What's new in ManageEngine ADSelfService Plus 6.4 Build 6408
Apr 19, 2024
- Issue fixes:
- An issue caused by duplicated authenticator priority values, resulting in the update of ADSelfService Plus from version 6221 to 6403 to fail, has been fixed.
- An issue that prevented the modification of password expiry notifications in languages other than English upon updating ADSelfService Plus from build 6213 or earlier, has now been fixed.
- An issue causing an existing domain to disappear from ADSelfService Plus' UI when an administrator attempted to add a domain controller with the same name as the domain, has now been fixed.
New in ManageEngine ADSelfService Plus 6.4 Build 6407 (Apr 16, 2024)
- Features:
- New reports for deeper insights: ADSelfService Plus now offers fourteen new reports that provide deeper insights on user behavior pertaining to MFA usage and self-service actions.
- MFA Audit Reports: This section provides comprehensive reports that audit all user actions related to enrollment and MFA, including MFA usage from mobile devices, MFA failure reports, browsers and devices trusted for MFA, and the utilization of backup codes.
- Password Self-Service Reports: This section offers insights into users' password self-service actions, including password resets, the delivery of password expiry notifications, account unlocks, and information on current and previously blocked users.
- Agent Reports: This section offers information pertaining to the installation of the login agent on machines in the domain. These reports were previously available under the GINA/Mac/Linux Installation section of the product console.
- SSO for ManageEngine applications: Provide one-click, secure, passwordless access to ManageEngine applications like Endpoint Central, ADAudit Plus, PAM360, and more, through SAML SSO.
- Enhancements:
- ADSelfService Plus now allows the configuration of RADIUS response attributes that determine the user groups or roles for VPN connections, or other purposes.
- Conditional Access policies can now be applied to VPN connections protected by MFA.
- Enrollment Notifications sent via SMS can now be configured for users opting for Quick Enrollment.
- ADSelfService Plus now allows admins to have granular control over the notifications generated for different enrollment or self-service actions.
- Admins can now receive notifications about unsuccessful user access attempts.
- Users can now be restricted from enrolling for MFA using an email or mobile number that has already been used for enrollment by another user.
- Policy Names and Conditional Access Rules pertaining to users attempting MFA are now audited, and can be viewed as part of MFA audit reports.
- The Password Synchronization feature now supports Oracle's multitenant architecture.
- Admins can now configure soon-to-expire password SMS notifications for users' secondary mobile numbers.
- Users' linked accounts can now be automatically unlocked upon successful password resets.
- Email notifications can now be sent to administrators when ADSelfService Plus restarts after a downtime period.
New in ManageEngine ADSelfService Plus 6.4 Build 6406 (Mar 29, 2024)
- Enhancement:
- The Tomcat version has been upgraded to 8.5.99.
- Issue fixes:
- An issue that occurred when logging in using Citrix Workspace in a machine with the ADSelfService Plus Windows login agent installed has now been fixed.
- An issue on macOS version 12 where the login agent freezes when using Duo MFA has been fixed.
- An issue in upgrading from builds 6400 and 6401 when syslog is configured for log forwarding in ADSelfService Plus through ManageEngine AD360 has now been fixed.
- Login failure in Windows machines caused by exceeding the idle timeout limit has now been fixed.
- An issue in synchronizing passwords that contain HTML characters using a custom script has been resolved.
- An issue causing the CSS parser JAR file to be duplicated when upgrading from builds 5806 and below has been fixed.
- An issue with displaying the customized text added in the Language Customization page has now been fixed.
- An issue with the "Trust this machine" option not functioning as intended during high user login attempts has now been fixed.
New in ManageEngine ADSelfService Plus 6.4 Build 6405 (Mar 8, 2024)
- Feature:
- Just-in-Time user provisioning for applications: ADSelfService Plus now supports SCIM-based Just-in-Time user provisioning for Assetsonar, Monday.com, Peakon, Slack, and more applications.
- Issue Fixes:
- An issue causing an Invalid access URL error while authenticating with Duo Security from the ADSelfService Plus mobile site has been fixed. This issue occurred when ADSelfService Plus was utilizing a reverse proxy set up on a separate machine.
- An issue that prevented access to ADSelfService Plus via any shortcut icon when the product was already running has now been fixed.
- An issue with the enforce enrollment login script that affected the working of the Duo Universal prompt when ADSelfService Plus was using the default port for HTTP or HTTPS connections has now been fixed.
- An issue that caused an Invalid Request error when setting up mail configurations on non-English deployments of ADSelfService Plus has now been fixed.
- An issue causing the Tenant ID value in OAuth mail configurations to disappear upon integrating ADSelfService Plus with AD360, has been fixed.
- An issue that caused OAuth SSO login failures while using the PKCE code challenge has now been fixed.
New in ManageEngine ADSelfService Plus 6.4 Build 6404 (Feb 20, 2024)
- Enhancements:
- REST API-based integration support has been provided for the RSA authenticator.
- The RSA authenticator now supports policy-based configuration.
- A Username Pattern has been introduced for RSA authentication to efficiently manage issues caused by multiple domains having similar usernames.
- Issue Fixes:
- The ADSelfService Plus MFA connector for OWA MFA can now be installed on Domain Controllers.
- An issue which prevented users from uploading their AD photo attribute using the directory self-update feature when the file extension of the image was in uppercase letters has been resolved.
- An issue that prevented password changes and resets using the ADSelfService Plus mobile site if the password contained a unicode character, despite the password policy mandating it, has now been fixed.
- An issue that prevented initial logins to machines using the manually-installed login agent when the ADSelfService Plus server was inaccessible, has now been fixed.
- A loading issue that domain technicians without a designated policy experienced while attempting to access ADSelfService Plus from AD360 has been fixed.
- An issue that prevented SMTP settings from being saved if the admin's display name had more than one space has now been fixed.
- An issue caused while configuring a High Availability deployment of ADSelfService Plus with an external PostgreSQL database has now been fixed.
- An issue that prevented attachments with the .docs extension from being sent with emails from ADSelfService Plus has now been fixed.
- An issue that prevented the Mobile App Deployment page from loading when the Domain Name began with a numeral has now been fixed.
- An issue that caused the Access URL to revert to the hostname when an SSL certificate was applied has now been fixed.
- Issues with password changes and resets using the SHA-1 algorithm for the OpenLDAP and 389 Directory Server have now been fixed.
- An issue that caused the login agent to display a Server Unreachable error when ADSelfService Plus had a Context Path configured has been fixed.
- An issue that caused incorrect search results to be displayed while searching for computers under the Conditional Access section has now been fixed.
- An issue that caused restricted users to consume licenses while attempting password resets or account unlocks from the self-service portal has now been fixed.
New in ManageEngine ADSelfService Plus 6.4 Build 6403 (Feb 12, 2024)
- Feature:
- FIDO Passkeys for phishing-resistant MFA: FIDO-compliant device-authenticators like Windows Hello, Apple Face ID/Touch ID, Android Biometrics, and security keys like YubiKeys, Google Titan Keys etc., can now be used to protect access to applications for a secure, passwordless experience.
New in ManageEngine ADSelfService Plus 6.4 Build 6402 (Jan 10, 2024)
- Enhancement:
- The Spring Framework JAR files used in the product have been updated to version 5.3.28.
- Issue Fix:
- An authenticated RCE security vulnerability (CVE-2024-0252) in the load balancer component of ADSelfService Plus has been fixed. This vulnerability was reported by Joe Zhoy.
New in ManageEngine ADSelfService Plus 6.4 Build 6401 (Dec 28, 2023)
- Issues Fixed:
- An LDAP injection issue that occurred during passwordless logins to ADSelfService Plus has now been fixed.
- An issue that caused an Invalid Request error when users updated their AD attributes using the directory self-update feature has now been fixed.
- The maverick-legacy-client-all.jar file used in the product has been updated to version 1.7.56 to fix the CVE-2023-48795 security vulnerability.
New in ManageEngine ADSelfService Plus 6.4 Build 6400 (Dec 12, 2023)
- Enhancement:
- The public key certificate used while upgrading the service pack has been updated.
New in ManageEngine ADSelfService Plus 6.3 Build 6309 (Nov 25, 2023)
- Feature:
- Offline MFA protection for macOS: Logins to macOS machines can now be secured using MFA even when users lack internet connectivity or are not connected to the corporate network.
- Enhancements:
- macOS Sonoma is now supported by the macOS Login Agent.
- I18N support has been added to macOS login agent. The supported languages are English, French, Chinese (Simplified), German, Japanese, Polish, Spanish, and Turkish.
- Issue Fixes:
- A script error that occurred when a user enrolled for offline MFA was deleted from Active Directory and another user attempted to log into their machine, has now been fixed.
- An issue in updating VPN cached credentials using a service account has now been fixed.
New in ManageEngine ADSelfService Plus 6.3 Build 6308 (Nov 21, 2023)
- Issue fixes:
- An issue where the username field was empty in User Attempts Audit report for invalid login attempts has now been fixed.
- An issue where search results in the Security Questions report were not displayed properly has now been fixed.
- An issue where the Licensed Users report was not generated when Enable user disclaimer in the Login settings was checked has now been fixed.
- An issue where the GINA installation report was not generated when using MS SQL as the database has now been fixed.
- An issue where custom attribute data containing Unicode characters was not displayed correctly when using an external MS SQL database has now been fixed.
- An issue where acknowledgement email notifications were not sent based on the priority of mail attributes has been fixed.
- An issue where mobile numbers in languages that use the RTL format were not displayed properly when Partially hide Email ID/Mobile No. on MFA pages was enabled in Advanced MFA has now been fixed.
- An issue where Trust this browser option in Advanced MFA settings did not work when attempting to log in as default Admin has now been fixed.
- An issue where the Account Expiry custom attribute value displayed a random value when set to Never Expires has now been fixed.
- An issue where the employee search was not functioning on the login page has now been fixed.
- An issue where the Duo MFA page was being blocked when the server name configured in the access URL has different letter case than the URL used to access the product has now been fixed.
- An issue in high availability (HA) configuration, either while using an MSSQL database or while employing an MSSQL database as a failover cluster setup, has now been fixed.
New in ManageEngine ADSelfService Plus 6.3 Build 6307 (Oct 26, 2023)
- The vulnerable JSON library (CVE-2023-5072) used previously in the product has been upgraded to the latest version 20231013.
New in ManageEngine ADSelfService Plus 6.3 Build 6306 (Oct 11, 2023)
- Features:
- Duo Universal Prompt Integration: ADSelfService Plus now supports Duo's Universal Prompt for identity verification from both the web console and the mobile app.
- Note: ADSelfService Plus' OWA connector needs to be updated to the latest version for proper functioning of Duo's Universal Prompt for OWA MFA. Please find the steps here.
- Integration with ManageEngine Log360: ADSelfService Plus can now be integrated with ManageEngine Log360, the unified SIEM solution for effective security analytics. This integration also helps meet specific compliance requirements such as FedRamp's M-21-31 by facilitating central log store and audit of application access logs.
- Enhancements:
- The same AD attribute can now be configured as the answer to multiple questions for authentication using AD Security Questions.
- An option to search for login agent versions is now available in the Installed Machines Report.
- The login agent installation scheduler now supports sending the Installed Machines Report to Technicians via email.
- The Password Policy Enforcer now supports restricting users from using the values of their AD attributes as their passwords.
- Issue fixes:
- An issue that caused MFA for OWA logins to fail upon encountering multiple access requests simultaneously has now been fixed.
- An issue where SMTP settings could not be saved when the From address' Display Name contained space characters has now been fixed.
New in ManageEngine ADSelfService Plus 6.3 Build 6305 (Sep 14, 2023)
- Issue Fixes:
- An issue that allowed logins to the admin portal on machines where IP Restriction was enabled for admin logins has now been fixed.
- A random SQL Query Blocking issue that occurred in the MS SQL database after scheduled AD synchronization has now been fixed.
- An issue that caused logins to be slow when a large number of domains were configured has now been fixed.
- An issue that prevented access to the Enrollment tab for users under a policy in which password resets and account unlocks were not enabled has now been fixed.
- An issue that caused the Help option in the end-user portal to be hidden has now been fixed.
- An issue that prevented the deletion of users who were under unOwned licenses has now been fixed.
- An issue where the users' time of enrollment was not displayed in the user portal if they had been enrolled by an admin has now been fixed.
- An invalid date/time issue that occurred during report generation if the date and time format of the domain controller was set to the Thai calendar has now been fixed.
- An issue that caused garbled display names to be sent in emails from the product while using languages other than English has now been fixed.
- An issue caused by slow connections between the product and domain controller has now been fixed.
- An issue which prevented OAuth settings from being saved if the hostname in the Login URL used ended with .local has now been fixed.
- An issue which caused the Service Provider's OAuth configuration to fail when the OAuth response type was enforced has now been fixed.
- An issue that prevented the login agent from being installed using Windows Management Instrumentation (WMI) has now been fixed.
New in ManageEngine ADSelfService Plus 6.3 Build 6304 (Aug 25, 2023)
- Enhancements:
- Mail server settings in the product now support Modern Mail Authentication.
- Cached credential update over VPNs can now be configured using a service account.
- The password change process can now be secured using CAPTCHA verification.
- The OU Popup in the product has now been enhanced to seamlessly display several thousands of organizational units.
- The login agent now supports MFA processes and self-service password reset/account unlock actions when a context path is configured.
- The Tomcat version used in the product has been upgraded to 8.5.91.
- Issue Fixes:
- An issue where Offline MFA was not triggered when a reverse proxy was used and the ADSelfService Plus server was unreachable has now been fixed.
- An issue with the login agent that caused an extra login attempt to be made with an empty password during RDP logons has now been fixed.
- An issue where Endpoint MFA logins on Windows machines failed if the sAMAccountName of the user had a space has now been fixed.
- Other Changes:
- For security reasons, SSL has been mandated for connections between the login agent and the ADSelfService Plus server, from build 6304.
New in ManageEngine ADSelfService Plus 6.3 Build 6303 (Jun 27, 2023)
- Issues fixed:
- An issue in build 6302 which caused a problem in the functioning of configured custom SAML applications has now been fixed.
- An issue which prevented users from adding a domain controller with '_' in its name has now been fixed.
- An issue in showing the display name of domains when reports were exported has now been fixed.
- An issue that caused the scroll bar to be missing when editing the self-update layout drop-down field has now been resolved.
- The Microsoft 356/Azure application logo has now been updated.
New in ManageEngine ADSelfService Plus 6.3 Build 6302 (Jun 22, 2023)
- Issue fixes:
- A response code mismatch in the error message for API failure has now been fixed.
- An issue that caused the ADSelfService Plus mobile site to not load when only Self Update and Change Password were enabled under the Policy Configuration settings has now been fixed.
New in ManageEngine ADSelfService Plus 6.3 Build 6301 (Jun 1, 2023)
- Enhancements:
- macOS Ventura is now supported by the macOS Login Agent.
- A user belonging to multiple domains can now use the same YubiKey device for authentication.
- Password eye icon support is now provided for the password field.
- The Embed Dashboard widget URL can now be generated with an access token to ensure security.
- Issue Fixes:
- An issue where the Password Sync for MS SQL could not be saved when Windows Authentication was selected has now been fixed.
- An issue in the High Availability configuration that occurred when the parameter length exceeded 5000 characters has now been fixed.
- An issue where the password reset acknowledgement mail was sent via the SMS SMTP server instead of the SMTP Server configured in the email settings has now been fixed.
- An issue where WMI access was denied after the Microsoft security update while installing the Windows Login Agent has now been fixed.
