Reorganized and Re-written Documentation, Continuous Fixes and Enhancements

Inventu Viewer+ Base Product and Components

(Version: 6.0.88 March  2, 2023)

Inventu Viewer Documentation

• Installed documentation starting with the main help has been reorganized with many new sections which better support installation, configuration and administration of the Web Terminal Emulation environment.
• Added new help to support the Diagnostic Workbench and common support issues
• Added help to the Inventu Viewer Microsoft Management Console Snap-In now accessible with the F1 key or help menu options

Inventu Viewer Emulation Service

• Replaced the “Warning” column in reporting session details with the “WebSocket” column to better support understanding of network health. In customer situations where network components are impacting quality of service, web sockets are usually the best indicator of network quality.  This column will display the following values:
  • OK – The websocket is connected with no recent errors
  • ERR-[n] – [n] Web socket errors have occurred since the session started. This number may be higher than expected if a session has been active for many hours.  The session is still using web sockets so there has been healthy activity in-between the errors
  • BROKEN – There were enough errors close together that the connection has been switched to AJAX web service calls. If many sessions have BROKEN it means there is a general failure in a network component somewhere in your network.
  • API – the connection is for a server-side web service or other process (not FVTerm) and so no websocket is involved
• Added Event Log entry for when a 5250 device name is rejected by the host (this improves diagnostics for session initialization errors that only users could detect and report)
• Updated support for Windows Performance Counters including rename to Inventu Viewer Performance Counters from Flynet Performance Counters
• Updated SChannel TLS API calls to active structures (previous versions used structures that have been deprecated)
• Added Event Log entry for when a 5250 device name is rejected by the host (this improves diagnostics for session initialization errors that only users could detect and report)
• Improved automatic creation of data transfer and host device printing folders adding creation of “XFersFrom”, “XfersTo” and “SessPrintFiles”
• Metered license support was still using the HTTP port to communicate metering activity to the Inventu website—updated to HTTPS
• Some ASCII Viewpoint fixes for box drawing and cursor location limits
• Some internal synchronization calls had additional error checking implemented.

FVTerm Web Terminal Emulator

• View and Profile Access Control has been expanded to include Oauth2 OpenID Connect and SAML 2.0. Previous versions only supported access control for Windows Security and Google ID User Authorization.  See the Profiles Mode Configuration for details.
• Function Key Identification was enhanced to support the pattern of a dash in addition to an equals and space following a function key name (F3-Exit is now highlighted for click like F3=Exit).
• Added ability to edit emulation style CSS files when accessing the FVTerm web application on the server (localhost). This is managed with a new Icon (color wheel magnifying glass) that previously enabled simply viewing a field’s active CSS style settings.  With the new enhancement, administrators can edit click on a field to edit it’s active style as found in the selected color option (such as the standard 3270 style).   Adding a new CSS file is still a manual operation where an existing CSS file is copied with a new name, then added with a text editor to the CSS list in web.config.
• For 5250 and 3270 sessions, a new option set in the Profile “Numeric Only Locking” will support host applications that have fields restricted to “numeric only” but in fact need users to be able to enter alpha characters. When Numeric Only Locking is set false for a profile, users will no longer be stopped from entering alpha characters (when true a user needs to override for each field set as numeric only).
• There is a setting “Clipboard Copy Mouse Activation” which has the default true—the timeout has been increased from ½ second to a full second to avoid undesired switch to the clipboard rectangle drawing. This is also now settable with “Clipboard Copy Mouse Activation Press Milliseconds” if more than a second is desired.
• The wrong HTML character name was being used for the dash/minus resulting in display errors for certain fonts.
• Websocket error handling tweaked to better capture exceptions
• Websocket errors now reported to the Inventu Viewer Emulation service to enable tracking of websocket / network health

Profiles Mode Configuration

• Changing the FVTerm Access Security Type in the Web Server tab will now set the User Connection Identity setting to match the optimal source based on the security type.
• For SAML 2.0 added “SAML 2.0 Security Groups Claim Name” defaulting to “groups” which enables identifying the identifier of the claim that represents a user’s group or roles membership.
• For OAuth2 OpenID Connect added “OpenID Connect Security Groups Claim Name” defaulting to “groups” which enables identifying the identifier of the claim that represents a user’s group or roles membership.
• Added “Obtain Security Groups from Provider” to enable control over the group lists used in View and Profile access control. This includes an option to utilize the Microsoft Graph API to obtain active groups from AzureAD as well as an option to define the list with the new property “Security Group Names for Access Control”
• Added “Security Group Names for Access Control” which is active when “Obtain Groups Names from Provider is set to “Manage Group Names Here”. This is a list that can be edited to define the group names used for access control to Views or Profiles.

