EMM - Device Compliance Monitoring Report Is wrong - wso2-iot

I set policy to android devices on EMM, and the device which I enroll into EMM is violated but in Device Compliance Monitoring report, the status of device is Policy Compliance while in Devices Compliance Monitoring (Current Status: Active) its violated!
I think the problem is in status variable value in devices_complience.hbs, it was Policy Compliance, where this data is loaded from ?
How can I fix this issue?
More info:
wso2-emm version 1.1.0
server: win 7

This seems to be a bug
https://wso2.org/jira/browse/EMM-764
Data is getting form the module mdm-reports.js in emm. You can find that file from
https://github.com/wso2/product-emm/blob/master/modules/apps/emm/modules/mdm_reports.js
It uses SQL query to retrieve information form the database.

Related

MFP_PERSISTENT_DATA Truncate Issue

Using MFP8, I have truncated MFP_PERSISTENT_DATA and MFP_TRANSIENT_DATA of more than 0.8 million records in live.
Currently, iOS users are facing issues and can see the below logs in server. How to rectify the same
ibm.mfp.server.registration.internal.RegistrationServiceImpl E FWLSE4213E: Client JWT authentication failed - public keys do not match com.ibm.mfp.server.security.shared.webtoken.WebTokenException: Invalid signature
ibm.mfp.server.registration.internal.rest.RegistrationEndpoint E FWLSE4225E: Invalid update self registration request, client signature could not be verified com.ibm.mfp.server.security.shared.webtoken.WebTokenException: Invalid signature
ibm.mfp.server.registration.internal.rest.RegistrationEndpoint E FWLSE4224E: Failed to process registration request.
com.ibm.mfp.server.core.shared.MFPRESTException: 400; headers=[]; body={ errorCode=APPLICATION_DOES_NOT_EXIST errorMsg=Application doesn't exist}
Firstly, random deletion of entries from the MFP-PERSISTENT_DATA is not at all recommended thing to do.for any cleanup of tables, we would recommend you to do so via https://mobilefirstplatform.ibmcloud.com/blog/2018/12/27/purge-mfp-runtime-tables/. suggestions given your current scenario is
1) Starting Nov 2018 level of SDK, Intelligence is incorporated in to MFP SDK to take care of such accidental deletions by cleaning up client context and doing fresh registration. If the customer’s application has a client SDK level that takes care of auto registration , this issue would not appear and MFP SDK will recover from the above error scenario by cleaning up and doing fresh registration . As per information provided below, customer is in a older level of SDK and the auto re registration feature requires an SDK level of Nov 2018 or later.
2) Is there a way to backup / restore data which you have truncated ? if you have taken backup / can you restore and follow proper instructions to clean up as updated in the blog above ?
3)Provided there is no way to restore / cannot upgrade their application to a newer level of SDK , options are to manually clear the application cache /uninstall and reinstall of the application which needs end user actions to recover.
4) Another option is to update your application to setServerURL() method upon this error, but this would again need update to application and careful planning to ensure it is added appropriately only to the exact error scenario in the application logic as it clears the client context completely
https://mobilefirstplatform.ibmcloud.com/api-ref/wl-android-n-java-apidoc/html/refjava-worklight-android-native/html/com/worklight/androidgap/api/WL.html#setServerUrl(java.net.URL)

WSO2 EMM Agent with COSU not using NFC

I have built the latest version of wso2 emm android agent (cdmf-agent-android v3.1.30) and got some initial tests working in BYOD mode with IoT server 3.1.0
When built for COSU it is waiting for provisioning with another device via NFC. But I want to provision devices without NFC. What options do I have? Could I trigger programmatically a custom provisioning option?
There are some options to do this, depending on your android version.
I will start with the simplest option. If you have Android 7+ you can use QR Code provisioning, this follows the exact same process as NFC provisioning. You can see some specifications from Google regarding this.
The second option is a bit trickier and requires some custom dev on your side. First thing to to make your device a Device Owner (Which is needed for COSU mode, read up about Device Owner here). Using the command: adb shell dpm set-device-owner org.wso2.iot.agent/org.wso2.iot.agent.services.AgentDeviceAdminReceiver
Note: Only one device owner can be set, to remove a device owner the device has to be factory reset.
Once this is done you can launch your app using adb shell am start -n "org.wso2.iot.agent/org.wso2.iot.agent.activities.SplashActivity".
The above will get your app to run correctly but now it has to authenticate itself to communicate to the server. When using NFC provisioning an Access Token is delivered in the Extra Bundle as 'android.app.extra.token', you can insert this extra in the launch intent as follows: adb shell am start -n "org.wso2.iot.agent/org.wso2.iot.agent.activities.SplashActivity" --es android.app.extra.token generated_access_token. You will have to edit the SpashActivity class to accept this token and follow the general authentication processes built into the app.
This may be a little bit late but I hope it is still helpful!
Some extra information you may appreciate, here is a string representation of the NFC message used, these are the specifications set in the NFC Provisioning App:
`
#Thu Apr 12 13:42:11 GMT+02:00 2018
android.app.extra.PROVISIONING_LOCAL_TIME=1523533331087
android.app.extra.PROVISIONING_TIME_ZONE=Asia/Colombo
android.app.extra.PROVISIONING_SKIP_ENCRYPTION=true
android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE=WPA
android.app.extra.PROVISIONING_WIFI_PASSWORD=PASSWORD
android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION=LOCATION_OF_APK
android.app.extra.PROVISIONING_WIFI_SSID="WIFI_SSID_NAME"
android.app.extra.PROVISIONING_LOCALE=en_US
android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM=E8PtiqUOcqKi5IXeRBF-5Br0zXg
android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE=\#admin extras bundle\n\#Thu Apr 12 13\:42\:11 GMT+02\:00 2018\nandroid.app.extra.token\=GENERATED_ACCESS_TOKEN\n
android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME=org.wso2.iot.agent
`
An example of a QR Code representation would be:
`
{
"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "org.wso2.iot.agent/org.wso2.iot.agent.services.AgentDeviceAdminReceiver",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "CSGeivCEHdJrPT0qy4W67LZSy32Fus7GyUn0jE5o028",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "APK_DOWNLOAD_LOCATION",
"android.app.extra.PROVISIONING_SKIP_ENCRYPTION": false,
"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME": "org.wso2.iot.agent",
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": {
"android.app.extra.token":"GENERATED_ACCESS_TOKEN"
}
}
`

