EM 12c: Compliance standard "Security Recommendation for Oracle Products" Is Still Enabled and Evaluated Even Though Target Associations are Marked as Disabled (Doc ID 1510012.1)

Last updated on OCTOBER 15, 2014

Applies to:

Enterprise Manager Base Platform - Version 12.1.0.1.0 to 12.1.0.2.0 [Release 12.1]
Information in this document applies to any platform.

Symptoms

Login to 12c OMS(12.1.0.1 or 12.1.0.2) as Sysman or an Admin user.
Navigate to Enterprise > Compliance > Library. Click on 'Compliance  Standards' tab. Select "Security recommendations for oracle products" and click on 'Override
Target Type Settings' and select disable

OR

Select "Security recommendations for oracle products" and click on  'Associate Targets' and select the hosts to be disabled and click 'Disable' option. Now click 'OK'.
In the next screen change 'Compliance Standard Evaluation Status' from "Enabled' to "Disabled" and click 'Ok'.
This submits a job which disabled the compliance check.
  
To verify do the following:
  
Navigate to Enterprise > Compliance > Library > Compliance Standards
Select "Security recommendations for oracle products" and click on 'Override
Target Type Settings'. Here it will show in console that the 'Evaluation  Status' Column is disabled.
  
But reviewing sysman.mgmt$cs_eval_summary view shows that this is enabled.
Also From Enterprise > Summary Least Compliant Targets have these violations listed, though the console shows disabled.
  
So here there is no consistent results:
  
a. console shows that the above mentioned compliance is disabled.
b. After sometime of disabling the job, sysman.mgmt$cs_eval_summary view shows that this collection is enabled.

If new targets are added, then the target will by default have this Compliance rule.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms