Flexera Software Community Knowledge Base

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Knowledge Base Categories
Question: How to manage the maximum borrow duration for Flexnet based licensing. Answer: For FNP licensing, both, certificate based licensing and trusted storage based licensing based borrow checkout (/activation) can be managed for a maximum specified duration. For Certificate Based Licensing: For certificate based licensing, the options file keyword "MAX_BORROW_HOURS" provides the option to limit the duration for which a license can be borrowed. General Method to borrow the licenses: By adding the BORROW[n]keyword in the INCREMENT/FEATURE line. The value, n, is the maximum number of hours for which the license can be borrowed. The default value is 168 (hours), which equates to one week. The maximum borrow period is platform dependent. Typically, a value under 60000 hours works on most platforms. MAX_BORROW_HOURS This option is used for licenses held in license files. When licenses are available in trusted storage, normally activation is provided instead of BORROW. Syntax:    MAX_BORROW_HOURS feature[:keyword=value] num_hours This options file entry changes the maximum period a license can be borrowed from that specified in the license file for feature. The new period must be less than that in the license file. NOTE: If multiple MAX_BORROW_HOURS keywords appear in the options file, only the last one is applied to feature For Trusted Based Licensing: For TS based licensing, there isn't an exact concept of borrow, but its known as "Activation". Using the BORROW keyword, a maximum borrow period is defined. To limit the possible misuse of borrowed licenses, the default borrow period is set to one week. Licenses obtained using the activation borrow capability are secure: starting and stopping the license server does not allow for extra uses. There is no provision for defining a maximum borrow period with the activation borrow capability. Licenses borrowed using the activation borrow capability cannot have an expiration date later than the expiration date of the source fulfillment record on the license server. Starting FNP-11.12.1 (Released in 2014), a new options file keyword was introduced with an option to specify the maximum duration for which a TS license can be activated on the clients i.e. "ACTIVATION_EXPIRY_DAYS " Quoting the FNP-11.12.1 release note: ACTIVATION_EXPIRY_DAYS This option controls the activation request based on the expiration date mentioned in the options file during activation Publisher controls the activation based on the number of expiration days. Syntax: - ACTIVATION_EXPIRY_DAYS entitlement ID days - ACTIVATION_EXPIRY_DAYS entitlementID:FID=fulfillmentID days Example: ACTIVATION_EXPIRY_DAYS ENTL-EZCALC 3 As per the example, if the current date is 29-December-XXXX then the client can activate the license until 31-dec-XXXX. In case of normal activation without the options file, the client can use the license beyond 31-dec-XXXX Note • If more than one ACTIVATION_EXPIRY_DAYS option for the same entitlement ID and fulfillment ID with different count of days is specified in the options file, then the functionality always considers the first line and ignores subsequent lines. NOTE: The BORROW and activation borrow capabilities are not compatible with use of three server redundant configuration. This is because persistent data is held on a single license server: for the BORROW capability, this is the borrow data-cache and for the activation borrow capability this is the data required to add the license back in to the concurrent license pool when the borrowed license expires. Note that it is a general limitation of activation that it is not supported on a three redundant server configuration.  
View full article
Question: Is    FNP toolkit functionality  affected by the Ripple20 Security Vulnerabilities in TCP/IP library from the Treck Inc.? Ans: A pack of 19 or more Security Vulnerabilities have been found in the ubiquitous TCP/IP library from the Treck Inc.   [https://treck.com. They have been named Ripple20. More information about Ripple20 can be obtained at   https://www.jsof-tech.com/ripple20/. A detailed technical report of two of the vulnerabilities and their exploitation can be found in the CVE-2020-11896/CVE-2020-11898   Of the Ripple20 batch, four bugs are critical. Two of them (remote code execution  CVE-2020-11896  and  CVE-2020-11897 ) have the highest severity score (10 out of 10) and the other two are rated 9.0 ( CVE-2020-11901 ) and 9.1 (an information leak,  CVE-2020-11898 ). No, FNP toolkit is not affected by these vulnerabilities. For future references, it is advised to have a look at the "Non-Commercial Software Disclosures (NCSD)" document for particular release, which is available under PLC for each FNP toolkit - for confirmation if particular library/tool/Inc. files are used by FNP toolkits.
