VMware vCenter Orchestrator 4.1.2 Release Notes

What's in the Release Notes

• Downloading and Installing VMware vCenter Orchestrator 4.1.2
• Internationalization Support
• Functionality Caveats
• How to Provide Feedback
• Prior Releases of vCenter Orchestrator
• Resolved Issues
• Known Issues

Downloading and Installing VMware vCenter Orchestrator 4.1.2

You can install Orchestrator 4.1.2 only on 64-bit operating system platform. If you have downloaded and installed VMware vCenter Server 4.1.2, Orchestrator is already installed on your system and only needs configuration.

Read the VMware vCenter Orchestrator Installation and Configuration Guide for step-by-step guidance on configuring vCenter Orchestrator.

Upgrading to vCenter Orchestrator 4.1.2 and Migrating the Orchestrator Configuration Data

If you are running an earlier version of Orchestrator on a 32-bit platform, you can use the data migration tool included in the vCenter Server installation media to back up and restore the existing Orchestrator configuration settings.

Read the VMware vCenter Orchestrator Installation and Configuration Guide for step-by-step guidance on migrating the Orchestrator configuration settings.

If you have developed workflows, actions, plug-ins, policies, and so on using a previous version of Orchestrator, perform the following steps:

1. Export packages of all the custom workflows, actions, policies, and so on, that you developed under the previous version of Orchestrator.
2. Create a new instance of an empty database for Orchestrator 4.1.2.
3. Install and Configure Orchestrator 4.1.2 by following the instructions of the VMware vCenter Orchestrator Installation and Configuration Guide.
4. Connect Orchestrator 4.1.2 to the new Orchestrator database.
5. Import the packages you exported from the older version of Orchestrator.

Top of Page

Internationalization (I18N) Support

vCenter Orchestrator 4.1.2 complies with I18N Level 1. Although Orchestrator is not localized, it can run on non-English operating systems and handle non-English text.

Functionality Caveats

This release provides experimental support for the following:

• OpenLDAP
• MySQL
• PostrgreSQL

For details about enabling OpenLDAP and experimental database providers in the Orchestrator configuration, see Enabling Experimental Support for OpenLDAP, PostgreSQL, and MySQL in VMware vCenter Orchestrator.

Top of Page

How to Provide Feedback

Your active feedback is appreciated. Provide your feedback through:

• Support Requests (SRs)
• Orchestrator Discussion Forum

Support Requests

File all issues that you find as Support Requests (SRs), even if you report them to VMware by other means.

You can find the VMware Support's commitment to SRs filed by customers and instructions on how to file an SR at http://www.vmware.com/support/services/.

Experienced SR users can file support requests at http://www.vmware.com/support/sr/sr_login.jsp.

Use your registered VMware store account to log in.

Include log files in your SRs. To gather log files from Orchestrator:

1. Go to the Orchestrator configuration interface at http://orchestrator_server_ip_address:8282.
2. Log in with your username and password.
3. Click Logs.
4. Click Generate log report.
5. Save the generated ZIP file.
6. Upload the saved ZIP file to VMware Support.

For Orchestrator configuration issues, include an exported configuration file in your SRs. To export your configuration from the Orchestrator configuration interface:

1. Go to the Orchestrator configuration interface at http://orchestrator_server_ip_address:8282.
2. Log in with your username and password.
3. Click General.
4. Click the Export Configuration tab.
5. Type your password and press Enter.
6. Save the *.vmoconfig file.
7. Upload the saved files to VMware Support.

Orchestrator Discussion Forum

View the Orchestrator forum at http://communities.vmware.com/community/vmtn/mgmt/orchestrator. Use your registered VMware store account to log in.

Top of Page

Prior Releases of vCenter Orchestrator

Features and issues from earlier releases of vCenter Orchestrator are described in the release notes for each release. To review release notes for earlier releases of vCenter Orchestrator, click one of the following links:

• vCenter Orchestrator 4.1.1
• vCenter Orchestrator 4.1
• vCenter Orchestrator 4.0.2
• vCenter Orchestrator 4.0.1
• vCenter Orchestrator 4.0

Top of Page

Resolved Issues

The following issues have been resolved in the Orchestrator 4.1.2 release:

• Security vulnerabilities in the Apache Struts version embedded in Orchestrator
  Earlier versions of Orchestrator versions embed Apache Struts 2.0.11 or earlier, which contain vulnerabilities described at the following URLs:
  • http://struts.apache.org/2.2.1/docs/s2-002.html
  • http://struts.apache.org/2.2.1/docs/s2-003.html
    
  • http://struts.apache.org/2.2.1/docs/s2-004.html
  • http://struts.apache.org/2.2.1/docs/s2-005.html
  
  The vulnerabilities are classified as Important, according to the VMware Security Response Policy.