- An issue where the Mobile number selection page was shown during endpoint MFA even when Skip the Choose Email Address/Mobile Number step and auto-trigger the verification code option was enabled has now been fixed.
- An issue that caused endpoint MFA on macOS to fail when a language other than English was set has now been fixed.
- An issue with the High Availability configuration that caused a different product configured error to be thrown when the password contained + or - characters has now been fixed.
- A brute-force vulnerability in the verification code entered during enrollment and TFA authentication has now been fixed.
- Issues fixed:
- A minor performance issue in the web portal's (including login agent's) initial loading process has now been fixed.
- A mismatch between the non-enrolled user count displayed on the product's Dashboard and the Non-Enrolled Users Report has now been fixed.
- An issue in the Password Policy Enforcer that prevented spaces from being recognized as special characters by the Windows Login Agent during password resets has now been fixed.
New in ManageEngine ADSelfService Plus 6.3 Build 6300 (Apr 27, 2023)
- Feature:
- Offline MFA protection for the remote workforce: Logging into Windows machines, RDP machine logons, and UAC elevation prompts that require credentials for privileged actions can now be secured using MFA even when users lack internet connectivity or are not connected to the corporate network.
- Enhancement:
- Admins can now enable user enrollment for all mandatory MFA factors immediately upon successful verification during logins to cloud applications, portal logins, password resets, or account unlocks.
- Issue Fixes:
- A minor performance issue in the web portal's (including login agent's) initial loading process has now been fixed.
- A mismatch between the non-enrolled user count displayed on the product's Dashboard and the Non-Enrolled Users Report has now been fixed.
- An issue in the Password Policy Enforcer that prevented spaces from being recognized as special characters by the Windows Login Agent during password resets has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6221 (Apr 3, 2023)
- Enhancements:
- The Single Sign-On and MFA modules now include options to encrypt the SAML assertion and choose between a signed or unsigned SAML request and response when ADSelfService Plus is the service provider.
- An option to regenerate the SAML signing certificate has now been provided.
- Issue Fixes:
- An issue in the Password Sync Agent that caused the sync operation to the ADSelfService Plus server to fail has now been fixed.
- An issue where password changes from the native ADUC portal did not reflect in ADSelfService Plus' audit reports has now been fixed.
- An issue where reports exported in Turkish contained additional spaces has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6221 (Apr 3, 2023)
- Enhancements:
- The Single Sign-On and MFA modules now include options to encrypt the SAML assertion and choose between a signed or unsigned SAML request and response when ADSelfService Plus is the service provider.
- An option to regenerate the SAML signing certificate has now been provided.
- Issue Fixes:
- An issue in the Password Sync Agent that caused the sync operation to the ADSelfService Plus server to fail has now been fixed.
- An issue where password changes from the native ADUC portal did not reflect in ADSelfService Plus' audit reports has now been fixed.
- An issue where reports exported in Turkish contained additional spaces has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6220 (Mar 16, 2023)
- Issue Fixes:
- An authentication issue involving partially enrolled users has now been fixed.
- An issue in the Windows Login Agent which prevented users from accessing Outlook, SharePoint and shared resources from machines running Windows 10 and above has been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6219 (Mar 10, 2023)
- Issue Fixes:
- An issue where the Force Enrollment using Logon Script configuration would fail when the Window Title exceeded 50 characters has now been fixed.
- An unsupported authenticator issue that caused OWA logins via the mobile site to fail has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6217 (Feb 16, 2023)
- Issue Fixes:
- An issue where the Windows Login Agent failed to update while installing it via GPOs has now been fixed.
- MFA issues in the Windows Login Agent caused by mismatched UPN logins, and a few other crashes have now been fixed.
- An issue in the NPS extension for VPN MFA has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6216 (Jan 19, 2023)
- Enhancement:
- The jQuery UI used in the product has been updated from version 1.10.0 to 1.13.2.
New in ManageEngine ADSelfService Plus 6.2 Build 6215 (Jan 6, 2023)
- Enhancement:
- Support for HTTP SMS macros: The following macros are now supported for the HTTP method under custom SMS provider settings:
- %uniqueId%: To send a random integer as a unique ID for each message request
- %currentTime%: To send the current timestamp of the message request
- %expiryTime%: To specify the time at which the message request expires
- Issues fixed:
- An issue that caused admin login failure in the TOR browser when an admin portal restriction based on IP address was configured has now been fixed.
- An issue that caused password sync failure with the SAP NetWeaver application due to password policy mismatch has now been fixed.
- OAuth/OIDC issues caused due to mismatched formatting in the well-known configuration and issuer URLs, and invalid Key ID token responses sent to target applications has now been fixed.
- OIDC SSO login failure during IdP-initiated SSO has now been fixed.
- An issue that occurred while attaching files in the On Specific Day and Password Expiry Notification email editors has now been fixed.
- An issue in which OWA was not functioning when IP restriction was imposed via a conditional access policy has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6214 (Dec 17, 2022)
- Issue fixed:
- Prevented the password macro from being used in the admin/manager email notification after a password reset or change operation.
New in ManageEngine ADSelfService Plus 6.2 Build 6213 (Dec 15, 2022)
- Security issue fix:
- The login agent APIs have now been secured with an installation key and an agent-specific access key.
New in ManageEngine ADSelfService Plus 6.2 Build 6212 (Nov 15, 2022)
- Feature:
- Hardware TOTP token support: Hardware tokens such as Protectimus hardware TOTP token, Deepnet Security hardware token can now be configured as a custom TOTP authenticator for identity verification.
- Enhancements:
- SMS and email verification support for VPN MFA: SMS and email verification can now be configured as an authenticator for VPN MFA.
- Bulk enrollment support for authenticators: Admins can now enroll end users for Google Authenticator, Microsoft Authenticator, Zoho OneAuth TOTP authenticator, and custom TOTP authenticators through bulk enrollment either using a CSV file or through a database fetcher.
- An option to skip the Select your mobile number/email address drop-down in the MFA verification page for SMS and email verification has now been included.
- Issue fixed:
- An issue in the working of Linux agent (Cent OS 7) has now been resolved.
New in ManageEngine ADSelfService Plus 6.2 Build 6211 (Oct 28, 2022)
- Enhancement:
- The third-party xmlsec JAR files in the product have been upgraded to version 2.3.0.
- Issue fix:
- The forced enrollment using login scripts feature didn't work for partially enrolled users This issue has been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6210 (Oct 21, 2022)
- Enhancements:
- Notification Center: To ensure product security, a notification center has now been included to display important alerts that require admin attention.
- To ensure security, the Spring JAR files used in the product have been updated to version 5.3.21.
- To ensure security, the Commons Text JAR files used in the product have been updated to version 1.10.
- Issues fixed:
- An issue that caused an infinite password sync loop when password sync is configured for Active Directory bidirectionally has now been resolved.
- An issue that caused the login agent to crash when Have I been Pwned integration was enabled and HTTP was configured has now been fixed.
- An authorization issue in Talkback APIs has now been resolved.
- A memory leak issue which caused the domain controller to restart abruptly in rare scenarios when Password Sync Agent version 2.0 was configured has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6209 (Sep 30, 2022)
- Issues fixed:
- An issue in the Restrict Users scheduler under License Management when there were different domains containing the same usernames has now been fixed.
- An issue that occurred while searching for a username containing '_' in reports when using an external MS SQL database has now been fixed.
- An issue in prompting MFA during VPN login when the username format was domain name/username has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6208 (Sep 21, 2022)
- Features:
- MFA for Windows User Account Control: All UAC elevation prompts that require credentials such as installing an application, editing the registry, and so on can now be secured using MFA.
- Machine-based MFA: Secure business-critical machines in your organization by enforcing Machine-based MFA. This allows users to access the machine only upon successful identity verification through MFA, irrespective of their enrollment status, self-service policy membership, and ADSelfService Plus server connectivity.
- Issues fixed:
- An issue which caused MFA to be prompted in Windows 11 machines during system unlock has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6207 (Aug 30, 2022)
- Features:
- MFA for mobile app login: ADSelfService Plus mobile app logins can now be secured with an additional layer of authentication using MFA.
- Passwordless login: Provide easy and secure access to log in to the mobile app using modern authentication factors such as biometric authentication, push notification authentication, TOTP authentication, and so on.
- Support for additional authenticators: The ADSelfService Plus mobile app now supports Zoho OneAuth authentication, custom TOTP authentication and backup recovery code support during self-service actions and mobile app logins.
- Manage device enrollment: An option to restrict the number of devices users can use to enroll for mobile app authenticators like push notification, biometric, and QR-code authentication has now been included.
- Enhancement:
- User enumeration prevention: An option to prevent attacks through user enumeration in the mobile app has now been introduced.
- Issue fixed:
- An issue with the functioning of Accessibility VoiceOver in iOS devices has now been resolved.
New in ManageEngine ADSelfService Plus 6.2 Build 6206 (Aug 19, 2022)
- Issues fixed:
- An issue with the functioning of the custom range filter in Audit Reports, when there were a large number of audit records, has now been fixed.
- A performance issue while derestricting users under License Management when there were a large number of restricted users has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6205 (Aug 9, 2022)
- Enhancements:
- Enrollment report customization: The Enrolled Users Report and Non-enrolled Users Report can now be customized to view additional user information, such as their active status, last logon time, etc.
- Cloning existing policies: Existing self-service policy configuration settings can be copied to create multiple policies across domains now.
- Granular control over trust periods: The MFA trust period for browsers and machines can now be customized in terms of minutes, hours, or days.
- Issue fixes:
- An issue with deleting licensed users who have an apostrophe character in their names has been fixed.
- An XSS issue that could potentially occur in the Conditional Access rule assignment section has been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6203 (Jul 1, 2022)
- Issue fixed:
- A denial-of-service attack issue (CVE-2022-34829) in the ADSelfService Plus Mobile App Deployment API has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6202 (Jun 27, 2022)
- Security enhancementAn option to prevent user enumeration by initiating a mock MFA process has now been included.
- Issue fixed:
- An issue in which the Change Password notification was not triggered when the operation was performed via the mobile application or mobile web browser has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6201 (Jun 9, 2022)
- Enhancements:
- Mac Agent support has now been extended to macOS Monterey.
- XLSX format is now supported for exporting reports.
- An option to extend the portal session expiration duration to one day has now been provided.
- Issues fixed:
- Performance-related issues in User Reports, Restricted Users report, Password Expiration Notification, and Unrestrict Users scheduler have now been fixed.
- An issue that blocked the database query while sending enrollment push notifications has now been resolved.
- An issue in VPN MFA when the configured MFA method was push notification has now been fixed.
New in ManageEngine ADSelfService Plus 6.2 Build 6200 (May 24, 2022)
- The communication between the Password Sync Agent and the ADSelfService Plus server has now been secured with the inclusion of an access key. (CVE-2021-37423) For more information, refer to our security advisory page.
- An issue which exposed the username information in the request URL sent to the ADSelfService Plus server upon successful IdP authentication has now been fixed.
- An issue where the embedded employee search option was not displaying the desired results has now been resolved.
- To enhance security, the Spring JAR files used in the product have now been updated to version 5.3.18
New in ManageEngine ADSelfService Plus 6.1 Build 6123 (Apr 14, 2022)
- Issues fixed:
- A security vulnerability which exposed admin credentials if the ADSelfService Plus server access was compromised while installing the login agent using Remcom and RemoteExec methods has now been fixed
- A security vulnerability which caused XSS script execution in the Configured Domains page has now been fixed
New in ManageEngine ADSelfService Plus 6.1 Build 6122 (Apr 9, 2022)
- Issue fixes:
- In product instances where post-action custom scripts are enabled, a security vulnerability (CVE-2022-28810) which could lead to remote code execution during password reset and password change, has been fixed. This vulnerability was reported by Hernan Diaz, Andrew Iwamaye, and Jake Baines of Rapid7.
New in ManageEngine ADSelfService Plus 6.1 Build 6121 (Mar 3, 2022)
- Issues fixed:
- A security vulnerability (CVE-2022-24681) which allowed XSS script execution in the reset password, unlock account, and user must change password pages has now been fixed.
- A vulnerability causing the NTLM Hash to be disclosed to operators when configuring the storage path of a remote machine in the Reports tab has now been fixed.
New in ManageEngine ADSelfService Plus 6.1 Build 6120 (Feb 11, 2022)
- Enhancements:
- Site-based DC Update: Let's you assign a particular set of domain controllers (DCs) to an OU so that self-service changes made by users from that OU are quickly updated in the DCs assigned to that OU.
- Password Sync tab is now equipped with the capability to deselect all the linked accounts for password reset, account unlock, and password change operations.
- An option that allows domain display name to be shown or hidden in the end-user portal/pages has now been added in the Reset & Unlock tab.
- IP-based portal restriction will now deny technician logins from black listed IP addresses.
- Windows MFA, which was prompted for user login and screen unlock earlier will now be prompted only during user login.
- Issues fixed:
- Glitches pertaining to MFA application to macOS machines whose names contained spaces have been resolved.
- When the login page was customized to display only the login button, the drop-down list had glitches. This issue has now been resolved.
- An issue which caused the failure of SAML SSO for custom applications since only "Exclusive Canonicalization with Comments" XML Canonicalization method was supported has now been fixed.
- An issue in which mail content was added to the syslog files has now been removed.
- An issue specific to the Germany locale in displaying the number in the password policy enforcer text has now been fixed.
- Text customizations done in Language Customization tab for languages other than English were not reflecting. This has been fixed.
- A memory leak issue in VPN MFA's NPS extension has now been fixed.
New in ManageEngine ADSelfService Plus 6.1 Build 6119 (Dec 21, 2021)
- Fixed:
- Log4j dependency in ADSelfService Plus has been removed to ensure security.
New in ManageEngine ADSelfService Plus 6.1 Build 6118 (Dec 1, 2021)
- Issue fix:
- An issue in renewing the SAML certificate when ADSelfService Plus is the identity provider has now been fixed.
New in ManageEngine ADSelfService Plus 6.1 Build 6117 (Nov 15, 2021)
- Highlight:
- Azure AD MFA support: Azure AD MFA can now be used for identity verification during self-service reset/unlock; self-service portal login; cloud application, machine and OWA logins. This method is supported in both web and mobile applications.
- Enhancement:
- RADIUS challenge support has now been provided for RADIUS multi-factor authentication.
- Issue fixes:
- An issue in the Enrolled Users Report while sorting the users' mobile numbers has now been resolved.
- OWA context was added twice in the server.xml file when service pack installation failed. This issue has now been resolved.
- An issue in which the content-type was missing in the response when the mobile site URL had js, css, image, and cewolf as resource types has now been fixed.
- When the answer to the security question were all numbers, users were unable to prove their identity for password reset/unlock account via the mobile application. This issue has now been fixed.
- A login issue which occurred when users committed an error of adding spaces in the beginning and end of the username and when the username contained % has now been fixed.
New in ManageEngine ADSelfService Plus 6.1 Build 6116 (Sep 30, 2021)
- Issue fixes:
- All the API endpoints have now been strengthened to be more secure.
- A security vulnerability which allowed performing unauthenticated UMCP operation using REST API has now been fixed.
- The access to the domain password policy HTML has now been restricted for all users.
- A minor change has been implemented to display the username and password fields on the same login page now.
New in ManageEngine ADSelfService Plus 6.1 Build 6115 (Sep 24, 2021)
- Issue fixes:
- When a custom attribute's display name containing or " was added to the employee search display column, no results were returned for an employee search. This issue has now been fixed.