View full article
Overview of Transfer Split functionality in LLM can found in this  article  .   Steps to follow when we split portion of quantity from the order line of source account to Target Account(Split done in Producer Portal) is as below: 1)Create A source Account and Entitle the account (View Account -> Entitle -> Entitle Account)     2)Create a Target Account.            3)Allocation before Split: Check for the Activation Code under Allocations (View Entitlement -> View Allocations). We see that the Allocation is on account YT_Split1 with Activation Code : CAFE-0374-C786-CF3C and Quantity 99.                 4)Split a portion of quantity to target account : Under Allocation Details Split Some Quantity(Quantity taken as 50 in the below example) from Source Account. After Split we see that the quantity : 50 is under Target Account with New Activation Code, quantity :49 is still under the Source Account with the original Activation Code.                       Steps to follow when we   split portion of quantity   from the order line of source account to Target Account( Split done in End User Portal)  is found here .
View full article
Overview of Transfer Split functionality in LLM can found in this  article  .   Steps to follow when we   split portion of quantity   from the order line of source account to Target Account(Split done in End User Portal)   is as below.   Pre-requisite: Check if the Email type ‘Entitlement Allocation Email’ is present under the Administer -> List Email Templates.         1)Create Account and Entitle the account.           2)Allocations as seen in PP.       3)Allocation Account in EP. Same Activation Code is seen in EP and PP.   4)Split in EP as shown below. We use ‘Select All’ to notify all the members of the Allocation Account or use the checkbox to notify any specific members.     5)After Split in EP. We see that new Activation Code is created for quantity 59.     6) Allocations as seen in PP.     7)As we have setup the ‘Entitlement Allocation Email’ in our PP, Make sure to get an email in the members selected under Step 4 inbox with correct Activation Code after we Split from the EP end.     Steps to follow when we   split portion of quantity   from the order line of source account to Target Account(Split done in Producer Portal) is found here .      
View full article
This scheduled maintenance includes a minor change to the Open New Case   form used for submitting Revenera Support cases. The Community field value has been updated from 'Flexera Software Community' to 'Revenera Community' to reflect our new brand. If you encounter issues with your ability to submit cases after this maintenance, please notify our Support team by phone for assistance. Thank you, Your Revenera Community Team
View full article
Summary A Disclosure of sensitive information vulnerability existed in lmadmin systems. The web portal link can be used to access to system files or other important files on the system. The vulnerability was discovered in FlexNet Publisher's lmadmin 11.14.0.2. If you do not distribute lmadmin to your customers, there is no further action on your part. If you do, you must distribute to those same customers the security update mentioned in the Resolution section of this article.The vulnerability will not impact lmadmin if started without integrated web server. Symptoms **** Only the following information is permitted to be distributed to users of products enabled with FlexNet Publisher: - CVE number (if available) - CWE ID - CVSS scores - Any publicly available information **** Through lmadmin provided web portal the user can access unconditionally the files located at out of the installation path. The information in these files can be compromised. This vulnerability has been assigned the ID of CVE-2020-12081. The CVSS v2 base score for this vulnerability is 6.2; that is, medium severity. Resolution The lmadmin functionality has been enhanced to access the files which are relative to the lmadmin installation location. The FlexNet Publisher 2016 R2 SP2 (11.14.1.2) and later address the security vulnerability and will be available on the Product and License Center. We advise all FlexNet Publisher customers update lmadmin binary to FlexNet Publisher 2016 R2 SP2 or later. As good practice, we advise customers to expose lmadmin to only a trusted network. This will reduce the attack vector to only those attackers who have access to that trusted network. Additional Information For identifying this vulnerability and disclosing it to Revenera under a responsible disclosure process, we'd like to thank the team members of TIM S.p.A - TIM Security Red Team Research: Alessandro Bosco Luca Di Giuseppe Alessandro Sabetta Related Documents https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12081