  This issue is fixed in this release.

• Workflow validation fails although the code is correct
  The usual code for calling an Orchestrator action is System.getModule("someModule").someAction();. If you split this into declaration, followed by an action call, for example:
  var module = System.getModule("someModule");
module.someAction();
  the workflow validation fails.

  This issue is fixed in this release.

• You cannot import a certificate in Orchestrator, if the certificate is not a CSR file
  When you try to import a certificate in Orchestrator, and the certificate is not in CSR file format, for example, a CER file, the Orchestrator configuration interface does not accept the file and reports an error.

  This issue is fixed in this release.

• You cannot re-insert a timeout.date or security.group attribute value
  When you work with user interactions you cannot re-insert a timeout.date attribute that has already been removed. The reason is that you are not allowed to type a dot symbol (".") in the attribute name field. As a result, it is not possible to use an existing user interaction with a timeout value.
  This issue occurs because SOAP clients can only refer to the internal name (itemNN) instead to the description, and with each newly created item, a different name is generated for it. This way, every existing workflow has to be changed when the modification is requested. The same is valid for the security.group attribute.

  This issue is fixed in this release.

• SOAP clients cannot determine external input for user interactions
  SOAP clients cannot determine the required or permitted external input parameters (name or type) for user interactions in workflows in contrast to input and output parameters for workflows.

  This issue is fixed in this release.

• The Orchestrator client cannot create Configurations attributes that contain a dash character
  By using the Orchestrator client you cannot create Configurations attributes that contain a dash character ("-"). However, it is possible to create attributes with such names by using the setAttributeWithKey() API call.

  This issue is fixed in this release.

• A workflow might stop responding for a long time
  A current workflow run might stop responding indefinitely if the LockingSystem.lockAndWait() API method is called with parameters exceeding 100 characters in length.

  This issue is fixed in this release.

• WorkflowToken objects exposed through the SOAP API lack the businessState property
  WorkflowToken objects exposed through the SOAP API lack the businessState property, as well as the corresponding getter and setter methods. Other similar properties like globalState are exposed, and the businessState property is available in all other APIs (in scripting API for example).

  This issue is fixed in this release.

• A workflow run does not provide enough information in the scripting log output
  There is no direct correlation between the current workflow run and the output written in the scripting log (app-server/server/vmo/log/script-logs.log). Workflows can use the System.log() method to add debug or other information to the Orchestrator scripting log. The information in the log can help in troubleshooting and debugging customer-developed workflows. However, the log entry does not provide enough information to determine which workflow execution has added the particular output.
  The issue is fixed this release and for clarity purposes, an additional prefix is added to each line in the scripting log to describe the workflow run. The line format is changed to:
  <Date> <Severity> [SCRIPTING_LOG] [<Workflow> (<Execution start date>)] <Message>
  
• Workflow string attribute is null, when the workflow is linked to from other workflow
  If a workflow defines a string attribute, the attribute value is an empty string when the workflow is run directly. When the workflow is linked from another workflow, the string attribute is "null".
  This issue is fixed in this release and string attributes are an empty string (their value is "") initially. String attributes will have a "null" value, if they are explicitly nullified in a scriptable task element.
  
• Object literals are not properly transferred as Properties objects
  Properties is an object, which contains one or more key-value pairs. JavaScript contains special construction to define such objects as an object literal. However, the workflow engine does not recognize these object literals as objects of type Properties, although they have very similar semantics. Consequently, such objects are null when assigned to a workflow variable.

  This issue is fixed in this release.

• The Add hours to date function produces an error
  When the Add hours to date element (from the Basic palette) is added to the workflow and the input and output parameters are correctly wired, the workflow run fails with the error: [I] TypeError: Cannot find function addHours. (Workflow:date / Add hours to date (item0)#2)
  This issue is fixed in this release, and the Add hours to date element was replaced with the addHoursToDate action in the com.vmware.library.date module. The action can be used the same way as the Add hours to date element.
• The virtual machine is cloned successfully but the workflow fails
  When you clone a virtual machine by using the Clone, Windows Sysprep with single NIC and credential workflow, the process successfully creates a new virtual machine but fails to execute a customization. The cause is an incorrect default license key that is used in the customization process. The issue is visible in the sysprep log files on the newly created virtual machine or while tracking the worklflow run.

