ADManager Plus fixes and enhancements for build 6601 and 6653

ADManager Plus fixes and enhancements for build 6601 and 6653

6653 (October 2018)

Fix:

  • This release fixes the database connectivity issue which affected the performance of product.

6652 (September 2018)

Enhancements:

  • This release includes enhancements to meet the GDPR requirements, and also fixes installation issues.

6651 (September 2018)

Fix:

  • This release includes the fix for Self-XSS and HTML injection vulnerability (CVE-2018-15740).

6650 (September 2018)

New Features:

Integration with Zoho People and Workday:

This integration offers the capability to automatically:

  • Create user accounts in AD, Office 365, Exchange, Skype for Business, and G Suite whenever a new employee record is added in the HR application.
  • Modify users' AD accounts whenever their records are modified from the HR application.
  • Delete users' AD accounts whenever their records are deleted from the HR application.

ServiceDesk Plus integration:

You can now perform the following user management actions from within the ServiceDesk Plus console:

  • Modify Department
  • Modify Manager
  • Add users to group
  • Remove users from group
  • Set folder permissions
  • Remove folder permissions

For enhanced user management, you can perform the following actions using user modification templates:

  • Enable users
  • Disable Users
  • Reset Password
  • Unlock Users
  • Modify Department
  • Modify Manager
  • Add users to group
  • Remove users from group

Enhancements:

  • Enhanced integration with MS SQL and Oracle databases: This allows automated modification or deletion of users' AD accounts whenever their corresponding user records are modified or deleted from Oracle or MS SQL database.
  • Technicians will be able to view and edit GPOs that are linked to delegated OUs only.
  • Automated ADManager Plus license expiry notifications to administrators via email. These emails will be sent everyday starting from 10 days before license expiration.
  • Option to enable email notifications about webinars, seminars, workshops, product release and promotions.

Fixes:

The following issues have been fixed in this release:

  • While generating Permission for Folders report, there is a slight delay in processing the Stop Generation request.
  • If workflow is enabled for automated tasks, the successive task configured in the automation policy gets executed even before the instant tasks are approved.
  • Issue in database backup if temporary tables are present.
  • Unable to generate NTFS reports if the domain name starts with a number.
  • Exported files are not available in specified file format in the storage path.
  • Unable to migrate from MySQL to pgSQL database.
  • XXE vulnerability that occurred while applying the license.
  • While generating detailed group members report, the report does not display the common users of the selected groups.
  • Two factor authentication vulnerability issue.
  • Self-XSS and HTML injection vulnerability (CVE-2018-15609)

6644 (September 2018)

Fixes:

This release includes fixes for multiple Self-XSS and HTML injection vulnerabilities (CVE-2018-15608 and CVE-2018-15609).

6641 (July 2018)

Fixes:

The following issues have been fixed in this release:

  • Unable to export detailed group members and Office 365 reports in XLSX format.
  • Unable to perform advanced search for objects using the AD search functionality.
  • Issue in assigning Email alias value while creating an Office 365 user account.

6640 (July 2018)

New Features:

Integration with Splunk server: Forward Active Directory log data to Splunk server for detailed auditing.

Delegation of Office 365 tenants and G Suite accounts:

  • Delegate Office 365 management and reporting to help desk technicians with the option to assign only specific Office 365 domains and licenses.
  • Delegate G Suite management and reporting to help desk technicians.

New Office 365 group reports to list groups with owner, groups without owner, and size of groups in Office 365.

Enhancements:

  • GPO enhancements:
    • Option to rename the GPOs.
    • Option to copy existing GPO links of domains or sites while creating new GPO links.
  • When the distinguished name of an OU, group, or user attribute is changed in AD, it will be updated in ADManager Plus templates and workflow requests automatically in the appropriate fields (container, memberOf, and manager).
  • Automate the execution of approved workflow requests using scheduler.
  • View NetApp server permissions also using NTFS reports.

Fixes:

The following issues have been fixed in this release:

  • Unable to update correct legacyExchangeDN value if umlaut characters are present in the full name attribute.
  • Unable to search the help desk audit report using action name, action category, or module used fields.
  • Issue in generating reports through scheduler.
  • Issue in showing or hiding the option to trust the browser for 180 days while configuring OTP via email in two factor authentication.
  • Requesters having OU restriction will be unable to create requests to modify user using template in workflow if the container is not specified in the template.
  • Issue in setting logon restrictions for accessing computers in Modify User by Template request in workflow.

6633 (June 2018)

Enhancements:

This build includes the following enhancements to comply with the General Data Protection Regulation (GDPR).

Settings to help ADManager Plus users comply with the GDPR

  • User will be prompted for consent while integrating with third party applications.
  • While adding custom LDAP attributes, administrators can specify if the LDAP attribute belongs to PII (Personally Identifiable information) category.
  • During deletion of techncians, you can enable the option to anonymize the technician's name displayed in the audit report.
  • Password protection for exported reports, database backup, and archived audit report files.

Enhancements for ADManager Plus to be compliant with the GDPR

  • Technicians' passwords stored in the database are encrypted using bcrypt algorithm.
  • Database access via command prompt or client tool is secured with a password.
  • Privacy settings for the GDPR are enabled by default for customers in the European Union.
  • Report export and CSV file import actions are audited.
  • Sensitive information such as email server and email addresses are masked in the UI of connection settings.

6632 (May 2018)

Enhancements:

Single sign-on to ADManager Plus using SAML authentication: You can set up single sign on to access ADManager Plus through any of these popular identity providers.

  • Okta
  • OneLogin
  • Ping Identity

Besides these, you can also use a custom identity management solution.

6631 (April 2018)

Highlights of Build 6631

New Features:

Zendesk integration: Help desk technicians can create users in Active Directory, Office 365, Exchange Server, Skype for Business, Lync, and G Suite from the Zendesk console.

They can also perform the following user management actions from within the Zendesk console:

  • Reset passwords
  • Enable or disable user accounts
  • Unlock user accounts
  • Delete user accounts

Enhancements:

  • Active Directory management add-on license: ServiceDesk Plus customers can avail the AD management add-on license which allows help desk technicians to execute important AD user management actions from within the ServiceDesk Plus console.

Fixes:

The following issue has been fixed in this release:

  • While processing a single user creation request, the approver is unable to view the email address entered by the requester.

6630 (March 2018)

Highlights of Build 6630

New Features:

  • Office 365 group creation: Create distribution groups, mail enabled security groups and regular Office 365 groups in bulk using CSV files.

Enhancements:

  • After generating Office 365 group members report, you can filter the data to view only members of specific groups.
  • Option to execute custom script on successful creation and modification of room and equipment mailboxes.
  • Supports management of Office 365 tenants configured in independent Azure cloud deployments, including Azure Germany and Azure China.
  • While removing NTFS permissions for folders, you can now preview permissions before updating the changes in Active Directory.
  • Remove Send As and Send on Behalf permissions in Exchange Online for multiple mailboxes.

    Help desk role:

    1. Delegation of NTFS and share permissions modification rights to technicians is now granular and includes options such as include inheritable permissions from this object's parent and more.
    2. While assigning permissions to generate reports to the technicians, you can allow or deny the permission to use report scheduler.

    Workflow:

    1. Option to resend a failed user or contact creation request or rejected request by the requester for processing it again.
    2. Super admin can assign unassigned requests to any specific technician.

Fixes:

The following issues have been fixed in this release:

  • Path traversal and DoS attack vulnerabilities.
  • Unable to view archived audit reports.
  • Unable to update primary email address for mail enabled users and contacts.
  • Email notifications are not sent after performing bulk management actions using CSV file.
  • Unable to set mailbox delegation properties such as full access rights, send as and send on behalf for Office 365 shared mailboxes.
  • Unable to save HTTP Request Headers while configuring custom SMS provider settings.
  • Unable to enable hide from Exchange address list in group modification.

Build 6622, 6623 (March 2018)

Fixes:

The following issues have been fixed in this release:

  • Error in exporting reports if the attribute values begin with +, -, =, or @.
  • SIP URI field in Skype for Business/Lync Server settings is set as a mandatory field in system template even though it is not mandatory.
  • Error while modifying previously configured delete/disable policy.

Build 6621 (February 2018)

Fixes:

The following issue have been fixed in this release:

  • For greater security, logging of audit data to a flat file will be disabled by default.

Build 6620 (February 2018)

New Feature:

  • RSA SecurID-based authentication:
    You can now use RSA SecurID as an option for Two Factor Authentication (TFA) for secure access to ADManager Plus.
  • Single Sign-On to logon to ADManager Plus:
    Users can access ADManager Plus by just logging on to their Windows machines, by enabling Single Sign On.
  • Configure Auto reply in Office 365:
    Enable, disable, or schedule auto reply for the Exchange Online mailboxes of multiple users. You can also set separate messages for internal and external users.

Enhancements:

  • Remove group memberships while modifying users, computers, groups and contacts and remove proxyAddresses for users, groups and contacts in bulk using CSV file.
  • Update the manager field for users, computers, groups and OUs using sAMAccountName in CSV file while modifying them in bulk.
  • Auto reply can be configured for users using modification templates in single user modification.

Notification:

  • You can create notification profiles exclusively for OUs.
  • While viewing scheduled automation, reports, and advanced reports, you can now use filters to view only the ones created by you, shared by you, and shared to you.

Export user mailbox: You can use delete policy to automatically export user mailboxes as a PST file to the specified location before deleting the Active Directory user accounts. You can also track the status of the export mailbox operations with Mailbox Export History option.

Skype for Business/Lync:

  • Modify users' Skype for Business/Lync properties using the single user modification feature.
  • Assign mobility policy for users in Skype for Business/Lync Server 2013 and above using templates during single user creation and modification.
  • Modify users' Skype for Business/Lync policies such as Location, Client version, Client, PIN, Mobility, External access in bulk user modification.

Fixes:

The following issues have been fixed in this release:

  • Unable to update user photos to exchangePhoto attribute in bulk user modification.
  • Unable to edit, create or delete GPO if LDAPS feature is enabled in connection settings in ADManager Plus.
  • Users not listed while configuring auto reply settings using bulk user management feature.
  • Error in configuring multiple email addresses for administrator in Email server settings.
  • Unable to configure HTTP Request Headers in SMS gateway settings in Admin settings.
  • Error in displaying the owner name in Shares in the servers report.
  • Unable to change templates while processing workflow requests.
  • Technician's name displayed as ADManager Plus Admin even if actions were performed by other help desk technicians through workflow module in help desk audit report.
  • CVE-2017-17552 (URL redirection and CSRF) vulnerability.

Build 6613 (January 2018)

Highlights of Build 6613

New Feature:

  • Office 365 users' last logon report:

    This report displays logon-specific details such as the last logon and last logoff times of Office 365 users, along with details such as the licenses assigned to them and more.

Enhancements:

  • Manage O365 users' licenses and Exchange Mailbox settings from inactive users report:

    Right from the inactive Office 365 users report, it is now possible to assign, remove or revoke Office 365 licenses and also manage Exchange Mailbox settings, such as Mailbox delegation, Hide from address lists, Add additional Email addresses and more, of Office 365 users.

Build 6612 (December 2017)

Highlights of Build 6612

Enhancements:

  • Option to execute a custom script on successful contact creation and modification, and group modification also.
  • You can now enable the Protect object from accidental deletion option while creating and modifying objects (user, computer, group, contact) individually or in bulk.
  • While creating dynamic distribution groups, you can use Telephone number and Other telephone also in the conditions to decide the recipients.
  • While creating and modifying objects, you can now import a CSV file to specify values for memberOf field.
  • Modify the credentials of the Office 365 account specified in ADManager Plus Office 365 settings.
  • When a help desk technician is created, the selected user's email address and description in AD are auto-updated in the technician's profile. They can be changed whenever needed.
  • Select the desired DAG while creating users Exchange mailboxes via bulk user modification, workflow, and automation features
  • In account creation and modification templates, you can now:
    • Edit the rules already configured in account creation and modification templates.
    • Append new groups to the values already configured in the memberOf field in existing creation and modification templates.
    • Rule-based value assignment can now be performed for logon name, custom attributes, terminal user settings, and more.

