Enterprise Random Password Manager: Revision History

Current
Version
Build Released On
4.83.8   140729 July 31, 2014  

•    Added: Application launcher – launch any application on a local system.
•    Added: Application launcher – launch any application on a bastion host / jump server.
•    Added: Application security for launched applications (hash, digital signing, etc.).
•    Added: Application launcher automatic application push.
•    Added: Session recording for applications via bastion host / jump server.
•    Added: SSH Key support for Linux/UNIX password management.
•    Added: SSH Key support for Linux/UNIX application launch.
•    Added: SSH proxy capability for launched applications to Linux/UNIX hosts.
•    Added: Support for RDP 6.x+ fat client (support for NLA and app launching).
•    Added: Tools to build and develop web login connectors.
•    Added: Tools to build and develop fat client login connectors.
•    Added: CLR connector capability for web only based management.
•    Added: Dynamic list creation for custom account stores; website system type filters.
•    Added: Added support for SHA2 SSH algorithms.
•    Added: Console delegation for most functions in the administrative console (FR-345).
•    Added: Database tuning options for SQL 2014.
•    Added: User controllable (persistent) settings for SSH console access when using MindTerm SSH component.
•    Added: Web site will recall last system type filter when logging in or navigating back to previously viewed pages.
•    Added: Password change job constraint option to not allow repeated characters (FR-422).
•    Added: Comment for auto-RDP and auto-SSH launch (FR-457).
•    Added: More mapping options for remotely connected systems (RDP, SSH) (FR-503).
•    Added: Ability to rename shared credential lists (FR-517).
•    Added: Exposed Account masks management in web service (FR-522).
•    Added: Pre-run notifications for scheduled jobs (FR-523).
•    Added: File size limiting for File Vault in website configuration (FR-529).
•    Changed: Verbiage in website delegations to match that of the selected permissions (FR-586).
•    Changed: Arbitrary elevation in PowerShell used its own settings rather than global settings (FR-553).
•    Changed: Removal of automatic refresh of dialog for many dialogs which did not require it (FR-559).
•    Changed: Web Activity and account activity now use a consistent time zone for activity time stamps as displayed in the website.
•    Changed: Restricted systems list is no longer case sensitive.
•    Updated: Upgraded to IPWorks v9
•    Removed: tempura.org from WCF service (FR-530).
•    Fixed: Directory Services Restore Mode (DSRM) would cause asserts during password change
•    Fixed: DSRM password change did not work.
•    Fixed: Account rename during password change on 2008 and newer would generate errors.
•    Fixed: ServiceNow! Ticket integration did not work.
•    Fixed: WebSphere password changes could hang indefinitely if login password was out of synch.
•    Fixed: Web Logic password changes could hang indefinitely if login password was out of synch.
•    Fixed: SAP password changes could hang indefinitely if login password was out of synch.
•    Fixed: MySQL accounts did not appear in the website.
•    Fixed: When the website option to “Display available options” was not enabled, low powered login accounts would receive the extra permission to view password history.
•    Fixed: Fixed: When the website option to “Display available options” was not enabled, low powered login accounts would receive the extra permission to view account activity.
•    Fixed: The global “Recover Password” permission combined with per account delegations to “Recover Password” would grant the low powered user access to “Change” and “Remove” password options (B-673).
•    Fixed: The global “Recover Password” permission combined with per management set delegations to “Recover Password” would grant the low powered user access to “Change” and “Remove” password options (B-687).
•    Fixed: Opening the self-recovery permissions dialog and attempting to close the identity selection dialog without selecting an identity would cause an application crash (B-674).
•    Fixed: Attempting a Cisco password change job using Telnet (rather than SSH) could cause ERPM to crash (B-676).
•    Fixed: Password extension for non-Windows accounts extends beyond platform specific extension settings (B-677).
•    Fixed: ERPM console incorrectly displays job type affinity for zone processors (B-678).
•    Fixed: Various typos and formatting problems.
•    Fixed: Component error when both a system name and NetBIOS name filter are filled out on the systems page (B-684).
•    Fixed: Job set to run every N days did not retain set schedule following an interactive run (B-689).
•    Fixed: Permission restriction by schedule not working as expected (B-690).
•    Fixed: Low powered users without proper permission could create a shared credential list (B-692).
•    Fixed: Jobs set to run after the 28th day of the month would repeatedly run in February (B-693).
•    Fixed: Management of MS SQL databases using SQL Authentication where the login account included a semi-colon in the password could cause password change job operations to fail (B-695).
•    Fixed: Bad Active Directory paths on management set properties would stop subsequent enumeration of Active Directory paths for the same management set (B-703).
•    Fixed: Custom account store jobs break if the login account information is changed for a job (B-706).
•    Fixed: Deleting self recovery rules caused asserts.
•    Fixed: Exporting of encryption key via Windows REG function did not maintain proper formatting.
•    Fixed: Option to use a custom schema was not remembered when using the SQL Native client (B-711).
•    Fixed: SQL Server database instances were not displaying properly when using the system name filter (B-714).
•    Fixed: Windows service propagation could fail if service dependency buffer size grew too large (B-716).
•    Fixed: SQL Reporting Services discovery would fail when more than once instance of SSRS was present on a target systems (B-717).
•    Fixed: SQL Reporting Services management would fail when more than one instance of SSRS was present on target systems (B-717).
•    Fixed: Password checkout duration would use Windows platform extension setting rather than platform specific settings (B-719).
•    Fixed: Using console launch impersonation when UAC was enabled could cause application crash (B-720).


