ADManager Plus fixes and enhancements for build 6500 and 6591

ADManager Plus fixes and enhancements for build 6500 and 6591

Build 6591 (September 2017)

New feature:

  • Reads the configured tables of Oracle and MS SQL database and creates automatic schedules for user creation to synchronize the user details across the databases and AD environment. Read more
  • Sends its log data in Syslog format for analysis to a Syslog server, thus facilitating comprehensive auditing to ensure network security. Read more

Enhancements:

ServiceNow integration:

  • Capability to alter users' group membership.
  • For enhanced security and to block unauthorized access, ADManager Plus can now be accessed from your ServiceNow if and only if your ServiceNow instance is configured on ADManager Plus web-console. Read more

ServiceDesk Plus integration:

  • Configure your ServiceDesk Plus integration with ADManager Plus from the new 'Integrations' tab. Read more

Fixes:

The following issues have been fixed in this release:

  • Domain synchronization failure in ADManager Plus when settings are updated on to the AD360 installation that encapsulates the former's setup.
  • Unintended overwriting of default domain name with value from user modification template.

Build 6590 (August 2017)

New feature:

GPO management:

  • Create GPOs: Now you can create GPOs and link them to OUs, sites, or a domain (either at the time of its creation or later) without using GPMC.
  • Edit GPOs: Options to search and modify the administrative template settings, for both computer and user configurations, have been provided now.
  • Delete GPOs: You can now delete single or multiple GPOs, in one go.

Click here to know more

Archive audit report: The new feature helps archive help desk audit reports as well as customize the archive interval and the retention period.

Enhancements:

  • Report driven GPO management: You can now delete a GPO, enable the user configuration settings, computer configuration settings, or enable/disable all the settings from 'GPO Reports' itself.
  • GPO management:
    • 'Link GPO' option helps to link existing GPOs to multiple containers, at once.
    • A revamped UI which lists GPOs, and also has a toggle button to easily enable or disable the configuration settings.
  • Scheduled audit reports: You can now generate reports automatically at a specific time or at regular intervals.
  • Custom LDAP attributes: ADManager Plus now supports LDAP attributes with Generalized-Time syntax (UTC coded time).
  • JRE upgrade: ADManager Plus now uses updated version of JRE for enhanced security.
  • UPN/email suffix selection:
    • Using ADManager Plus, you can now select the UPN suffixes and email suffixes which are already configured in your domain.
    • Remote routing address suffixes can be selected from the addresses configured in your Office 365.
    • New suffixes can be added to users' UPN, email address or remote routing address, without actually creating a new suffix in AD or Office 365 domain.

Fixes:

The following issues have been fixed in this release:

  • Child OUs being displayed multiple times while editing 'User Creation Templates'.
  • Danish characters æ, å, and ø not accepted during user creation ('Simple display name' field).
  • Shared folder creation error when the home directory ends with '$'.
  • Issue while connecting to Office 365, if the machine where ADManager Plus is installed has .NET framework (version 3.* and 4.*) and Exchange server (2007 or 2010).
  • Prompting for OU name during bulk OU creation, though the CSV file already contains the name of OU in which new OUs are to be created.

Build 6583 (August 2017)

New feature:

REST APIs: ADManager Plus offers REST Application Programming Interfaces (API) to enable users of other applications such as help desk tools, to access ADManager Plus, and carry out the necessary AD user management tasks from their applications. Using these APIs, you can perform the following AD management operations without logging into ADManager Plus:

  • Create user
  • Reset user password
  • Enable or disable user
  • Unlock user account
  • Delete user
  • Search user

Click here for more details.

Watch Video

Build 6582 (July 2017)

File Server Management capability has been enhanced with option to

  • Create workflow requests for granting or modifying shared folder permissions.
    It is also possible, while creating the request, to select a specific time duration, such as 30 minutes, one hour, two hours, one day, or permanently, for which the permissions being assigned must be valid. After the specified time period, users' permissions will be automatically reverted.
  • Modify or remove the NTFS or share permissions of multiple users and groups at once.
  • Restrict the file server management permissions of help desk technicians to only specific file servers.

