ this sends mail notification for CreatePrivilegedAccountExceptionNotStartedEvent using pending\CreatePrivilegedAccountExceptionNotStartedEvent.tmpl
4. cancel the request navigate to [Home] - [Self Manager] - [View My Submitted Tasks] and open detailed log for the Privileged Account Request Task and click [Cancel this Task] button.
Expected Result: Expect that mail notification is sent for the event
Actual Result: No mail notification was sent to the user
10 ENTM Though the user is not selected, request is going for approval for the user. AN01306 All there is no condition specified to check if user already exist in the list to submit request for approval   Condition added to check if user already exists in this list of request and every time assigning a new userlist to the list of request 1. login as superadmin
2. create 3 EntM users. let's say user1, user2, user3
3. modify [Privileged Account Request] Privileged Access Role. navigate to [Users and Groups] - [Roles] - [Privileged Access Roles] - [Modify Role] and select [Privileged Account Request] - [Members] tab click arrow icon on the left of default member rule and add following new scope rules: -Endpoint (all) -User (all) The member rule becomes: Member Rule (all) Scope Rules -Privileged Account (all) -Privileged Account Request (all) -Endpoint (all) ^=- add -User (all) ^=- add
4. login as user1
5. create Privileged Account Request navigate to [Home] - [My Accounts] - [Privileged Account Request] and select an account click [...] button besides [Requested For:] and check a user (user2) and click [OK] click [...] button again and uncheck the user (user2) and check other user (user3) and click [OK] enter [Justification] and submit
6. login as approver (superuser) [expected result] request for user3 only appears in work list or [Waiting For My Approval] panel [actual result] request for user2 and user3 appear in work list or [Waiting For My Approval] panel though user2 is unchecked
11 ENTM Fixes a server.log file error.
This error is not reflect a functionality problem and is an internal validation within the code that should be reported as a warning.
AN01524 All     Code change- Changing log report level to warning at addDirectoryAttr method user store : embedded user store
1. create a user on ENTM WebUI.
2. create a group on ENTM WebUI.
3.add the user which was created by step1 to the group.
4. log-in to the ENTM WebUI as the user.
5. select the following menu. Home-=^Privileged Account Request
6. search endpoint(click search button) getting a list of errors: example: ERROR [] Table tblUsers does not exist for attribute tblUsers.passworddata. Attribute value will not be saved.
12 ENTM Fixes an issue with an Enterprise Management Server with Active Directory setup where, in Japanese or Korean, "Modify User" is enabled but must be disabled as with English. AN01569 All The role xml file is having the modify user enabled   Code Changes to update the xml file for AD role definition to remove modify user from the ENTM UI ENTM with AD setup in Japanese or Korean version is having "Modify User" enabled
13 ENTM Fixes an Enterprise Management Server issue where error messages are recorded in the server log file on user login. AN01571 All The errors occur when there is a problem finding the users in LDAP/AD. Could be that the DN pointing to the users is pointing to the wrong place or is just incorrect and does not exist or the DN path which points to where the users are located in the directory is invalid.   Need to remove the hardcoded values "cn=Partitions,cn=Configuration," from the search base in case root org contains Organization Unit. 1. Make sure root org contains OU along with DC e.g. 'OU=ashisuto,DC=mlitad,DC=local'. You can check the same @ ac-dir in ^=^=ENTM_SERVER=^=^idmmanage
2. Login to ENTM WebUI. check for the error in the server.log javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:'OU=ashisuto,DC=mlitad,DC=local' ]; remaining name 'cn=Partitions,cn=Configuration,OU=ashisuto,DC=mlitad,DC=local'
14 ENTM Fixes an issue where an exception showed in the server log when a user without Break Glass role attempted to view the "My Privileged Accounts" page AN01602 All   User is not a member of Break Glass role The exception was changed to a warning message in the log as this is not causing any problem in the ENTM 1. log into EntM WebUI as superadmin
2. modify Break Glass Privileged Access role member rule where ( Login ID not equal "superadmin" )
3. navigate to [My Privileged Accounts] Then, following errors will be recorded in server.log: 2013-10-02 17:29:46,819 ERROR [ims.default] Administrator superadmin is not authorized to exercise task 2013-10-02 17:29:46,819 ERROR [] AccountPasswordsSearchHandler: cannot find admin task by tag:BreakGlassAccounts NotAuthorizedException: Administrator superadmin is not authorized to perform task This doesn't happen if the user is member of Break Glass role.