- An issue in the Linux Login Agent specific to Ubuntu 18.04.5 LTS has now been resolved.
- An issue in integrating ADManager Plus with ADSelfService Plus when the provided admin/technician account's password contained % has now been fixed.
- Login issue when the username contained space has now been resolved.
New in ManageEngine ADSelfService Plus 6.1 Build 6114 (Sep 7, 2021)
- Feature:
- SAML SSO support for ServiceDesk Plus: ADSelfService Plus now supports single-sign on (SSO) to the on-premises version of ManageEngine ServiceDesk Plus.
- Enhancements:
- Migrated from JavaPNS to Pushy library (v0.14.1) and from NotNoop to Pushy library (v0.14.1), for sending iOS notifications and pushing the mobile application respectively, when the MDM profile is installed.
- Security Issue fix:
- An authentication bypass vulnerability affecting REST API URLs, rated critical, has now been fixed. [CVE-2021-40539]
New in ManageEngine ADSelfService Plus 6.1 Build 6113 (Sep 2, 2021)
- Issue fixes:
- An issue which restricted users with special characters in their passwords from logging in to the portal via the mobile site has now been fixed.
- An issue that restricted users access to the portal even during the permitted logon hours has been resolved.
- All cookies can now be protected by enabling the HttpOnly flag.
New in ManageEngine ADSelfService Plus 6.1 Build 6112 (Aug 28, 2021)
- Enhancements:
- Mac Agent support has now been introduced for macOS Big Sur.
- Mobile app support to block specific email domains and mobile number formats during user enrollment has now been provided.
- Issue fixes:
- While using the mobile app to reset password/unlock account, the forced number of authentication factors were not verified. This issue has now been resolved.
- A vulnerability in the Approval Workflow module which facilitated an unauthenticated attacker to send emails to domain users has now been fixed.
- The possibility of a Boolean SQL injection attack during manual account linking for Oracle Database has been eliminated.
- The security issue of account takeover via machine account creation has now been fixed.
- The SSRF vulnerability present in the High Availability module has now been fixed.
- The issue in build 6111 with the MFA for VPN feature in which authentication was bypassed has now been resolved.
- The password changes were not applied across all linked accounts when the Force Password Synchronization option was enabled in build 6111. This issue has now been fixed.
New in ManageEngine ADSelfService Plus 6.1 Build 6111 (Aug 2, 2021)
- Issue fix:
- Fixed the account takeover issue reported by HaYiCle, by enforcing SAML signature verification before logging in users through SAML SSO.
New in ManageEngine ADSelfService Plus 6.1 Build 6110 (Jul 29, 2021)
- Issue fix:
- Fixed the account takeover issue reported by HaYiCle, by enforcing SAML signature verification before logging in users through SAML SSO.
New in ManageEngine ADSelfService Plus 6.1 Build 6109 (Jul 24, 2021)
- Issue fixes:
- The VPN Group Name field is no longer mandatory while configuring Cisco AnyConnect for updating cached credentials over VPN.
- The issue that occurred when updating country/region under the Profile tab has been resolved.
- The issue with domain API verification in Duo configuration has now been fixed.
New in ManageEngine ADSelfService Plus 6.1 Build 6107 (Jul 2, 2021)
- Enhancements:
- The jQuery library used in the product has been updated from version 1.11.3 to 3.5.1.
- The Bootstrap framework used in the product has been updated from version 3.3.6 to 3.4.1.
- The jQuery UI used in the product has been updated from version 1.9.2 to v1.10.0.
New in ManageEngine ADSelfService Plus 6.1 Build 6106 (Jun 16, 2021)
- Enhancements:
- Conditional Access: You can now restrict access to the ADSelfService Plus portal and enable NTLM single sign-on, based on a user's location, device used, time of access, and IP address.
- Duo Device Management Portal: Users can now add or remove Duo-registered devices from the ADSelfService Plus portal.
- Issue fixes:
- User profile images were not being displayed in the Organization Chart when Reverse Proxy was configured. This issue has been resolved.
- An OU performance issue that caused delays in information retrieval has been resolved.
- When a user is a part of many groups, the login process was slightly delayed. This issue has been resolved.
New in ManageEngine ADSelfService Plus 6.1 Build 6105 (May 26, 2021)
- Enhancements:
- Admins can now configure users' managers email addresses to send them notifications about user activities like self-service password reset, self-service account unlock, password change, and enrollment.
- The email verification code generated during enrollment and user identity verification can now be sent to the admin or manager via email.
- An option has been introduced to block specific email domains and mobile formats provided during user enrollment.
- Issue fixes:
- A vulnerability which lead to unauthenticated and authenticated remote code execution through PowerShell injection has been fixed.
- If the user entered an email address during enrollment and the same email address was later updated as the user's AD mail attribute value, the user did not receive scheduled notifications and the email address was displayed twice during email verification authentication. This issue has been fixed.
- When users access the end-user portal through NTLM Authentication, user actions could not be performed in certain Windows environments. This has been fixed.
- The configuration of RADIUS authenticator failed when the secret key had specific special characters (<, >, ', ", and &). This has been fixed.
- An issue that occurred in the secure links generated for email verification has been fixed.
New in ManageEngine ADSelfService Plus 6.1 Build 6104 (May 9, 2021)
- Vulnerability issue fixes:
- A vulnerability that in rare cases allowed bypassing CAPTCHA in the ADSelfService Plus login page has been fixed.
- A rare Cross-Site Scripting attack vulnerability in the e-mail address field used in the employee search feature has been fixed. (Reporter: Matt CVE-ID: CVE-2021-27956))
- A vulnerability that in rare cases can cause Reflected Cross-Site Scripting attacks has been fixed.
- A vulnerability that in rare cases let attackers expose information about the database application configured for password sync has been fixed.
- A vulnerability that in rare cases let attackers bypass the ADSelfService Plus' admin portal access restriction based on IP addresses has been fixed.
New in ManageEngine ADSelfService Plus 6.1 Build 6103 (Apr 29, 2021)
- Highlight:
- Zoho OneAuth's OTP authenticator can be used as an MFA method to verify users' identities during password reset and account unlock actions, ADSelfService Plus logins, and machines and VPN logins.
- Enhancements:
- The Linux login agent now supports Ubuntu version 20.x.
- The password synchronization with OpenLDAP now supports the Extended Password modify operation - (RFC-3062).
- SAML assertion attributes have been introduced to allow admins to configure the specific attributes that have to be included in the SAML response token sent to the service provider by ADSelfService Plus to prove a user's identity.
- Issue fixes:
- For SAP NetWeaver password sync, the unlock account functionality is now restricted for accounts that were locked or disabled by the admins.
- An issue with configuring the Select Duration setting for scheduled reports has been fixed.
- An issue with generating reports using the Operator technician role has been fixed.
New in ManageEngine ADSelfService Plus 6.1 Build 6102 (Mar 22, 2021)
- Issue fix:
- A remote code execution vulnerability (Zoho bug bounty ID: ZVE-2021-0941) caused by a PowerShell script used for password change operations has been fixed.
New in ManageEngine ADSelfService Plus 6.1 Build 6101 (Mar 6, 2021)
- Enhancement:
- ADSelfService Plus now supports three different methods of Windows login agent installation to ensure success rate. The three methods are:
- Remcom
- PAExec
- WMI
- Issue fix:
- The issue of not receiving a prompt for multi-factor authentication while using the VPN when languages other than English are personalized for the ADSelfService Plus server has been resolved.
New in ManageEngine ADSelfService Plus 6.1 Build 6100 (Dec 31, 2020)
- Enhancements:
- The Tomcat server bundled with the product has been upgraded to version 8.5.57.
- The ADSelfService Plus database backup archives are now password protected.
- Issue fixes:
- A security issue due to the use of fixed ciphering keys has been fixed (Zoho Bug Bounty ID: ZVE-2018-1790).
- A security issue that caused improper authorization of end user actions has been fixed (Zoho Bug Bounty ID: ZVE-2020-4164).
New in ManageEngine ADSelfService Plus 6.0 Build 6013 (Nov 26, 2020)
- Enhancements:
- Support for SAML Authentication as an MFA method in the ADSelfService Plus mobile app (both iOS and Android) for self-service password reset and account unlock.
- Issue fixes:
- Issue in SAML SSO logins when reverse proxy server is configured has been fixed.
New in ManageEngine ADSelfService Plus 6.0 Build 6012 (Nov 12, 2020)
- Highlights:
- MFA backup codes for authentication: Users can now prove their identity using backup codes when they cannot access the enrolled MFA authenticators or their mobile devices used for authentication. These backup codes can be generated by both users and the admins, and used for identity verification during machine and VPN logins, self-service actions, and ADSelfService Plus portal logins.
- Custom Time-based One-time Passcode (TOTP) Authenticator support: Admins can now configure any TOTP authenticator [Eg: Symantec VIP Access, FortiToken, Free-OTP, etc] as per organizational usage to verify users' identities during password reset and account unlock actions, and ADSelfService Plus, machines and VPN logins.
- Enhancements:
- Smart card multi-factor authentication: Smart card authentication will now be available as an authenticator in multi-factor authentication for ADSelfService Plus web portal login.
- ADSelfService Plus has been upgraded from two-factor authentication to multi-factor authentication for machine (Windows, macOS, and Linux), VPN and product logins.
- Admins can now link domain user accounts based on any attribute of choice with the Duo accounts for multi-factor authentication.
- Idle time limit during multi-factor authentication can be configured for machine, VPN, and product logins.
- Issue fixes:
- During user identity verification through SMS and email verification codes, the drop-down menu at the end-users portal will prioritize the mail/mobile values added by the end-user during enrollment over those stored in Active Directory.
- The time taken to load Change Password tab has been reduced.
- Fixed an issue that prevented including more than 10 mail addresses in the Admin Mail Address field under Mail Settings.
- While logging into ADSelfService Plus through SAML single sign-on, it is now possible to use any authentication technique provided by the identity provider (Okta, OneLogin). Password authentication is not mandatory.
New in ManageEngine ADSelfService Plus 6.0 Build 6009 (Sep 30, 2020)
- Enhancements:
- New customization options that help rebrand ADSelfService portal to best suit your requirements. With these new options you can:
- Set a background image for the portal's login page.
- Customize buttons on the users' login page.
- Select custom color for theme using the color picker field.
- Issue fixes:
- The issue of license consumption by both the primary and secondary user accounts when password synchronization is enabled between two Active Directory domains.
- The issue in AltGr key usage in the Windows login agent when ADSelfService Plus' end-user portal is configured to display in languages other than English.
- Encoding failure during mail attachment when using languages other than English.
- The issue where Organization Chart generation was slowed down and CPU usage was higher than usual when the number of users in the domain increased.
New in ManageEngine ADSelfService Plus 6.0 Build 6008 (Sep 9, 2020)
- Fixed an issue that prevented proper embedding of image in email content.
- If the Password Expiration Notification's retry option is disabled, managers receive an empty Soon-To-Expire Password Users Report on the specific days configured when no users fall under the report that day. This has been fixed.
New in ManageEngine ADSelfService Plus 6.0 Build 6006 (Aug 28, 2020)
- Load Balancing: ADSelfService Plus now comes with a built-in load-balancing server, to help you set up multiple instances of ADSelfService Plus, and distribute incoming requests among them. This helps improve performance, eliminate downtime, and provide a better experience for end users.
- Reverse Proxy: Enable reverse proxy, by integrating with ManageEngine AD360, to improve security when making ADSelfService Plus accessible for remote access.
New in ManageEngine ADSelfService Plus 6.0 Build 6005 (Aug 15, 2020)
- Highlight:
- Multi-factor authentication (MFA) for VPN: Secure your VPN by enabling MFA via fingerprint/Face ID, Push Notification, Google Authenticator, Yubico OTP, and other wide range of authentication factors.
New in ManageEngine ADSelfService Plus 6.0 Build 6004 (Aug 12, 2020)
- Users were not able to login using the mobile browser during SP-initiated SAML SSO. This has been fixed.
- Password change using the PowerShell API has been secured.
- Custom questions were not properly displayed when configuring the Auto Enrollment Scheduler using CSV file. This has been fixed.
New in ManageEngine ADSelfService Plus 6.0 Build 6003 (Jul 24, 2020)
- Enhancement:
- Face ID authentication is now supported for MFA in the ADSelfService Plus iOS app.
- Issue fix:
- Security fix to prevent unauthenticated remote code execution attacks.
New in ManageEngine ADSelfService Plus 6.0 Build 6002 (Jul 10, 2020)
- Issue fixes:
- Fixed an issue which prevented sending the password expiration notification and expired password notification to users with Password Setting Object applied to them.
- Fixed an issue that prevented saving multiple mail addresses under Notify Admin in the Notifications tab of Advanced Policy Configuration settings.
- Provision for verification of user enrollment status with Duo Security has been added for enhanced security.
New in ManageEngine ADSelfService Plus 6.0 Build 6001 (Jul 7, 2020)
- Issues fixed:
- Fixed an issue which prevented changing the SMS provider from GSM Modem to Custom HTTP.
- The drop-down fields for directory self-update were not displayed properly. This has been fixed.
- Password expiration notifications were not sent to secondary email addresses even when the Enable Notification to All Secondary Mails of Users option was enabled. This has been fixed.
- Autocomplete has been turned off for the answer fields during security questions and answers-based authentication.
- Fixed an MS SQL migration issue which prevented fetching all the MS SQL instances.
New in ManageEngine ADSelfService Plus 6.0 Build 6000 (Jun 4, 2020)
- Highlights:
- This release comes with a service pack that can be used to update your ADSelfService Plus to get the flat GUI as well as the enhancements, and bug fixes released in builds 5816 and 5817.
- Enhancements:
- An option to renew the SAML certificate has been implemented.
- Issue fixes:
- The SMS notifications sent during MFA contain HTML code.
- Improper functioning of CAPTCHA when reverse proxy is configured.
New in ManageEngine ADSelfService Plus 5.8 Build 5816 (Apr 23, 2020)
- Features:
- Improved look and feel with flat UI: The ADSelfService Plus admin portal has been revamped with a sleeker and more streamlined flat user interface.
- Embed dashboard widgets: The dashboard graphs can be embedded in any web page using the HTML snippet provided. A URL is also provided to access the graph separately.
- Language customization: Personalize ADSelfService Plus by customizing any text displayed in the portal for your language of choice.
- SSL deployment through UI: Easily apply a SSL certificate and enable HTTPS to secure ADSSP in just a few clicks with the all new UI-based SSL certification tool.
- Enhancements:
- Technician: Administrators now have the option of providing the technician privileges to groups.
- Password Policy Enforcer has been enhanced with several new password policy rules for improved security:
- Disallow the use of specific numbers of consecutive characters from user names and old passwords
- Disallow the use of a character specific number of times consecutively.
- Ensure the password starts with an uppercase letter, lowercase letter, number, or special character.
- Disallow the last character of the password to be a number.
- Fix the number of old passwords to be restricted during password resets.
- The customized message that displays the password policy requirements during password reset or change can be reset to default.
- Directory Self-Update has been improved with the following options:
- Administrators can set the self-update layout as read only.
- Show or hide the Report To and Direct Report fields and the left panel of the self-update layout with these fields and photo upload.
- Enforce the format of information provided in the self-update fields (mobile number, email address, or letters).
- All notification messages can been enhanced with rich text editors.
- Employee Search:
- Administrators now have the option to enable the Employee Search based on self-service policy.
- Force enrollment logon script:
- Administrators now have the option to customize the enrollment logon script window's title and button text.
