FlexNet Publisher Knowledge Base

cancel
Showing results for 
Search instead for 
Did you mean: 
Knowledge Base Categories
Question: Has older HASP (HASP4) dongle support removed from latest version of FNP toolkits? Answer: Starting 11.14.0 we have to enable support for the HASP4 dongles in the daemon configuration file ls_vendor.c (unsigned int ls_flexid9_hasp4_support = 1;) .  After doing that and ensuring that we build the toolkit with additional argument as DONGLE=1, with a clean build, we should be able to start the vendor daemon. 
View full article
Question: Can a Publisher attach Flexera Product Documents in its distribution? Answer: The answer is that it is permissible to re-distribute the documentation in its original form, unmodified in any way. The means of distribution can include: Bundling it into their software, and distributing it by a physical medium such as DVD Bundling it into their software and delivering it by electronic means from a server (as long as access to the server is protected by an account with adequately secure user name and password): By some mechanism that pushes the software out to customers By allowing customers to download the software Make the document available on its own, by the same mechanisms as above.
View full article
Question: Clarification of what files can be re-distributed to end users? Answer: As far as sharing the toolkit executable or libraries are concerned, we have a detailed section about it in latest version of FNP product document. To be precise Chapter-8 of fnp_devenv.pdf (Development Environment Guide)*(Distributing the FlexEnabled Application for License File–Based Licensing). Similarly for trusted storage based licensing the details is available in Chapter 6(Distributing the FlexEnabled Application for Trusted Storage–Based Licensing). I am attaching a copy of it for your reference.  In general, there are four categories of executables that can be considered for redistribution.  1.) Executables generated from building makefile and makefile.act, minus lmcrypt, preptool and tsreset can be shared  2.) executables that must be redistributed in order for licensing to work (lmgrd or lmadmin, VD and client application, plus lmstat. For TS applications additionally: FNP_Act_Installer.dll (from which FlexNet Licensing Service is installed), activation applications for server and client TS and the libFNP.dll that is the output of prepping.  3.) executables that are generated from example source code provided in the kit. Any of these can be redistributed - if the example is sufficient for producers requirements. Producers are of course fully entitled to modify example source code, then rebuild and produce their own versions of example utilities. Executables in this category include installs.exe and activation applications like app/servercomptranutil.  4.) executables that are typically only redistributed in support scenarios (tsactdiags, tsreset).  Note: installs.exe is a command-line tool used for installing lmgrd as a Windows service, including setting up a dependency on the FlexNet Licensing Service if TS licensing is involved. Alternatives to installs.exe include  lmtools - a windows GUI app - Can be Shared.   
View full article
Question: Over the years, our customers have had  issues with LSB-loader as described in FNP release documentations. Moreover,  on some recent Linux updates, such as SUSE Enterprise Linux 12, the LSB component is not offered as part of the supported distribution. Components in FlexNet Publisher, such as lmgrd, require the LSB-loader. If this is not present, lmgrd will fail to run with a 'file not found' error (FNP-11338, FNP- 11353) Answer: Starting FNP-11.14 tookit, The   install_fnp.sh   will now issue a warning if it detects LSB is not installed on the host: $ sudo ./install_fnp.sh ... Checking LSB compatibility... *** WARNING: 64-bit LSB packages not installed LSB compatibility checks complete ... FNP utilities will continue to give the   File not found   error. Supplying the   --nolsb   flag to the command will cause fake symlinks to be created to mimic the missing LSB installation: $ sudo ./install_fnp.sh --nolsb ... Checking LSB compatibility... *** WARNING: 64-bit LSB packages not installed Fix attempted by creating symlink for /lib64/ld-lsb-x86-64.so.3 LSB compatibility checks complete ... After which FNP utilities should run ok.
View full article
JIRA ISSUE: FNP-11299, FNP-11300, FNP-20479 Issue:  1.) Reservation line is not displaying in server log when RESERVE and MAX are both in options file. 2.) License exceeds count message is coming instead of MAX line in serverlog when both MAX and RESERVE is kept in options file. Workaround: We must place MAX statement before RESERVE in options file for it to work correctly.