  This issue is fixed in this release.

• Incorrect file path appearing in multiple browsers while using the Orchestrator configuration interface
  When you import a configuration file or install an application from the Orchestrator configuration interface and you select a local file (for example, file.txt), the path that appears in the input field is C:\fakepath\file.txt in Google Chrome or a similar address in other browsers containing the fakepath string.
  The issue depends on the browser you use and how it implements the W3C recommendation about uploading files from HTML elements.

This issue is fixed in this release.

• SSH 1.0.3 Plug-in is unable to transfer files larger than 2KB in size
  Sometimes files copied using the SSHSession.getFile() scripting API get corrupt. Using SSH to fetch files that are sized from 1KB to 2KB from arbitrary UNIX/LINUX boxes or storage locations to the Orchestrator server works correctly. Larger files might be corrupted, accumulated sporadically, and often with the last file lines cut off.

  This issue is fixed in this release.

• Property or method vm not found on object VcClusterAntiAffinityRuleSpec
  You assign a value to the vm property of a VcClusterAffinityRuleSpec or a VcClusterAntyAffinityRuleSpec object in a scriptable task of the workflow that you design. When you run the workflow, it fails with the following error message: Property or method 'vm' not found on object VcClusterAntiAffinityRuleSpec.
  
• In the API explorer, the property executions of workflow object is incorrectly shown to be of type Object
  When you browse through the API explorer, the type of the executions property is displayed as Object. The actual type of the execution property is an array of WorkflowTokens.

  This issue is fixed in this release.

• Incorrect error message displayed when you use Reference Error construct
  There are some workflows in the Orchestrator library that use the new ReferenceError() function in their scripting to mark errors. However, Rhino scripting is not unwrapping correctly the error message, and the root cause of the error remains unclear. You should not use the new ReferenceError('<<message>>') construct in your scripting, you should replace it with a simple throw <<message>>. You can clone system workflows to apply the above fix.

  This issue is fixed in this release.

• Virtual Machine power state values are not listed while creating an IF condition based on the virtual machine power state
  When you create an IF condition based on the virtual machine power state it is not possible to select a value from the pop-up window as no values are listed.

  This issue is fixed in this release.

• Orchestrator cannot connect to remote SQL servers by using dynamic ports

  This issue is fixed in this release.

• The library used in the SSH plug-in is updated
  The library used in the SSH plug-in is updated to provide the following new capabilities:
  
  • attribute Boolean property to SSHSession object
  • attribute string terminal to SSHSession object
  • method addEnvironment(string key, string value) to SSHSession object
  The Jcraft jsch version is also updated from version 0.1.29 to version 0.1.42.
• Relocate virtual machine disks workflow might fail with a non-descriptive error message
  When you try to relocate a virtual machine by using the Relocate virtual machine disks workflow, it cannot move both the disks and the virtual machine in at the same time, in case the virtual machine is powered on. The workflow might fail with a non-descriptive error message.
  

  The issue is fixed in this release and Orchestrator checks whether the virtual machine is powered on. If the virtual machine is powered on, the workflow fails with an error message stating that to migrate both the disks and the virtual machine at the same time, the virtual machine must be powered off.

• Some relations between objects in the vCenter Server plug-in are invalid
  Some of the relations between vCenter Server plug-in objects are invalid and search results might be empty. The list of the invalid relations is the following:
  • Type name: ResourcePool; Relation name: getNetwork_Network
  • Type name: ResourcePool; Relation name: getNetwork_DistributedVirtualPortgroup
  • Type name: VmFolder; Relation name: getResourcePool_ResourcePool
  • Type name: HostSystem; Relation name: getResourcePool_ResourcePool
  • Type name: HostSystem; Relation name: getResourcePool_VirtualApp

  This issue is fixed in this release.

• When you run a workflow asynchronously through JavaScript, the workflow parameters might be inconsistent
  When you run a workflow asynchronously through JavaScript, the workflow parameters might be inconsistent, and some of the properties might be null. For instance, if you run a workflow with an input parameter of the type VirtualMachine, when the workflow completes and you get the value of the input parameter from the WorkflowToken, the value of the name property is null.