- IP-based restriction for admin login:
- Admin login can now be restricted to some specific or a range of IP addresses using the restrict IP address option.
New in ManageEngine ADSelfService Plus 5.8 Build 5815 (Apr 3, 2020)
- Issue fix:
- Security fix to ensure ADSelfService Plus is immune to unauthenticated remote code execution (RCE) vulnerability.
New in ManageEngine ADSelfService Plus 5.8 Build 5814 (Mar 11, 2020)
- Issue fixes:
- Issue of unnecessary characters in SMS notifications when using the SMTP provider due to improper encoding type.
- Issue in generating the Enrollment Reports graph in the Dashboard tab.
- A vulnerability issue in the ADSelfService Plus login agent has been fixed.
- Issue of password reflection during password reset.
- Issue of a Cross-site Scripting vulnerability.
New in ManageEngine ADSelfService Plus 5.8 Build 5813 (Feb 25, 2020)
- Issue fix:
- A security issue that arises when the 'User must change password at the next logon' option is enabled in Active Directory has been fixed.
New in ManageEngine ADSelfService Plus 5.8 Build 5812 (Jan 27, 2020)
- Issue fix:
- Issue in enforcing the default minimum password length (i.e, 7) when product technicians change their account passwords.
New in ManageEngine ADSelfService Plus 5.8 Build 5811 (Dec 29, 2019)
- Feature:
- Block breached passwords: ADSelfService Plus now supports integration with 'Have I Been Pwned?', which prevents the use of breached passwords during password change or reset by users
New in ManageEngine ADSelfService Plus 5.8 Build 5810 (Dec 20, 2019)
- Issue fix:
- Issue in AltGr key usage in the GINA login agent when ADSelfService Plus' end-user portal is configured in non-english display settings.
New in ManageEngine ADSelfService Plus 5.8 Build 5809 (Dec 17, 2019)
- Enhancements:
- Option to resend verification codes while authenticating user identities via SMS or email.
- Issue fixes:
- Issue with updating the status of the GINA login agent installation via GPO in ADSelfService Plus.
- Issue in installing the macOS login agent for users when the domain admin password contains certain special characters such as the '!' and '.'.
- Issue which caused the open re-direct vulnerability has been fixed.
New in ManageEngine ADSelfService Plus 5.8 Build 5808 (Dec 9, 2019)
- Highlight:
- Endpoint multi-factor authentication (MFA): Add an extra layer of security to Linux logins, in addition to Windows and macOS, with any of the supported 14 authentication methods including Yubikey, fingerprint authentication, RSA SecurID, and DUO Security.
- Enhancement:
- Option to perform remote installation, un-installation, customization, and re-installation of the Linux login agent from the admin console.
New in ManageEngine ADSelfService Plus 5.8 Build 5807 (Dec 2, 2019)
- Yubikey authenticator support: Users can use the Yubikey device to prove their identity during self-service password resets/account unlocks, ADSelfService Plus logins, and endpoint logins.
New in ManageEngine ADSelfService Plus 5.8 Build 5806 (Nov 8, 2019)
- A CSRF vulnerability that occurs in the self-update section of the end-user portal is fixed.
- Issue in the GINA/CP logon agent that could lead to privilege escalation is fixed.
New in ManageEngine ADSelfService Plus 5.8 Build 5805 (Nov 5, 2019)
- A few minor bugs have been fixed.
New in ManageEngine ADSelfService Plus 5.8 Build 5804 (Oct 14, 2019)
- Highlight:
- Korean language support: The end user and the admin portal can now be personalized in the Korean language, besides the twenty other supported languages.
- Enhancements:
- Improved performance in the domain sync operations of ADSelfService Plus.
- Option to use the middleName (LDAP attribute) to greet users and admins on the welcome screen.
- Issues Fixed:
- Issue in deleting licensed users of ADSelfService Plus when the admin portal is customized in Polish language.
- Issue in Password Expiration Tool that listed only partial domains while configuring soon-to-expire password notifications.
- Issue in syncing passwords when resets are performed across multiple G Suite domains simultaneously.
- Issue in displaying the host display name during self-service account unlock when the force synchronization option is enabled.
- Issue which duplicates the sent notifications when Password Sync Agent is installed and more than one DC is configured under site-based DC.
- Issue in verifying user identity during Windows logon two-factor authentication (TFA) when UPN suffix is included along with the username.
- Issue which crashed the executable file in Windows logon agent when connected to VPN using Cisco Anyconnect.
- Issue in displaying users' photo in Employee Search at certain times when the session is refreshed.
- Issue which denied users access to ADSelfService Plus via the logon script in the 5803 build.
- Issue in displaying the OU in the Policy Configuration window if its description more than 250 characters.
- Issue in forwarding logs to SSL-enabled Splunk servers.
New in ManageEngine ADSelfService Plus 5.8 Build 5803 (Sep 10, 2019)
- Issues fixed:
- Issue which displayed the error message "Sorry, the page you requested was not found," when manually initiating multiple GINA/Mac/Linux logon agent installation processes.
- Issue in Password Expiration Notifier Tool which failed to accept the DisplayName in the From Mail address of Mail Server settings.
- All untranslated UI text are now localized for all the languages supported by ADSelfService Plus.
New in ManageEngine ADSelfService Plus 5.8 Build 5802 (Aug 16, 2019)
- A minor text alignment issue while displaying the custom password policy during password change/reset is fixed.
- An injection vulnerability in the Windows and Linux login agent is fixed.
New in ManageEngine ADSelfService Plus 5.8 Build 5801 (Jul 19, 2019)
- Highlight:
- Two-factor authentication for macOS: Add an extra layer of security to macOS logins by enforcing two-factor authentication. Choose from thirteen authentication methods including fingerprint authentication, SMS/email verification, RSA SecurID, and DUO Security.
New in ManageEngine ADSelfService Plus 5.7 Build 5710 (Jun 24, 2019)
- A security issue has been fixed
New in ManageEngine ADSelfService Plus 5.7 Build 5709 (May 6, 2019)
- Highlights:
- Flat user interface for the end-user portal: ADSelfService Plus' user portal gets a makeover with flat user interface.
- TFA for Windows and ADSelfSevice Plus logon now supports additional authentication methods including:
- Security Questions and Answers
- Email Verification
- SMS Verification
- Google Authenticator
- Duo Security
- RSA SecurID
- RADIUS Authentication
- Push Notification Authentication
- Fingerprint Authentication
- QR Code-Based Authentication
- TOTP Authentication
- Enhancements:
- Provision to allow users to complete their enrollment during the self-password reset/account unlock process itself after successfully proving their identity using any of the supported authentication method.
- Mobile number and email address added by users during enrollment will be verified through an OTP for improved security.
- Force users to use specific email domain names (such as gmail.com or hotmail.com) during enrollment.
- Option to mandate separate authentication techniques for enrollment and self-password reset/account unlock processes.
- Displaying the calendar field in any date-related field in the self-update layout.
New in ManageEngine ADSelfService Plus 5.7 Build 5708 (Apr 22, 2019)
- Feature:
- Directory Server password synchronization: Sync Active Directory password changes with 389 Directory Server passwords in real time.
- Fixes:
- Failure to send emails when TLS security setting is enabled for mail server.
- Issue which failed to update the modified domain functional level in ADSelfService Plus.
- Issue which restricted licenses of users with the same name of any previously deleted user.
- Issue in displaying user disclaimers in RTL languages.
- Blank GINA/Mac installation reports being exported when MS SQL database is used.
- Script error displayed in GINA/CP password self-service portal, in Danish language.
- Script error when adding restricted IP/Server Name.
- An XSS vulnerability.
New in ManageEngine ADSelfService Plus 5.7 Build 5707 (Mar 20, 2019)
- Enhancements:
- Support for OpenVPN: Update Cached Credentials over VPN setting extends its support for OpenVPN.
- Password expiration notifier now has an option to not inherit child OUs while sending reminders.
- Issues fixes:
- Issue in configuring the password sync agent when ADSelfService Plus' server is connected through a proxy.
- Issue in migrating database to MS SQL server when SSL encryption is applied to a specific instance.
- Issue in synchronizing password changes with multiple configurations of SAP NetWeaver.
- Vulnerability issue fix in high availability mode.
- Issue which denied access via logon script when DUO is used as the two-factor authenticator.
- Issue in identity provider (IdP) initiated SAML-logout for SSO.
- Issue in displaying the default tab when user portal is accessed via mobile app or mobile site.
- Issue in sending password expiry reminders when there's a user in the list whose PSO cannot be read due to lack of permission.
- Issue in displaying the correct order of mobile numbers in RTL languages such as Hebrew and Arabic.
New in ManageEngine ADSelfService Plus 5.7 Build 5706 (Mar 1, 2019)
- Windows Server 2019 support: Adds self-service password reset and account unlock capability for Active Directory users in Windows Server 2019 domain.
New in ManageEngine ADSelfService Plus 5.7 Build 5705 (Feb 19, 2019)
- Highlight:
- Login agent for Linux: Users can reset passwords and unlock accounts from the login prompt of their Linux machines.
- Enhancement:
- Synchronize Active Directory password resets and changes across MS SQL and PostgreSQL accounts in real time.
- Ability to link user accounts for password synchronization using the listed attributes of the provider, other than the default sAMAccountName.
- Option to synchronize account unlocks between cloud-based and on-premises accounts irrespective of the lockout status of the users' Active Directory account.
- Issue Fixes:
- Issue in displaying more than 500,000 of the generated Notification Delivery audits for Soon-To-Expire Password Users is fixed.
- Issue which randomly displayed 'Sorry, the page you requested is not found' when users attempt to log in to the self-service portal using any browser for the first time.
New in ManageEngine ADSelfService Plus 5.7 Build 5704 (Jan 17, 2019)
- Feature:
- Ability to enforce custom user disclaimers: ADSelfService Plus now allows you to display custom disclaimers that users must accept before they can access the self-service portal.
- Enhancement:
- Password sync agent now supports TLS version 1.1 and 1.2.
New in ManageEngine ADSelfService Plus 5.7 Build 5703 (Jan 2, 2019)
- Features:
- SAML-based single sign-on (SSO) via Line Works: ADSelfService Plus supports SSO through Line Works, which acts both as identity and service provider.
- Support for multi-factor authentication (MFA) via Line Works: ADSelfService Plus now supports MFA via Line Works, in addition to One Login and Okta, for user authentication during self-service password reset and account unlock.
- Fixes:
- Issue that caused an SSRF vulnerability is fixed.
- Issue in configuring OpenLDAP with Common Name (CN) is fixed.
New in ManageEngine ADSelfService Plus 5.7 Build 5702 (Dec 11, 2018)
- Issue of product crashing when the configured GINA Frame Text exceeds the character limit during translation.
- Issue which permitted users to close the password reset/account unlock window of the Windows logon agent.
- XSS vulnerability in the employee search, and the self-update layout.
- Issue in translating certain fields in the self-update layout of the end-user portal, from English to the selected language in the personalization section.
- Issue which failed to display the mobile number format for the users in the User Registration section during enrollment.
- Issue which failed to update the authentication settings for the configured mail server in the password expiration notifier free tool.
- Issue in NTLM SSO if the configured service account contains special characters.
- Issue in displaying the strength of the password entered in the reset, and change password pages.
- Issue in auto-generating passwords due to inconsistencies in the enforced password policy.
- Issue in modifying the font size of the Chinese characters in the Logon Page Customizer.
- Issue that truncates the email content sent to authenticate users' identity during two-factor authentication.
- Issue in importing enrollment data from MS SQL databases that have NTLMv2 session security enforced.
- Issue which slowed down the generation of Non-Enrolled Users Report.
- Issue which caused SAML-logout failure.
New in ManageEngine ADSelfService Plus 5.7 Build 5701 (Dec 1, 2018)
- Enhancements:
- The mobile app deployment feature gets a makeover with the new flat user interface and a few enhancements.
- Trial mode: Test drive this feature by deploying the ADSelfService Plus iOS app for ten users’ mobile devices, with minimal configurations.
- Automated CSR signing from ManageEngine while configuring APNs.
- Schedulers to automate iOS app installation status.
- Fixes:
- An XML External Entity vulnerability that occurs while uploading product license is fixed.
- Removed the dependancy on OpenSSL as a vulnerability fix.
- Issue in domain data sync which failed to update deleted domain objects in ADSelfService Plus.
- Issue in accessing ADSelfService Plus' portal through the older version of GINA/CP logon agent.
New in ManageEngine ADSelfService Plus 5.7 Build 5700 (Nov 21, 2018)
- Enhancements:
- JRE bundled with ADSelfService Plus is updated to version 1.8.0.162.
- Apache Tomcat server bundled with ADSelfService Plus is updated to version 8.5.32.
- PostgreSQL server bundled with ADSelfService Plus is updated to version 9.4.14.
New in ManageEngine ADSelfService Plus 5.6 Build 5607 (Oct 23, 2018)
- The AD Sync scheduler now uses DirSync Control to synchronize only the objects that were modified since the last synchronization.
New in ManageEngine ADSelfService Plus 5.6 Build 5606 (Oct 17, 2018)
- Enhancements:
- Access to Password Expiration Notifier free tool for ADSelfService Plus users with technician role.
- Rebrand the self-service password reset/account unlock window of the Windows logon agent by adding your company image as browser title.
- Issue Fixed:
- Issue in sending SMS notifications with non-English characters due to SMS encoding.
- Issue during backup and restoration of database due to character encoding.
- Issue in selecting OUs if the selected OUs count exceed 100.
- Issue in changing password if the sAMAccountName contains space.
- Issue in changing password if the domain expects a down-level logon name instead of the entered sAMAccountName.
- Issue in changing password in the mobile browser, when the password strength analyser is disabled.
- Issue in synchronizing passwords with Office 365 when the new password contains a single quote (’).
- Issue during password synchronization which displayed multiple records for a single password reset action in the Reset Password Audit report.
- Issue which updates an invalid character in Active Directory for the entered '&' character in the My Info tab.
- Issue which failed to display user profile photo in My Info tab after it is updated in Active Directory.
- Issue in displaying the enforced password policy rules in the native Windows interface (Ctrl+Alt+Del) for non-English OSs.
- Issue in enforcing the custom password policies when the selected dictionary file contains a back slash () or a double quote (").
- Issue in deploying the Mac logon agent if the password of service account used contains a dollar symbol ($) or a forward slash (/).
- Issue which failed to display the password-reveal icon in the native Windows interface when the GINA/CP logon agent is installed.
- Issue which failed to list all the appropriate machines in the New Installation tab and the Installed Machines tab of the GINA/Mac Installation section.
- Issue which failed to display an error message when a user, who doesn't have administrative privileges, attempts to install GINA/CP logon agent.
- Issue which caused the login page of ADSelfService Plus to load indefinitely in Chromebook when NTLM Authentication is enabled.
- Issue in accessing certain datatype (VARCHAR2) columns while fetching enrollment data from an Oracle database connection for Quick Enrollment.
- Issue in Auto Enrollment if the imported enrollment data is encoded in UTF-8 format.
- Issue in sending the scheduled reports in HTML format to the managers.
- Issue which sent old audit data to ADSelfService Plus when there is an interruption in password sync agent service.
- Issue which failed to display the installed password sync agent status in the Windows Control Panel.
- Issue which displayed only ten of the available MS SQL server instances in the changeDB window.
- Issue which shows duplicate values of mobile and mail attributes for certain users in the Enrolled Users report.
- Issue which slowed down the generation of disabled users list during license management.