View full article
Question:   Answer: This error can be seen only in specific conditions: - Performing Server reread from a non admin console/account and when server was started with a restrictive privilege for server reread. (-x Lmreread) - Performing client removal (lmremove) from a non admin console/account, when server was started with a restrictive privilege for lmremove. (-x lmremove) - Trying to shutdown the server from a non admin console/account, if server was with a restrictive privilege for server shutdown. (-x lmdown) - If server was started with “-2 -p” and presumably “-local”, then this error will be seen by clients, if they are not a part of “lmadmin” group. Here lmadmin group means, a Unix group called “lmadmin” Solution: Create a UNIX group called ‘lmadmin’ and add particular user to that group. For windows, if the operation was not initiated with LOCALSYSTEM privilege. Solution: Try running the operation with the reference of attached batch file. Rename it to “.bat extension”. ALSO This error will be seen, if a particular user doesn’t have enough privilege to query the windows registry details. While performing the checkout operation, the client application queries the registry for “SOFWARE\\FLEXlm License Manager”, to get the VENDOR_LICENSE_FILE details (as well as for other operations).  When client tries to open a handle with specific query key (RegOpenKeyEx), and in case the operation fails - then for specific error of “ERROR_ACCESS_DENIED” (returned by windows), FNP sets this error i.e. (-63, 403). 
View full article
Question: I read in a 11.14.0 release note that SIGN2 keyword is deprecated, but  SIGN= is seen as the original public key signature system and SIGN2= the new improved system. So if I remove SIGN2 the license will not be less secured ?  Answer: ) SIGN2 will be used in license file to support old clients which are built with different algorithm. ) Presently, We have two algorithms to generate the sign value in license file:- TRL1 which is deprecated now and TRL2 is the enhanced and latest version with understanding as more robust to crack. ) Consider old client is built with TRL1. In that case, we need to mention both the SIGN keywords and each will have exclusive sign value related to particular TRL key. ) If there is just one SIGN keyword mentioned in FEATURE line then default SIGN value will be enhanced one and on the basis of TRL2 algorithm. ) As there is expectation that all the publishers should move to more secured algorithm(TRL2) with time, it diminishes the need of extra SIGNs in feature line. If we have only one SIGN value(it means SIGN) as part of license file then it is with TRL2 and linked to SIGN. But    But if two SIGN values(it means SIGN,SIGN2) are required to be part of license file then SIGN will get TRL1 value and SIGN2 will get TRL2 value. Also, below details should help you have more understanding on this case.   Signature Configuration #1 #2 #3 #4 #5 #6 #7 #8 (best practice) #9 (second best practice) ENCRYPTION_SEEDS Set Set Set Not set Set Set Not set Not set Set LM_SEEDS Not set Set Not set Set Not Set Set Set Set Set TRL_KEYS / CRO_KEYS (Pre 8.1) Not set Not set Not set Not set Set Set Set Set Set LM_STRENGTH LICENSE_KEY LICENSE_KEY DEFAULT DEFAULT 113/163/239BIT 113/163/239BIT 113/163/239BIT 113/163/239BIT 113/163/239BIT Signature keyword None None SIGN SIGN SIGN SIGN andSIGN2 SIGN SIGN SIGN andSIGN2 Signature type Bespoke symmetric   Bespoke symmetric Bespoke symmetric Bespoke symmetric TRL1 SIGN: TRL1 SIGN2: TRL2 TRL2 TRL2 SIGN: TRL1 SIGN2: TRL2 Signature length (chars) 12 or 20 12 or 20 12 12 60/84/120 2 x 60/84/120 60/84/120 60/84/120 2 x 60/84/120 Client version Pre-8.1 8.1+ 7.1 - 8.1 8.1+ 7.1 - 8.1 8.1+ 8.1+ 10.8.6+ 10.8.6+ Library linkage lmgr.lib lmgr.lib lmgr.lib lmgr.lib lmgr.lib lmgr.lib lmgr.lib lmgr_trl.lib lmgr_trl.lib Note: TRL1 = ECDSA signature TRL2 = Improved ECDSA signature FNP docs refer to these TRL1 and TRL2 signatures when discussing SIGN2   Configuration 6 clients require licenses with the SIGN2 keyword: changing a served license file from configuration 6 to 7 or 8 would break these existing clients. Therefore, in order to move on from SIGN2, producers needs to retire or upgrade their SIGN2-based production client base. In light of this, Flexera will maintain SIGN2 support until further notice to maintain license-server backward compatibility with 'recent' SIGN2 clients. Please review FNP release notes for notifications of changes to this policy. When producers update their clients, they should prefer configuration 8, which is the most secure and simplest license signature configuration. This will allow (eventual) retiring of SIGN2. If SIGN2 is still required, then at least move to configuration 9. Note: The standard lmgr.lib allows verification of all signature types, whereas the recommended lmgr_trl.lib allows verification only of TRL signatures. There are multiple known cases of a binary patch in a configuration 6 client which cause it to allow verification of a legacy symmetric signature presented as SIGN and/or SIGN2 signatures in a rogue license file. Clients based on configurations 5 and 7 are vulnerable to a similar attack vector. The keys used in the old symmetric signatures are easily brute forced, allowing rogue license files like this to be widely generated. This is why Flexera strongly recommends configuration 8 (or 9), where clients can verify only a TRL signature.
