Branch Session Manager 6.3: Customer Account password is reset to initial value when upgrading.

Doc ID    PSN100152
Version:    4.0
Status:    Published
Published date:    15 Jul 2016
Created Date:    02 Jul 2013
Author:   
Daniel Vachon
 

Severity

Medium

Urgency

When Convenient

Releases

Avaya Aura® Branch Session Manager: Releases 6.3.2 (6.3.0.0.1105), part of Avaya Aura 6.2 Feature Pack 2

Problem Description

The Branch Session Manager Customer access login is not properly being retained when the Branch Session Manager templates are being upgraded to Release 6.3.2. The password is actually being set to the value entered when the previous template was initially installed on the system as opposed to retaining the current value. 

Workaround / Alternative Remediation

If the initial customer account password is unknown, immediately after upgrading the Branch Session Manager templates to release 6.3.2, the “Branch Session Manager Customer Account Reset Patch” should be installed.   Download the patch bin file from PLDS and install it using the System Platform -> Server Management -> Patch Management system on the Branch Session Manager server. The patch will restore the customer account password to the value it was prior to the template upgrade. This must be done before attempting to install any additional service packs. 

Resolution

If you have the customer account password from when the Branch Session Manager (BSM) template was initially installed, you can use the customer account with that password and do not need to download the patch or go any further. 

This PSN is only needed if the initial installation password is unknown or has been lost, and the current customer password is not working. After upgrading to Branch Session Manager 6.3.2, this PSN should be executed (including installation of the patch noted below) on the Branch Session Manager to allow customer account execution of the upgradeSM tool required for doing upgrades of Session Manager going forward. The patch will restore the customer account password to the value it was prior to the template upgrade.

Patch Availability

Available via Download

Patch Version/ID

PLDS Download ID SM000000052 - Branch Session Manager 6.3.2 Customer Account Reset Patch

Patch Download URL

https://plds.avaya.com/poeticWeb/avayaLogin.jsp?ENTRY_URL=/esd/viewDownload.htm&DOWNLOAD_PUB_ID=SM000000052

Patch Impact

Service Affecting

Patch Installation Notes

Session Manager services will be restarted during the patch installation, so the BSM will need to be taken out of service to apply this patch.

  1. Download the patch bin file from PLDS to a web client PC
  2. Log into the System Manager Web interface and access Elements->Session Manager->Dashboard, select the BSM instance and place it into a DENY NEW SERVICE state.
  3. Log into the System Platform Web Console where the Branch Session Manager is installed.
  4. Go to Server Management -> Patch Management -> Download/Upload and upload the patch bin file to the System Platform console domain server.
  5. Click on the Install button to apply the patch.
  6. Verify the patch was installed correctly by logging into the Session Manager with the customer account and password.
  7. In System Manager->Elements->Session Manager->System Tools->Maintenance Tests, and execute all maintenance tests on the BSM to ensure stability.
  8. Return to the System Manager ->Elements->Session Manager->Dashboard screen, select the BSM instance and place it into an ACCEPT NEW SERVICE state

Patch Removal Notes

To remove the patch, access System Platform Server Management->Patch Management->Manage screen, and select the bsm Patch ID 6.3.2.1.632006, then click on the Remove  button to facilitate the removal of the patch and to restore the Branch Session Manager to it's previous load of software.  Keep in mind, this is also a service affecting process, and the BSM should be in a DENY NEW SERVICE state prior to executing a patch removal.

Patch Success/Failure Verification

Attempt to log into the Session Manager via an SSH session using the customer account password that was in use prior to  the template upgrade.  If it does not work, contact Avaya Services for further assistance in resetting the customer login password.

Avaya Security Vulnerability Classification

Not Applicable

PSN Contacts & Disclaimer

For additional support, contact your Authorized Service Provider. Depending on your coverage entitlements, additional support may incur charges. Support is provided per your warranty or service contract terms unless otherwise specified.

Avaya Support Contact

 Telephone
U.S. Remote Technical Services - Enterprise 800-242-2121
U.S. Remote Technical Services – Small Medium Enterprise 800-628-2888
U.S. Remote Technical Services – BusinessPartners for Enterprise Product 877-295-0099
BusinessPartners for Small Medium Product Please contact your distributor.
Canada 800-387-4268
Caribbean and Latin America 786-331-0860
Europe, Middle East, and Africa 36-1238-8334
Asia Pacific 65-6872-8686

Disclaimer: ALL INFORMATION IS BELIEVED TO BE CORRECT AT THE TIME OF PUBLICATION AND IS PROVIDED "AS IS". AVAYA INC., ON BEHALF OF ITSELF AND ITS SUBSIDIARIES AND AFFILIATES (HEREINAFTER COLLECTIVELY REFERRED TO AS “AVAYA”), DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND FURTHERMORE, AVAYA MAKES NO REPRESENTATIONS OR WARRANTIES THAT THE STEPS RECOMMENDED WILL ELIMINATE SECURITY OR VIRUS THREATS TO CUSTOMERS’ SYSTEMS. IN NO EVENT SHALL AVAYA BE LIABLE FOR ANY DAMAGES WHATSOEVER ARISING OUT OF OR IN CONNECTION WITH THE INFORMATION OR RECOMMENDED ACTIONS PROVIDED HEREIN, INCLUDING DIRECT, INDIRECT, CONSEQUENTIAL DAMAGES, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF AVAYA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
THE INFORMATION PROVIDED HERE DOES NOT AFFECT THE SUPPORT AGREEMENTS IN PLACE FOR AVAYA PRODUCTS. SUPPORT FOR AVAYA PRODUCTS CONTINUES TO BE EXECUTED AS PER EXISTING AGREEMENTS WITH AVAYA.

All trademarks identified by ® or TM are registered trademarks or trademarks, respectively, of Avaya Inc. All other trademarks are the property of their respective owners.
 



Avaya -- Proprietary. Use pursuant to the terms of your signed agreement or Avaya policy