Previous
Version
Build Released On
4.83.7  SR1 140408 April 11, 2014  

  • Fixed: PowerShell CMDlet New-LSSharedCredential would report success on uploading a new shared credential even when the upload failed
  • Fixed: Event Sink output to a Syslog (SIEM) system did not report a user’s login name during a login event when 2 Factor Authentication was used
  • Fixed: File store could grant access to any file a user had “View” rights for if a request for a file was approved for any other file

Previous
Version
Build Released On
4.83.7 131004    October 4, 2013
  • Added:Support for SQL Native Client (SQLNCLI) using ODBC. Permits use of SQL Mirroring in HA mode.
  • Added: Phone Factor two factor authentication via local agent
  • Added: Phone Factor two factor authentication via cloud service
  • Added: SafeNet two factor authentication
  • Added: Generic RADIUS support for two factor authentication
  • Added: Support for SafeNet hardware security module (HSM)
  • Added: Additional compliance reports to the web interface, now in parity with the console.
  • Added: Additional compliance reports to the console, now in parity with the web interface.
  • Added: New explicit option to define which attribute should be pulled from Active Directory when querying for systems (FR‐261).
  • Added: New default page option for new users logging into the website.This is configured through the web application settings.
  • Added: Option for the secure file store to pre‐define what permissions to define for a file when uploaded(FR‐508).
  • Added: Option to hide password is the password recovery page until shown (FR‐476).
  • Added: New response file for Palo Alto devices.
  • Added: New response file for Tandem systems.
  • Added: New response file for Fortigate systems.
  • Added: New response file for CiscoPriv15 login accounts.
  • Changed: When performing an auto‐RDP sessions via the website, the target system will go full screen to the entire desktop resolution when the full screen option is selected.
  • Changed: When logging into the website and integrated authentication is enabled, website will deselect the integrated authentication automatically if a different user account name is provided in the username field.
  • Changed: When configuring the web application global delegation rules,the permissions will be auto‐applied when the highlighted identity loses focus or the user clicks OK.
  • Changed: Management set will automatically ignore NULL values when using a DB query to discover systems.
  • Changed: Default response file now uses all types of encryption (BlowFish still not supported).
  • Changed: Default response file has new settings for changing non‐enable accounts.
  • Changed: Various UI elements for date/time reporting.
  • Updated: RSA enVision Package includes the 6000 series event sink IDs.
  • Fixed: Memory leak in data access layer that could cause the deferred processing service to stop or produce “out of resources” messages.
  • Fixed:Memory leak in data access layer that could cause the web site COM object to stop or produce“out of resources” messages.
  • Fixed: Memory leak in data access layer that could cause the management console to produce “out of resources” messages.
  • Fixed: Per account delegations did not work for anything other than Windows or Linux systems (B‐640).
  • Fixed: Website would product function block errors if ‘Block password check‐in if password is in use’ was selected and user checked in a Linux system.
  • Fixed: Website would product ‘500’errors if ‘Block password check‐in if password is in use’ was selected and ‘Log all password check‐outs to system’s event log’ were selected and user checked in a Windows system (B‐651).
  • Fixed: SCSM ticket integration would not always properly verify ticket status.
  • Fixed: HPSM ticket integration would not always properly verify ticket status.