View full article
Question: Is it possible to specify a VM_UUID on a FEATURE/INCREMENT line in a license file? Answer: Unfortunately it is not currently possible to specify a VM_UUID on a FEATURE/INCREMENT line in a license file. This is stated on page 17 of the "Understanding Virtualization Features in FlexNet Publisher" White Paper (see PDF attached): "VM_UUID is not currently supported as a HostID on the INCREMENT line. However, one can call lc_hostid(lm_job, VM_UUID, buf) from the client, which means producers can use VM_UUID indirectly as a VDH (vendor defined hostid).   Alternatively, the ETHER HostID is the most flexible for clients on virtual environments."
View full article
Summary CVE-2018-20034 has been discovered and remediated in FlexNet Publisher Symptoms ****Only the following information is permitted to be distributed outside of Flexera Software and customers of FlexNet Publisher:         - CVE number         - CWE ID         - CVSS scores         - Reference to any publicly-available information **** A Denial of Service vulnerability related to adding an item to a list in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemon to stop, and the vendor daemon to shut down. Depending upon the license model(s) you offer to your customers, you may or may not distribute one or both of these components to one or more of your customers. If you don’t distribute either of these components, there is no further action on your part. If you do, you must distribute to those same customers the security update mentioned in the Resolution section of this article. This security vulnerability has been assigned the CVE ID number of CVE-2018-20034. Cause For security reasons, Flexera will not publish the cause of this security vulnerability. Steps To Reproduce For security reasons, Flexera Software will not publish the steps to reproduce this security vulnerability. Resolution The FlexNet Publisher 11.16.2 addresses the security vulnerability and is available from Flexera’s Product and License Center (https://flexerasoftware.flexnetoperations.com/control/inst/login?nextURL=%2Fcontrol%2Finst%2Findex): FlexNet Publisher 2018 R4 We advise all FlexNet Publisher customers update lmgrd to FlexNet Publisher 11.16.2, and the vendor daemon as soon as possible after that. Please note that lmadmin or clients are not affected. As a reminder, Flexera no longer distributes the lmgrd executables to end customers; your end customers can only receive the lmgrd executable from you. Workaround No workaround available. Additional Information Please be aware that network access to the FlexNet Publisher License Server would be necessary to perform any attack. Protecting the license server from unauthorized access is essential to minimize the opportunities for any of the vulnerabilities to be exploited. Customers are also strongly advised to follow best practice in protecting the license server from unauthorized access. Related Documents https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20034 https://nvd.nist.gov/vuln/detail/CVE-2018-20034
View full article
Summary CVE-2018-20033 has been discovered and remediated in FlexNet Publisher Symptoms ****Only the following information is permitted to be distributed outside of Flexera Software and customers of FlexNet Publisher:         - CVE number         - CWE ID         - CVSS scores         - Reference to any publicly-available information **** A Remote Code Execution (RCE) vulnerability exists on all platforms in versions 11.16.1.0 or earlier of the following FlexNet Publisher components: lmgrd executable, provided by Flexera Software vendor daemon executable, built by each FlexNet Publisher customer from object code provided by Flexera Depending upon the license model(s) you offer to your customers, you may or may not distribute one or both of these components to one or more of your customers. If you don’t distribute either of these components, there is no further action on your part. If you do, you must distribute to those same customers the security update mentioned in the Resolution section of this article. This security vulnerability has been assigned the CVE ID number of CVE-2018-20033. The vulnerability could allow a remote attacker to corrupt the memory by allocating / de-allocating memory, loading lmgrd or the vendor daemon, and causing the heartbeat between lmgrd and the vendor daemon to stop. This would force the vendor daemon to shut down. No exploit of this vulnerability has been demonstrated. Cause For security reasons, Flexera