  This issue is fixed in this release.

• You might not be able to add host to a cluster by running the Add host to cluster workflow
  You might not be able to add a host to a cluster by running the Add host to cluster workflow, because the authenticity of the SSL certificate of the host is not verified. If you try to add a host to a cluster by using the vSphere Client, the vSphere Client prompts you to accept the host certificate or to decline it. The task that the Add host to cluster workflow creates vCenter Server does not prompt for user interaction, and the workflow cannot be completed.

  This issue is fixed in this release.

• The weboperator Web view might not display the schema image of a workflow
  When you select a workflow in the weboperator Web view and click the Schema tab, the schema might not load.

  This issue is fixed in this release.

• When you try to deploy a server with more than 4 CPUs, the vCenter Server action getConfigSpec fails
  When you use the vCenter Server getConfigSpec action to deploy a server with more than 4 CPUs (for example, 8 CPUs), the action fails because the number of CPUs is set to be less than 4.
  
  This issue is fixed in this release and you can deploy servers with the maximum CPU count supported by the vSphere version you are using.

Top of Page

Known Issues

The known issues in this Orchestrator release are grouped as follows:

• Installation Issues
• Internationalization Issues
• Configuration Issues
• Networking Issues
• Miscellaneous Issues

Installation Issues

• Orchestrator 4.1.2 standalone installer does not detect previous versions of Orchestrator and completes the installation process, creating a second Orchestrator instance
  If you have an Orchestrator 4.0.1 or 4.1 installation on a 64-bit server and you run the installer for Orchestrator 4.1.2 standalone, two Orchestrator instances are created. However, the upgrade to Orchestrator 4.1.2 is not successful, and you can run only the previous version of Orchestrator.

  Workaround: To install Orchestrator 4.1.2, perform the following steps:

  1. Export the existing configuration settings.
  2. Uninstall the Orchestrator instance.
  3. Install Orchestrator 4.1.2.
  4. Import the configuration settings.
• Restarting the Orchestrator server service after reinstalling plug-ins adds Java exceptions to the logs
  In the Troubleshooting tab of the Orchestrator configuration interface, if you reinstall plug-ins by clicking Reset current version and then restart the Orchestrator server, several Java exceptions are written to the Orchestrator server logs.
• Orchestrator registry keys remain after you uninstall Orchestrator by using Windows Control Panel
  If you uninstall Orchestrator using the Windows Control Panel, some Orchestrator registry entries are not removed.

  Workaround: To remove the Orchestrator entries manually:

  1. Click Start > Run.
  2. Type regedit and press Enter.
  3. In the Registry Editor, click File > Export to back up the current registry settings.
  4. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\VMware.
  5. Right-click the Orchestrator entries and select Delete.

Internationalization Issues

• You might not be able to configure the LDAP settings if your LDAP password contains non-ASCII characters
  When you try to configure the LDAP settings in the Orchestrator configuration interface and the LDAP password that you enter contains non-ASCII characters, the process of configuring might fail with an error message of the type Unable to connect to LDAP Server. This issue appears under the following conditions:
  • When the LDAP password contains characters such as € and ÿ in German and French locales.
  • When the LDAP password contains any native characters in Japanese, Korean, and Simplified Chinese locales.
• Problems handling non-ASCII characters in certain contexts
  Using non-ASCII characters in input parameters results in incorrect behavior in the following contexts:
  • If you run the SCP put or SCP get workflows from the SSH folder on a file with a name that contains non-ASCII characters, the workflow runs, but name of the resulting file on the destination machine is garbled.
  • If you try to insert non-ASCII characters into attribute names, the characters do not appear. The issue occurs for Web view attributes, workflow attributes and action attributes.

Configuration Issues

• Orchestrator does not work with forest and external trusts in Active Directory

  Multiple domains that have a two-way trust, but are not in the same tree, are not supported and do not work with Orchestrator. The only configuration supported for multi-domain Active Directory is domain tree. Forest and external trusts are unsupported.

• Windows XP SP2 and earlier cannot connect to Orchestrator 4.1.2
  Orchestrator does not allow connecting with Windows XP SP2 and earlier, because of restrictions in the SSL cipher suites that can be used.

  Workaround: To fix this issue, make sure that you upgrade to Windows XP SP3.