  • Fixed: BMC ticket integration would not always properly verify ticket status.
  • Fixed: ServiceNow ticket integration would not always properly verify ticket status.
  • Fixed: Website deployment bug that could cause the website deployment to fail when the .net framework was not properly registered on the target web server.
  • Fixed: Website verification could fail when website was installed to a virtual directory that was not the default name.
  • Fixed: Various typos in the website.
  • Fixed: Various typos in the management console.
  • Fixed: Improper username case comparison ‐ If user logged in as user X and checked out password,then checked logged back in as User x, he could not re‐view the same password.
  • Fixed: Audit Logs exported with a .asp extension instead of .zip.
  • Fixed: Scheduled refresh job comments do not persist in the jobs queue dialog.
  • Fixed: Checkout to Group disallows checkout extension for subsequent users.
  • Fixed: Possibility for account lockout when a connection uses a cached credential for Windows authentication(different than alt‐admins or integrated authentication).
  • Fixed: Checkout to Group disallows checkout extension for subsequent users.
  • Fixed: SDK Login Procedure Fails When Using Integrated Authentication.
  • Fixed: Password compartments cannot be edited from the dialog.
  • Fixed: For compartmentalized passwords, the Show/Check in Password option for a password that is already checked out always re‐prompts the user to reenter their password recovery reason.
  • Fixed: When using compartmentalization with check out to group, after the user recovers their segment of the compartmentalized password and checks it out to a group, no user can use the Extend Checkout or Check In buttons.
  • Fixed: Account elevation ‐automatic de‐elevation occurs immediately when multiple zone processors are present.
  • Fixed: Bug where disabled jobs could get re‐enabled.
  • Fixed: Errors and asserts listed when ERPM configured with a bad AD /LDAP path.
  • Fixed: Manual installation of web service had incorrect web service DLL.
  • Fixed: Web.config files for web service had incorrect parameter when using SSL.
  • Fixed: Numerous PowerShell CMDlets did not work.
  • Fixed: Numerous web service calls did not return data as expected.
  • Fixed: Web service calls to add various databases did not properly apply encryption to the password.
  • Fixed: ERPM task discovery fails when target task was set to run as SYSTEM (B‐658).
  • Fixed: Incorrect permissions applied when using per account permissions for multiple accounts on the same system (B‐660).
  • Fixed: IPMI node would not display more than 100 devices (B‐657).
  • Fixed: Built‐in administrator password change job would not rename the administrator account – when elected to do so – until after the password was changed resulting in bad information in the website(B‐654).
  • Fixed: Discovery of SQL Server instances was overwriting system information which resulted in alt‐admin information being incorrect (B‐653).
  • Fixed: If retry policy is set to ‘STOP’, jobs that fail will never retry (expected) and never get rescheduled for next run time (unexpected) (B‐650).
  • Fixed: Shared credentials list doesn’t send email notification on password recovery (B‐649).
  • Fixed: Last login column in Windows Accounts view does not sort in chronological order (B‐647).
  • Fixed: App crash could occur when using alternate administrators to manage an untrusting domain (B‐642).
  • Fixed: Console delegation could permit users to bypass delegation rules (B‐641).
  • Fixed: IIS reset happening when managing SharePoint even if no account usage was found (B‐639).
  • Fixed: Personal password store would permit empty entries to be added to the list (B‐638).
  • Fixed: RADIUS authentication not working all the time (B‐636, B‐637).
  • Fixed:System rename would produce asserts (B‐635).


Click This Link for Complete Revision History