Fixes:

The following issues have been fixed in this release:

  • Country codes not being displayed in reports.
  • When audit reports are generated and emailed via scheduler, reports are not attached with the email if CSV is selected as the report format.
  • Exchange Servers of specific DAGs not being listed during mailbox creation.
  • While modifying groups in bulk via CSV, product screen becomes blank if sAMAccountName is edited after importing the data from the CSV file.

Build 6581 (July 2017)

Enhancements:

  • Sharing report schedules and automations: It is now possible for the administrator or any help desk technician to share the report schedules and the automations configured by them, with fellow technicians. The technicians with whom the schedules or automations are shared will be able to view their details and also execute them.
  • While exporting the reports, it is now possible to exclude the description and export only the report data.

Fixes:

The following issues have been fixed in this release:

  • Not being able to fetch the permissions assigned on Oracle ZFS servers using permissions for folders report.
  • Product hangs while specifying password during user creation or resetting passwords of users, if smart card authentication is enabled.
  • 'Exclude child OU' option not working properly while generating users' real last logon report via report scheduler.
  • Product stops responding while removing the last SMTP address when it is configured as a custom attribute in a user modification template.

Build 6580 (June 2017)

New Features:

  • Active Directory management notifications: This feature notifies all the relevant stakeholders via email and/or SMS, whenever an AD, Office 365 or Exchange management action is executed. Further, the notification messages can be customized based on the management action performed, the domain in which it is performed or the technician who performs the action.
  • Litigation hold enabled Exchange Online mailboxes report: View all the Office 365 users for whose Exchange Online mailboxes the litigation hold option is enabled.
  • Recently created, modified, and deleted contacts reports: Fetch the complete list of recently created, modified and deleted Active Directory contacts.
  • Exchange Online (Office 365) mailbox management: Enable litigation hold and in-place archive, and also add proxy addresses for the mailboxes of Office 365 users in bulk, using the new features added to the Exchange Online management module.
  • ServiceNow integration: IT help desk technicians can now create Active Directory users, and also manage them - reset passwords, enable or disable, unlock and delete user accounts - easily and instantly, right from within the ServiceNow console.
  • Product update notification: This option keeps you informed about the new features and enhancements added to ADManager Plus so that you can update your installation to the latest version.

Enhancements:

  • Office 365 management:
    • Flexibility to choose any attribute other than the default 'objectGUID' as the 'sourceAnchor' to replicate changes made in the on-premises AD in Office 365 environment.
    • Option to automatically install MSOnline PowerShell module for Azure Active Directory, prerequisite for managing Office 365 accounts via ADManager Plus.
    • While creating shared mailbox in Office 365, it is now possible to specify an email address also, along with the other settings.
  • Organizational unit (OU) modification:
    • Single OU modification: Allows you to make the desired changes to any specific OU.
    • OU modification templates: Allows you to modify multiple attributes of an OU, all at once.
    • 'Protect OU from accidental deletion' option in CSV-based bulk modification of OUs.
  • Custom script option in computer, OU and group creation templates, to execute the desired action after the completion of computer, OU and group creation tasks.
  • Contact creation: Option to use templates while creating contacts in bulk.
  • Delegation:
    • Option to set a default template for each domain in which the technician has been allowed to carry out the assigned management actions.
    • Audit reports now also display the module that was used by the help desk technicians while performing the assigned actions.
  • All users report will now display users' profile photos also, if available, along with all the other details about the users.
  • While creating Exchange mailbox for users via the single user creation feature, it is now possible to select the desired DAG too.

Fixes:

The following issues have been fixed in this release:

  • XSS issue in help desk roles, assignment rules in workflow and detailed group membership report.
  • Issue in migrating from MySQL to MSSQL database.
  • The 'Exclude Child OUs' option not functioning properly while generating the 'users with empty attributes' report through scheduler.
  • Office 365 license not being removed properly using the disable policy.
  • Error in generating the 'computers not in group' report.
  • They keystore password not being encrypted when the 'Encrypt Keystore Password' option is enabled.