View full article
Below is the sample code(lmflex.c) which gives the details of the license file being used by the license server   /****************************************************************************** Copyright (c) 1988-2008 Acresso Software Inc. All Rights Reserved This software has been provided pursuant to a License Agreement containing restrictions on its use. This software contains valuable trade secrets and proprietary information of Acresso Software Inc. and is protected by law. It may not be copied or distributed in any form or medium, disclosed to third parties, reverse engineered or used in any manner not provided for in said License Agreement except with the prior written authorization from Acresso Software Inc. *****************************************************************************/ /* * * Description: This is a sample application program, to illustrate * the use of the Flexible License Manager. * */ #include <stdio.h> #include "lmclient.h" #include "lm_attr.h" int main(int argc, char * argv[]) { VENDORCODE code; LM_HANDLE *lm_job; char **feats; int i=0, ret=0; CONFIG *pos = 0, *conf; if (lc_new_job(0, lc_new_job_arg2, &code, &lm_job)) { lc_perror(lm_job, "lc_new_job failed"); exit(lc_get_errno(lm_job)); } lc_set_attr(lm_job, LM_A_PORT_HOST_PLUS, (LM_A_VAL_TYPE)0); (void) lc_set_attr(lm_job, LM_A_LICENSE_DEFAULT, (LM_A_VAL_TYPE)"27000@localhost"); for (feats = lc_feat_list(lm_job, LM_FILTERLIST_ALL_FILES, NULL); feats && *feats; feats++) { pos = 0; conf = 0; while (conf = lc_next_conf(lm_job, *feats, &pos)) { printf("\n\n Got some config information:\n"); printf("Feature: %s\n", conf->feature); printf("\n\t\t Exp date is %s", conf->date); printf("\n\t\t Version is %s", conf->version); printf("\n\t\t code is %s", conf->code); } } lc_free_job(lm_job); return 0; }
View full article
This article lists the changes and issue fixes introduced by FlexNet Operations Cloud service pack releases from FlexNet Operations Cloud 2020 R2 SP1 onward. ALM 2020 R2 SP1 (July 2, 2020) SWM-2732:  Ability to manage additional users on self-registered accounts SWM-2578: EP password change bug from profile menu in EP SWM-2513: Web service DeliveryService is not returning valid response SWM-2362: Email templates not displaying German "Umlaute" characters correctly SWM-2314: Add lastModifiedDate parameter in searchDevices request SWM-2105: Hide "Create Account" button in end-user portal SWM-1950: Reporter data incorrect- Custom Attributes are not transformed SWM-1943: Enterprise Portal Admin has the ability to edit their own Account ID/Account Name SWM-1809: Special characters not displaying correctly in EP under drop down menu on download pages SWM-1807: The "Download Now" link from the List Entitlements page in the end user portal shows only 1 download package for multi-product entitlement line item SWM-1617: Welcome Email for End Users sent when template is in Draft SWM-1324: List Product Lines UI content should only show the product lines related to the logged in user SWM-1114:  Device creation data is now included in getDevice method of v3 of ManageDeviceService WebService SWM-320:  Enhancement: Include Product Description field in Enterprise Portal List Entitlements and in Producer Portal Configure Line Item for Create Enhancement screens   LLM 2020 R2 SP1 (June 18, 2020) SWM-173:  CLS REST APIs are available to LLM customers SWM-2746: Downloads using the "Download Now" link on List Entitlement portal page are listed as anonymous in the report SWM-1966:  Unable to add a new serial number
View full article
