Flash Alternative: How to Enable Adobe Enterprise Enablement for Legacy Browser Versions - TrueSight Infrastructure Management (TSIM)/BMC ProactiveNet Performance Management (BPPM)

Knowledge Article

Article Number

000377645

Old Article Number

Article Type

FAQ/Procedural

Title

Flash Alternative: How to Enable Adobe Enterprise Enablement for Legacy Browser Versions - TrueSight Infrastructure Management (TSIM)/BMC ProactiveNet Performance Management (BPPM)

Summary

Product

TrueSight Infrastructure Management

Component

TSIM User Console

Applies to

All versions of TSIM/BPPM

Question

How to enable Adobe Enterprise Enablement for legacy browser versions and consume flash player content?

Answer

With Adobe Flash Player 32.0 Enterprise Enablement, companies can allow Flash Player content to be loaded from a set of trusted URLs by performing these below actions:

STEPS:

Create a file called mms.cfg with the following content on the server where you would like to launch the TSIM Console.

EnableAllowList=1

AllowListUrlPattern=http://<TSIM-Server-FQDN>
AllowListUrlPattern=https://<TSIM-Server-FQDN>

Several AllowListUrlPattern= tags can be added depending on how many ways there is to access TSIM Console.

For example, if there is a load balancer for TSIM HA (https://loadbalancer1.domain.com) and access to each TSIM (https://TSIM1.domain.com and https://TSIM2.domain.com).
The file would look like this:

EnableAllowList=1

AllowListUrlPattern=https://loadbalancer.domain.com
AllowListUrlPattern=https://TSIM1.domain.com
AllowListUrlPattern=https://TSIM2.domain.com

While adding several tags for AllowListUrlPattern, one can also use the pattern matching with "*"
The file would look like this:

EnableAllowList=1

AllowListUrlPattern=*://*.domain.com

For BPPM environments: To access the BPPM Central Monitoring Administrator(CMA) Console, one needs to add the tags "http://localhost:80/" Or "https://localhost:443/" for AllowListUrlPattern in mms.cfg file
The file to access BPPM CMA Console would look like this:

EnableAllowList=1

AllowListUrlPattern=*://*.domain.com
AllowListUrlPattern=http://localhost:80/
AllowListUrlPattern=https://localhost:443/

Where to place/save the file? According to Adobe documentation Adobe Flash Player 32.0 Administration Guide the mms.cfg file should be placed in these paths depending on your browser and OS.

For Internet Explorer, Edge and Firefox:

Windows:	32-bit: %WINDIR%\system32\Macromed\flash 64-bit: %WINDIR%\SysWow64\Macromed\flash
MacOS	/Library/Application Support/Macromedia
Linux	/etc/adobe

For Google Chrome:

Windows:	%USERNAME%/AppData/Local/Google/Chrome/User Data/Default/Pepper Data/Shockwave Flash/System (The System directory may not exist. If not, create it manually)
MacOS:	Users/<username>/Library/Application Support/Google/Chrome/Default/Pepper Data/Shockwave Flash/System
Linux:	/home/$USER/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/

Once the file is placed in any of the above paths according to the browser and OS, restart the browser and flash content should be able to play.

WARNING: Flash Player Enterprise Enablement will stop working if the browser is updated.

BMC Software has validated the Flash Player will continue to run with Flash Player Enterprise Enablement on these browser versions:

Tested browser version	Vendor support
Microsoft Internet Explorer 11	https://docs.microsoft.com/en-us/lifecycle/announcements/update-adobe-flash-support
Mozilla Firefox 83	https://support.mozilla.org/en-US/kb/end-support-adobe-flash
Google Chrome 86	https://support.google.com/chrome/a/answer/7084871?hl=en

For more information on Flash alternatives you can check our documentation here - https://docs.bmc.com/docs/TSOperations/113/technical-bulletin-impact-of-adobe-flash-end-of-life-on-truesight-operations-management-and-replacement-options-968235446.html#Technicalbulletin—ImpactofAdobeFlashendoflifeonTrueSightOperationsManagementandreplacementoptions-AlternativesforcustomerswhowanttocontinuetousetheFlash-basedBMCproducts

Important:
The ability to run Adobe Flash Player depends upon the browser vendor's support. Running BMC Software products with outdated browser versions requires you to turn off automatic updates. This approach should be carefully considered and should be in alignment with your company's security group recommendations.

Troubleshooting the AllowListUrlPattern:
As it may be necessary to add several AllowListUrlPattern entries it is helpful to be able to verify which pattern is being used and whether they are valid. The Flash administration guide has details of the TraceOutputEcho option which may be added to the mms.cfg file to enable additional logging to the browser javascript console using this line:

TraceOutputEcho=1

This will cause entries like this in the console to show that a URL was blocked:

VM85:1 SWF : *** EnableAllowList blocks 'http://localhost:80/admin/messagebroker/amf'. ***
VM86:1 SWF : SecurityError: Error #2146  url: 'http://localhost:80/admin/messagebroker/amf'

Remove the line or set the value to 0 to disable the extra logging.

For more advanced Flash player debugging options please see https://helpx.adobe.com/flash-player/kb/configure-debugger-version-flash-player.html

Attachment(s):