Fixes

The following issues have been fixed in this release:

  • Unable to update the value for mAPIRecipient custom attribute configured in ADManager Plus while creating mail-enabled contacts using CSV file.
  • Unable to update manager field using sAMAccountName in CSV file import.
  • Incorrect time displayed for execution of successive tasks configured in automation policy in the workflow requests section.
  • Unable to delete or disable mailbox(s) from mailbox-enabled users report.
  • Executors unable to edit or view some of the workflow requests.
  • Requests not displayed in the All requests page in workflow while using the MS SQL as the product database.

Build 6611 (December 2017)

Highlights of Build 6611

New features:

ADManager Plus strengthens its Office 365 management and reporting with these new capabilities:

  • User management: Reset passwords, block and unblock Office 365 users in bulk.
  • Exchange Online mailbox management:
    • Manage the mailbox features, permissions, and retention policies of users' mailboxes
    • Delegate shared mailboxes and manage retention policies.

Office 365 reports: Adds exclusive reports on dynamic distribution groups and their members.

You can also delegate the new Office 365 management and reporting capabilities to help desk technicians. Also, for enhanced user experience, all Office 365 related capabilities are now placed under an exclusive Office 365 tab.

Fixes

The following issues have been fixed in this release:

  • Unable to export reports if the logo file is not found.
  • Selected group(s) not being displayed while viewing or editing schedule settings for advanced reports.
  • Unable to reject workflow request if the user is added as an executor and not an approver.
  • Unable to access the calendar for setting the execution time while configuring a new automation.

Build 6610 (November 2017)

New feature:

  • Custom Report builder:

    The new version of ADManager Plus allows you to create Active Directory reports specific to your needs. While creating custom reports, you can

    • Choose specific domains, and OUs for which the report has to be generated.
    • Create reports for any of the objects such as users, groups, computers, and contacts
    • Group the custom reports into different categories.

The solution also offers the ability to modify or delete the custom reports and delegate the reports to relevant help desk technicians.

Enhancements:

  • Help Desk - Reset Password Console option in the home page has an additional option to generate Random Password in the Reset Password actions

Automation:

  • Notifications: Email and SMS alerts to notify users about the execution of any automated task.
  • Group management: Automated group membership management just got better with new actions such as Add groups and Remove groups.
  • User management: Option to automate user management via Office 365 reports.
  • Office 365 license management: You can now automatically remove the Office 365 license assigned to users, at the desired time.

Business Workflow:

  • Multiple business workflows: Create and use as many workflows as needed, for monitoring the execution of different types of AD tasks.
  • Integrated request assignment and notification rules: Set the assignment and notification rules, easily and quickly, in a single operation.
  • While setting rule criteria, you can now set a rule based on the domain name in Assigning Rules in Workflow

Fixes

The following issues have been fixed in this release:

  • While running a custom script configured in Delete policy while deleting users, you can now retrieve the department name of the deleted user(s) apart from the samAccountName of the user(s).
  • Error in Exchange mailbox database quota values if the mailbox has "Use the default database quota".
  • Unable to enter case-sensitive values in Titles & Departments and Offices & Companies in Admin settings.
  • Error in naming the licenses in Assign Licenses field in user creation
  • When the country code is entered, the product populates the wrong country in user and contact creation
  • Unable to receive SMS notification on account unlock
  • In syslog integration, the technician's name was missing in the help desk audit report.
  • ADMP-SDP integration has an authorization error in SDP if the technician is deleted and recreated in ADMP with the same set of credentials.

Build 6602 (November 2017)

Fixes

  • Issue in delegating linked mailbox creation templates to groups.
  • Issue in enabling auto-mapping option for users' Exchange mailboxes using the Set Mailbox Rights feature.