15 ENTM Fixes an issue where data in the custom information fields in the create  privileged account page are overridden by endpoint information data AN02002 All     Inheriting custom fields from endpoint just in case they were not filled in the new created account 1. create privileged account
2. fill the Information tab fields (Department and Custom 1 - Custom 5 fields)
3. Submit
4. View the new created account the custom fields were not saved
16 ENTM Fixes an issue where an endpoint located in a different Windows domain fails to register in the
Enterprise Management Server and displays the following error:
"Endpoint cannot be created in this endpoint type. details: code 80".                                                 
Note: The Host Domain field is mandatory for both Windows and Linux Platforms.
AN01986 All       1.Add EP to another Domain (
2.Install EP versions with 12.6 sp2
3.Now try adding the EP using Local account of the Endpoint

Failing with the below error message:

"Error: Endpoint cannot be created in this endpoint type."

17 ENTM Fixes and issue where the Get Password event requested by field reflected the SAM userid instead of the username. AN01987 All Displaying userid id instead of username in GetPasswordEvent.Now displaying FriendlyName(username). n/a   1.Login in into ENTM as a SAM user
2.CheckOut the Account
3.Click on ShowPassword
4.Go to Privileged Accounts-=^Audit then open GetpasswordEvent then observe in description and details Requested by field value will be SAM userid.
18 ENTM Fixes an issue where coping a password that contains '<' character results in all characters after '<' not being copied. AN01995 All When retrieving the user password and associating it with a span id, the function assumes '^=' character as a start of an html tag, and hence all the characters after it are ignored. This happens only when if the password contains '^=' symbol followed by a alphabet.(not if ^= is followed by numeral or symbol).   1. ENTM WebUI Login
2. Home-=^My Privileged Accounts
3. checkout against a user
4. select "Copy to Clipboard" In this case: If the generated password has '^=' char, all chars after ^= are not copied .
19 ENTM Fixes an issue where an admin is allowed to delete an account that is checked out AN02001 All     Code Changes: Need to put validation in place while deleting the account. 1. Checkout an account.
2. Go to Delete privileged account and delete the checked out account
Expected Result: System must throw error saying account is checked out.
Actual Result: System is deleting the account though it is checked out.
20 ENTM Fixes an issue where after upgrading to 12.8, the SAM events are created with an incorrect time stamp. 
SAM events in 12.8 are reported by UAR to occur in the future.
AN01968 All Problem occur because we are converting date to Long value which will be the number of seconds since January 1, 1970, 00:00:00 GMT. The date stored in DB is in UTC when we are converting that date to Long value we are converting it to the long value of the server's time zone as a result value sent to audit queue is wrong.   Code Changes: Need to consider date as UTC and need to convert date to long value considering the UTC timezone. After upgrading CM to version 12.8, the client's SAM events are being created with an incorrect time stamp. - SAM events in 12.8 are reported by UAR to occur in the future. - UAR has not used any special offsets for TIBCO in the past. An account was checked out at 3:56 PM. UAR reports it as 8:55:54 PM because we are in GMT -5 Epoch , Event_Date = 1392429354 Friday, February 14, 2014 8:55:54 PM GMT-5 Epoch, Checkout Date = 1392429373 Friday, February 14, 2014 8:56:13 PM GMT-5 EST Eastern Standard Time GMT-5:00 -18000
21 ENTM Fixes an issue where user is unable to checkout Disconnected Privileged Account from Disconnected Endpoint through REST API. AN01975 All       1.Create Disconnected Endpoint
2.Create Disconnected Privileged account for the above endpoint.
3.Checkout Disconnected privileged account on Disconnected Endpoint through RESTAPI. Observe Account will not checkout.
22 ENTM Fixes an issue with the LB environment where the retrieve base urn refers to the primary machine instead of the LB machine. AN01977 All     Code Change- keep the base url host name as the host the request came from 1. Setup Primary ENTM
2. Setup LB ENTM
3. Create a user and mark to change password on login.
4. Go to the LB ENTM and login. the user details remained empty
23 ENTM User is not able to reset password AN01981 All problem is because we are redirecting the request to a location based on the baseurl provided in idmmanage. Redirect causing the loss of request data.   Code Changes: To prepare the base URL with the URL from where request has been raised 1. log into EntM as superadmin
2. navigate to [Users and Groups] - [Users] - [Reset User Password] and reset password for a user with [Password Must Change] checked
3. logout from superadmin and login as a user whose password was changed in step 2. -=^ User ID, First Name and Last Name are blank in password service panel
4. enter [Password] and [Confirm Password] and click [Submit] -=^ The error appears on WebUI Error: Exception encountered during task submission: null
24 ENTM Fixes an issue with disconnected Endpoint, where the time in Enterprise Management Server displayed as local time +
time difference from UTC/GMT. Last Failed Connection Date is incorrectly displayed in view Endpoint.