This article provides an overview of the Transfer Split functionality in LLM. Different use cases with examples have been described in separate articles. Transfer: Allow a user to transfer all the order lines, their licenses, hosts, their FNE mappings and Devices to another Account. Transfer of a full order will not change ownership of the order, it will still be owned by the original Account. Transfer of a full order will not be allowed when there are host or device bound fulfillments that cross over to other orders (except for host id ANY/DEMO cases). Activation code upon transfer (only) can be retained – this is controlled by a property and a request has to be made to Revenera if it has to be enabled/disabled. Split: Allow a user to allocate unfulfilled quantity to another Account (either a regular Account or an Allocation Account). This functionality is available through the UI, XML transaction, and Batch Converter templates. This is not available as a web service. Transaction logging has also been implemented. There is a new template to notify users about the split transaction. Split can be done in both Producer as well as End user Portal. The 'Entitlement Allocation Email Template' can be customized in Producer Portal to send out order notification emails after a split done in End User Portal. This can only be triggered from the end user portal. The property related to Activation Code being changed/retained is applicable for Transfer of entitltements and not for Split. Implemented for the following issuers: FlexTemplateLicenseIssuer (FLEXTMPL) - FNP certificate FNPLicenseIssuer (FNP) - FNP Trusted Storage GetMultipleKeysFromPoolIssuer (PRDCT_POOL_PER_QTY) - multiple keys from pool for product KeyFromPoolAssignedUserIssuer (PRDCT_POOL_ASN_USR) - keys from pool assigned to user FNE The user will not be able to split of any quantity for the FlexTemplate License Style if the quantity is set as fixed (which is not very common). FNP-TS does not let you set the quantity to fixed. It is recommended to split from end user portal because that will trigger an email. But it is also possible to split from Producer Portal. Moving a device/host will cause an internal split. More details can be found in Moving a Device Host .   Examples of Transfer and Split orders are in the below articles: Transfer of Entitlement from Source to Target Account : Without mappings,Splits: https://community.flexera.com/t5/FlexNet-Operations-Knowledge/Transfer-of-Entitlement-from-Source-to-Target-Account-Without/ta-p/146442 Split all from the source account to the target account and back: https://community.flexera.com/t5/FlexNet-Operations-Knowledge/Split-all-from-the-source-account-to-the-target-account-and-back/ta-p/149239 Split SOME from Source Account to Target Account  : https://community.flexera.com/t5/FlexNet-Operations-Knowledge/Split-SOME-from-Source-Account-to-Target-Account/ta-p/153271
View full article
Overview of Transfer Split functionality in LLM can found in this article .   Steps to follow when we split all from the order line of source account and back(Split done in Producer Portal) is as below: 1)Entitle the Source Account (View Account -> Entitle -> Entitle Account) 2)Create an order line (View Entitlement -> Edit Entitlement -> Add Line items with all details)     - The line item is created, and an activation code is assigned                          3)  Create a Target Account  4) Check for the Activation Code under Allocations (View Entitlement -> View Allocations).        - The activation code is displayed with full order line quantity        - Under Allocation Details Split all from Source Account.                 5) After Split we see that the whole quantity is under Target Account with New Activation Code.          - The target account has a new activation code          - The activation code on the Target Account now has the full order line quantity.                     6) Split all back from Target Account to Source Account.             - The Source account has the activation code as seen in Step 4)             - The activation code on the Source Account now has the full order line quantity.                                           
View full article
To access the Product and License Center: Sign in Click on "Other Resources" and select "Product and License Center"  From there, find which column your product is located in and select the “Let’s Go” option. If this is your first time accessing the product and you are not main account contact,  you will be directed to a screen to submit a request for access. The staff member who received the order confirmation will receive an email with the request and will need to approve your request. 