Build 6570 (April 2017)

New Features:

  • Group-based help desk delegation: Besides delegating help desk roles to individual AD users, you can now delegate them to AD groups as well. Delegating a role to an AD group would result in all the group members having permissions to perform the tasks defined in that role.
  • Exchange Online (Office 365) management: The following Exchange Online management features have been added:
    • Disable/delete remote mailboxes: This feature lets you disable or delete remote mailboxes. You can also choose to disable only the archive of a remote mailbox.
    • Mailbox delegation: You can grant full access, send on behalf, and send as permissions for Office 365 mailboxes to specific users and groups.
    • Hide from address lists: You can hide or unhide specific users from address lists.
    • Email forwarding: You can enable or disable email forwarding, configure the forwarding address, and more.
    • Storage limits: This feature lets you update various storage limits such as the maximum storage limit before a warning is issued, and more.
  • Office 365 reports: The following new Office 365 reports have been added:
    • Never logged on users report: Generates the details of all those Office 365 users who have never logged on.
    • ActiveSync enabled users report: Displays all ActiveSync enabled users in your Office 365 environment.
    • Shared mailboxes report: Lists the details of all Exchange Online shared mailboxes.

Enhancements:

  • All computers report displays BitLocker status as well.
  • While configuring workflow requesters, it is now possible to exclude child OUs of the selected OUs.
  • AD explorer also displays BitLocker status in computer properties.
  • If logon hours is among the data generated in a report, the exported copy contains logon hours as well.
  • User modification rules now let you configure conditions to automatically update Terminal Services user profile and home folder.
  • Disable/delete policy includes options to disable Lync/Skype for Business user account, remove EUM address, and remove direct reports.
  • The support for Office 365 licenses has been extended to:
    • Bulk user creation via CSV import: You can now use the CSV import option to assign Office 365 licenses while creating users' AD and Office 365 accounts.
    • User creation rules: You can automatically assign specific Office 365 licenses to users during the account creation process based on predefined conditions.

    Additionally, the drag-n-drop feature now includes an option to not create users in AD if any of the selected licenses are no longer available.

Fixes:

The following issues have been fixed in this release:

  • Error in exporting and scheduling Office 365 user reports when user count exceeds 13000.
  • Issue in configuring multiple proxy addresses of a user account.
  • EmailAddress not being accepted as CSV file header while assigning or revoking Office 365 licenses via the CSV import option.
  • The properties of desired dynamic distribution groups not being displayed via the search AD objects option.
  • In single group creation, inability to assign a user from the child domain as manager.
  • Automation not getting executed when an automation policy with user creation as instant task and any other activities as successive tasks is implemented in it.

Build 6560 (March 2017)

New Feature:

  • Exchange Online (Office 365) distribution group and mail-enabled security group modification: This new capability allows you to modify distribution groups or mail-enabled security groups present in Office 365 environment.
  • Enabled computers report: View all the enabled computers in your organization using this report. Based on your need, you can generate this report for the entire organization or only specific OUs, and also export it in multiple formats (HTML, CSV, PDF, EXCEL, etc.). Right from this report you can also manage (disable, move, delete, reset, etc.) the desired computers from the ones displayed in the report result.
  • User creation capability in iOS mobile app: Now, you can also create user accounts in AD right from your mobile devices using the iOS app. Further, while creating users, you can even select the desired user provisioning template to create user accounts exactly as you need them, as per your requirements.

Enhancements:

  • File server permissions management: Managing NTFS permissions becomes even simpler and easier with the capability to:
    • Copy the permissions assigned on any shared folder and use it for configuring the permissions on another shared folder.
    • View all the existing permissions on the desired shared folder.
    • View a summary of the permissions that were assigned on any shared folder or file server, after updating or modifying the permissions on them.
    • Preview the new permissions that will be updated on the specified shared folder.

    The permission management window has also been revamped with a more intuitive UI for quicker, and easier management of permissions.

  • Exchange Server management:

    • For Exchange Server 2010 and later versions, the address book and managed folder mailbox policies can also be assigned to the mailboxes of the user accounts right while creating the user accounts.
    • Enable or disable outlook web access for devices for users' mailboxes, in Exchange Server 2013 and later versions, using the user creation and modification features.
  • New options in Delegation:
    • File server permissions management has been added to the delegation module; you can now delegate the rights to manage the permissions of any shared folder or filer server to any user.
    • Track the share or NTFS permission changes of shared folders and file servers with the built-in audit reports. - Export the technician and admin audit reports in CSV, PDF, HTML or Excel format, as needed.
  • Specifying a custom naming format for email addresses in the single user modification feature.
  • Support for V5 and V6 profile folders management (create, move, and delete).
  • In custom naming formats, it is now possible to add random numbers and also remove specific characters.