New in ManageEngine ADSelfService Plus 5.6 Build 5605 (Sep 28, 2018)
- Active Directory-based security questions as an MFA method:
- You can set up AD-based security questions to authenticate users at the time of self-service password reset and account unlock by comparing their answers with the corresponding AD attributes' value.
New in ManageEngine ADSelfService Plus 5.6 Build 5604 (Sep 26, 2018)
- An XSS vulnerability has been fixed.
New in ManageEngine ADSelfService Plus 5.6 Build 5603 (Sep 21, 2018)
- Highlights:
- SAP NetWeaver password synchronization. Synchronize AD password changes with SAP NetWeaver in real-time.
- Single Sign-on with Active Directory Federation Services (ADFS). ADSelfService Plus adds ADFS to the list of SAML-based identity providers through which users can access its web console.
- One-click logout: Improve security by turning every SAML-based application connected to ADSelfService Plus into a point of logout. When users initiate a logout from the identity provider, the user is also logged out from ADSelfService Plus, and vice versa.
- ADSelfService Plus now supports the Finnish language.
- Issues Fixed:
- Issue in Windows logon agent (GINA/Credential Provider extension) which failed to display the password policy enforcement rules in the Ctrl+Alt+Del screen of Windows 10, version 1803 has been fixed.
New in ManageEngine ADSelfService Plus 5.6 Build 5602 (Aug 20, 2018)
- Enhancements:
- Customizable verification code length: Specify the length of verification codes to be sent to users via email and SMS from the web console.
- Ability to install GINA/CP logon agent using DNS hostname: The GINA/CP logon agent can now be installed on machines using the DNS hostname in addition to the sAMAccountName.
- Issue fixed:
- Issue in adding service account in domain settings when the password exceeds 100 characters.
- Issue in sending bulk emails due to minimum authentication count set in the SMTP server.
- Issue which listed machines with incomplete client software updates along with the error occurred machines.
- Issue which failed to display the title image of ADSelfService Plus when accessed via mobiles.
- Issue in changing the product logo size.
- Issue which displayed the newly imported questions from CSV as admin-defined questions instead of listing it with the user-defined questions.
- Issue which truncates SMS messages with the '&' character.
- Issue in using custom attributes with boolean datatype in the self-update layout.
- Issue in sending test SMS from the ADSelfService Plus licensed Clickatell provider.
- ADSelfService Plus now utilizes TLS 1.1 and TLS 1.2 for improved security.
- Issue in configuring OpenLDAP for password synchronization when the domain name contains space.
- Issue which accepted invalid certificates in the Mac logon agent.
- Issue in providing appropriate permissions to technicians for fetching enrollment data from the MS SQL database.
- Issue in generating reports when the MS SQL database name starts with a number.
- Issue in loading the login page when Safari browser attempts to access ADSelfService Plus using an NTLM account.
- Issue in configuring header and footer content in the authentication pages of RSA SecurID, RADIUS Authentication, and Duo Security.
- Issue in password synchronization between multiple domains when users change their password for the first time.
- Issue which denied password reset for a user if an admin had deleted another user with the same display name in Active Directory.
- Issue in password synchronization with Salesforce.
- Issue which prompted users to change their passwords when they attempt to access ADSelfService Plus using SAML-based authentication if their password is set to never expire.
New in ManageEngine ADSelfService Plus 5.6 Build 5601 (Jul 31, 2018)
- Enhancement:
- ADSelfService Plus now supports Hebrew language
New in ManageEngine ADSelfService Plus 5.6 Build 5600 (Jul 24, 2018)
- Enhancement:
- The Password Expiration Notifier free tool gets a makeover with a new flat user interface that makes configuring password expiration notifications easier than ever.
- Issue fixed:
- Issue in expanding parent OUs to select child OUs in the GINA/Mac logon agent installation page.
- Issue in disabling product and event notification in Server Settings.
- Issue in deleting unowned licenses from the Restrict Users option.
New in ManageEngine ADSelfService Plus 5.5 Build 5521 (Jun 21, 2018)
- Features:
- SAML-based multi-factor authentication (MFA): For self password reset and account unlock, users can now be authenticated using SAML-based identity providers such as OneLogin and Okta.
- SAML-based SSO to access ADSelfService Plus: Allow users to authenticate themselves through SAML-based identity providers for one click access to ADSelfService Plus.
- Enhancements:
- SSO support for Blackboard: ADSelfService Plus now supports SAML-based SSO for Blackboard.
- A new option to notify ADSelfService Plus users about new features, ManageEngine events, and more.
- Issue fixed:
- Issue in self password reset when the minimum password age is set.
New in ManageEngine ADSelfService Plus 5.5 Build 5520 (May 31, 2018)
- Highlight:
- Two-factor authentication for Windows login: Improve security by enforcing two-factor authentication for local interactive and remote desktop logons to Windows clients and servers.
- ServiceNow password synchronization: Now synchronize users' Active Directory passwords with their ServiceNow accounts in real-time.
- Issue fixed:
- Security issue in which the HttpOnly flag was missing from the adscsrf cookie has been fixed.
New in ManageEngine ADSelfService Plus 5.5 Build 5519 (May 12, 2018)
- Enhancement:
- Clone existing policies: Option to copy the existing policy configuration settings and create multiple policies from it
New in ManageEngine ADSelfService Plus 5.5 Build 5518 (May 8, 2018)
- Enhancements:
- The Change Password Audit report now includes information on users who must change their password (after password reset) during their next logon.
- Option to set a link expiry time in the secure identity verification link, using the %linkExpireTime% macro.
- Logs can now be forwarded in Rawlog and CEF formats to any SIEM solution or a syslog server.
- Employee search's scope can be limited to that forest in which the user performing the search resides.
- British English has been added to the list of languages with which you can personalise ADSelfService Plus.
- Issues Fixed:
- Issue in displaying the Soon-to-Expire Password User report on the next login after a session expiry.
- Issue in logon client (GINA/ Credential Provider agent) installation if the password of the service account used to fetch the domain data contains a backslash ().
- Issue in generating valid SAML metadata for single sign-on configuration while using default ports.
- Broken authentication vulnerabilities which can lead to unauthorized access of the product resources.
New in ManageEngine ADSelfService Plus 5.5 Build 5515 (Mar 12, 2018)
- Enhancements:
- Enhanced user filtering policy: You can now configure ADSelfService plus policies with enhanced user filtration process. In addition to OU/Groups, users can now be filtered by using specific attributes for better usage restrictions and license consumption.
- Issues Fixed:
- Improper authentication during SAML single sign-on that gives way to man in the middle attack by inserting fraudulent user identification has now been fixed.
New in ManageEngine ADSelfService Plus 5.5 Build 5514 (Feb 26, 2018)
- Smart Card Authentication: The use of smart cards/ PKI/ certificates has been enabled as additional options for ADSelfService Plus login.
New in ManageEngine ADSelfService Plus 5.5 Build 5513 (Feb 20, 2018)
- Highlights:
- Custom SAML Applications: Any application that supports SAML 2.0 protocol for authentication can now be integrated for SSO.
- Custom VPN Providers: Updating of cached credentials through any VPN providers that allow command line arguments to establish VPN connections is now supported.
- Enhancements:
- SAML SSO support for Shufflrr and ADP.
- Option to exclude TFA for service provider(SP) initiated SAML SSO.
- Each of the SSO applications can now support multiple configurations.
- Cached credentials can now be updated using SonicWall, SonicWall Global, and Checkpoint VPN clients.
- Access to self-service portal can now be restricted to specific IP ranges via AD360 console.
New in ManageEngine ADSelfService Plus 5.5 Build 5512 (Feb 12, 2018)
- Enhancement:
- License for unlimited users: You can now purchase a license for ADSelfService Plus that supports an unlimited number of domain users.
New in ManageEngine ADSelfService Plus 5.5 Build 5511 (Jan 31, 2018)
- Issues Fixed:
- Issue in importing CSV files that contain more than 15,000 users.
- Vulnerability issues have been fixed.
- SMPP protocol for SMS server configuration now supports empty System ID too.
- Issue in configuring SAML SSO for Canvas LMS by Instructure app.
- Issue in generating CSR for wildcard certificates.
- Issue in password sync agent while synchronizing passwords between two Active Directory domains.
- Issue in properly displaying non-English characters and UI issue in user login page.
New in ManageEngine ADSelfService Plus 5.5 Build 5510 (Jan 9, 2018)
- Highlights:
- SSO support for three new apps: Cybozu Office, Garoon, and Mailwise.
- Two-factor authentication with SAML can now be enforced for service provider(SP) initiated login as well.
- Issues Fixed:
- Issue on the user login page while accessing ADSelfService Plus from favorites bar in IE11.
New in ManageEngine ADSelfService Plus 5.5 Build 5509 (Dec 28, 2017)
- Enhancement:
- Bulk disenroll users: Select multiple users from the Enrolled Users report or import users from a CSV file to disenroll them in bulk.
- Issues Fixed:
- Oracle EBS password sync driver has been updated to the latest version.
- Issue in using Google Authenticator while performing password self-service from the Android mobile app.
- Issue in enrolling more than 10,000 users at once from external databases.
- Issue which failed to refresh the CAPTCHA image when using a load balancer.
- UI issue in "Choose mail/mobile recipient" page.
- Vulnerability issue in Windows login client.
New in ManageEngine ADSelfService Plus 5.5 Build 5508 (Dec 13, 2017)
- Issues Fixed:
- Issue in cached credentials update when using Windows native VPN client.
- When password reset secure link is opened in a mobile web browser, it redirects the user to the login page of ADSelfService Plus instead of the password reset page. This issue appeared when ADSelfService Plus is integrated with AD360 and has now been fixed.
- Oracle Database for importing enrollment data can now be configured using service name as the connection type.
- Vulnerability issue in the Windows login client.
- Issue in check-box option during self-update.
- Issue in logging in to the self-service portal using mail attribute when its value is the same as that of UserPrincipalName.
- Change password issue when User must change password at next logon option is enabled in AD.
- Issue which displayed incorrect message during SMS verification.
New in ManageEngine ADSelfService Plus 5.5 Build 5507 (Nov 21, 2017)
- Highlight:
- Four new authentication methods: Biometric, QR code, time-based one-time passcode, and push notification can be used for identity verification during password self-service; all four methods come built-in with the ADSelfService Plus mobile app.
- Support for Duo Security, RSA SecurID, and RADIUS authentication methods in mobile app.
- Note: The new features are currently available in Android app only. The ADSelfService Plus mobile app for iOS is currently pending for review by Apple and will soon be published in the App Store.
- SSO support for three new apps: Bamboo, Bonusly, and Cybozu.
- Enhancement:
- Now set different limits for self-reset password and unlock account actions in advanced policy configuration.
- Support for inetOrgPerson objects in addition to user objects for AD LDS password synchronization.
- Issues Fixed:
- Issue in updating the OUs' names even after manually running a refresh of domain objects in ADSelfService Plus.
- Enrolling users via CSV import has been optimized.
- Issue in viewing Organization Chart when it is opened in Internet Explorer compatibility mode.
- Issue in navigating through the reports.
- Issue in sending SMS messages through custom SMPP protocol.
New in ManageEngine ADSelfService Plus 5.5 Build 5506 (Oct 17, 2017)
- Highlight:
- SSO for 90+ cloud apps: Now provide users with one-click access to 16 more cloud apps such as Office 365, SugarCRM, LiveChat, Cisco Meraki, in addition to the already supported 80 apps.
- Issues Fixed:
- Vulnerability issue when using Google Authenticator.
- Issue where the login client software is not copied to the target machine during manual installation from the ADSelfService Plus admin portal.
- Issue where users were not able to close the enrollment pop up when the force enrollment logon script is pushed via GPO.
- Enrollment issue which forced enrolled users to enroll again when they log in to the self-service portal.
New in ManageEngine ADSelfService Plus 5.5 Build 5505 (Oct 10, 2017)
- Highlight:
- Employee Search feature is now supported in the ADSelfService Plus mobile web app.
- Enhancement:
- Now you can sort the Employee Search results based on attributes.
- Issue Fixed:
- Issue in sending enrollment notification to domains that contain a large number of non-enrolled users.
- Brazilian Portuguese language issues have been fixed.
- XSS vulnerability issue while updating manager field using self-directory update.
- Issue in accessing the HTA login script when TLS 1.2 is strictly forced.
- Issue in AD LDS password synchronization.
New in ManageEngine ADSelfService Plus 5.5 Build 5504 (Sep 19, 2017)
- Enhancements:
- You can now use the custom attributes as macros and in password synchronization for linking Active Directory accounts with other applications.
- 'DateTime' data type has been added for creating custom attributes.
- Option to send all notifications to the secondary email addresses of users.
- Now you can customize the license expiration notification settings to suit your requirement.
- PGSQL database that comes built-in with the product has been updated to 9.2.4 version.
- Self-service (password reset, account unlock, and change password) notifications are now supported for non-AD accounts including IBM iSeries, HP UX, Office 365, G Suite, and Salesforce.
- Performance improvements.
- Fixed issues:
- Issue which failed to partially hide the email address during the secure link identity verification process for password reset and account unlock.
- Some security issues have been fixed.
- [For builds 5400 and later] Issue in enforcing the product to use a particular TLS protocol.
New in ManageEngine ADSelfService Plus 5.5 Build 5503 (Sep 6, 2017)
- Features:
- ADSelfService Plus can now be integrated with SIEM solutions that support syslog such as Splunk to forward audit logs and gain advanced intelligence on user activities.
- Enhancement:
- Compliance with Vasco authentication server for RADIUS multi-factor authentication.
- Issue Fixed:
- Issue which caused database migration to slow down.
- Issue which caused the product startup to fail while importing enrollment data from Oracle database.
- Issue which prevents deleting unowned licensed users.
- Issue in sending soon-to-expire password notifications.
New in ManageEngine ADSelfService Plus 5.5 Build 5502 (Aug 1, 2017)
- Highlight:
- Single Sign-On for 80 cloud applications: Now provide users with one-click access to over 80 cloud applications.
- Enhancement:
- Option to configure display name of applications configured for password synchronization.
- Issue Fixed:
- Issue which restricted Free Edition users from configuring multiple AD domains after the end of trial period.
New in ManageEngine ADSelfService Plus 5.5 Build 5501 (Jul 15, 2017)
- Features:
- Supports customization of texts in the app’s home page.
- Issues Fixed:
- GINA installation issue when there is a newline character in frame text.
- Issue which obscured the remaining Clickatell SMS count from being viewed in the license details page.
- Issue which prevented users from accessing the Audio CAPTCHA button using the keyboard.
- Issue in editing the Manager field while configuring self-update layout.
- Issue which prevented password expiration notifications from being sent to members of domain users group.
- Issue in self-service password reset operation when a domain controller configured in Site-based DC is removed from the Domain Settings configuration.
- Unknown errors which caused the product to crash during self-service operations.
- Issue in proxy server configuration which displayed a blank page after a successful self-service operation
- Issue in installing the Password Sync Agent on FIPS compliance enabled domain controllers.
- Issue which displayed incorrect password reset status displayed for Office 365.
- Issue in installing GINA client when VPN parameters contain special characters.
- Issue in CSR generation while configuring SSL certificate.
- Issue in AD synchronizer scheduler which fails to import domain users from Active Directory.
- Server settings will be configurable when the app is opened for the first time after installation even though admin has disabled it in the product.
New in ManageEngine ADSelfService Plus 5.5 Build 5500 (Jun 23, 2017)
- Enhancements:
- Enforce password history checks for password reset operations using password policy enforcer.
