Versions Compared

Old Version 37

changes.mady.by.user Nicolas Rios

Saved on

compared with

New Version 38

changes.mady.by.user Nicolas Rios

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

IDERA strives to ensure our products provide quality solutions for your SQL Server needs. The following known IDERA SQL Compliance Manager issues are described in this section. If you need further assistance with any issue, please contact 

Newtablink
aliasIDERA Support
urlhttps://www.idera.com/support/supportplans
.

...

General Issues

Anchor
SQLCM-

...

5539
SQLCM-

...

5539
Import Database settings with DML/SELECT filters, flips import settings.

When users import database audit settings and apply those settings to multiple databases, the imported settings apply only to some databases. If user imports and applies the audit settings to the same databases again, the configuration settings get flipped, applying the import settings to the databases it did not apply to before while deleting the settings from the ones it previously applied them to.   When installing or upgrading the version of the native client, once the process is complete, a system reboot occurs without previous warning. 

Anchor
SQLCM-

...

5505
SQLCM-

...

Users should not attempt to install SQL Compliance Manager with IDERA Dashboard 3.0.3 and later on a SQL Server 2005 SP1 as that version of SQL Server is not supported by IDERA  Dashboard.

Verify SQL Compliance Manager repository database size before upgrading

It is important to check the size of the SQL Compliance Manager repository databases on the Collection Server before proceeding with an upgrade. There are four databases created by SQL Compliance Manager: SQLcompliance; SQLcompliance.Processing; SQLcompliance.<Instance>; SQLcompliance.<Instance>_Time_Partition. Each database should be under 20 GB to complete a successful upgrade. In order to avoid problems during the upgrade due to database size, IDERA recommends that you regularly archive the repository data to maintain the audit history. For more information about archiving, see Manage Audit Data. If archiving the data through SQL Compliance Manager is not an option at the time of the upgrade, it is recommended to back up the repository databases and delete unneeded records from the Events and EventSQL tables of the event databases.

...

When specifying the location and name of your Repository database, SQL Compliance Manager requires that you use proper capitalization.

...

Linked server events are not present in the trace files for SQL Server 2005, therefore linked server events are not captured in IDERA SQL Compliance Manager and no alerts will trigger. Microsoft has ended extended support for this version. 

...

SQL Compliance Manager records Create/Drop index events as “Alter User Table” events.

...

SQL Compliance Manager does not display Sensitive Column events when accessed from a view. To access the information using views gather and filter out all SELECT statements.

Note that this action will cause extra collection.

...

5505
SQL Compliance Manager Object Activity Report renders all data on a single page.

When the Object Activity Report is run, the report displays all the collected data in a single page. 

Anchor
SQLCM-5846
SQLCM-5846
SQL Compliance Manager traces are getting collected on the Passive nodes of an Availability Group.

When a primary node becomes a secondary node, the Stored Procedure does not get disabled for the secondary node and the trace files keep gathering. This causes an accumulation of trace files on the secondary node. 

Follow the steps below for the workaround to stop trace files from generating on the secondary node:

  1. Launch Trace Manager from the SQL Compliance Manager Desktop Console. SQLCM Menu-bar>Tools>Trace Manager.
  2. Enter the SQL Server Instance name and click the Connect button.


    Note

    When working on a secondary node of an Availability Group, use the secondary´s instance name.

  3. In the SQLcompliance Stored Procedures field, make sure to check the “_” and “_” options.
  4. Click the “Drop SQLcompliance Stored Procedures” button.
  5. In the Registered Traces field, from the list of running traces, select the entries related to the SQL CM traces.


    Note

    Use the file path to determine the traces related to SQL CM. Or check the Agent Properties for the audited instances to verify the trace directory file path. 

  6. Once the desired registered trace is selected, click the Stop button. Select the record again and click the Close button.
  7. Repeat steps 5 and 6 for the remaining SQL CM traces.

Anchor
SQLCM-5514
SQLCM-5514
Invalid stored procedures call to sp_SQLcompliance_AuditXE.

A message about an invalid stored procedure appears in the SQL Server Logs; "Could not find stored procedure master.dbo.sp_SQLcompliance_AuditXE". The error message appears because no stored procedure with the name "master.dob.sp_SQLcompliance_AuditXE" exists. 

Anchor
SQLCM-5790
SQLCM-5790
Event Filter does not work on Sensitive Column Data.

When using an Event Filter for a specific Login, all events captured get filtered except for the Sensitive Column SELECT operations. 

Anchor
SQLCM-5857
SQLCM-5857
The Add Dataset configuration window is allowing to add more of one Dataset of the same table.

When users add a Dataset as part of the tables audited for Sensitive Column Access, SQL CM has an issue that allows users to add the same Dataset multiple times. 

Known issues in version 5.5.1

Installation and configuration issues

  • Anchor
    SQLCM-5526
    SQLCM-5526
    (Fixed in version 5.6)  Installation or upgrade of SQL Server 2012 native client may cause the system to reboot. When installing or upgrading the version of the native client, once the process is complete, a system reboot occurs without previous warning. 
  • Anchor
    SQLCM-4831
    SQLCM-4831
    IDERA Dashboard 3.0.3 and later does not support SQL Server 2005 SP1. Users should not attempt to install SQL Compliance Manager with IDERA Dashboard 3.0.3 and later on a SQL Server 2005 SP1 as that version of SQL Server is not supported by IDERA  Dashboard.