View full article
Summary The Cloud Monetization API (CMAPI) is a REST interface alternative for licensing certain software products. Support for Cloud Monetization API was introduced to FlexNet Operations Cloud LLM in 2020 R2 SP1. Before your client application can use the Cloud Monetization API for licensing, the following two tasks must be done: Task 1: Enable the CLS Producer User The Producer User for the Cloud Licensing Service (CLS) is added on all existing and newly created Cloud Licensing Service instances. This user allows the Software Producer to generate the authorization tokens required to secure the Cloud Monetization API exchange. Task 2: Set up JSON Security The JSON Security should be configured to secure the Cloud Monetization API exchanges the client application will make with the Cloud Licensing Service instance.   Synopsis This article only covers the steps to complete Task 1: Enable the CLS Producer User. For in-depth instructions related to Task 2: Set Up JSON Security, please refer to the Cloud Monetization API User Guide and the FlexNet Embedded License Server Producer Guide, which are available on the Product and License Center.   Discussion NOTE: The following task can only be performed by your organization’s FlexNet Operations Cloud System Administrator or a trusted member with the Manage FlexNet Secret Keys (KEYS) permission. To enable the CLS Producer User on your FlexNet Operations Cloud LLM environment: 1. Log into the FlexNet Operations Cloud LLM Producer Portal 2. Navigate to Manage Hosts -> Producer User For CLS   3. Check the Enable Producer User For CLS option and click Save   4. Define a password for this Producer User and click Save
View full article
1.Go to System->Configure->FlexNet Platform Server 2.Enter the Number of attempts to log in   "Consecutive Failed Authentication" after which the user will be deactivated. 3. Attempts are counted over time period for failed authorizations. For a Shared Login, the number of attempts considered is twice this configuration.
View full article
Symptoms:       A GET features REST request to get the details of the features that are mapped to a CLS instance with valid expiry license, returns an empty result. An example of the request returning an EMPTY response:             Diagnosis:      Check the license model mapped into this  CLS ID  GHB887SNNHN0  as per the below screenshot   We can find two License Models (Metered and Concurrent) mapped into a single product called "Grace 90days check v1.0". What this implies is that the same feature can use both the Metered and Concurrent license models on the same CLS, which is not correct and is not supported. The feature is treated as a duplicate and rejected. Solution:      Mapping two or more License Models to a Single Product is valid, but you cannot have both metered and concurrent features with the same name in a CLS. The feature will be considered as duplicate and rejected.
View full article
Symptoms: It has been noticed that till FNP-11.16.4, the lmadmin installation on Windows Server 2019 (and Windows Server 2016) fails with an error as  ""Installer User Interface Mode Not Supported"". Diagnosis: We have been able to root cause this reported ambiguity with Java installation and the culprit is the Java version in installation. The issue can only be seen with latest version of Java (i.e. Java 8_u221) and above. Workaround: Downgraded the java version to a lower version (v8_202,/v8_211). This issue is already reported to FNP engineering and most probably will be fixed in future releases (FNP-21664). https://www.oracle.com/technetwork/java/javase/downloads/java-archive-javase8-2177648.html Solution: This behavior has been fixed in FNP-11.16.5 and onwards releases.
View full article
Overview of Transfer Split functionality in LLM can found in this  article  .   Property to be set for the below mentioned scenario 1: i)TransferSplitEnabled = True ii)TransferSplitEnabled.TransferOrderActivationCodeToTarget = false   Steps followed: 1) Entitle the Source Account (View Account -> Entitle -> Entitle Account) 2) Create an order line (View Entitlement -> Edit Entitlement -> Add Line items with all details)      - Certificate from the source account will keep its activation code and will remain ACTIVE 3) Create a Target Account 4) Make sure to check no mappings, splits are active on the source account 5) Under Edit Entitlement -> Transfer -> Select Target Account      - The available_qty from the source certificate will now be 0      - A new certificate will be created for the target account with a new activation code ( Due to property 'ii' mentioned above)      - The quantity from the source certificate will now be on the target certificate   Property to be set for the below mentioned scenario 2: i)TransferSplitEnabled = True ii)TransferSplitEnabled.TransferOrderActivationCodeToTarget = True   Steps followed: 1) Entitle the Source Account (View Account -> Entitle -> Entitle Account) 2) Create an order line (View Entitlement -> Edit Entitlement -> Add Line items with all details)      - Certificate from the source account will keep its activation code and will remain ACTIVE 3) Create a Target Account 4) Make sure to check no mappings, splits are active on the source account 5) Under Edit Entitlement -> Transfer -> Select Target Account      - The available_qty from the source certificate will now be 0      - A  certificate will be created for the target account Activation Code is retained ( Due to property 'ii' mentioned above)      - The quantity from the source certificate will now be on the target certificate     NOTE: Follow the above mentioned steps in the same order When more than one Line Orders are present.                Step 2 gives the details to create Line Orders.