will not publish the cause of this security vulnerability. Steps To Reproduce For security reasons, Flexera Software will not publish the steps to reproduce this security vulnerability. Resolution The FlexNet Publisher 11.16.2 addresses the security vulnerability and is available from Flexera’s Product and License Center: FlexNet Publisher 2018 R4 We advise all FlexNet Publisher customers update lmgrd to FlexNet Publisher 11.16.2, and the vendor daemon as soon as possible after that. Please note that lmadmin or clients are not affected. As a reminder, Flexera no longer distributes the lmgrd executables to end customers; your end customers can only receive the lmgrd executable from you. Workaround No workaround available. Additional Information Please be aware that network access to the FlexNet Publisher License Server would be necessary to perform any attack. Protecting the license server from unauthorized access is essential to minimize the opportunities for any of the vulnerabilities to be exploited. Customers are also strongly advised to follow best practice in protecting the license server from unauthorized access. Related Documents https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20033 https://nvd.nist.gov/vuln/detail/CVE-2018-20033
View full article
Summary CVE-2018-20032 has been discovered and remediated in FlexNet Publisher Symptoms ****Only the following information is permitted to be distributed outside of Flexera Software and customers of FlexNet Publisher:         - CVE number         - CWE ID         - CVSS scores         - Reference to any publicly-available information **** A Denial of Service vulnerability related to message decoding in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemon to stop, and the vendor daemon to shut down. Depending upon the license model(s) you offer to your customers, you may or may not distribute one or both of these components to one or more of your customers. If you don’t distribute either of these components, there is no further action on your part. If you do, you must distribute to those same customers the security update mentioned in the Resolution section of this article. This security vulnerability has been assigned the CVE ID number of CVE-2018-20032. Cause For security reasons, Flexera will not publish the cause of this security vulnerability. Steps To Reproduce For security reasons, Flexera Software will not publish the steps to reproduce this security vulnerability. Resolution The FlexNet Publisher 11.16.2 addresses the security vulnerability and is available from Flexera’s Product and License Center: FlexNet Publisher 2018 R4 We advise all FlexNet Publisher customers update lmgrd to FlexNet Publisher 11.16.2, and the vendor daemon as soon as possible after that. Please note that lmadmin or clients are not affected. As a reminder, Flexera no longer distributes the lmgrd executables to end customers; your end customers can only receive the lmgrd executable from you. Workaround No workaround available. Additional Information Please be aware that network access to the FlexNet Publisher License Server would be necessary to perform any attack. Protecting the license server from unauthorized access is essential to minimize the opportunities for any of the vulnerabilities to be exploited. Customers are also strongly advised to follow best practice in protecting the license server from unauthorized access. Related Documents https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20032 https://nvd.nist.gov/vuln/detail/CVE-2018-20032
View full article
Summary CVE-2018-20031 has been discovered and remediated in FlexNet Publisher Symptoms ****Only the following information is permitted to be distributed outside of Flexera Software and customers of FlexNet Publisher:         - CVE number         - CWE ID         - CVSS scores         - Reference to any publicly-available information **** A Denial of Service vulnerability related to preemptive item deletion in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemon to stop, and the vendor daemon to shut down. Depending upon the license model(s) you offer to your customers, you may or may not distribute one or both of these components to one or more of your customers. If you don’t distribute either of these components, there is no further action on your part. If you do, you must distribute to those same customers the security update mentioned in the Resolution section of this article. This security vulnerability has been assigned the CVE ID number of CVE-2018-20031. Cause