General issues

  • Anchor
    SQLCM-2592
    SQLCM-2592
    Case-sensitivity required when specifying the Repository database name. When specifying the location and name of your Repository database, SQL Compliance Manager requires that you use proper capitalization.
  • Anchor
    SQLCM-5089
    SQLCM-5089
    IDERA SQL Compliance Manager does not capture Linked Server Trace Events for SQL Server 2005. Linked server events are not present in the trace files for SQL Server 2005, therefore linked server events are not captured in IDERA SQL Compliance Manager and no alerts will trigger. Microsoft has ended extended support for this version. 
  • Anchor
    SQLCM-3040
    SQLCM-3040
    (fixed in version 5.6) Create/Drop index events recorded as “Alter User Table” event. SQL Compliance Manager records Create/Drop index events as “Alter User Table” events.
  • Anchor
    SQLCM-5421
    SQLCM-5421
    (fixed in version 5.6) IDERA SQL Compliance Manager is not loading events accessed through a View. SQL Compliance Manager does not display Sensitive Column events when accessed from a view. To access the information using views gather and filter out all SELECT statements. Note that this action will cause extra collection.

If a group is set as a Privileged User, the triggered alert is not able to detect individual users within a group. To process the alerts, users can set up the alert settings to detect the individual user logins.

...

  • Anchor
    SQLCM-5100
    SQLCM-5100
    (Fixed in version 5.6) Issues loading BAD auditing information

...

  • . IDERA SQL Compliance Manager is not able to capture BAD auditing information when two objects with the same name exist in the same schema.
  • Anchor
    SQLCM-5317
    SQLCM-5317
    (Fixed in version 5.6) SQL Text is not captured for DDL Statements

...

  • . When monitoring an instance for DDL event, SQL Compliance Manager is not able to capture SQL Statements for DDL activities unless a user is added to the Privileged User Group. Users can also capture SQL Text by selecting Capture SQL statements for DDL and Security changes at Database Level.

Known issues in version 5.5

General issues

  • Anchor
    SQLCM-5334
    SQLCM-5334
    ( Fixed in version 5.5.1 ) When users try to upgrade from SQL Compliance Manager 4.5 to 5.5, trace files are not processed. If you currently work with SQL Compliance Manager 4.5, before upgrading stop the Collection Service, Agent Service, and disable auditing to stop trace file processing, then proceed to upgrade to SQL Compliance Manager 5.5, and configure and enable auditing. Upon upgrading to SQL Compliance 5.5, users must upgrade all agents to a 5.x version first. For more information, see Upgrade to this build

  • Anchor
    SQLCM-5339/5021/5243/5013/5340/5343
    SQLCM-5339/5021/5243/5013/5340/5343
    ( Fixed in version 5.5.1 ) The SQL Compliance Manager Collection Server is not processing trace files, or processing them slowly, causing backlog files to get accumulated in the Collection Trace Directory in large transactional databases.

    The workaround for this issue is to increase the tamper detection interval and the Collection interval.

  • Anchor
    SQLCM-5306
    SQLCM-5306
    ( Fixed in version 5.5.1 ) IDERA SQL Compliance Manager installation fails if TLS 1.0 is disabled and if SQL Server 2012 Native Client is not available. IDERA SQL Compliance Manager 5.5 installs SQL Server 2012 native client (version 11.0.2100.60) which does not support TLS 1.2 enabled as per Microsoft.which does not support TLS 1.2 enabled as per Microsoft.

    Newtablinkaliashttps://support.microsoft.com/en-us/help/3135244/tls-1-2-support-for-microsoft-sql-serverurlhttps://support.microsoft.com/en-us/help/3135244/tls-1-2-support-for-microsoft-sql-server

    Users with SQL Server versions prior to SQL Server 2012 R2 SP3 need to enable TLS 1.0 or update the native client to the supported version (11.4.7001.0) following the link below: Newtablinkaliashttps://www.microsoft.com/en-us/download/details.aspx?id=50402url

    https://www.microsoft.com/en-us/download/details.aspx?id=50402

  • Anchor
    SQLCM-5218/5222/5328
    SQLCM-5218/5222/5328
    ( Fixed in version 5.5.1 ) SQL Compliance Manager does not process trace files generated by an older Agent after upgrading versions of the Collection Server and the Agent.

...

Known issues in version 5.4.x

General issues

  • Anchor
    SQLCM-4633
    SQLCM-4633
    ( Fixed in version 5.5.1 ) SQL Compliance Manager does not accept user names longer than 20 characters and does not support some special characters for the user password, such as £.
  • Anchor
    SQLCM-3773
    SQLCM-3773
    Removing databases using the Administration pane in the Management Console does not work. You can remove databases using the Explorer Activity panel.

  • Anchor
    SQLCM-4672
    SQLCM-4672
    ( Fixed in version 5.5 ) During an Agent-only installation, if you accept the default destination path for SQL Compliance Manager, and then select a different destination drive and use a sub-folder in the Agent Trace Directory dialog box, the installer does not create the Agent Trace Directory during installation. If this issue occurs, reinstall the Agent specifying a folder instead of a sub-folder as the destination path or use the default path specified in the installer.

...