Get complimentary access to the latest Gartner® SAM & FinOps Research report.

News
Topics
All TopicsSoftware Asset ManagementIT SecuritySoftware License ManagementSAM ToolsSAM Managed ServicesSaaS ManagementCloud OptimizationIT Asset ManagementPublisher Insights

Windows ILMT Upgrade Path for Log4j Vulnerability

News

ILMT Server versions 9.2.18 through 9.2.25 can be upgraded to version 9.2.26 via the BigFix Console directly. The below instructions walk through how to prepare for and complete the upgrade using this method. Versions older than 9.2.18 require a manual upgrade to an intermediate ILMT version and then another upgrade to the latest version, which is outside the scope of this article. Please ensure you meet the required operating system and database prerequisites before attempting an ILMT Server upgrade. ILMT 9.2.26 requires the following:

OS:

  • Win 2012 Essentials, Standard, or Datacenter
  • Win 2012 R2 Essentials, Standard, or Datacenter
  • Win 2016 Essentials, Standard, or Datacenter
  • Win 2019 Essentials, Standard, or Datacenter

Database:

  • 2012 SP 2 with CU 5 or higher
  • 2012 Express® SP 2 with CU 5 or higher
  • 2014
  • 2014 Express
  • 2016
  • 2016 Express SP2 or higher
  • 2017 version 14.0.3162.1 or higher
  • 2017 Express CU15 or higher
  • 2019
  • 2019 Express

Check Database Version 

1. There are several methods to check the database version. One method to check your current database version is to connect to the database via Microsoft SQL Server Management Studio

    2. Right click on the database server and click New Query

    3. In the query box, enter SELECT @@VERSION and then hit F5 or right-click and choose Execute

    4. In the bottom section under the Results tab, the current version of SQL Server will be displayed

    Take Necessary Backups/Snapshot 

    Prior to taking backups, run the following commands to stop the BigFix and BFI/ILMT services (replace IBM License Metric Tool with BigFix Inventory if needed):

    BES Web Reports Server
    BES Client
    BES GatherDB
    BES FillDB
    BES Root Server
    BES WebUI (if it exists)
    IBM License Metric Tool 9.2.x

      2. Connect to the database via Microsoft SQL Server Management Studio

      3. Click the + next to Databases to expand the list and find the BFI/ILMT database. By default, it is named TEMADB or SUADB

      4. Right-click the TEMADB database and select Tasks > Back Up:

      5. In the Back Up Database window, specify Full as the backup type, and select where you would like to save the backup by clicking Add and selecting a location and file name

      6. After the database backs up, a message will appear

      6. After the database backs up, a message will appear

      7. Now that the BigFix and BFI/ILMT services have been stopped and a database backup has been taken, take a VM snapshot/checkpoint of the database server. This may require reaching out to your VM Manager team

      8. Run the following commands to start the BigFix and BFI/ILMT services (replace IBM License Metric Tool with BigFix Inventory if needed):

      BES Root Server
      BES FillDB
      BES GatherDB
      BES Client
      BES Web Reports Server
      BES WebUI (if it exists)
      IBM License Metric Tool 9.2.x service

      Upgrade BFI/ILMT Server Using Fixlet

      1. Log in to the BigFix console

      2. Click on Sites > External Sites > IBM License Reporting (ILMT) v9 > Fixlets and Tasks (replace “IBM License Reporting (ILMT) v9” with “BigFix Inventory v10” for BFI)

      3. Find the Upgrade to the latest version of IBM License Metric Tool (9.2.26) fixlet – Upgrade to the latest version of BigFix Inventory (10.0.7.0) for BFI  and review the prerequisites in the bottom-right section carefully

      4. Click Take Action

      5. Select the computer on which the server is installed and click OK

      6. The fixlet will begin to run

      7. When the fixlet finishes, the status will update to Fixed. Click on the Computers tab to verify the exit code of the fixlet. The exit code 0 means the fixlet was successful

      8. Log in to the BFI/ILMT website by accessing its Web UI through a web browser, such as Chrome or Firefox. The default URL for the WebUI is https://hostname:9081

       In this example, the URL is https://STI-ILMTSANDBOX:9081

       The web page will likely throw a security error. Ignore the error or add it as an exception and continue to the website. It may also take the server a few minutes to start after an upgrade before the webpage is accessible.

      9. When the page loads, you will be presented with a screen asking you to update the database schema. Click Update Schema

      10. When the schema update completes, you may be directed to the login page. If so, log in. Otherwise, you will be brought to the BFI/ILMT dashboard. The BFI/ILMT server has now been successfully upgraded. The new version number will show on the left side of the login screen for ILMT.

      Alternatively, for BFI or ILMT, you can log in and click the Info icon in the top-right and then click About to see the version number

      The ILMT Server has now been upgraded. For instructions on how to upgrade the VM Manager Tool, which is also impacted by log4j, you can visit our Log4j Remediation Steps for ILMT and BigFix Inventory Vulnerability here.

      Let’s start a conversation.

      We use cookies for analytics, personalized content, and ads. By using our website, you agree to the use of these cookies as described in our Cookie Policy.

      Privacy Policy