Fixes:

The following issues have been fixed in this release:

  • Help desk audit report returning multiple objects in the search result, even if only a specific object name is mentioned in the search.
  • 'Copy user attributes' option not being visible to the requesters.
  • Issues affecting the performance of Office 365 inactive users report.
  • While modifying objects using CSV, the existing values of attributes in AD are not cleared, even if the CSV file contains empty values for those attributes, and 'clear the attribute's value in AD if its value in CSV is empty' option is also selected.

Build 6550, 6551 (March 2017)

New Feature:

  • Two-factor authentication support for an additional layer of security; you can choose Google authenticator, DUO, or one time password (OTP) via email, for the two factor authentication.
  • Spanish language support: Besides Chinese, Dutch, French, German, Italian and Japanese ADManager is now available in Spanish too.

Enhancements:

  • Now setting group membership ('memberOf' attribute) of AD objects is easier than ever before, thanks to the new and improved UI, enhanced with
    • the predictive search option for optimized loading time.
    • built in search to navigate through the selected groups for better usability.
  • Custom attributes support for Contact objects: The existing custom attributes can now be mapped to Contact reports. Also, you can now manage custom attributes while creating new Contact objects using ADManager Plus.
  • Enhancements in Reports
    • Export AD reports with your brand logo, and also get a quick overview on the scope of report being generated, with the Reports' summary page.
    • The contents of the exported AD reports are now prefixed with serial numbers for easy sorting and better information organization.
  • Report scheduler has been enhanced with the option to set
    • a custom file name for the report being generated
    • custom inline email content along with the body of the mail while exporting as html.
  • The 'OUName' of Group/Computer/Contact objects can now be modified while performing a CSV import action.
  • Enhancements in AD Delegation
    • Delegation now becomes simpler.
      • Append groups under the 'Included groups' column to the existing groups from OUs or domains that have already been delegated.
      • Higher precedence is given for removal of the groups listed under 'Excluded groups' upon an overlap.
      • Fine grained delegation
        • with provisions for setting attribute level authorization for 'computer and group modification tasks' while delegating them to the help desk.
        • with provision to restrict group type-specific access under group management.
        • with scope for single group modification, added additionally with the release.
    • The 'support tab' has been enhanced to offer a better user experience with an all new GUI that includes, provision for viewing schedules of the upcoming webinars, seminars, workshops and events.

    Fixes:

    The following issues have been fixed in this release:

    • Error in applying the user creation rules while provisioning new user accounts using templates.
    • In Rule based Bulk User Creation, the value for the 'OUName' attribute doesn't get set, even if the required conditions/criteria are met.
    • Email notifications sent out to the help desk technicians as a part of the review based Workflow management are misaligned.
    • Unable to set 'customized naming formats' in the email field when creating a new Office 365 user account.
    • Absence of 'Advanced link' under the Permissions column in the Permissions for Folders Report.
    • While creating a new user using the Copy User Attributes action, the home folder location(path) doesn't dynamically change in accordance with the respective logon name of the new user being created.

    Build 6541 (January 2017)

    Fixes:

    The following issues have been fixed in this release:

    • Reinforced security: This release hardens the existing protection mechanism with fixes that can counter an SQL injection and offer guard against XSS vulnerabilities.
    • 'Unprovisioned Office 365/G Suite accounts' while using User Creation Templates with Random password setting, for 360° provisioning.

    Build 6540 (December 2016)

    New Feature:

    • Support for Windows Server 2016: ADManager Plus now extends support for Windows Server 2016.
    • Office 365 group members report: You can now generate a list of all users who are members of a selected group/groups in your Office 365 environment.

