SecurityExpressions Scheduler does not check embedded groups for user permissions

Article:TECH43658  |  Created: 2009-08-10  |  Updated: 2009-08-10  |  Article URL http://www.symantec.com/docs/TECH43658
Article Type
Technical Solution


Issue



After a customer upgraded to SecurityExpressions Console Version 4.1 they started to get errors when a user tries to access the scheduling tab saying that they are not listed as an administrator,   The standard they are using to grant permissions to the server is a user is created with a domain id and is placed in a domain global group.  The domain global group is placed in a domain local group.   The domain local group is placed in the administrators group of the local machine.  The users that use the tool all have membership to the domain global group and would not be able to log onto the server unless they were administrators.


Environment



SecurityExpressions Console Version 4.1.1

Cause



The SecurityExpressions Scheduler does not check the permissions on a group within a group.

Solution



Bug 7916.  Hot Fix 2 for SecurityExpressions Console Version 4.1.1 and SecurityExpressions Audit and Compliance Server Version 4.1.1 has been released.  It can be downloaded via the links to this article.

Note that :
SecurityExpressions Console Version 4.1.1 must be installed on target system before integrating SE 4.1.1 hot fix 2. SecurityExpressions Audit and Compliance Server Version 4.1.1 must be installed on target system before installing SE 4.1.1 hot fix 2.  SE 4.1.1 HF-2 has a dependency on the security update for Microsoft Visual C++ 2005 Service Pack 1 distributable Package published on July 28, 2009. It should be installed on your machine before integrating SE HF-2.

The deliverables are in format of binaries. There are 4 zip files attached to this article that contain the files; you need to download all 4 zip files. Following are the details. 

SE_411_HF2_Common.zip
Common folder: It contains components which are common to the SecurityExpressions Console and SecurityExpressions Audit and Compliance Server applications. Files in common folder should always be integrated with the SecurityExpressions application to apply the hot fix.

SE_411_HF2_Console.zip
Console folder: It contains components which are specific to the SecurityExpressions Console application. If you have installed the SecurityExpressions Version 4.1.1 console then files in console folder should be integrated.
 
SE_411_HF2_X86-server.zip
SE Server x86 folder: It contains components which are specific to 32 bit SecurityExpressions Audit and Compliance Server Version 4.1.1. If you have installed the x86 release of SecurityExpressions Audit and Compliance Server Version 4.1.1 then files in x86-Server folder should be integrated.

SE_411_HF2_X64-server.zip
SE Server x64 folder: It contains components which are specific to the 64 bit SecurityExpressions Audit and Compliance Server Version 4.1.1. If you have installed the x64 release of SecurityExpressions Audit and Compliance Server Version 4.1.1 then files in x64-Server folder should be integrated.

If you need the Microsoft Visual C++ 2005 Service Pack 1, the redistributable installers are attached to this article to download.
 

 

 


Attachments

vcredist_x86.exe (2.7 MBytes)
vcredist_x64.exe (3.1 MBytes)


SE_411_HF2_Common.zip (10.9 MBytes)
SE_411_HF2_Console.zip (7.1 MBytes)
SE_411_HF2_X64-Server.zip (5.4 MBytes)
SE_411_HF2_X86-Server.zip (3.9 MBytes)
SE_4_1_1_Hot_Fix_2.doc (78 kBytes)

Legacy ID



48494


Article URL http://www.symantec.com/docs/TECH43658


Terms of use for this information are found in Legal Notices