For security reasons, Flexera will not publish the cause of this security vulnerability. Steps To Reproduce For security reasons, Flexera Software will not publish the steps to reproduce this security vulnerability. Resolution The FlexNet Publisher 11.16.2 addresses the security vulnerability and is available from Flexera’s Product and License Center: FlexNet Publisher 2018 R4 We advise all FlexNet Publisher customers update lmgrd to FlexNet Publisher 11.16.2, and the vendor daemon as soon as possible after that. Please note that lmadmin or clients are not affected. As a reminder, Flexera no longer distributes the lmgrd executables to end customers; your end customers can only receive the lmgrd executable from you. Workaround No workaround available. Additional Information Please be aware that network access to the FlexNet Publisher License Server would be necessary to perform any attack. Protecting the license server from unauthorized access is essential to minimize the opportunities for any of the vulnerabilities to be exploited. Customers are also strongly advised to follow best practice in protecting the license server from unauthorized access. Related Documents https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20031 https://nvd.nist.gov/vuln/detail/CVE-2018-20031#vulnCurrentDescriptionTitle
View full article
Summary Is is possible to use Short Code Transactions to activate Server Side Trusted Storage? Question Is is possible to use Short Code Transactions to activate Server Side Trusted Storage? Answer No it is not possible to perform Server Side Trusted Storage Activations using ?Short Code? transactions due to the limited information that can be transmitted in this format and the complexity of such requests. This is confirmed by this extract from the TS Programming & Reference Guide (P37 of 11.13 fnp_PR-TS.pdf) ? Normal transactions use XML formatted messages. These are transmitted either as a data stream (without end-user intervention) or as a files (with end-user intervention). When a network connection is unavailable or the XML documents are too large, you can transmit the messages using request and response codes. These transactions are referred to as short-code transactions because the request and response message is encoded as a numeric value. They are available for transactions only between a FlexEnabled client and an activation server. Typically, this type of transaction is used for telephone transactions either with a customer service representative or using automated touch tone telephony. In order to activate Server Side TS you would therefore need to use the XML file transfer method referenced above.
View full article
Summary A vulnerability has been reported in FlexNet Publisher, which can be exploited by malicious, local users to potentially gain escalated privileges. 1) A boundary error related to a named pipe within the FNLS (FlexNet Publisher Licensing Service) can be exploited to cause an out-of-bounds memory read access. Successful exploitation may allow execution of arbitrary code with SYSTEM privileges. The vulnerability is reported in versions prior to 11.14.1.1 (FlexNet Publisher 2016 R2 SP1) running FlexNet Publisher Licensing Service on Windows platform. Symptoms **** Only the following information is permitted to be distributed outside of Flexera Software and customers of FlexNet Publisher" - CVE number - CWE ID - CVSS scores - The text in the Workaround section - Reference to any publicly available documentation **** A vulnerability has been reported in FlexNet Publisher, which might be exploited by malicious, local users to potentially gain escalated privileges. - An Out-of-bounds Read (CWE-125) in the Windows FlexeNet Publisher Licensing Service could theoretically be used to alter program flow. - Successful exploitation may allow execution of arbitrary code with SYSTEM privileges. Depending upon the license model(s) you offer to your customers, you may or may not distribute this component to one or more of your customers. If you do not distribute this component, there is no further action on your part. If you do, you must distribute to those same customers the security update mentioned in the Resolution section of this article. Affected Platforms/Components - All Microsoft Windows versions of the FlexeNet Publisher Licensing Service (FNLS) before version 11.14.1.1 - The FNLS should not be confused with lmadmin or lmgrd running as a service - The FNLS is typically installed using API calls to fnpActSvcInstallWin or by