• SSL server certificate is overwritten if no new SSL server certificate was installed
  When you upgrade to Orchestrator 4.1.2, the SSL server certificate is overwritten in case you have not created a new self-signed certificate, or if you have not installed a certificate signed by a Certificate Authority. The certificate is overwritten with a newly generated certificate. For more information about replacing and installing certificates, see the VMware vCenter Orchestrator Installation and Configuration Guide.
• You might not be able to configure your server certificate in the Orchestrator Configuration interface
  If you attempt to import a server certificate with wrong values, you receive a validation message that your server certificate is not signed by a root authority.

  Workaround: If a you have never successfully added a server certificate, perform the following steps:

  1. Delete the vmo-keystore row from the Orchestrator database.
  2. Restart the Orchestrator configuration service.
  3. Import the server certificate.
  If you have previously imported a server certificate, delete the vmo_keystore row from the Orchestrator database and import the certificate again.
  If you have previously imported a server certificate, and backed up the certificate by exporting the certificate database, you can delete the vmo_keystore row, and import the certificate database. The default name of the certificate file is vmo-server.vmokeystore.
• Support for TNSNames missing when you connect to an Oracle database
  You cannot use TNSNames to connect to an Oracle database. You can connect to an Oracle database using an IP address or a DNS name.

  Workaround: Add support for RAC and TNS configuration for Oracle 11g Database instances to vCenter Orchestrator (KB 1022828).

• SSL certificate is lost when you import configuration from previous installation
  If you import the configuration of a previous installation into the 4.1.2 installation, the SSL certificate from the old installation is not loaded. In the Orchestrator configuration interface the Server Certificate tab shows a red triangle.

  Workaround: You must import the certificate manually.

• Restricted access to vCenter Server inventory can cause errors if you set Session per user
  If you select the Session per user option in the vCenter Server tab of the configuration interface, accessing the vCenter Server inventory can result in some errors if the connected user has restricted access to inventory objects.
• No error message is displayed on the Network tab of the Orchestrator configuration interface when a network port is already in use
  The Network configuration is saved successfully without errors even when the port numbers that you enter are already taken on your host.

  Workaround: Make sure the port numbers you enter on the Network tab are free.

Networking Issues

• Loss of network connection to vCenter Server 4 can cause workflows to stop
  If Orchestrator loses the network connection to vCenter Server 4 while a workflow is running, and if the workflow attempts to access vCenter Server, that workflow stops and does not attempt to restart. Furthermore, the vCenter Server 4 plug-in flushes its cache if it loses the connection to vCenter Server. Consequently, when the Orchestrator server restarts, it fetches all running objects again from the vCenter Server rather than reloading them from the cache. Fetching the objects again can cause peaks in CPU usage, and increases the load on vCenter Server. An intermittent connection to vCenter Server causes frequent workflow failures. If the network connection to vCenter Server is intermittent, then constantly fetching the objects can consume vCenter Server memory, leading to drops in performance.

  Workaround: Ensure that the network connection to vCenter Server is stable.

Miscellaneous Issues

• When you add a Custom Decision element to a workflow, the Orchestrator client might shut down unexpectedly
  After installing the Orchestrator client on a Windows 7 64-bit machine, if you try to add a Custom Decision element to a workflow, the Orchestrator client might shut down unexpectedly without an error message. This issue occurs when you try to connect the Custom Decision element to the next element that should run in the workflow.
  Workaround: Perform the following steps:
  1. Connect the workflow element that must run before the Custom Decision element to the Custom Decision element.
  2. Connect the Custom Decision element to the next workflow element that you want to run.
• Importing a package using the Orchestrator client fails occasionally
  Occasionally, importing a package using the Orchestrator client results in the error Unable to import a certificate, reason : Unable to save keystore.

  Workaround: Close the error message and attempt the import again.

• The Used plug-ins tab in the Orchestrator client does not appear at all or does not list the plug-ins associated with the selected package
  You cannot check dependencies between packages because the Used plug-ins tab is either not displayed or not populated with the list of associated plug-ins. If the tab is not displayed and the Orchestrator client is not refreshed, you must click another tab or view.
• The Orchestrator client stops responding if you use the Used plug-ins tab in edit mode
  When you attempt to insert or remove associated plug-ins on the Used plug-ins tab, the Orchestrator client stops responding.

  Workaround: Restart the Orchestrator client.

