Hi, Of course  libraries can be recognized by their name, but there is also a considerable amount of components that are located directly in the *.jar file etc.. these data cannot be read by the agent. That's probably the next big challenge, but that's where I don't think the Flexera Agent can help ... View more

Personally, I think that the result of a full-file scan will not provide more information than, for example, a Windows search for "log4j*". Certainly many libraries can be recognized by their name, but there is also a considerable amount of components that are located directly in the *.jar file etc.. Of course, the agent cannot read this information. I would recommend in this case that an appropriate tool is used for dedicated detection, this information is certainly already available to most IT admins. Best, Dennis ... View more

Please have a look at this posting, it will be updated by Flexera https://community.flexera.com/t5/Community-Notices/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/bc-p/217018#M86 ... View more

Hi, we have made small progress, but continue to have problems with SAML authentication. As described in the FNMS documentation on Analytics and SAML, we have copied the corresponding configurations of FNMS SAML into the web.config of Analytics. When the Analytics Server is called, communication with the IDP also begins and an initial request for access data (PKI) is made. We have recorded the communication with a SAML tracer and found an error here, including a error message from the IDP (IBM F5) open https://analytics.server/ibmcognos/bi request for access data (PKI) done Browser Error IBM F5 - FBTSML218E The specification for the SAML2.AssertionConsumerService endpoint are not valid Chrome SAML2 Trace   <saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="id9a3d3ee252d74447b32d7562e73fe***" Version="2.0" IssueInstant="2021-09-05T21:11:44Z" Destination="https://idp-url/isam/sps/idpextqs/saml20/login" AssertionConsumerServiceURL="https://analytics-url/ibmcognos/sso/AuthServices/Acs"> <saml2:Issuer>https://fnms-url/Suite</saml2:Issuer> </saml2p:AuthnRequest>     If I have seen it correctly in IIS, Cognos itself does not provide an Authentication ACS endpoint to match information regarding the login, for that the FNMS ACS should be used. Attached is the <kentor.authServices> snippet from Cognos web.config   <kentor.authServices entityId="https://fnms-url/Suite" returnUrl="https://fnms-url/Suite/AuthServices" authenticateRequestSigningBehavior="Never" minIncomingSigningAlgorithm="sha1"> <identityProviders> <add entityId="https://idp-url/isam/sps/idpextqs/saml20" signOnUrl="https://idp-url/isam/sps/idpextqs/saml20/login" allowUnsolicitedAuthnResponse="true" binding="HttpPost" loadMetadata="true" metadataLocation="C:\Program Files\ibm\cognos\idpextqs_metadata.xml"> </add> </identityProviders> <serviceCertificates> </serviceCertificates> </kentor.authServices>   Do any of you have a hint on how to get Cognos to use the correct Autnetication ACS endpoint. I'm also looking for a way to activate debuggin for Cognos SAML as it is possible for the FNMS weui.log (Maybe @kent-au or @fnishikado @fnishikado1 ) FNMS in combination with SAML2 and the IDP Works without problems. Thanks and Best, Dennis   ... View more

Hi @Favari0105 ,   take a look at this post, which covers the same topic. https://community.flexera.com/t5/FlexNet-Manager-Forum/Batch-license-allocation/m-p/106352#M1504   Best, Dennis ... View more

Hi @sushant_narula  The appropriate settings and permissions are all in place. It really only fails at the connection to the FNMS database as in the screenshot of @carlos_quiros  and is due to a problem with TLS1.2, which can be solved by an adjustment via the "Settings Tab" in Cognos. Although the problems and approaches may be different, the community would greatly appreciate your solution so that others with the problem can get to a solution faster. Thanks and regards, Dennis ... View more

Hy @carlos_quiros  @WheresThePizza  could you please share the solution how to get the "settings tab" back to cognos. I'm running into the same problem and as already discussed and would like to change the dispatcher settings to connect to the ContentStore DB.   Thanks and Best, Dennis ... View more