    Enhancements:

    • Office 365 Management
      • Shared Mailbox can now be created only for Office365 environment. To do so, deselect the Active Directory option under Mailbox Management section.
      • Office 365 license management is now enhanced with provision to apply OU filters.
    • Office 365 'Unlicensed users' report can now be refined by excluding the Shared, Room, and Equipment Mailboxes.
    • The 'User Creation Template' has been enhanced to let you create an 'Archive Mailbox' for your Remote Mailbox. Provision for adding additional email addresses has also been included.
    • Now manage and report on Active Directory objects with 'Multi-valued' custom attributes.
    • Option to set the Keystore password, which will be encrypted for heightened security, directly using the product UI.
    • Automation
      • While automating the computer objects, refine the criteria results based on the 'memberOf' or 'distinguishedName' attributes.
      • Managing the photo attribute of a user object can now be automated.
    • Workflow has been enriched with the provision for 'Mailbox Creation' and 'Move Home Folder' options.
    • User creation rules now include the provision to set a value for the office field ('physicalDeliveryOfficeName' attribute).

    Fixes:

    The following issues have been fixed in this release:

    • XSS vulnerability in Employee Search.
    • Lack of support for adding multiple admin email addresses in the Server settings of the Admin tab.
    • The delegated helpdesk technician who has access only to view specific OU is shown the count of all users of Active Directory on the dashboard, erroneously.
    • Erroneous change of default domain to an another domain both in the AD Explorer and the Home tab when it's been selected just for viewing.

    Build 6530 (October 2016)

    New Feature:

    • Computer management and reporting capabilities in mobile apps: If you are on the latest version of ADManager Plus iOS or Android app, you will be able to manage and report on AD computer objects from your mobile devices.

    Enhancements:

    • 'Permissions for folders' report now allows you to:
      • Generate results for multiple folders, shares, or servers at once.
      • Fetch permissions for multiple home folders.
      • View details of the 'members' attribute.
    • 'Folders accessible by accounts' report can now be generated for an entire server.
    • Office 365 reports can now be auto-generated and emailed via the report scheduler.
    • Automation policy includes an option to regenerate the associated report before executing each successive task. That is, in an automation policy where the list of objects to be managed is fetched from a report, you can now regenerate the report right before executing each successive task. Only those objects that are available in both the reports - the one generated at the time of creating the policy, and the new one - will be affected by the automation.
    • 'Send as' permissions can now be set for multiple Exchange users at once, using the 'delivery options' feature under bulk user modification.
    • Help desk technicians can now be prevented from copying a user's attributes or changing the modification template during the user modification process.

    Fixes:

    The following issues have been fixed in this release:

    • Error occurs during single group creation if the members belonging to an OU with special characters in its name are imported from a CSV file.
    • After creating a mailbox in Exchange 2003, if 'migrate mailbox' is selected in the 'more actions' link, it does not redirect to the requested page.
    • If 'subnets accessible by accounts' report containing details of more than one user with the same common name (cn) is exported, the exported report contains the details of only one user.
    • Audit report lists the action as 'create bulk users' even when only a single user is created via workflow.

    Build 6520 (September 2016)

    New Feature:

    • Office 365 account creation for AD users: You can now provision Office 365 accounts, individually as well as in bulk, for the users already present in your Active Directory. As per your need, you can:
      • Create user accounts in Office 365 without assigning licenses.
      • Create user accounts in Office 365 and also assign appropriate licenses.

    Enhancements:

    • The user creation templates will also list the new Office 365 licenses added after the template was created.
    • Naming formats now have enhanced customization options.
    • Option to check for duplicates of attributes such as logon name, mail, etc. during user creation can be enabled from the database.
    • Option to hide or show the 'logon to' option in the login page.
    • Organizational units (OUs) can now be renamed in bulk using the CSV import option.

    Fixes:

    The following issues have been fixed in this release:

    • The order of execution of tasks defined in automation policies getting changed.
    • Legacy mailbox being created during user creation when 'automatic' is specified in the mail server field in a template.
    • Synchronization issue in generating members list in the 'all groups' report.
    • Issues in specifying email addresses using user creation rules.
    • If date value is specified as 'end of a specific date'; in the reports, it is displayed as one day later than the specified date.
    • 'Copy user attributes' option enables a help desk technician to copy all values in the memberOf attribute of a user, including the groups to which the technician doesn't have access permissions.

