Random Password Manager: Revision History

• Removed: Support for Windows Server 2003 as a hosting platform
• Added: Additional user interface languages: Danish, Dutch, Finnish, Hebrew, Hindi, Japanese, Korean, Norwegian, Russian, Swedish, Tagalog
• Added: SAP Certified password management via SAP NetWeaver Gateway (We are now an SAP Partner)
• Added: More event sinks
• Added: Additional permissions for viewing password history
• Added: Additional permissions for viewing account activity
• Added: SDK options for file vault management
• Added: SDK options for shared password lists
• Added: Automatic Index Creation deadlock resolution via index deletion
• Added: Add account lockout for web access (website options)
• Added: Dialog to monitor user lockout status and reset logouts selectively
• Added: Control for number of rows to export when exporting audit logs from website (web site options)
• Added: Active Directory domain account restrictions to target OUs for user discovery or exclusion from discover
• Added: OLEDB timer override (Datastore Config) to aid in slow databases and long running queries
• Added: RPC Kill timer to help deal with hung RPC calls to unhealthy Windows systems
• Added: Password change provides new option to unlock an account (Windows)
• Added: SOAP web service interface
• Added: Explicit impersonation in the SOAP web service
• Added: OData web service interface
• Added: Support for international characters in email messages
• Added: For non-Windows systems, password jobs can now load any stored credential
• Added: Password history for shared password lists
• Added: Can now specify SSH port on auto-SSH connection per system
• Added: Can now auto-SSH for custom account store types that use SSH
• Added: Wild card search in website for account names when mandatory account search requirement is enabled
• Added: SDK option to retrieve stored passwords and ignore password checkout flags
• Added: Email field cache for password requests in the web interface when users do not have a pre-defined email address
• Changed: When a system is added to the restricted systems list after being added to a job, the job will remove the restricted system on subsequent run
• Changed: Cloned job status and last run are set to has not run rather than the cloned job's status
• Changed: Certain logging functions and heuristics to try and avoid confusing log messages
• Changed: Startup algorithm to improve console launch time when management set objects have overlapping ranges (duplicated systems)
• Changed: Installation routines for Dashboard visualization installations
• Changed: SDK password set command will add passwords to shared list if not found
• Changed: Changed several file vault logging messages to include the symbolic name of the file affected as well as the fileID
• Changed: When setting auto-logins, system will check for target computer's bit level (32 v 64) to write to the correct registry location
• Changed: When selecting multiple accounts to create a password change job and choosing the run immediately option, jobs get scheduled to run now rather than actually attempting to run immediately
• Updated: IntegrationComponents supplemental installer can now choose proper installation path for zone processor installations
• Updated: Microsoft RDP ActiveX component updated to version 5.2.3790.4252
• Updated: Updated EasyMail SMTP & SSL components to version 6.5
• Updated: ARCSight CEF output and parsing
• Fixed: Windows 2008 R2 systems OS TYPE was incorrectly reported as Windows 7 systems in web interface
• Fixed: Systems added to restricted systems list after being added to a job would cause job to fail
• Fixed: Cross-site scripting exploits
• Fixed: Performing an IP scan for systems when OS type is set for Linux and the system responds could cause crash
• Fixed: Default button on website login page did not function
• Fixed: Integrated authentication in website did not work automatic login was not also enabled
• Fixed: Syslog CEF output of heartbeat monitor event sink would cause error rather than log
• Fixed: Certain scenarios could cause the job thread dispatcher to prematurely delete state resulting in memory leaks
• Fixed: When management set type was set to Linux, objects under the Linux/UNIX node would be added or removed simply because the management set was updated
• Fixed: Upgrade code when dealing with custom schemas
• Fixed: Database migration steps not present in v4.83.4 could cause basic password change jobs to fail
• Fixed: Database migration steps not present in v4.83.4 could cause propagation steps to fail from previously existing jobs
• Fixed: File store problems when using custom schemas
• Fixed: Compliance Database problems when using custom schemas
• Fixed: Custom LDAP filters for Active Directory domains were not working
• Fixed: Oracle password changes were not propagating
• Fixed: Oracle instances page would not show all correct oracle instances unless account had all access
• Fixed: Deleting a password from password history would delete all entries from the history for that computer/system
• Fixed: Could not enter the same system name into multiple custom account stores
• Fixed: RSA Login page in the web interface prevented set pin mode to work correctly
• Fixed: RSA SecurID did not work in next PIN mode
• Fixed: Displayed number of targets in a management set was not including custom account stores
• Fixed: Saving new passwords to the password store with encryption disabled would log asserts
• Fixed: Web interface account filters would not work if the user also had account masks defined in their delegations
• Fixed: Alternate administrator accounts access and stored credential access not working in certain scenarios
• Fixed: Web application would not show account filter if a non-All access user was logged in
• Fixed: Password recovery email alert used incorrect email template for notification
• Fixed: Main dialog would exit when admin reporting job could not be verified
• Fixed: Importing delegation identities and permissions to fail because it expected the import file to contain extra columns
• Fixed: Scenario where users could not create new delegation permissions on files in the file store
• Fixed: Text for requesting a password list password showed deny request
• Fixed: SDK (COM version) GetStatusSettings would fail
• Fixed: Users without grant all access cannot see accounts other than Windows
• Fixed: "Run job on new systems" was being erroneously set