- Restrict users during license management based on their smart card status (enabled/disabled).
- Set up scheduler to automatically reinstate revoked licenses of users when specific conditions, such as user account is enabled, user account becomes active, and smart card is enabled, are met.
- Now send attachments along with password expiration notifications.
- Enroll users in bulk for Duo Security authentication by importing data from CSV files and external databases.
- Enable product downtime notifications to instantly get alerts whenever the product stops running.
- Issues Fixed:
- Issue in saving Access URL has been fixed.
New in ManageEngine ADSelfService Plus 5.4 Build 5400 (May 26, 2017)
- Enhancements:
- Apache Tomcat server used in the product is now updated to version 8.0.
- Added an option to show/hide the “Reset Password/Unlock Account” tile from the Windows login screen.
New in ManageEngine ADSelfService Plus 5.3 Build 5330 (May 4, 2017)
- Windows Server 2016 support: Adds self-service password reset and account unlock support for Active Directory users in Windows Server 2016 domain.
New in ManageEngine ADSelfService Plus 5.3 Build 5329 (Apr 28, 2017)
- Issues Fixed:
- Issue in using Cisco AnyConnect VPN for cached credentials update.
- Issue in logon client (GINA/Credential Provider agent) installation caused by configuring 64-bit VPN settings for cached credentials update.
- Issue in updating to the latest build using service pack.
- Issue in starting the product using the desktop shortcut icon.
- Issue in customizing the size of non-English fonts on logon page.
New in ManageEngine ADSelfService Plus 5.3 Build 5328 (Apr 18, 2017)
- Enhancements:
- Mobile app customization: Now you can completely customize the home screen of the app and disable access to certain features.
- Dictionary rule in password policy enforcer can now be configured to restrict password that is either an exact match of a dictionary word or has dictionary words as its substring.
- Issues Fixed:
- Issue in configuring OpenLDAP server over SSL.
- Alignment issue in login page when product language is set to Arabic.
- Issue in editing the email verification code message as HTML during multi-factor authentication configuration.
New in ManageEngine ADSelfService Plus 5.3 Build 5327 (Apr 9, 2017)
- Released on March 15, 2017
- Features:
- Duo Security, RSA SecurID and RADIUS-based authentication support: Self-service password reset and account unlock processes are now more secure than ever thanks to three new authentication methods for verifying users’ identities.
- RADIUS-based authentication support for two-factor authentication during login.
- Support for SMPP-based custom SMS provider.
- Issues Fixed:
- Issue in installing the login client software in MAC machines.
- Issue in configuring Salesforce for password sync and SSO.
- Issue in sending email verification code for login two-factor authentication when the email body contains HTML code.
- Issue which showed an error message when the change password tab is clicked.
- Issue which triggered verification code emails twice when Internet Explorer 11 is used for the self-password reset process.
- Issue in importing CSV file during auto enrollment when the domain name contains special characters.
New in ManageEngine ADSelfService Plus 5.3 Build 5326 (Mar 30, 2017)
- Released on February 24, 2017
- Enhancements:
- AD domain-to-domain password sync: Now you can enable password synchronization between two or more Active Directory domains.
- Option to synchronize passwords only after successful password reset in Active Directory.
- Ability to identify the IP addresses of machines used to access the product via proxy server.
- Issues Fixed:
- XSS vulnerability in self-update manager field.
- Issue which resulted in distorted photos during self-update.
- Issue which associated technicians with wrong time zone.
New in ManageEngine ADSelfService Plus 5.3 Build 5325 (Feb 9, 2017)
- Two-factor authentication for ADSelfService Plus login can now be configured based on OUs and groups. To configure the settings, navigate to Configuration → Policy Configuration → Select Policy → Advanced → Login TFA.
- Option to exclude smart card users from password/account expiration notifications, and soon-to-expire password users and password expired users report.
- Now you can import enrollment data from an external/in-house PostgreSQL database.
- Option to display "Select mobile no./Email address" as the default text in drop down list during verification code step.
New in ManageEngine ADSelfService Plus 5.3 Build 5324 (Jan 22, 2017)
- Enhancements:
- 64-bit version of VPN clients are now supported for cached credentials update.
- Cisco AnyConnect VPN client is now supported for updating cached credentials.
- The photo attribute can now be set as ‘Read Only’ in self-update layout.
- Issues fixed:
- Issue which allowed end users to tamper with the password self-service process.
New in ManageEngine ADSelfService Plus 5.3 Build 5323 (Jan 22, 2017)
- Enhancements:
- The password policy enforcer feature now ensures strong passwords for your users by:
- Preventing the use of any dictionary word.
- Prohibiting the use of five consecutive characters from an old password.
- Mandating the use of at least one Unicode character.
- You can exempt a password from complying with a custom password policy if it meets a certain character length set by you.
- The password strength analyzer feature now works even without enforcing your custom password policy.
New in ManageEngine ADSelfService Plus 5.3 Build 5322 (Jan 22, 2017)
- Issues fixed:
- Issue in Windows logon agent (GINA/CP) when GINA/Mac customization scheduler is configured.
- Issue which failed to save OU and group selections during policy configuration.
New in ManageEngine ADSelfService Plus 5.3 Build 5321 (Jan 22, 2017)
- Enhancements:
- Enhanced Force Enrollment: Now you can configure multiple force enrollment schedulers based on self-service policies.
- Option to exclude disabled users while scheduling soon-to-expire password users and password expired users reports.
- Users can be restricted to select managers from a specific set of OUs or groups during self-update of AD profile information.
- Issues fixed:
- Issue in changing the database to MS SQL that is located in another untrusted domain when NTLMv2 is enabled.
- Issue in displaying password policy rules in mobile web browsers during password reset via secure email link.
- Corrected the UI text which showed reset password successful message for Office 365 change password operation.
- Issue in password reset when enforce password history option is enabled.
- Issue in ServiceDesk Plus integration.
- Issue in loading the CAPTCHA image properly when using reverse proxy.
- Protocol can be now be configured during the manual installation of logon (GINA/CP) client software.
- UI issue in multi-factor authentication configuration page when the verification code email message contains double quotes.
- Domain settings issue which prevented a domain containing a large number of users from being deleted.
- Issue in reports which showed the values available in the mail/mobile attributes instead of the attributes configured by the admin.
New in ManageEngine ADSelfService Plus 5.3 Build 5320 (Jan 22, 2017)
- Enhancements:
- Configuring Mobile Push Management (MPM) is now a child's play. All you have to do is request the PLIST file from ADSelfService Plus support team and follow it up by getting the MDM managed certificate from Apple. For step-by-step instructions, click here.
- The server settings of ADSelfService Plus mobile app can now be remotely configured through MPM.
New in ManageEngine ADSelfService Plus 5.3 Build 5319 (Nov 3, 2016)
- Features:
- Support for RSA SecurID to protect users logging into ADSelfService Plus through two-factor authentication.
- Issue Fixed:
- Fixed a vulnerability issue in two-factor authentication
New in ManageEngine ADSelfService Plus 5.3 Build 5318 (Sep 29, 2016)
- Features:
- Audio CAPTCHA support for easier accessibility.
- ServiceDesk Plus integration now allows you to automatically create tickets for end user self-service actions in the help desk software.
- Enhancement:
- Now acknowledgement notifications can be sent for enrollment, self-update and blocked user events to both end users and administrators.
- License usage details will now be included in the license expiration notification email and when exporting licensed user reports.
- Now you can import enrollment data from CSV files of any encoding type.
- Issues fixes:
- Issue in displaying the login agent image (Credential Provider client) after Windows 10 anniversary update.
- Scroll bar issue in the Windows 10 login agent self-service wizard.
- Issue in NTLM SSO which turned the self-service portal into a blank page in Internet Explorer.
- Issue which caused the Enroll Now button to disappear in the force enrollment pop up.
- Issue in editing self-update layout.
- Issue in saving password expiration reminder schedulers.
- Enrollment issue which forced users to enter both their mobile and email details even when they are not made mandatory.
- Issue which caused duplicate entries in reports when they were exported in CSV file format.
- Issue which caused a script error when a user is deleted from the licensed user report.
- Issue in saving Access URL in Internet Explorer.
New in ManageEngine ADSelfService Plus 5.3 Build 5317 (Sep 7, 2016)
- ENHANCEMENTS:
- Now get ADSelfService Plus in your language. Fully localized versions are available for:
- Chinese
- Dutch
- French
- German
- Italian
- Japanese
- Russian
New in ManageEngine ADSelfService Plus 5.3 Build 5316 (Sep 5, 2016)
- Issue Fixed:
- Change password issue which was caused due to a recent Windows update.
New in ManageEngine ADSelfService Plus 5.3 Build 5315 (Jul 27, 2016)
- Issues Fixed:
- Login issue in Windows 10 when 'Other Users' option is used.
- Windows logon agent (Credential Provider) issue while establishing remote connection to any PC from Windows 10.
- Windows 10 users not being able to change their passwords from Ctrl-Alt-Delete screen, when password policy enforcer feature was enabled.
- Fixed password sync agent which caused issues in DC.
- Issues in manual linking and unlinking of AD accounts from non-AD applications in Internet Explorer.
- Employee search getting blocked in Chrome and Firefox browsers.
- Failed login attempts due to incorrect update of Bad-Pwd-Count attribute.
- Issue with character count while resetting passwords.
- Users being forced to enter their mobile numbers, which is a non-mandatory field, during enrollment.
- Issue in sending scheduled reports to admins when multiple domains are configured.
- Incorrect entries in Unlock Account Audit report.
- Customized logo set in the product not being displayed in exported reports.
New in ManageEngine ADSelfService Plus 5.3 Build 5314 (Jun 1, 2016)
- Issues Fixed:
- Issue in manual linking of Active Directory user accounts with Oracle E-Business suite.
- Issue in synchronizing password with Oracle E-Business suite during password reset.
- Issue with textarea formatting (font color, size, type) while customizing logon page in
- Internet Explorer 11.
- Issues related to duplicate values while updating the drop down box options in self-update layout.
- SMTP error after update.
- GINA issue when VPN is enabled.
- GINA issue which lead to the slow loading of reset page after identity verification.
- Issue in applying service pack when ADSelfServicePlus.exe is used by other processes.
- Issue which prevented domain technician users from logging in when no policy was linked to them.
- Setting response header for help document - security issue.
- Issue with customized GINA reset icon when client software is installed through GPO.
- Issue with sending email notifications in HTML format.
New in ManageEngine ADSelfService Plus 5.3 Build 5313 (Apr 27, 2016)
- Features:
- Single Sign-on support for SaaS applications to simplify identity management.
- Password Policy Enforcer to enforce and display custom password policies across the web console, GINA/CP (Ctrl+Alt+Del) client, and password sync agent.
- Two-factor authentication support (Duo security provider) to secure user login.
- Allow users to automatically log in to the ADSelfService Plus mobile app by enabling the 'remember me' option [For ADSelfService Plus iOS mobile app users, this feature will be released after the review process by Apple.]
- Enhancements:
- Account expired notification to keep end users, their managers and administrators updated about expired accounts.
- Ability to restrict active users for license management.
- Ability to restrict admin logon page access to a range of IP addresses.
- Option to hide secondary mail and mobile enrollment.
- Now you can disable access to mobile web app.
- Separate hide options for mobile access and help guide on end-user page.
- Now you can easily associate a self-update layout to a policy from the self-update layout page itself.
- Separate CAPTCHA settings for select verification mode and select recipient pages.
- Now you can use display name in the from address field for email notifications.
- Issues Fixed:
- Issue with sending email notifications in HTML format.
- Issue in sending expiration reminders when both account expiration and password expiration fall on the same day.
- Issue which displayed Chinese characters as garbage values in the GINA button.
- Issue in installing the GINA client when the password in domain settings contains double quotes.
- Issue with the logon agent installation in the latest Mac OS version El Capitan.
- Issue which prevented Password Sync Agent installation in domain controllers running a non-English version of Windows Server OS.
- Issue which automatically capitalized the first letter of the password while trying to login through Safari mobile browser.
- Issue with the listing of security questions during password reset.
- Issue in mobile web app which failed to show the retry option during self-password reset.
- Enforce password history settings will no longer create temporary passwords containing part of the username.
- Issue which sent unencrypted user password to OpenLDAP server.
- Password expired notification filter issue in notification delivery report.
- Issue which failed to notify administrators about users' change password actions.
- Issue which duplicated security questions in database when the character ' is used while adding the question.
- Issue in showLogin page when NTLM SSO is enabled and NTLMv2 session security is forced.
- Issue with saving automatic reset & unlock scheduler configuration.
- Issue in backing up MySQL database.
- Fixed some vulnerability issues.
New in ManageEngine ADSelfService Plus 5.3 Build 5312 (Mar 15, 2016)
- Single Sign-on support for SaaS applications to simplify identity management.
- Password policy enforcer to enforce and display custom password policies across the web console, GINA/CP (Ctrl+Alt+Del) client, and password sync agent.
New in ManageEngine ADSelfService Plus 5.3 Build 5311 (Feb 6, 2016)
- Issue Fixed:
- Missing 'Don't inherit child OUs' option in OU/Group selection under policy configuration has been restored.
New in ManageEngine ADSelfService Plus 5.3 Build 5310 (Jan 28, 2016)
- Features:
- 64-bit version of ADSelfService Plus for Windows is now available for download.
- Mobile App Deployment: Now you can push ADSelfService Plus mobile apps to end users’ devices directly from the self-service portal.
- Issues Fixed:
- Blank page issue in GINA portal when auto send password via text/email is enabled.
- Blank page issue when the reset password page is accessed directly by entering the URL.
- Issue in automatically unlocking the locked out accounts.
- Issue which failed to display mobile numbers during password reset/account unlock process when the number contains non-numeric characters.
- Issue which disabled force enrollment for the entire domain when force enrollment is disabled for any one self-service policy associated with that domain.
- Issue which prevented the data fetcher for external database from running.
- Issue which displayed incorrect headers and values of user report in dashboard.
- XSS vulnerability issue caused by editing the title field under rebranding settings.
- Missing file content check for title image and product logo under rebranding settings
New in ManageEngine ADSelfService Plus 5.3 Build 5309 (Jan 7, 2016)
- This release fixes many grammatical errors that were found in the product user interface(UI) and help documents to provide a better user experience.
New in ManageEngine ADSelfService Plus 5.3 Build 5308 (Dec 31, 2015)
- Enhancements:
- Users' secondary email address and mobile number can now be used for sending auto-generated password, enrollment notification, and password and account expiration notification.
- Now you can automatically link AD accounts with other providers for password synchronization by mapping custom attributes.
- Ability to personalize the password expired notification content.
- Ability to preview the password expiration notification template.
- Ability to automatically retry the password expiration notification in case of any failures.
- Issues Fixed:
- Issue which forced users to begin password reset process from scratch when password complexity rules were not met.
- Issue in sending enrollment notification to a group if it has more than 1500 members.
- Issue which caused errors in enrollment report when users’ display name exceeded 255 characters.
- Issue faced in auto-enrollment while importing mobile numbers with special characters ‘-’ and ‘()’.
- Issue faced in auto-enrollment where only the last security question of multiple questions was used to enroll users when importing from a CSV file.
- Issue in updating Manager field in self-update from force enrollment page.
- Issue faced in enrollment when mobile format is specified, where users were forced to enter secondary mobile numbers even when it was not mandated.
- Issue in executing UpdateManager.bat file when the product is installed in a drive other than the default drive.
- Issue faced with displaying dateTime macro in subject field of Scheduled Reports.