AN01985 All       1.Create new "Disconnected Endpoint" as SSH Device. Make sure to tick "Select to proceed if the target system is unavailable"
2.Once the Endpoint is created - well only added to the DB - as does not event connect to it. I used host "aaa" (which does not exists).
3.Click View Endpoint and you can see that the "Last failed Connection Time" - is showing local time + time difference from UTC/GMT. So if my time is: March 24th 16:30 and UTC/GMT is March 24th 05:30am - the "Last Failed Connection Time" will show: March 25th 3:30am. 
25 ENTM Fixes an issue where viewing events in Audit
PrivilegedAccounts the User ID field displays incorrect User ID
AN01951 All       1. Set AD environment
2. Checkout Password
3. Go to Privileged Accounts>> Audit >> Audit Privileged Accounts>>
4. Select Event Name as 'Get Account Password' and search
5. In Listed events make sure that userid is showing proper AD's User Friendly name
26 ENTM Fixes an issue where occasionally user receives an “Access denied" message when trying to log in using PUTTY even though password and username is correct AN01956 All        
27 ENTM Fixes an issue where creating an endpoint using REST API results in saving the password incorrectly in the database  AN01958 All        
28 ENTM Fixes an issue with the feeder where the CHECKOUT_ONLY_AUTO_LOGIN property is not updated properly AN01938 All       1. Create feeder file to create Privileged Account with CHECKOUT_ONLY_AUTO_LOGIN property and set it to value TRUE.
2. Run feeder option and check the account. 'Login application Checkout only' flag for the accounts was not updated
29 ENTM When a Sam user requests for an account and he gives a specific time for which he needs the account, the account is accessible in "My Privileged Accounts" of the sam user even after the time is gone. AN01943 All       1. Create an endpoint. Discover an account.
2. Login as a sam user.
3. Request for the account. While requesting, give time as 5 minutes.
4. Login as superadmin and approve the account.
5. Login as the sam user and checkout.
6. Wait for more than 5 minutes and then refresh the page.
Expected result: The account must have gone from My privilege Acc page. It should not display the account.
30 ENTM Fixes an issue where during user creation phone number field allows string instead of validating for number. AN01948 All No validation is being done on Phone number field.   A function was introduced to validate the Phone number field. 1. Create ENTM user and Terminal resources in EP machine and make sure the ENTM selang is able to connect from EP selang(host ^=ENTM Machinename=^) command.
2. login to EM, and navigate to User creation page, scroll down to phone number, and provide a "string" for example: test
Actual Result: user is getting created by the string, there should be validating for a number , shouldn't accept a string.
31 ENTM Fixes an issue where exporting  Shared Accounts with "endpoints with failures" option to a CSV file fails  AN01935 All       1. In World View, select Shared Accounts
2.  Search: Endpoint Name = *
3. Click "endpoints with failures" "Export" link
It should download csv file and contain the required data
32 ENTM Fixes an Enterprise Management Server issue where exporting endpoint or account data results in missing details in the CSV file. AN01922 All If the endpoint/account has Japanese characters in any of the field not setting content length correctly. Now setting the content length correctly.     1.Create Some endpoint/accounts on Japanese ENTM (example: Japanese characters in description)
2. Go to WorldView-=^View-=^Shared Accounts
3.Uncheck "Show Only Failure" check box
4.export endpoint/accounts
5.Observe last rows data missing in csv file.