Inventu Viewer Administration Console

• Active Sessions now report web socket health in farthest column to the right (replaces “warnings” which were generally of limited value)

Inventu Viewer Microsoft Management Console Snap-In

• Contextual help has been added so that the F1 or Help menu options can provide help on how to use the Inventu Viewer MMC snapin
• Active Sessions now report web socket health in farthest column to the right (replaces “warnings” which were generally of limited value)
• When updating a Cluster node the title of the dialog now reflects that action
• Added Server Actions to View and Repair internal Cluster User and Session Linked-Lists (Chains) to address rare situations where the Chains can be in error condition
• The Session Viewer (Terminal Emulator) can now have the host keys remapped the same way that the Recorder V2 supports (button at bottom of the screen accesses the keyboard remapping popup)
• Added Support for Accessing server management port using HTTPS — This was implemented to enable Helpdesk and other users to access the Inventu Service management port from other servers besides the localhost (on the server).  At this time the Inventu Viewer Service HTTP port does not support HTTPS but Inventu can provide a simple configuration file for use with STunnel to provide the external HTTPS access.
  • When adding a Server to the View, can now check that the Port is HTTPS
  • When defining or updating a cluster, each server can now be accessed with a custom port and HTTPS
  • The help for configuring STunnel at the server to front-end the FlyServer.exe console port has been added to the software.inventu.com help at https://software.inventu.com/help/html/stunnel/index.html

Notification Tray Icon

• On a live production server, active HTTP requests to the FVTerm Application Pool were causing initialization of the FlyServer service shared memory to fail during restarts (even when recycle of the FVTerm Application Pool is selected). The logic has been improved so that the FVTerm Application pool is stopped, the Service is restarted and then the Application Pool is Started back up.

Diagnostics Dashboard

• If an expected diagnostic folder is missing this version will create it and only display an error message if the creation fails.
• Exception handling added for startup Registry Reads that in some cases caused a startup failure.
• Continuing improvements including recommended actions based on discovered events and active probes
• Diagnostic Dashboard independent executable created that is downloadable by customers with older versions of both Flynet Viewer and Inventu Viewer-available on request to all Inventu customers with active maintenance or subscription.

Support for OAuth2 OpenID Connect, Improved Support for Clustered Servers and Additional Fixes and Enhancements

Inventu Viewer+ Base Product and Components

(Version: 6.0.81 September 20, 2022)

FVTerm Web Terminal Emulation

• Oauth2 OpenID Connect has been added as an identity management option. Tested with Auth0, Okta, Salesforce and Microsoft Azure AD.
• The FVHealth.aspx module, used by load balancers to check on the health of a server has been updated to incorporate the new “Server Report Over Percentage” Advanced setting in the Profiles Configuration page. When the Server Report Over Percentage is set to a different value than 0, there will be a calculation based on other server availability—if the server reporting has fewer available sessions by the percentage set, it will report “OVER” instead of “ACTIVE” as part of the status message.  An example message returned is “OVER – 123 Sessions Available; Other Server(s)=137, Over=11%”.   This will also return the Server Unavailable Response Code if it is something other than 200.
• Some 3270 screens that extensively used extended attributes broke the password recognition javascript so that a password field would not be masked with asterisks. Was happening if a password entry field was defined and then had the color changed in the first character.
• SAML 2.0 active user information data is now saved to disk and restored if the FVTerm v4.0 Application Pool is recycled (also with OpenID Connect).
• The Web Socket Handler was improved so that the task monitoring terminal session changes is persistent and in a tight loop, communicating events to the websocket task via a queue–this was previously returning an event and then re-started following each host event or timeout.
• Web Socket handler cleanup following a websocket error or session closing is faster and more efficient in resource utilization.
• When a DBCS field contains a single blank, the ViewerLib API fix is interpreted in the Javascript using a new protocol command
• Function key recognition improved
• For 5250 and 3270 field formatted screens, clipboard paste of multi-row column data from a spreadsheet was not aligning with fields arranged as columns on a target screen. Rather than starting on the next row when the last field on a spreadsheet row was pasted, the paste would just continue on the next field, same row instead of starting on the next row.
• Some 5250 screens with certain attributes were rendered incorrectly due to a change intended to reduce data transmission sizes.
• Some host screen updates were locking the keyboard with a large buffer update followed by a small buffer with the keyboard unlock. Sync with the client was improved so that if an update is received and the keyboard is still locked, ½ second wait for next update to reduce buffers sent to the client.  Generally the wait is for a millisecond as the next buffer is right there.
• Default IO threads increased over prior default to improve performance with large number of active sessions
• The web API call that can be used for distributed load balancing (no load balancer needed), fvterm/Cluster/balanceinfo.aspx improved to better handle error conditions and service-down issues.