executing installanchorservice.exe or some derivative of the same. - Non-Windows platforms are unaffected *NOTES: FNLS (FlexNet Publisher Licensing Service) is an optional Windows service required for customers implementing Trusted Storage features in their products. All Trusted Storage customers on versions prior to 11.14.1.1 are impacted by this vulnerability. Starting with 11.14.1.0 (FlexNet Publisher 2016 R2) certificate users, who also implement (optional) virtualization features, are impacted due to a dependency on FNLS. Customers using certificate licensing on versions prior to 11.14.1.0 are not impacted since they do not have a dependency on FNLS. This does not affect lmgrd or lmadmin in any way even when they are run as a service. Criticality Rating (by "Secunia Research" at Flexera Software): ?Less Critical? Secunia CVSS Scores: Base: 6.8, Overall: 5.0 (AV:L/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C) CVSS version 2 metric and score: https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?vector=(AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C) CVSS version 3 metric and score: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C To understand the potential consequences of this vulnerability, see the Common Consequences section of CWE-125: ?Out-of-bounds Read? (Common Weakness Enumeration). Discovery was through a third party researcher contacting Flexera Software. This security vulnerability has been assigned to the CVE ID number of CVE-2016-10395. The CWE-ID number that is suitable for the root cause is ?Out-of-bounds Read?: CWE-125 https://cwe.mitre.org/data/definitions/125.html Cause See "Steps to Reproduce" section Steps To Reproduce For security reasons, Flexera Software will not publish the steps to reproduce this security vulnerability. Flexera Software was in contact with the original research team that discovered this security vulnerability, but Flexera Software did not participate in the publishing of these articles. Resolution Fixed in version 11.14.1.1 (FlexNet Publisher 2016 R2 SP1) Resolution is to upgrade FlexNet Licensing Service (FNLS) to the latest version (which is currently 11.14.1.2). This can be done independently of other licensing components. Detailed Steps to Upgrade FNLS: Download the appropriate Windows toolkit for version 11.14.1.2 (FlexNet Publisher 2016 R2 SP2 from the Product & Licensing Center. The toolkit contains two sample programs that install and uninstall the FlexNet Licensing Service using fnpActSvcInstallWin and fnpActSvcUninstallWin functions of the FlexNet Licensing Service API: ? installanchorservice.exe ? uninstallanchorservice.exe These files are located in the <platform_dir> directory of the toolkit. The source code is available in \examples\anchor_service. These executables must be run as an Administrative user. The Windows toolkit contains example InstallShield project files that you can use to create your own installer for the FlexNet Licensing Service. These files are located in the <platform_dir>\examples\serviceinstall directory. See the Readme file for information on how to use the example project files. For additional information please consult the Programming Reference for Trusted Storage?Based Licensing Workaround Upgrade the FlexNet Licensing Service (FNLS) component to version 11.14.1.2 (FlexNet Publisher 2016 R2 SP2) Note: This is now the current version available - recommendation is to use the latest available at the time of update. Additional Information A link to the community representation of the Secunia Advisory SA76368: https://secuniaresearch.flexerasoftware.com/advisories/76368/ A link to the terminology, which explains the criticality ratings and impacts used in this advisory: https://secuniaresearch.flexerasoftware.com/community/advisories/terminology/ Related Documents Secunia Advisory ID: SA76368 (attached)
View full article