    Build 6510 (August 2016)

    New Feature:

    • Exchange auto-reply settings: ADManager Plus provides a GUI-based capability to configure automatic replies for the emails sent to your users' Exchange mailboxes, which offers options to:
      • Enable/ disable automatic replies to senders from your organization.
      • Enable/ disable automatic replies to senders from other organizations.
      • Send different replies to senders from your organization and to those from other organizations.
      • Specify the time period during which automatic replies must be sent.
    • Support for custom attributes in computer creation: The existing custom attributes can now be mapped to computer creation as well. Also, new custom attributes can be added while creating computer objects, in single or bulk, using ADManager Plus.

    Enhancements:

    • Workflow has been enriched with the following enhancements:
      • Requesters now get an option to cancel the requests that they create.
      • Email notifications sent to workflow technicians now include a link to access the relevant request instantly.
      • Notification settings now include three new macros using which you can add the reviewer, approver, and executor details in the notification message.
      • All changes made to the objects in a workflow request will now be audited.
    • For the users that will be disabled/ deleted using ADManager Plus, the 'disable/ delete policy' includes the following actions as well:

      When an AD user account is disabled, you can also:

      • Disable the user's G Suite account.
      • Revoke the user's Office 365 license.

      When an AD user account is deleted, you can also:

      • Delete the user's G Suite account.
      • Delete the user's Office 365 license.
    • Option to configure the 'reset password policy' in ADManager Plus database for automatically resetting users? Office 365 and G Suite passwords, whenever their AD passwords are reset.

    Fixes:

    The following issues have been fixed in this release:

    • Error in setting proxy addresses if givenName contains space(s).
    • Inability to assign values for the custom attributes: msExchExtensionCustomAttribute (1-5) and msExchAddressBookPolicyLink.
    • During user modification, the changes made to a user's mail alias not being reflected in the email address, when the recipient policy specifies alias as the local part of email address and the option 'automatically update e-mail addresses based on recipient policy' is selected.
    • Error in user creation with Exchange properties if the user account gets created in one DC and Exchange connects to another DC to configure the Exchange properties, due to a replication issue between the DCs.

    Build 6500 (July 2016)

    New Feature:

    • Smart card authentication: The use of smart cards/ PKI/ certificates has been enabled as additional options for ADManager Plus login. If you have such an authentication system configured in your organization, ADManager Plus can be configured to authenticate users through it, bypassing other first factor methods.
    • Support for Exchange 2016: With this release, ADManager Plus supports management and reporting on Exchange Server 2016 environment as well.
    • G Suite reports: These new reports provide detailed information such as, all users, active users, and suspended users in your G Suite environment.
    • Copy automation: It simplifies the creation of new automations by allowing you to copy the settings of an existing one and eliminating the need to create a new one from scratch. The newly created automation can then be modified, as per requirement.

    Enhancements:

    • Automation now includes the following:

      New tasks:

      • Modify users using templates
      • Disable, disconnect, or delete user mailboxes.
      • Hide from Exchange address lists.
      • Create groups using templates.
      • Create contacts using templates.

      New options:

      • Exclude child OUs from the selected OUs, while specifying the scope of a task that should be executed automatically.
      • 'Run now' to instantaneously run any automation from the list of scheduled automations.
      • 'User can't change the password' and 'set password never expires', while automating the 'reset password' task.
    • While creating a user account in G Suite, its group membership and the organizational unit where it must be located can also be specified.
    • While managing a workflow request that was created via automation policy, an option to remove objects either from that particular request, or from all the requests generated by that automation policy, is provided.
    • Bulk modify templates option allows modification of more fields such as, G Suite, Office 365, and Lync attributes.
    • Report scheduler now includes an option to exclude the child OUs while specifying the OUs for which the reports have to be generated.
    • Using ADManager Plus' iOS mobile app, you can now:
      • View all the workflow requests that you have created.
      • View all open requests, among the requests assigned to you.

    Fixes:

    The following issues have been fixed in this release:

    • Inability to generate 'NTFS permissions for folders' report of a domain when authenticated with its child domain's credentials.
    • In help desk audit reports, SID being displayed in place of distinguished name for a cross-forest group member, when listing group management actions performed by technicians.
    • inetOrgPerson object class not being supported in 'group members' report.
    • Issue in starting the product after service pack installation if database has been migrated to MS SQL.
    • Error in report generation if only multi-valued attributes are selected (in add/ remove columns) to be displayed.
    • In user modification templates, issue in applying a modification rule when 'select container' is specified in the conditions field.