- Issue faced while sending password expiration notification that sent incorrect days for expiration when notification has been configured to be sent on specific days.
New in ManageEngine ADSelfService Plus 5.3 Build 5307 (Nov 16, 2015)
- Feature:
- The password self-service logon agent (Credential Provider extension) has been enhanced to support Windows 10.
- Enhancements:
- Enrolled Users report can now be filtered based on enrollment type; also shows secondary email address & mobile number used for verification code.
- Now you can filter the logon agent (GINA/CP extension) reports based on operating system and sort the result.
- Now you can search the Security Questions report based on questions.
- Ability to run a custom script after a self-unlock account action.
- Ability to add request headers in Custom SMS settings.
- Issues Fixed:
- Issue caused by Password Strengthener when the restricted patterns length exceeds 1000 characters.
- Issue in sending Email & SMS (Custom SMS provider) when SSL is enabled by the SMTP/SMS provider.
- Issue in password expiry notification configuration, which caused notification to be sent on password expiry date without being set.
- Issue in installing the logon agent using the product user interface when scheduler is running in background.
- Issue which crashed the application while restricting service accounts without necessary permission.
- Issue in closing the logon agent (GINA/CP extension) window.
- Issue in inactive users report generation, when multiple DCs are configured for a domain.
New in ManageEngine ADSelfService Plus 5.3 Build 5306 (Oct 19, 2015)
- Enhancements:
- Now you can set a limit for the number of password resets and account unlocks a user can perform in a given number of days.
- Issues Fixed:
- Issue in directory self-update when a custom attribute is added to the layout.
- Issue in importing CSV files by technicians who are logged in using ADSelfService Plus authentication.
- Issue which prevented users from changing their passwords using ADSelfService Plus mobile site when ‘Users must change password at next logon' option is enabled in Active Directory.
- Issue which failed to show the success message for Google Apps password reset and change passwords.
- License expiry notification sent 2 days before expiration has been removed.
New in ManageEngine ADSelfService Plus 5.3 Build 5305 (Sep 2, 2015)
- Enhancements:
- Business Logic for Self-Update: You can now configure your organization’s business logic for self-update to auto-populate attribute values based on user input
- Option to overwrite enrollment data while automatically fetching data from external data sources
- Password Sync Agent can now invoke a post action custom script
- Issues Fixed:
- Slowness issue in password reset, account unlock and change password when password sync for Google Apps
- Issue in automatically linking AD and Salesforce accounts for password sync
- Issue in "Access admin login from" when DNS name of the server is not resolved
- Issue which appeared when custom script contains special characters
New in ManageEngine ADSelfService Plus 5.3 Build 5304 (Sep 2, 2015)
- Issues Fixed:
- Issue in accessing the self service portal through GINA due to a script error.
- XSS vulnerabilities have been fixed for improved security.
- Issue in enrolling users from external database when the total number of users exceed a certain limit.
- Issue in license management while accessing unowned licenses.
- SSO issue which prevented Mac users from accessing the self service portal.
- Issue in editing the self update layout through Internet Explorer.
- Issue which prevented technician users from viewing the self service policies associated with password sync.
New in ManageEngine ADSelfService Plus 5.3 Build 5303 (Jul 14, 2015)
- Feature:
- Now update local cached password when remote users reset their passwords in Active Directory through the GINA/CP client.
New in ManageEngine ADSelfService Plus 5.3 Build 5302 (Jun 29, 2015)
- Enhancements:
- Mobile Push Notification support for enrollment and password expiry notifications.
- Now automatically enroll users by creating a scheduler for importing enrollment data from a CSV file from any shared location.
- Added an option to choose the security settings (none, SSL, TLS) during custom SMS provider configuration.
- Admins can now enable forced enrollment for specific users by manually configuring the built-in logon script file.
- Issues Fixed:
- Issue in self-updating mobile number using Internet Explorer.
- Issue which allowed users to edit the read-only fields during self-update.
- Issue which prevented users from updating the country field during self-update.
- Issue in updating the product when another process running on a virtual IP is using the same port number.
- Issue which consumed 100% CPU when account expiry scheduler with “on specific days” is enabled.
- Issue in enrolling with Google Authenticator when ENTER key is pressed.
- Issue which failed to display the logo in mobile apps.
New in ManageEngine ADSelfService Plus 5.3 Build 5301 (May 21, 2015)
- Enhancement:
- Option to set the keystore password, which will be encrypted for heightened security, directly using the product UI.
- Issues Fixed:
- Issue in automatically enrolling users using external data source when ‘Overwrite enrollment data’ option is enabled.
- Issue in syncing Oracle Database and Office 365 passwords when the password contains special characters.
- Issue which caused the loss of enrollment data while editing security questions.
- Issue which launched the Choose Manager pop-up in a new tab.
- Issue in external data source fetcher when the query contains XSS character.
- Issue in sending SMS when the message contains blank space.
- Issue in navigating through the OUs in tree view under the Reports tab when the OU name contains special characters.
- Issue which failed to save OUs with special characters while configuring password expiry notification schedulers.
- Issue which failed to load the custom logo in mobile app.
- Issue in saving advanced policy configuration when the username macro is used in the automation tab.
- Organization Chart issue which showed extra columns in the result.
- Script error in GINA login page when login option is enabled.
- Issue which failed to accept the keystore password while importing SSL certificates.
New in ManageEngine ADSelfService Plus 5.3 Build 5300 (Apr 30, 2015)
- Features:
- Help desk assisted self-password reset and account unlock using Active Directory attributes as security questions to verify user identity.
- Enhancements:
- Updates Java Runtime Environment package to version 7.
- Supports TLS 1.2 for heightened security.
- Admins can now receive real-time notifications as and when end-users perform reset password/account unlock.
- Ability to copy an existing self-update layout and create a new one from it.
- Supports multiple mobile number formats; you can also force users to comply with the specified formats during self-update.
- Supports cross-database migration; easily migrate all the product data from your existing database to another (except to MySQL).
- Issues Fixed:
- Fixed an issue caused by the deprecation of Google Apps provisioning API. We have now migrated to the Google's new Directory API.
- Issue which prevented users assigned as ‘technicians’ from changing their passwords.
- Issue which prevented users from selecting recipient mobile number to receive verification codes.
- Issue in generating reports after restoring the database from a backup.
- Issue in Notification Delivery Report which displayed duplicate user records.
- Issue which sent multiple license expiry notification emails.
- Issue which failed to update the Dashboard when a user is logged in as a technician.
- Issue which showed the ‘My Info’ tab instead of the default tab after uploading photo.
- Issue which prevented default admin from viewing the enrollment notification schedulers created by technicians.
- Fixed an issue which caused users assigned as ‘technicians’ to be logged in as domain users.
- Issue which failed to apply the force enrollment script to users who are newly added to a group with self-service policy applied to it.
- Issue in self-update which allowed end-users to edit the ‘read-only’ fields.
- Issue in self-update which displayed an empty page when users edit the sAMAccountName field.
- Issue in embedding cross domain employee search in Internet Explorer.
- Issue in integrating other ManageEngine products in ADSelfService Plus (applies to customers who have updated their old builds using service pack).
- Issue in changing the mobile browser title.
- Issue which prevented the ACCESS URL from being used during GINA installation and customization.
- Proxy settings is now enabled for HTTPS connections too.
- The following security issue have been fixed: CSRF, Cross Frame Scripting (XSF)/Click Jacking, Weak Cache Policy/Server Cache Policy, MIME-SNIFFING, Cross Origin Resource Sharing (CORS), Browser Autocomplete Issue HttpOnly and Secure Flag, Directory Listing, SHA1WithRSA for CSR creation, jQuery migrated to new version to avoid Vulnerability, Session Fixation, HTTP Methods Blocking.
New in ManageEngine ADSelfService Plus 5.2 Build 5208 (Apr 27, 2015)
- Issues Fixed:
- Issue in accessing the password reset secure link from a mobile browser.
- Issue in saving automatic password reset and account unlock schedulers.
- Issue which prevented the force enrollment pop up from being displayed when admin log in is hidden and only enrollment tab is enabled in end-user portal.
- Issue in Notification Delivery Report which displayed duplicate user records.
- Issue which prevented default admin from viewing the enrollment notification schedulers created by technicians.
- Issue which showed the ‘My Info’ tab instead of the default tab after photo upload.
- Issue in changing the mobile browser title.
- Fixed a bug that sent license expiry notification email for the free tool
- Fixed an issue caused by the deprecation of Google Apps provisioning API. We have now migrated to the Google's new Directory API.
New in ManageEngine ADSelfService Plus 5.2 Build 5207 (Mar 23, 2015)
- Enhancements:
- Now you can easily migrate product data from your existing database to another (except to MySql).
- Java RunTime Environment used in the product has been updated to version 7.
- Support for TLS 1.2 for heightened security.
- Ability to copy an existing self-update layout and create a new one from it.
- Now you can specify multiple formats for the mobile number field while editing the self-update layout.
- Google Authenticator support has been extended to Mobile Web App.
New in ManageEngine ADSelfService Plus 5.2 Build 5206 (Feb 12, 2015)
- Issues Fixed
- Issue which prevented migration from 5203 to 5204/5205 build when MS SQL database is in use.
- Issue which displayed sAMAccountName instead of displayName while choosing the Manager in self-update.
New in ManageEngine ADSelfService Plus 5.2 Build 5205 (Feb 10, 2015)
- Enhancements:
- Now easily integrate custom SMS gateway providers using the product GUI.
- Notification emails to alert you when licensed user count reaches its maximum limit.
- Notification emails to alert you about license and AMS expiry.
- Issues Fixed:
- Issue in change password when it is done by a service account user with only change password permission.
- Reset Password issue which displays the error ‘Problem in Change Password’ when enforce password history settings is enabled.
- Issue in accessing password reset wizard from the login screen when multibyte characters are used in the GINA/CP button.
- Issue in AD LDS and OpenLDAP configurations for customers migrating from old builds.
- Password Sync Agent installation issue in non-English OS has been fixed.
- Password Sync Agent issue which failed to sync passwords of users whose username contains more than 16 characters.
- Issue in password sync agent audit log which stored the application IP address instead of the domain controller IP address has been fixed.
- Issue which doesn’t prompt users to enter their alternate email address for receiving verification code.
- Issue in configuring ‘Connection Security (SSL/TLS)’ under Mail Settings
- Issue in saving mail server settings when the from address or admin mail address contains a top level domain name with more than 4 characters.
- Issue in taking manual backup using backupdb.bat.
- Issue which prevented any of the multi-factor authentication option from being set as mandatory.
- Issue in setting a default tab under ‘Tab Customization’.
- Issue in accessing cross domain organization charts when logged in as a domain user.
- Disabled the "Interactive Services Detection" message pop-up which appears when ADSelfService Plus is configured to run as a service.
- http://server:port/showLogin.cc?domainName=%domainName% - Now you can use Domain Flat Name or Domain DNS Name for the %domainName% macro.
- Fixed slowness issues in product and report generation.
New in ManageEngine ADSelfService Plus 5.2 Build 5204 (Jan 20, 2015)
- Feature:
- Send real-time Email and/or SMS notifications to end-users as and when their Active Directory passwords are changed or reset natively in Windows.
- Enhancement:
- Reset Password and Change Password audit reports have been enhanced to include native password changes (Ctrl+Alt+Del screen) and password resets (ADUC console)
New in ManageEngine ADSelfService Plus 5.2 Build 5203 (Jan 5, 2015)
- Features:
- OpenLDAP and AD LDS based directories are now supported for self-service password management and password synchronization.
- Issues fixed:
- Issue in employee search which fails to show the result when search filters are used.
- Issue which failed to display enrollment prompt to dis-enrolled users when they log in to the self-service portal
- Issue in password reset which showed 'specified network password is incorrect' even after successful reset when password history settings is enforce
New in ManageEngine ADSelfService Plus 5.2 Build 5202 (Dec 12, 2014)
- Features:
- Now you have the option to enable CAPTCHA on the login page after a certain number of failed login attempts.
- Issues fixed:
- Issue which prevented service account users from self-updating attributes even when they have sufficient rights.
- Issue which added new users to the restricted users list because of no last logon time.
- Issue which affected the dashboard UI when AD blocker is enabled on the browser.
- Fixed an issue in password sync agent by excluding password capture from a new computer joined to the domain.
- Issue which prevented the addition of Technician operation role when there is a large number of restricted users.
- Fixed a bug that showed incorrect error message to users, whose accounts are locked out, when they try to log in to ADSelfService Plus
New in ManageEngine ADSelfService Plus 5.2 Build 5201 (Dec 2, 2014)
- Feature:
- Introducing Password Sync Agent: Now synchronize native password changes (password change through Ctrl+Alt+Del screen and password rest through ADUC) in Windows Active Directory with the users’ associated IT systems and applications in real-time.
New in ManageEngine ADSelfService Plus 5.2 Build 5200 (Nov 26, 2014)
- Features:
- Multiple Login Options: Users can log in to the self-service portal with any AD attribute with unique value such as mail and telephoneNumber.
- Now verify users’ identity by sending them an email containing a secure password reset/account unlock link.
- Ability to restrict service accounts using license management to free up license count.
- Issues fixed:
- Issue in self-update which displays incorrect value in the manager field.
- Issue in automated password reset.
New in ManageEngine ADSelfService Plus 5.1 Build 5116 (Nov 10, 2014)
- Issues fixed:
- Issue which disrupts GINA UI when caps lock is pressed while entering the password.
- SSO issue in Chrome browser.
- Issue in password expiry notification when it is configured for a group with a large distinguishedName.
- Issue in password expiry notification delivery report which failed to show the delivery status properly.
- Issue which ignores the default system language and displays the product only in English.
- Issue in reports when they are generated for OUs containing special characters.
- Issue in showing the status message during unlock account process when retry option is enabled.
- Issue in linking accounts for password synchronization.
- Issue in synchronizing passwords when force synchronization is enabled.
New in ManageEngine ADSelfService Plus 5.1 Build 5115 (Oct 11, 2014)
- Issues fixed:
- Issue in sending password expiry notifications on specific days.
- Issue in sending password expiry notification to unlimited users in Free Edition.
- Issue in syncing Office 365 passwords when you are using an older version of Microsoft online services module.
- Issue which syncs password with Active Directory even though the user's AD account is not selected during password reset or change.
- Issue which displays incorrect user count in the security questions and answers report.
- Issue which shows incorrect count in user reports under Dashboard.
- Issue in notification delivery report where incorrect status is shown for enrollment notifications sent to users.
- Issue which shows incorrect status message during self-unlock account if a domain is configured using insufficient permissions.
New in ManageEngine ADSelfService Plus 5.1 Build 5114 (Sep 10, 2014)
- Enhancements:
- Option for users to choose the language of their choice from the log in page itself.
- OUs selected during report generation will now be preserved and reused for reports displayed on the dashboard.
- Issues fixed:
- Issue in GINA/Credential Provider which failed to start the password reset/unlock account wizard from the logon screen.
- Issue which prevented product administrators from editing Domain settings and generating Enrolled users report.
New in ManageEngine ADSelfService Plus 5.1 Build 5113 (Sep 1, 2014)
- Enhancements:
- Crop Photo option – Users now have the ability to crop their photos before self-updating them in Active Directory.
- New macros added – dateTime and reportName; can be used in the subject of notification emails.
- Issues fixed:
- Issue that displayed incorrect password policy message when maximum password age is set to never expire has been fixed.
New in ManageEngine ADSelfService Plus 5.1 Build 5112 (Aug 25, 2014)
- Issues fixed:
- Issue that causes pages to be displayed incorrectly when the browser's default language is not supported by the product.