Build 6601 (October 2017)

New feature:

Office 365 Management:

  • Standalone Office 365 user provisioning: You can now create user accounts in Office 365 without having to provision AD accounts.
  • Separate UPN for Office 365 users: You can set a separate User Principal Name for Office 365. If not mentioned, the default UPN will be the logon name.
  • Support for new Exchange Online attributes: You can configure new attributes such as E-mail Alias, Litigation Hold and In-Place Archive in Office 365 properties in single and bulk user creation and Office 365 account creation for AD users.

Linked Mailbox Management:

  • You can configure Single Linked Mailbox supported by Linked Mailbox Creation Template in mailbox management.

Contact Management:

  • You can modify the group attributes of the contacts by adding or removing them from groups.

ADManager Plus adds Turkish language to the list of non-English languages it supports.

Enhancements:

Office 365 Management and Reporting:

  • You can now filter the Office 365 users based on licenses in Office 365 reports and management actions such as Assign/Remove Licenses.
  • OU filter can be applied while performing Exchange Online management actions such as Mailbox Delegation, Hide from address list and Email forwarding in Office 365 management.
  • Exclude active AD users from inactive Office 365 users report: You can now generate Office 365 inactive users report with some AD data. Option to exclude active AD users from inactive Office 365 Users report if the configured Office 365 tenant/domain is directory sync enabled is available.

Automation:

  • User Automation:
    • In Reset Password action, you have an option to generate 'Random Password'.
    • You can perform new tasks such as Delete Home folder and Disable Lync.
    • The Auto Reply feature can be enabled or disabled and you can configure automatic replies to be sent inside or outside the organization within customizable timelines.
  • The Contact Automation category supports new tasks such as Move Contact, Add To Group and Remove from Group.
  • You can now automate the task of running custom scripts in Computer Automation category.
  • While setting time period for successive tasks execution in the Automation policy, you can set time period in terms of hours.

User Management:

  • While implementing Delete/Disable User Mailbox in Exchange, you have the option to display users list for multiple mail servers so you can perform management actions on multiple mailbox users.
  • While modifying users with CSV, you can now locate the user with samAccountName attribute for the manager in addition to the Distinguished Name.
  • While setting rules in User Creation and Modification template you can now use the new field 'Description' while setting conditions for creating users and a new attribute of 'Logon Script' has been added to the Assign Values section.
  • The user photos for AD and Exchange can be managed in User Creation and User Modification template with support of high resolution photos of Exchange users. The photo will be resized automatically if the uploaded photo is greater than the size limit of the corresponding attribute in AD.

Reports:

  • The All Users report can now display the attribute 'Home Drive' of the users.
  • The Permissions for Folders report can now display the attribute 'Display name'.
  • Now you can send passwords to other stakeholders such as user's manager, any technician and the admin apart from the user for any password related management actions in the notification profile.

Shared mailbox creation:

  • You have an optional feature to auto map the Shared Mailbox to any mailbox to which a user has full access permissions.
  • You can now set a custom script to be executed on mailbox creation.

Fixes:

The following issues have been fixed in this release:

  • When disabling a user, there was an error in moving Macintosh folders with lengthy path configured in the disable policy.
  • Even after the automation task was disabled, the configured successive tasks were executed.
  • Unable to select contact creation templates while assigning templates for requesters for non-English languages.
  • Include/Exclude groups feature in modifying help desk technician in AD delegation was not working in Modify Single Group list.
  • If the update user was done before memberOf completes loading, the group membership was deleted in AD
  • Error in generating Permissions for folder report when more than 100 folders are selected.
  • Unable to see the mail contacts while trying to configure 'Forward to' for a user mailbox in user creation through ADManager plus.
  • While mailing Office 365 License details report, the attachment containing the report was not sent.
  • While modifying users using CSV in Automation, the product will locate the user(s) with the help of unique attributes such as userPrincipalName, Distinguished Name or samAccountName and make the desired changes.
  • Similar to AD, users without Delete SubTree permission can now delete users using ADManager Plus.
  • The Office 365 users created using ADManager Plus not displayed while performing the Office 365 management actions.