IBM Worklight 6.2 Cannot set status. Response already committed

Environment:
IBM Worklight Server 6.2
IBM Liberty profile 8.5.5.1
IBM DB2
Windows 2008 Standard Edition
Whenever a request from Worklight server to Backend, following warning logged in server console.
[10/7/14 1:40:39:192 PDT] 00000056 com.ibm.ws.webcontainer.srt W WARNING: Cannot set status. Response already committed.
[10/7/14 1:40:47:973 PDT] 00000056 com.ibm.ws.webcontainer.srt W WARNING: Cannot set status. Response already committed.
[10/7/14 1:40:57:710 PDT] 00000051 com.ibm.ws.webcontainer.srt W WARNING: Cannot set status. Response already committed.
Read this Link but in my case the application receives data and it works fine.
Can this be ignored since it is warning or a solution is available to solve this?
This warning message can be ignored. It is harmless.
Still, I have opened an internal defect to track it and make sure it will not display anymore.
There is no manual workaround.
If this is important enough for you, you can also open a PMR to receive a fix when available.
Additionally, it'd be great if you could elaborate on when exactly this is happening.

SCVMM: A Hardware Management error has occurred trying to contact server %servername%:a:DestinationUnreachable

Today we found our host status is "Needs Attention".
We have upgraded the WMF 3.0.
And to check the health status and it reports the following error:
A Hardware Management error has occurred trying to contact server
iwwbgc8.dir.slb.com :a:DestinationUnreachable :The WS-Management
service cannot process the request. The service cannot find the
resource identified by the resource URI and selectors. .
Check that WinRM is installed and running on server
iwwbgc8.dir.slb.com. For more information use the command "winrm
helpmsg hresult".
ID: 2927 Details: Unknown error (0x8033803b)
Following the post: How to Interpret Job Failures in VMM and How to troubleshoot the “Needs Attention” and “Not Responding” host status in System Center 2012 Virtual Machine Manager
But the error is still there.
And there does some performance issue in events but by following the post How to manually rebuild Performance Counters for Windows Server 2008 64bit or Windows Server 2008 R2 systems, the performance counter can't not be fixed.
Error:
Installing the performance counter strings for service .NET Data Provider for Oracle (_) failed. The first DWORD in the Data section
contains the error code.
Cannot repair performance counters for .NET Data Provider for Oracle service. Reinstall the performance counters manually using the
LODCTR tool.
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND
TargetInstance.LoadPercentage > 99" could not be reactivated in
namespace "//./root/CIMV2" because of error 0x80041003. Events cannot
be delivered through this filter until the problem is corrected.
Unable to read Server Queue performance data from the Server service. The first four bytes (DWORD) of the Data section contains the
status code, the second four bytes contains the IOSB.Status and the
next four bytes contains the IOSB.Information.
Any idea bout it?
Later we found the issue is caused by the WMF 3.0 upgrade.
We follow the post Managing Hyper-V hosts using Virtual Machine Manager fails with Error: 0x8033803b after installing WMF 3.0 and apply the hotfix.
The hotfix (Windows6.1-KB2781512-x64) is applied but the issue still exists.
At last I select the solution to uninstall the WMF 3.0.
And the issue is fixed at last.

NServiceBus License File for Dev Machine (keeps requesting)

I've been using NServiceBus successfully for I don't know how long. The license claimed to expire and informed me that I needed a new license file. So I went to the website and generated a new one (For a dev machine). Everytime I debug I get the same message and it requests the license file. Is there any way to prevent this message from showing up EVERY time I try to debug? (Like set a path programmatically possibly?)
<
Andreas : The ONLY mention of the license in the log file is as follows :
2013-03-05 14:24:23,983 [1] [INFO ] [NServiceBus.Licensing.LicenseManager] - No valid license found.
2013-03-05 14:24:23,986 [1] [DEBUG] [NServiceBus.Licensing.LicenseManager] - Trial for NServiceBus v3.3 has expired.
2013-03-05 14:24:23,988 [1] [WARN ] [NServiceBus.Licensing.LicenseManager] - Falling back to run in Basic1 license mode.
Here's a quick screen capture of the prompt after I select the new file. Just so you know it's SAYING it's a valid file.
I believe this can also happen if your license is for a different version of the software than you are running. You may need to request a license that aligns with your NSB version.
Once you received your free license, did you import it?
You need to click the "Browse..." button and select the license to import it!