View full article
The display of this filter is controlled by below config in FlexNet Operations: "System"-->"configure"-->"End-User Portal Setup"-->"Portal Navigation"-->"Hide License Support menu" When "Hide License Support menu" config  is enabled or checked then the filter does not show up and when the config is disabled, the filter shows up. Please refer below screenshot.   The purpose of this filter is for those cases where the user needs to fetch line items with available quantity as zero. If only partial quantity is fulfilled, then this filter will not make any difference. If available quantity is not 0, it will display the line items even if filter is not selected.    
View full article
Symptoms: Starting FNP-11.16.0, (shared HASP dongle driver and dll's are for version 7.61) the dongle dll's will not be backward compatible for FNP-11.13.1 and older version of clients. Diagnosis:   FNP Toolkit Version HASP dongle driver (Signed by Thales) HASP Dll's (Signed by Flexera) Comments: ==================================================================== v 11.13.1 Version: 6.56 Digest Algorithm: SHA1 VeriSign Class 3 Code Signing 2010 CA Version: 7.1 Digest Algorithm: SHA1 VeriSign Class 3 Code Signing 2010 CA   v 11.14.0 Version: 7.41 Digest Algorithm: SHA1 VeriSign Class 3 Code Signing 2010 CA Version : 7.4 Digest Algorithm: SHA 256 VeriSign Class 3 Code Signing 2010 CA FNP-14155 FNP-14401 FNP-11607 Microsoft will soon require SHA-2 (SHA256) signing: http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx FNP kept signing 'dll's' with VeriSign to maintain the backward compatibility.   In addition to that code wise a check was added (to source code) which allows 'VeriSign' as well as 'Symantec' Issuers during authentication - so that when in future we move from VeriSign to Symantec - backward compatibility is maintained. v 11.15.1 Version : 7.60 Digest Algorithm: SHA1 DigiCert EV Code Signing CA (SHA2) Version : 7.6 Digest Algorithm: SHA 256 VeriSign Class 3 Code Signing 2010 CA   v11.16.0 Version : 7.80 Digest Algorithm: SHA1 DigiCert EV Code Signing CA (SHA2) Version : 7.61 Digest Algorithm: SHA 256 Symantec Class 3 SHA256 Code Signing CA Switched from "VeriSign" to "Symantec" As enhancement done in FNP-11.14.0 was not in FNP-11.13.1 and earlier, hence once we moved to "Symantec" for signing dll's, those client will fail to detect the dongle - if using v11.16.0 version shared dll's.     Workaround: For Flex-enabled clients build with FNP toolkit v11.13.1 and older, to have them working seamlessly in a mixed client version environment (v11.14, v1.15 and later), use the latest version (or as provided with latest GA FNP toolkit) dongle driver, but at most the HASP dll's from FNP-11.15.1 toolkit.
View full article
Use Case A node-locked license activated on a machine is only able to be used by one user. When the second user tries to log in and activate the license using the same web register keys used by the 1 st user they receive an error “license is invalid”. Error License is invalid Type of Licensing FlexNet Embedded Possible Causes 1.The license could be associated to ethernet ID as shown below, which might have been changed when the 2 nd user logged in.   2.The quantity assigned to the entitlement associated with the device might be 1 ,which has to be increased further if multiple users want to activate the license on the same device.  
View full article
  Description:  When a user goes to the reset password page and provides user id, results in an error  Application error. Please contact the FlexNet administrator. (platform.exceptions.MultipleDataFoundException) How to resolve this error? Resolution:  As the error message states, multiple user records exist in the database and the application is unable to uniquely identify the user. Run the following query to take a look for any duplicate entities in the user table select * from PLT_USER where USERID = "username" The query should return multiple records in the table. Delete the duplicate rows to resolve the issue.
View full article