• Added: Per user definable dashboards
• Added: Dashboard configuration control
• Added: Dashboard data audit drill down and visualization
• Added: Pure certificate based authentication and authorization
• Added: CAC/PIV card support
• Added: Website support for automatic login after user-certificate identification
• Added: RDP account pass-thru accounts can be used for any system
• Added: SSH account pass-thru accounts can be used for any system
• Added: Multi-RDP Gateway support
• Added: Configuration to enable/disable multiple per-user simultaneous RDP sessions
• Added: Configuration to enable/disable multiple per-user simultaneous SSH sessions
• Added: Configuration to enable/disable multiple per-user simultaneous telnet sessions
• Added: Additional telnet support for Linux/UNIX node
• Added: Additional telnet support for custom account store node
• Added: SSH/Telnet support sixth new replacement variable for target system
• Added: Multi-language support for web interface including Chinese (traditional and simplified), Arabic, German, French, Italian, Hungarian, and more
• Added: Multi-language support configurations per user profile
• Added: Scheduled refresh operations for system enumeration
• Added: Scheduled refresh operations for account enumeration
• Added: Self-service account elevation jobs now provide for an elevation comment
• Added: Pre-populated list of common groups to the arbitrary account elevation page so a user can choose a group instead of typing one in
• Added: Password confirmation field for static passwords in password change jobs
• Added: Progress indicators for jobs in progress in the web application
• Added: Automatic Oracle database detection for Windows systems
• Added: Test connection option for MS SQL databases
• Added: Test connection option for Oracle databases
• Added: Job Queue dialog for determining which job is running, what job is next, and other job information
• Added: Zone processors can now handle parts of password propagation jobs for propagation targets that are within their zone
• Added: Zone processors can now perform account elevation jobs
• Added: Zone processors can now perform system refresh operations
• Added: Zone processors can now perform password verification reports
• Added: Orphaned job unlock code to the scheduling service to unlock and reschedule jobs that are found locked by the current system when the owning process no longer exists
• Added: Compliance snapshot jobs as a supported type of job that can be run by a zone processor
• Added: Unique event sink message for adding/changing managed passwords through the web app
• Added: Password verification for accounts on non-Windows systems managed by SU or SUDO
• Added: SSH/Telnet target types configuration option to always load stored password
• Added: Security option on website configuration to block session if more than N number of requests per second is received from session
• Added: Oracle database password verification
• Added: Compliance report for all stored shared credentials
• Added: Password history accessible via website
• Added: Support for asset tag in the management console
• Added: Asset tags are visible and searchable in the web interface
• Added: Custom account store systems can now be imported via text file import
• Added: On-demand token code support for RSA SecurID token checks
• Added: Support for system-generated RSA SecurID PIN codes for the web application
• Added: Option to disable LDAP servers for use as authentication servers
• Added: Account elevation jobs filters available in the jobs page filter list in the web interface
• Added: Various interstitial dialogs in web application to indicate work being done
• Added: Various interstitial dialogs in management console to indicate work being done and actual progress
• Changed: Deferred processors will examine jobs left in a partially complete state to determine if they need to be completed
• Changed: Management set database query string length updated to support 1024 characters (up from 255)
• Changed: Web application schedule permission restriction code to allow daily restrictions to carry over from PM to the next day's AM times
• Changed: Users attempting to login when their login permission was restricted by schedule to a schedule restriction message
• Changed: LDAP password change jobs would always use the managed account to change its own password
• Changed: Input method for SSH/Telnet connections now passes a single character at a time
• Changed: Tab order various dialogs
• Updated: Mnemonic controls in various places in the management console (Section 508 compliance)
• Fixed: Password cache population problems for Cisco password changes
• Fixed: Password cache population problems for LDAP password changes
• Fixed: Password cache population problems for Oracle password changes
• Fixed: Password cache population problems for Sybase password changes
• Fixed: Password cache population problems for MySQL password changes
• Fixed: Password cache population problems for MS SQL password changes using explicit accounts
• Fixed: Password cache population problems for IPMI password changes
• Fixed: Known passwords discovered as valid for IPMI devices were not associated with IPMI device
• Fixed: Date time pickers in website filters for account elevation
• Fixed: Service propagation did not propagate to services configured with UPNs if service and account had not already been previously enumerated
• Fixed: Text file discovery on non-Windows systems
• Fixed: Text file propagation on non-Windows systems
• Fixed: Process initiation on non-Windows systems
• Fixed: Adding a personal password was not associated with the correct menu sections in the web interface
• Fixed: Password cache concurrency issues during multi-threaded SSH operations
• Fixed: Bug in the web interface that was causing false positive errors to be logged on some page loads
• Fixed: RDP sessions could create duplicate log entries per connection
• Fixed: HTML markup characters in password list entries caused the password list pages to fail on various operations
• Fixed: Password check-in comments were not required even when enabled
• Fixed: Event sink logging was not always including the web logins responsible for the event
• Fixed: The system page of the job sheet showed incorrect next retry times for jobs that were partially complete
• Fixed: Generate full stats on all tables would fail if a custom tablespace name was used
• Fixed: LDAP connection would error if integrated auth was used and a user login name was not provided
• Fixed: Permissions on password list check would fail if one of the identities that had permissions assigned has been deleted
• Fixed: Windows integrated auth could bypass Oath token checks
• Fixed: DB2 custom connection strings were not working
• Fixed: Errors on SQL server refresh if the name-case (upper-case) was incorrect in the program data store
• Fixed: Could not add new credentials to an existing password list for Password Spread Sheet Manager feature
• Fixed: Certain delegation import features opened the export dialog
• Fixed: Certain delegation export features opened the import dialog

Click this link for complete revision history.