33 ENTM Fixes an issue where adding a user as a GroupMember results in an exception when DXlink is used as user story AN01923 All       1.Create a provisioning server with DXlink
2. Install the EntM through DXlink(attaching doc)
3. login in into EntM UI
4.Go to Users and Groups
5.Click on Modify Group
6.Add a User to GroupMember the result: "Failed to execute AddToGroupEvent. ERROR MESSAGE: SmApiWrappedException:- LDAP: error code 53 - 0000209A: SvcErr: DSID-031A10B0, problem 5003 (WILL_NOT_P ERFORM), data 0 "
34 ENTM Fixes a SAM issue where users cannot open the "Modify Privileged Account" screen from "Select Privileged Account". AN01925 All        
35 ENTM Fixes an issue where "Deploy Script" and "UnDeploy Script" does not contain the scroll bar to view the content when tried through "Version History" Tab of View Policy Task. This happens in IE browser. AN01926 All input text box field is disabled   changed input text box field from disabled to readOnly  
36 ENTM Fixes an issue when hitting search in the World View for hosts with "Hostname = * " and "Endpoint Type = All " or "Hostname = * " and "Endpoint Type = AC Endpoint results with an error. This happens in the large scale environment only. AN01927 All Last Update Date value is null.   Check for Last Update Date value for each host and see it if it not null. Then only date value is sent for TimeZone conversions. 1. Log in to ENTM
2. Go to World View -=^ Hosts -=^ Search with "Hostname = * " and "Endpoint Type = All" or "Hostname = *" and "Endpoint Type = AC Endpoint"
3. Hit "Go".
37 ENTM Fixes an issue where pwextractor is running without providing FIPS key , it doesn't throw a meaningful error prompting for FIPS key to be provided but throws a Null pointer exception and says "Successfully completed password extraction" .But the file doesn’t have passwords. AN01928 All there is no check made for FIPS key availability when -cleartext is provided.   Making check of FIPS key file when passwords are required as cleartext (ie using -cleartext). 1. Stop Jboss
2. Go to password extractor directory - /opt/CA/AccessControlServer/IAM_Suite/Access
3.Run the following command (I have not provided FIPS key) root@kxxxa02-I86765 pwextractor]# ./ -backup -h kxxxa02-I86765 -account_pwd -cleartext -d orcl -t oracle -l entm_127cf1 -p N0tall0wed -f /opt/pwd CA SAM Password extractor.
38 ENTM Fixes an Enterprise Management Server UI issue where the current password appears in the [Password Service] panel after user logs into the UI although the [Password Must Change] options was selected when  the user account was created. AN01909 All       1.Login in int ENTM UI with superadmin
2.Create User by selecting “Password Must Change" check box
3.Logout and login with newly user
4.will observe password field with asterisk
39 ENTM Privileged Accounts show details missing fields. No visible display of true/false in the Exclusive account field in the my privileged accounts section. AN01912 All erroneous code in a JSP file used for displaying my privileged account details.   Code changes: change in a jsp file while displaying my privileged account details. 1. Login to ENTM via a SAM user, request for few accounts.
2. once the accounts are approved, check for the my privileged accounts
3.  Click on Show details dropdown arrow button next to account name.
Actual Result: Exclusive Checkout is showing no results as shown in the screenshot.
40 ENTM Fixes an Enterprise Management Server issue where a capture snapshot operation failed. AN01915 All       If we use userstore as AD then create user by disabling "UserMust Change the password on next logon" attribute. run the Capture snapshot will fail. But this was not reproduced on our local environment.
41 ENTM Fixes a SAM related issue where approved accounts are shown in UTC in "Home" , "My Accounts" , "Manage Privileged Account Requests" screens because the received date is  in UTC zone is considered as Server Time Zone. AN01918 All Received date is UTC zone, but considered as Server Time Zone   Converting date time received in UTC zone into client time zone.
1) This is Already approved accounts, currently running
2) Approved future running accounts
1. Request an account from non-super admin.
2. Login as superadmin or with that permission
3. "Home" -=^ "My Accounts" -=^ "Manage Privileged Account Requests" -=^ Select Request; Displayed start and valid time look are displayed in GMT
42 ENTM Fixes a ControlMinder related issue where the Information Details are not populated from endpoint details when you manually create a shared account AN01885 All The implementation to populate the details is not available   Code Changes are required to populate the default value 1. Install ENTM.
2. Create an endpoint of type Windows Agentless and fill the Information tab with Owner, Department, custom1 and custom 2 View endpoint - details are all shown.
3. Discover an account for the above created endpoint, view the account, all the details including Owner, Department, custom1 and custom 2 are there.
4. Create an account manually for the above created endpoint, view the account. 
Expected results: All the details including Owner, Department, custom1 and custom 2 are there.
Actual result: Owner details are there but Department and custom field values are missing.
43 ENTM Fixes an issue with the Enterprise Administration Server where in a highly available environment, where the primary Active Directory controller fails, CA ControlMinder does not switch to the secondary Active Directory controller. AN01886 All       1. Export Ac-Dir.xml
2.Edit: ^=Connection host="" port="389" failover="" /=^
3.Update ac-dir.xml
4.Shut down infra00B
5.Open ENTM login page
6. Try login, get error
44 ENTM There is no reschedule mechanism in case the check-in event elapsed and the session still open AN01887 All There is no reschedule mechanism in case the check-in event elapsed and the session still open   Code Changes - Reschedule check-in event job, if fail to check in due to existing open session 1. Create SAM privileged account which is set to be Exclusive Session.
2. Request for the account for 10 minutes and approve it, User check-out the account and get a password to this SAM user Account
3. User RDP to the machine by the given password (not using log in-application) and doesn't close the RDP session
4. When the 10 minutes elapsed we raise a check-in event which fails due to Open Session This is the message we get: ….has 1 open session(s). Terminate (or log-off) its session prior to checkout or check-in operation the Problem The SAM account remain as check-out even after closing the session to the target endpoint machine.
45 ENTM Fixes an Enterprise Management Server issue where a user checked an account in the [Requested For:] filed by filtering the user filed. Next, the user filter was cleared and the checked user is not correct. AN01889 All     Code Changes to update selected row indexes based on the selected rows 1. login as superadmin
2. create 3 EntM users; user1, user2, user3.
3. modify [Privileged Account Request] Privileged Access Role. navigate to [Users and Groups] - [Roles] - [Privileged Access Roles] - [Modify Role] and select [Privileged Account Request] - [Members] tab add following new scope rules: The member rule becomes: Member Rule (all) Scope Rules -Privileged Account (all) -Privileged Account Request (all) -Endpoint (all) ^=- add -User (all) ^=- add
4. login as user1
5. navigate to [Home] - [My Accounts] - [Privileged Account Request] and select an account
6. click [...] button besides [Requested For:] Problem A)
7. enter 'User ID = user*' for search criteria on [User Search] and click [Search] -=^ user1, user2 and user3 are listed
8. check user2 and click [OK] -=^ user2 is listed on the 3rd line
9. click [...] button besides [Requested For:] again -=^ user list is displayed with 'User ID = *' search criteria; all users are listed [expected result] user2 is checked though the user list is changed [actual result] the user listed on 3rd line is checked problem B: sorting column makes the user selection cleared 7. click [Search] and select users 8. click a column header (Name, Description or Type) to sort the list [expected result] check for users is still checked after sort [actual result] check for users is cleared after sort
46 ENTM Fixes an issue where DST enabled the VST time stamp doesn't show the browser time when requestor checks the audit AN01890 All       When DST is ENABLED on ENTM server, the time is displayed is according to the server TZ (i.e.) for example, if ENTM is in EST with DST enabled Now when a requestor logs in from a machine where DST is not enabled, and requests for an account the time displayed is his Brower time, but once he submits the request and checks the VST it again shows the ENTM time.
47 ENTM Fixes an Enterprise Management Server issue where if a user renames a password policy, the program does not delete the existing job from the quartz table. This results in two jobs for the same policy.
Once the redundant job is executed, a NullPointerException error is generated, because the password policy does not exist. 
AN01869 All       1. create password policy
2. rename the password policy the result is that we have two jobs at quartz tables. one with the old password policy name and one with the new password policy name. 
The expected is to have only one job for this password policy. as a result of it we have a schedule job (by the old policy name) that is being executed and ends with NullPointerException error
48 ENTM Fixes an issue with Policy Management -> Policy -> View Policy where user is unable to review a full policy in View Policy. The user only sees a portion of the policy. To view the complete policy you must edit the policy AN01817 All        
49 ENTM Fixes an issue with creapmd and dmsmgr utilities to correct wrong PMD directory search when creating DMS AN01614 All Wrong PMD directory search when creating DMS This fix contain changes in creapmd and dmsmgr utilities.   1. Server installation on Linux
2. Remove the DMS (dmsmgr –remove –auto)
3. Shutdown AC
4. Edit seos.ini, change the default PMD folder to another (existing) folder (_pmd_directory_ token)
5. Create the DMS (dmsmgr –create –auto) - should issue an error - Failed to update DMS/DH/DH_WRITER token.
6. Start AC
7. Create the DMS (dmsmgr –create –auto) - should issue an error - Failed to update DMS/DH/DH_WRITER token.