• The Revert option for the parameters table on the Scripting tab of the Edit Actions view does not revert to the last saved state
  When you add a parameter to an action script, you cannot remove it using the Revert option.

  Workaround: Right-click the parameter and click Delete Selected.

• Characters are accepted as the input value for workflow attributes of number type
  Format validation has been disabled on workflow attributes that are of the number type. Invalid input values are accepted without any warning, and workflows are saved successfully, which can lead to unpredictable results.
• Changes to input parameter descriptions are not propagated to the presentation
  If you change the description of an input parameter for a workflow, the change is not propagated to the description in the presentation.

  Workaround: Copy the description to the presentation manually.

• The Convert disks to thin provisioning workflow does not handle virtual machines with snapshots correctly and does not convert the thick-provisioned disks
  On completion, the Convert disks to thin provisioning workflow reports that the thick-provisioned disks of virtual machines with snapshots are successfully converted to thin-provisioned, when they are actually not.

  Workaround: Do not include virtual machines with snapshots in the workflow.

• Windows Server 2008 automatically renames VMOAPP and DAR files to ZIP causing the application installation and plug-in upload in the Orchestrator configuration interface to fail
  If you are running Orchestrator on Windows Server 2008, the extension of the archives you download is automatically changed to ZIP. When you are installing an application or uploading a plug-in by using the Orchestrator configuration interface, you must use a VMOAPP or DAR file.

  Workaround: Change the ZIP extension back to either VMOAPP or DAR to use the downloaded archive in the Orchestrator configuration interface.

• Repeatedly publishing and unpublishing Web views can cause memory issues
  Publishing and unpublishing of Web views restarts the Tapestry framework, which regenerates new meta-class information without cleaning up the previous meta-class information. Publishing and unpublishing a Web view by repeatedly calling the methods Webview.enable() and Webview.disable() in a loop in scripts can consume large quantities of memory and eventually leads to performance issues.
• Adding values to vCenter Server data object properties of type Array is impossible
  When Orchestrator runs scripts, the vCenter Server 4.1 plug-in converts JavaScript arrays to Java arrays of a fixed size. As a consequence, you cannot add new values to vCenter Server data objects that take arrays as property values. You can create an object that takes an array as a property if you instantiate that object by passing it a pre-filled array. However, after you have instantiated the object, you cannot add values to the array.

  For example, the following code does not work:

  var spec = new VcVirtualMachineConfigSpec();
spec.deviceChange = [];
spec.deviceChange[0] = new VcVirtualDeviceConfigSpec();
System.log(spec.deviceChange[0]);

  In the above code, Orchestrator converts the empty spec.deviceChange JavaScript array into the fixed-size Java array VirtualDeviceConfigSpec[] before it calls setDeviceChange(). When calling spec.deviceChange[0] = new VcVirtualDeviceConfigSpec(), Orchestrator calls getDeviceChange() and the array remains a fixed, empty Java array. Calling spec.deviceChange.add() results in the same behavior.

  Workaround: Declare the array as a local variable, as follows:

  var spec = new VcVirtualMachineConfigSpec();
var deviceSpec = [];
deviceSpec[0] = new VcVirtualDeviceConfigSpec();
spec.deviceChange = deviceSpec;
System.log(spec.deviceChange[0]);

• Workflow input parameters of type SecureString cannot take a null value
  You cannot start a workflow with a null value if that workflow takes a SecureString as an input parameter, unless you start the workflow from within another workflow. If you start a workflow with a null value when that workflow takes a SecureString as an input parameter, the server loads attributes from the cache rather than from the Orchestrator database, resulting in a null input parameter. If you then change the workflow state to passive by implementing a long-running workflow element, the attributes are reloaded from the database, converting the null value into an empty string. This is the only way you can use a null value to start a workflow that requires a SecureString input parameter.
  
  
• Workflow fails and an error message is displayed
  If the LockingSystem.lockAndWait() API method is called with parameters exceeding 100 characters in length, the current workflow run fails and displays one of the following error messages
  
  Lock id must be not null and no longer than 100 characters
  or
  Owner must be not null and no longer than 100 characters
  
  Workaround: Reduce the parameter length using a hash of the original parameter (SHA-1, SHA-256 or MD5)
  
  
• HTML tags used in workflow presentation descriptions or names are not rendered in Web views
  HTML tags used in workflow presentation descriptions or names are not rendered in Web views. This is a security fix preventing potential cross-scripting exploits.