Summary Step by Step: How to repair client side borrowed TS license Synopsis Step by Step: How to repair client side borrowed TS license Discussion This was tested using FNP v11.12 and FNO v12.8. 1. Copy "Floating Borrowable" and create a new license model "Floating Borrowable client repair 100%" 2. Deploy "Floating Borrowable client repair 100%" 3. Link "Floating Borrowable client repair 100%" to an existing product 4. Create a new line item linked to "Floating Borrowable client repair 100%" and license count of 10 5. Activate server side TS against FNO server # tsreset_svr.exe -reset # servercomptranutil.exe -t http://fno128:8888/flexnet/services/ActivationService -new -activate client-repair-100 hybrid=10 repairCount=10 You will see the following content in the request XML <Count><Type>pubRep</Type><Value>10</Value></Count> and following content in response XML <Entry> <Key>availRepair</Key> <Value>10</Value> </Entry> <Entry> <Key>repairsToServe</Key> <Value>10</Value> </Entry> You can also see Repairs count is 10 as per the output of serveractutil.exe -v # serveractutil.exe -v -------------------------------------------------------------------- Trust Flags: FULLY TRUSTED Fulfillment Type: PUBLISHER ACTIVATION Status: ENABLED Fulfillment ID: FID_3637de98_144a9958dfe__7ff6 Entitlement ID: client-repair-100 Product ID: NAME=lmflex;VERSION=1.0 Suite ID: NONE Expiration date: 08-May-2014 Concurrent: 0 Concurrent overdraft:0 Hybrid: 10 Hybrid overdraft: 0 Activatable: 0 Activatable overdraft: 0 Repairs: 10 Feature line(s): 6. Start license server and borrow a licence from client side # start lmgrd -z -c counted.lic # appactutil -borrow -commServer 27000@10.30.1.108 -entitlementID client-repair-100 -expiration 15-apr-2014 Borrow Activate Expiration: 15-apr-2014 CommServer: 27000@10.30.1.108 EntitlementID: client-repair-100 FulfillmentID FID-1396928306 7. Windback windows clock to break client side TS # appactutil.exe -v -------------------------------------------------------------------- Trust Flags: **BROKEN** TIME Fulfillment Type: SERVED ACTIVATION Status: ENABLED Fulfillment ID: FID-1396928306 Entitlement ID: client-repair-100 Product ID: NAME=lmflex;VERSION=1.0 Suite ID: NONE Expiration date: 15-apr-2014 Feature line(s): INCREMENT T1 mvsnjakk 1.0 8-may-2014 1 ISSUER="My Corporation" \ ISSUED=8-apr-2014 START=7-apr-2014 SIGN="01A8 D11E A752 A1E4 \ 3406 344C C34F 0252 3578 E40A 1801 2C9E DDAD 1EAC 787D 5008 \ A678 B761 F92E 1ED1 C30F" INCREMENT T2 mvsnjakk 1.0 8-may-2014 1 ISSUER="My Corporation" \ ISSUED=8-apr-2014 START=7-apr-2014 SIGN="03C5 5D70 0A77 D6A9 \ 85E4 B7C4 38EB F69B A85C 9B74 DA02 A5EC 9654 3852 1BF6 8030 \ 6CFE 4166 76E5 B09A 17AE" -------------------------------------------------------------------- 8. Repair client side TS # appactutil -repair FID-1396928306 -commServer 27000@10.30.1.108 SUCCESSFULLY SENT REPAIR REQUEST 9. Status after repair # appactutil.exe -v -------------------------------------------------------------------- Trust Flags: FULLY TRUSTED Fulfillment Type: SERVED ACTIVATION Status: ENABLED Fulfillment ID: FID-1396928306 Entitlement ID: client-repair-100 Product ID: NAME=lmflex;VERSION=1.0 Suite ID: NONE Expiration date: 15-apr-2014 Feature line(s): INCREMENT T1 mvsnjakk 1.0 8-may-2014 1 ISSUER="My Corporation" \ ISSUED=8-apr-2014 START=7-apr-2014 SIGN="01A8 D11E A752 A1E4 \ 3406 344C C34F 0252 3578 E40A 1801 2C9E DDAD 1EAC 787D 5008 \ A678 B761 F92E 1ED1 C30F" INCREMENT T2 mvsnjakk 1.0 8-may-2014 1 ISSUER="My Corporation" \ ISSUED=8-apr-2014 START=7-apr-2014 SIGN="03C5 5D70 0A77 D6A9 \ 85E4 B7C4 38EB F69B A85C 9B74 DA02 A5EC 9654 3852 1BF6 8030 \ 6CFE 4166 76E5 B09A 17AE" -------------------------------------------------------------------- # serveractutil.exe -v -------------------------------------------------------------------- Trust Flags: FULLY TRUSTED Fulfillment Type: PUBLISHER ACTIVATION Status: ENABLED Fulfillment ID: FID_3637de98_144a9958dfe__7ff5 Entitlement ID: client-repair-100 Product ID: NAME=lmflex;VERSION=1.0 Suite ID: NONE Expiration date: 08-May-2014 Concurrent: 0 Concurrent overdraft:0 Hybrid: 9 Hybrid overdraft: 0 Activatable: 0 Activatable overdraft: 0 Repairs: 9 Feature line(s): INCREMENT T1 mvsnjakk 1.0 8-may-2014 1 ISSUER="My Corporation" \ ISSUED=8-apr-2014 START=7-apr-2014 SIGN="01A8 D11E A752 A1E4 \ 3406 344C C34F 0252 3578 E40A 1801 2C9E DDAD 1EAC 787D 5008 \ A678 B761 F92E 1ED1 C30F" INCREMENT T2 mvsnjakk 1.0 8-may-2014 1 ISSUER="My Corporation" \ ISSUED=8-apr-2014 START=7-apr-2014 SIGN="03C5 5D70 0A77 D6A9 \ 85E4 B7C4 38EB F69B A85C 9B74 DA02 A5EC 9654 3852 1BF6 8030 \ 6CFE 4166 76E5 B09A 17AE" --------------------------------------------------------------------
View full article