FlyServer Emulation Service

• Clustered server status tickets were upgraded to include complete status of the server sending the ticket.
• Clustered servers will now accept a new user or session start even when at full allocation for the concurrent user or session license. This will occur as long as other servers in the cluster have available sessions.  In prior versions, this would only occur if one or more of the other server(s) in the cluster were on hold or offline.  From this version on, a server will not reject a new connect unless all servers in a cluster are at full capacity.
• Clustered servers will now keep track of session availability to support the ability for a server in the cluster to report the new “OVER” status for a load balancer. This is further explained in the Profiles Mode Configuration and FVTerm Web Terminal Emulator sections.
• A character used for Telnet escape sequences was appearing in random SSH ASCII protocol buffers. This was being interpreted as a Telnet escape sequence (character is 0xFF) but then would not have a valid “next” character in the supposed sequence.  Between 2022F2 and 2022G1 this was logged and the active buffer abandoned.  In this release the 0xFF is converted to a blank and ignored (buffer is completed).
• TN3270 Internal buffer sizes could have 0xFF characters causing problems in rare circumstances. Fixed in this build.
• Unknown TN3270 WSF commands were being logged, but not including a comprehensive full buffer log (in the recordings folder as an “Event*.log” file). As part of a concerted effort to identify all unsupported protocol issues unknown WSF commands will now be fully logged.
• TN3270 IND$File binary downloads were hanging when a 0xFF character appeared as the last character in a buffer.
• TN3270 Modify Field commands with invalid offsets were being logged to the event log but without needed information to understand the possible issue—added comprehensive full buffer log.
• Added a new registry setting – “SessionTracking” which defaults to “no” –Session tracking creates a log in the data folder for each ID, like “Session_1.log” and so on.
• The text string “*TIMEOUT*” was causing logging in the data folder each time a session timed out. This was unintentional and causes the presence of trace files with nothing but timeout entries.  This has been changed to –TIMEOUT– to avoid this unnecessary tracing.
• TN5250 DBCS (Double Byte Character Set) had some combinations of field types that were not being properly translated at the server
• Tweaks for TN3270 IND$File file transfers to improve reliability on very large transfers and data escapes.
• SSH ASCII terminal types can include the 0xFF character in datastreams that was causing problems since this is a Telnet command escape character. If SSH, the 0xFF character will not cause an error if not part of a Telnet escape and will be replaced with a blank (0x20).
• Fixed trace issue that would create an event log entry for sharing problem with flyserv_n.log file
• Internal synchronization tweaked to avoid rare locking issues.

Profiles Mode Configuration

• Added new Security Option- Oauth2 OpenID Connect as well as the necessary configuration settings.
• Added a new entry on the Web Server tab in the Advanced section for clustered servers: Server Report Over Percentage.  This setting can produce better allocation of sessions between servers when it is found that a load balancer is allocating too many sessions or users to a particular server.  Due to round-robin being simplistic, this can happen most often when the active license is user-based.
• Online Help for Security was organized so that each Identity option has its own section now in the Table of Contents (OpenID Connect also added)

Diagnostics Dashboard

• First introduced in June, continuous improvements have been made to the Diagnostics Dashboard
  This provides extensive analysis of the Event Log to identify issues and corrective actions. It includes:
  • Parsing and analysis of active Event Log entries along with a consolidated viewer of Informational, warning and error events.
  • Suggested Actions along with linked help for identified issues
  • Tests of the active Emulation Service and the IIS FVTerm Application
  • Easy export of all diagnostic logs and events to a zip file for appending to an Inventu Support Ticket
  • Easy Export of configuration elements for replication on another server or to provide to Inventu appended to a support ticket