All tabs are accessible on delegated rule forms
Valid from Pega Version 7.1.1
Delegates can now access all tabs in a delegated rule form.
You can continue to customize the development experience for delegated users, such as line managers, who may not require the full set of rule form options. For example, you can prevent users from adding new nodes on the Decision Tree form or using the expression builder on the Map Value form. All users, including delegated users, can remove these restrictions if they hold a rule-editing privilege.
For more details on this process and a list of commonly delegated rules, see How to delegate a rule.
Action required by admins for improved search
Valid from Pega Version 7.1.7
Starting November 13, 2014, after updating to or upgrading from a prior version to Pega 7.1.7, your system administrator must manually build all indexes for Elasticsearch before the system can automatically switch from Lucene to Elasticsearch.
It is recommended that you begin this manual re-indexing process for all enabled index types as soon as your update or upgrade is complete. The search landing page refers to Elasticsearch settings; during re-indexing, however, Lucene search continues to function to ensure that there is no interruption in search functions. When planning the re-indexing, be aware that the initial re-indexing requires significant resources on the host node and can be a lengthy process, depending on the number of rules and work objects in your system.
See the Pega 7.1.7 Upgrade Guide for information about manually indexing Elasticsearch.
System Management Application displaying listeners that do not require any action
Valid from Pega Version 7.1.7
After installing or upgrading to Pega 7.1.7, there is an additional available listener (Data-Decision-DNode-Service:Default) that does not require any action. This listener can be safely ignored and you should not use the System Management Application to manage any of its operations or state.
- The Data-Decision-DNode-Service:Default listener is always running on every PRPC node.
- The state of this listener is internally managed by PRPC. Starting or stopping it through SMA does not have any effect on its state.
Open ports required for cluster communication
Valid from Pega Version 7.1.7
In a Pega 7 system, there can be multiple servers, or nodes, and each node can contain multiple JVMs. In Pega 7.1.7, the port range 5701-5800 needs to be left open for cluster communication. The number of available ports in this range needs to be greater than or equal to the greatest number of JVMs on any one node in the cluster. So for example, if there are 3 JVMs on one node, and 7 JVMs on another node, there need to be at least 7 ports available. By default, the system will begin with port 5701, and then look for the next port in the sequence (5702, followed by 5703).
If these ports are not available, you will see the following error:
ERROR - PegaRULES initialization failed. Server: ABCDEF123
com.pega.pegarules.pub.context.InitializationFailedError: PRNodeImpl init failed
< . . . Java dump here . . . >
Caused by: com.hazelcast.core.HazelcastException: ServerSocket bind has failed. Hazelcast cannot start! config-port: <port>, latest-port: <port>
Using Kerberos authentication with your database
Valid from Pega Version 7.1.1
Pega 7 supports Kerberos functionality. Kerberos is a computer network authentication protocol which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner.
To use Kerberos for authentication, you must use the command line to install or upgrade Pega 7.
To use Kerberos authentication:
1. Change the setupDatabase.properties file.
a. In the “Uncomment this property section” of the file, uncomment the jdbc.custom.connection.properties property. Based on your security infrastructure, different properties may be required as parameters to this property; provide the needed properties as semicolon-delimited name/value pairs:
jdbc.custom.connection.properties=prop1=val1;prop2=val2;prop3=val3;
Example: For an installation on a MSSQL database server from a Windows client machine (where both machines belong to the same Windows domain), using the Microsoft JDBC driver, the property may be set as follows:
jdbc.custom.connection.properties=integratedSecurity=true;
b. Comment out all the username and password properties where they occur in the jdbc.custom.connection.properties file, so that they appear as follows:
# pega.jdbc.username db username
# pega.jdbc.password db password
[lines removed here]
# pega.jdbc.username=ADMIN
# pega.jdbc.password=ADMIN
2. Set up your database to enable Kerberos functionality. This may include additional vendor-specific JDBC driver configuration, or other setup procedures. Check the documentation from your database vendor to determine what Kerberos setup is needed for your database.
3. Run the command line installation or upgrade by following the instructions found in the Pega 7 Deployment guides.
Run cleanup.bat/sh script only before upgrading
Valid from Pega Version 7.1.1
Prior to upgrading the rulebase, you can optionally run the cleanup.bat/sh script to remove older rules from the database.
Run this script before you upgrade your rulebase, or the script may delete needed rulesets. For more information about running the cleanup.bat/sh script, refer to the Upgrade Guide specific to your release version.
Password hashing using SHA-256/SHA-512
Valid from Pega Version 7.1.7
Password hashing using the SHA-256 and SHA-512 hash functions is available for use during the the Pega 7 authentication process with operator, ruleset, and update lock passwords. The SHA-256/SHA-512 hash functions join the previously available MD5 and SHA-1 hash functions.
Using SHA-256/SHA-512 hashing when creating or upgrading a password hash results in increased complexity of the hash, making it extremely difficult and time-consuming to determine hashed password values stored in a database.
Note that once you have updated your system to Pega 7.1.7 and have applied password hashing using the SHA-256/SHA-512 hash functions, reverting back to a previous version of Pega 7 is not advised as this causes hashed passwords using SHA-256/SHA-512 to fail.
See About password hashing for more information.
Recommended heap sizes
Valid from Pega Version 7.1.7
The heap is a storage area in the Java virtual machine (JVM) allocated for both short-term and long-term (shared) object storage. If the server does not have enough memory allocated to run Pega 7, the system can hang without an error message. If this occurs, your values need to be higher than the recommendations based on your server hardware and the number of other applications on the server.
Pegasystems recommends using these settings:
- Initial Heap Size (Xms): 1 GB
- Maximum Heap Size (Xmx): 12 GB (8 GB minimum)
If your application server is using the Oracle JVM, also add the PermSize and MaxPermSize settings:
- PermSize (-XX:PermSize): at least 256MB
- MaxPermSize (-XX:MaxPermSize): at least 512MB
Set the JVM memory options to increase the amount of system memory allocated to the application server running Pega 7 by selecting
and then selecting a listed node.See the Pega 7.1.7 Installation Guides for more information about how to make these setting changes.
When using Oracle 12.1.0.1, left outer joins in reports may return incorrect results
Valid from Pega Version 7.1.1
When using Pega 7 with Oracle 12.1.0.1 , reports that use left outer joins may return incorrect results.
This is an Oracle known issue. To resolve this behavior, upgrade to Oracle 12.1.0.2, apply the Oracle patch 16726638 by requesting it directly from Oracle, or, for Microsoft Windows installations, apply Windows Bundle patch 12.1.0.1.15 or later.
For more information in this behavior, see: https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=392085808201943&id=1957943.1
Unclear error message when saving shared class instance in tenant layer
Valid from Pega Version 7.1.5
If you attempt to save a shared class instance from the tenant layer, Pega 7 displays this message:
This record has x errors. Save Failed: There was a problem saving an instance of class: Error Code: <none> SQL State: <none> Message: <none>
You cannot save a shared instance from the tenant layer if that instance cannot be overridden.