Summary How do you obtain a list of only the physical adapters on Windows? Question I am trying to obtain a list of only the physical adapters and also a separate list of the virtual adapters on Windows. I am first setting LM_A_PHYSICAL_ETHERNETID to (LM_A_VAL_TYPE)0 to obtain the list of physical and virtual adapters and then setting it to (LM_A_VAL_TYPE)1 to obtain only the physical adapters. I am then comparing the two lists and extracting the virtual adapters. After setting LM_A_PHYSICAL_ETHERNETID to (LM_A_VAL_TYPE)0 calling lc_hostid() returns all adapters as expected. However, if you then set it to LM_A_VAL_TYPE)1, calling lc_hostid() still returns all adapters. So how exactly can you obtain a list of only physical adapters? Answer Here's an example of using a WMI utility to determine which adapters are physical. That can also be done as scripted calls from something like Powershell. Run the wmic application c:> wmic wmic:root\cli> at the wmic prompt type "NIC" to display all details on all NICs on the system. To get a subset of NIC details, and to determine what is reported as physical, enabled, and what their driver name is, type the following at the wmic prompt: wmic:root\cli>path win32_networkadapter get description, physicaladapter, pnpdeviceid, macaddress, netenabled Description MACAddress NetEnabled PhysicalAdapter PNPDeviceID WAN Miniport (SSTP) FALSE ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) FALSE ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) FALSE ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) FALSE ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) FALSE ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) FALSE ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) FALSE ROOT\MS_NDISWANBH\0000 Intel(R) 82579LM Gigabit Network Connection 90:B1:1C:A4:DE:42 TRUE TRUE PCI\VEN_8086&DEV_1502&SUBSYS_052C1028&REV_04\3&11583659&0&C8 WAN Miniport (IP) FALSE ROOT\MS_NDISWANIP\0000 Microsoft ISATAP Adapter FALSE ROOT\*ISATAP\0000 RAS Async Adapter 20:41:53:59:4E:FF FALSE SW\{EEAB7790-C514-11D1-B42B-00805FC1270E}\ASYNCMAC VirtualBox Host-Only Ethernet Adapter 08:00:27:00:04:CC TRUE TRUE ROOT\NET\0000 VirtualBox Bridged Networking Driver Miniport 90:B1:1C:A4:DE:42 FALSE ROOT\SUN_VBOXNETFLTMP\0000 Microsoft ISATAP Adapter FALSE ROOT\*ISATAP\0001 Bluetooth Device (Personal Area Network) FALSE Microsoft ISATAP Adapter FALSE ROOT\*ISATAP\0002 VMware Virtual Ethernet Adapter for VMnet1 00:50:56:C0:00:01 TRUE TRUE ROOT\VMWARE\0000 VMware Virtual Ethernet Adapter for VMnet8 00:50:56:C0:00:08 TRUE TRUE ROOT\VMWARE\0001 Microsoft ISATAP Adapter FALSE ROOT\*ISATAP\0003 Juniper Network Connect Virtual Adapter 00:FF:B0:E1:21:0D FALSE ROOT\DSNCADPT\0000 Microsoft ISATAP Adapter FALSE ROOT\*ISATAP\0004 Microsoft 6to4 Adapter FALSE ROOT\*6TO4MP\0000
View full article
Summary This article will explain the reasons for and solutions to the 'The FlexNet License Service is not installed. (-213,14703)' error. Cause This error is normally thrown when the FlexNet License Service is not installed on a Windows operating system. Resolution The resolution to this issue is to install the FlexNet License Service by running the 'installanchorservice.exe' from a command prompt. The executable can be located in the platform folder of your toolkit, for 32 bit machines it will be the i86_n3 folder and for 64bit machines it will be the x64_n6 folder. The command to run is as followed: installanchorservice.exe <vendor_name> <product_name> Here is an example of the command: installanchorservice.exe flexera exampleProduct
View full article
Summary Is the FNP activation request encrypted? Question Is the FNP activation request encrypted? Answer The activation request xml are unsigned and unencrypted but hashed. <Hash>3D10D23739AB325829C5FA43F31C261F6C1CE315</Hash> <HashVersion>1</HashVersion> I f the request is modified, FNO with throw an error: ?Request is tampered, error code: ERROR:7; The hash in the client request is incorrect?
View full article
Summary How long does FNPLicensingService normally stay running after the last client disconnects on Mac or Linux? Question Because the licensing service isn?t a ?service? on a Mac (we use install_fnp.sh to generate a setuid-root binary that gets invoked by Flex-enabled applications via our libraries), this brings up the question, how long does FNPLicensingService normally stay running after the last client disconnects? Answer On Mac, and indeed Linux, the 'service' only stays running as long as it takes to perform the privileged activity its parent process requested, probably of the order of tens of milliseconds.
View full article
Summary How do you determine the current version of the FlexNet Licensing Service (FNLS) running on a Windows system? Question How do you determine the current version of the FlexNet Licensing Service (FNLS) running on a Windows system? Answer Browse to C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher, then properties and you should find it in there.
View full article