- Issue that requires the users enrolled with mandatory questions to enroll again.
New in ManageEngine ADSelfService Plus 5.1 Build 5111 (Aug 25, 2014)
- Issues fixed:
- Some issues that appeared when Japanese is selected as the default language. The issues that have been fixed are:
- Issue that displays a blank pop up window when the “Automatic Reset and Unlock” feature is accessed from the dashboard.
- Issue in deleting licensed users.
- Issue in displaying the force enrollment message.
New in ManageEngine ADSelfService Plus 5.1 Build 5110 (Aug 8, 2014)
- Enhancements:
- Google Authenticator is now supported by the Android and iPhone apps as one of the multi-factor authentication options.
- Issues fixed:
- Issue in self password reset when the user name contains apostrophe.
- Issue which prevents users from logging in to ADSelfService Plus when they have comma in their distinguished name and have the "change password at next logon" flag set.
- Issue that displayed the system error message to end-users during change password.
New in ManageEngine ADSelfService Plus 5.1 Build 5109 (Jul 28, 2014)
- Issues fixed:
- Issue in customizing the logon page.
- Issue in Self Directory Update that forced users to fill non-mandatory, but number-only fields.
- Issue in sending test emails when SMTP authentication is used.
- Issue that forced users to enroll for verification code when mobile number format setting is enabled.
- Issue that refreshed the CAPTCHA code whenever the ENTER key is pressed during reset password/unlock account operations.
- Issue that runs GINA/Mac Customization Scheduler repeatedly ever after successful customization.
- Issue in displaying email/mobile number fields during reset password/unlock account when the respective data have been deleted in Active Directory.
- Login page issue for users who have "user must change password at next logon" setting enabled for them.
New in ManageEngine ADSelfService Plus 5.1 Build 5108 (Jul 15, 2014)
- Feature:
- ADSelfService Plus integration with ADManager Plus now enables you to take control of users’ self-service actions with the new Self-Service Approval Workflow feature.
- Enhancements:
- Password Expired users can now change their passwords when they log in to ADSelfService Plus.
- Mobile App now has a 'Desktop Site' option; allows users to switch to the desktop version of ADSelfService Plus.
- Issues fixed:
- Issue in customizing the logon page.
New in ManageEngine ADSelfService Plus 5.1 Build 5107 (Jun 17, 2014)
- Enhancements:
- Zendesk and Microsoft Dynamics CRM are now supported for self-service password management and synchronization.
- ServiceDesk Plus is now integrated with ADSelfService Plus; allows admins and end-users to quickly access the help desk software.
- I18n support for mobile apps; all the 17 languages supported by the web console are now supported by the mobile apps.
- Now easily deploy the Mac login agents from the web console itself.
- Issues fixed:
- Issue in linking Office 365 sub domain accounts by end-users for password sync
- Issue in closing the ‘Edit Questions’ dialog box
New in ManageEngine ADSelfService Plus 5.1 Build 5106 (May 30, 2014)
- Enhancements:
- Default admins can now view report schedulers and all its information created by users associated with the ‘Technician’ role.
- OUs selected during report generation will now be preserved and re-used while generating reports in the future.
- Fixed:
- Issue that crashes the iPhone app when used with iOS 6.
- Issue with force enrollment.
- Issue that displayed the list of restricted users from default domain to all the technicians regardless of the domain they belong to.
- Blank screen issue when unlock account page is refreshed.
- Issue that throws a ‘page not found’ error when username exceeds 100 characters during reset password/unlock account process.
New in ManageEngine ADSelfService Plus 5.1 Build 5105 (May 15, 2014)
- Enhancements:
- Google Authenticator is now supported as part of our multi-factor authentication set up to further secure reset password/unlock account process.
- Facility to make any or all of the multi-factor authenticator techniques mandatory.
- Option that allows admins to rearrange the order of identity verification steps during reset password/unlock account process.
- Fixed:
- An issue that displays force enrollment notification to non-policy users when a custom logon script is used.
- Issue in selecting security questions during enrollment when users change their choice of questions.
New in ManageEngine ADSelfService Plus 5.1 Build 5104 (Apr 26, 2014)
- Fixed:
- Issue in adding domains to the product when their names start with numeric value.
- Issue with ADSelfService Plus Credential Provider when accessed from the UAC prompt.
- Issue that allowed users to log in using invalid passwords if guest login is enabled on the machine running ADSelfService Plus.
- Issue in enrolling with security answers through Android app.
- Issue in applying the default admin time zone settings to technicians.
- Issue in enrolling with security answers that are longer than 100 characters.
- Issue in reports page and in accessing help from the end-users portal when context path is set.
New in ManageEngine ADSelfService Plus 5.1 Build 5103 (Apr 10, 2014)
- Enhancements:
- You can now export the restricted users list in a desired file format
- Now completely exclude restricted users from showing up anywhere in the product
- Fixed:
- Issue in automatic password reset
- Issue in accessing native mobile apps and mobile webapp
- Issue in displaying verification code enrollment information when email option alone is enabled
- Issue with displaying header logo in scheduled reports when HTML is selected as the storage format
New in ManageEngine ADSelfService Plus 5.1 Build 5102 (Mar 18, 2014)
- Enhancements:
- Alternate Email IDs and Mobile numbers of users stored in any AD attribute can now be used for sending verification codes.
- Admins can auto-enroll users by importing their Email IDs and/or Mobile Numbers from a CSV file or external database.
New in ManageEngine ADSelfService Plus 5.1 Build 5101 (Mar 13, 2014)
- Enhancement:
- Now you can select the protocol (HTTP/HTTPS) to be used for Mac login agent during installation itself
- Fixed:
- Issue in generating user reports when the database (PostgreSQL) server is installed in another machine
- Issue that force users to go back or sign out when they login using Single Sign-On
- Issue in saving ‘Automatic Reset Password’ settings
- Issue in accessing the help guide when context path is added
- Issue in translating the label ‘Description’ when reports are exported
New in ManageEngine ADSelfService Plus 5.1 Build 5100 (Feb 17, 2014)
- Features:
- Login Agent for Mac OS X to allow AD domain users to reset passwords and unlock accounts right from the OS X login screen itself.
- Group-based configuration of self-service policies, enrollment settings and password synchronizer for fine-grained management.
- Now self-service policies will take effect based on their priorities as set by the admin.
- Fixed:
- Issue in saving report schedulers.
- Issue in performing quick search in reports.
- Issue in showing the status of change password actions when enrollment is disabled.
New in ManageEngine ADSelfService Plus 5.0 Build 5041 (Feb 3, 2014)
- Enhancements:
- Added an option to email generated reports
- Fixed:
- Issue with updating profile details when the update button is clicked more than once
- Issue with updating the Advanced Policy Configuration settings from Security Center
New in ManageEngine ADSelfService Plus 5.0 Build 5040 (Feb 3, 2014)
- Enhancements:
- Password Expiry Notifier is now part of our FREE Edition; allows you to notify UNLIMITED users. Also, gains a slew of enhancements including:
- SMS notifications to alert users of their impending password expiry
- Option to select users based on groups for sending password expiry notifications
- Ability to schedule and send reports of users’ password/account expiry to their managers
- Send password expiry notifications immediately with the ‘Run Now’ option
- You can now notify password expired users too
- Enabling SSO now requires you to configure NTLMv2, which has been added to enhance security
- Option to hide ‘Click here to troubleshoot’ link in Reset Password / Unlock Account failure page
- Fixed:
- Issue in removing added OUs while configuring GINA/CP scheduler
- Issue in enabling the ‘Force User to prove their identity via both verification methods’ option
New in ManageEngine ADSelfService Plus 5.0 Build 5032 (Dec 13, 2013)
- Features
- Android App to facilitate mobile password management: Now users can manage their passwords remotely - from anywhere and anytime, with just few taps - using just their Android mobile devices. Get the free app from Play Store.
- ADSelfService Plus iPhone App is now compatible with iOS 7
- Enhancement:
- Ability to rearrange the tabs in end-user portal and set one as default
- Automate fetching of Security Q&A from external databases
- Windows logon agent (Credential Provider) support for Windows 8.1
- Now schedulers can be configured to run every ‘x’ minutes
- Option to continue with the password reset process without having to start over after a failed attempt
- Ability to force synchronization of passwords across all connected systems
- Option to make Active Directory optional during password self-service
- Option to hide 'Unlock Account' button in mobile apps
- Reports now come equipped with ‘Export Settings’ to customize description and logo
- 'Reports Preview' option, which was available on User reports, has now been extended to all reports
- Fixed:
- Issue in navigating through the audit reports
- Issue in updating 'Manager' field when Force Enrollment settings are enabled
- Issue in closing the force enrollment pop-up when the user is logged on from a computer in trusted domain
- Issue in rebranding the mobile app when https is enabled
New in ManageEngine ADSelfService Plus 5.0 Build 5030 (Nov 1, 2013)
- Enhancement:
- Ability to customize mobile app with your own company logo
- Fixed:
- Time zone issue in password expiry notifications
- Issue in Employee Search when ‘days to expire password’ field is enabled
- Issue in deselecting OUs while generating Enrolled and Non-enrolled users reports
- Issue in configuring MS SQL database when password complexity is enabled for MS SQL authentication
- Issue in enrolling for SMS verification when mobile number format contains spaces
- Character limit of Email address field while scheduling the reports has been increased
- Script and UI Alignment issue when product language is set to French, German, Danish and Norwegian
- Automatic password reset no longer fails when primary email is not available
New in ManageEngine ADSelfService Plus 5.0 Build 5022 (Oct 7, 2013)
- Feature:
- Support for Russian and Canadian French languages taking the number of supported languages to 17
- Enhancements:
- Password Management of other platform accounts no longer depends on Active Directory as it has been made optional for password sync
- Automatically redirects users to mobile website when accessed from a mobile device
- Fixes:
- Issue in displaying Organization chart when both parent and child OUs are selected
- Issue in accessing the admin page when DNS is made case-insensitive
- Issue in using GSM modem when mobile number contains special characters
New in ManageEngine ADSelfService Plus 5.0 Build 5021 (Sep 27, 2013)
- Fixes:
- Issue in Enrollment Report
- Issue in Restrict User
- Issue in displaying Fine Grained Password Policy in Change Password page
- Issue in force enrollment
- Issue in enrollment when questions are not selected
New in ManageEngine ADSelfService Plus 5.0 Build 5020 (Sep 17, 2013)
- Mobile Password Management: ADSelfService Plus solves password related issues of BYOD-enabled organizations. It now offers mobile support, enabling users to reset their forgotten Windows Active Directory passwords and unlock locked-out Windows accounts right from any mobile device, running on any platform including Android, iOS and Windows Mobile.
- Users have access to the following self-service functionalities from their mobile devices:
- Self-Service Reset Password
- Self-Service Account Unlock
- Self-Service Password Change
- What’s more? The new password will get automatically synchronized with a wide range of cloud and on-premise applications including Google Apps, Office 365, IBM AS400 and Oracle DB that are configured for password synchronization, giving you a comprehensive password management tool right on your mobile device.
New in ManageEngine ADSelfService Plus 5.0 Build 5010 (Aug 20, 2013)
- Enhancements:
- Administrators can now force users to Self-Update their information when they log in to ADSelfService Plus
- Users can now remove their photo during Self-Update as and when they see fit
- Administrators can now give users the ability to skip entering secondary mobile number and email ID during enrollment
- Fixed:
- Issue in User Reports when customer attribute is configured
- Issue in exporting User Attempts Audit Report for invalid domain
New in ManageEngine ADSelfService Plus 5.0 Build 5002 (Jul 17, 2013)
- Fixed
- Issue in using special characters while resetting password through GINA extension
New in ManageEngine ADSelfService Plus 5.0 Build 5001 (Jul 5, 2013)
- Highlights:
- Unified self-service identity management with support for Google Apps, Office 365 / Azure, Salesforce, Oracle E-business suite, Oracle DB and more
- Self-Service Mail Group Subscription to allow users to subscribe to or unsubscribe from mail groups of their choice
- Ability to link Windows Active Directory accounts with other platform accounts for seamless password synchronization even in case of different usernames
- Option to embed employee search portal in websites of your choice
- Enhancements:
- Option to restrict Password Expiry Notifications from being sent to disabled users.
- Option to modify permissions of Technicians user role.
- Send SMS notifications to users on successful password reset and account unlock
- Option to exclude disabled users from employee search results and organization chart
- OU-based Organization Chart for more easier access and accurate results
- Enhanced Directory Update that allows administrators to restrict photo size and mobile number format
- Ability to show PSO (Fine Grained Password Policies) requirements on Reset Password & Change Password screen
- Allow users to choose the mode of verification (Security Q&A or SMS/E-mail Verification) at the time of password self-service
- Now force users to use a specific mobile number format during enrollment
- Option to quickly navigate to ADAudit Plus and Exchange Reporter Plus in addition to ADManager Plus
- Fixed:
- Issue in opening notifications received as email attachments with default Windows extractor.
- Issue in Photo Upload due to file format being case sensitive.
- Issue in Child OU selection during Policy configuration.
- Issue in saving startup & log settings of ADSelfService Plus.
- Issue in resetting IBM AS400 password
- Issue in disabling GINA schedulers
- Issue in generating User reports while using MSSQL without default port no or default instance name
- Time taken to generate Audit reports has been improved
- Issue in assigning a custom attribute as mandatory
- Issue in log in when UPN is used
- Issue related to hostName macro in email notifications
New in ManageEngine ADSelfService Plus 5.0 (Jun 27, 2013)
- Highlights:
- Unified self-service identity management with support for Google Apps, Office 365 / Azure, Salesforce, Oracle E-business suite, Oracle DB and more
- Self-Service Mail Group Subscription to allow users to subscribe to or unsubscribe from mail groups of their choice
- Ability to link Windows Active Directory accounts with other platform accounts for seamless password synchronization even in case of different usernames
- Option to embed employee search portal in websites of your choice
- Enhancements:
- Send SMS notifications to users on successful password reset and account unlock
- Option to exclude disabled users from employee search results and organization chart
- OU-based Organization Chart for more easier access and accurate results
- Enhanced Directory Update that allows administrators to restrict photo size and mobile number format
- Ability to show PSO (Fine Grained Password Policies) requirements on Reset Password & Change Password screen
- Allow users to choose the mode of verification (Security Q&A or SMS/E-mail Verification) at the time of password self-service
- Now force users to use a specific mobile number format during enrollment
- Option to quickly navigate to ADAudit Plus and Exchange Reporter Plus in addition to ADManager Plus
- Fixed:
- Issue in resetting IBM AS400 password
- Issue in disabling GINA schedulers
- Issue in generating User reports while using MSSQL without default port no or default instance name
- Time taken to generate Audit reports has been improved
- Issue in assigning a custom attribute as mandatory
- Issue in log in when UPN is used
- Issue related to hostName macro in email notifications
New in ManageEngine ADSelfService Plus 4.5 Build 4582 (Mar 7, 2013)
- Highlights:
- Support for Windows Server 2012 and Windows 8 machines to reset password/unlock account from Winlogon screen.
- Enhancement:
- Administrators can now choose the encryption algorithm used to secure the security answers for heightened security.
- Option to choose the 'Welcome Name' that will be displayed at the top of the Web portal.
- An additional macro field '�teTime%' has been included in Password Expiry Notification.
- Complete support for Internet Explorer 10.
- Fixed:
- Issue with 'daysToExpire' field in Password/Account Expiry Notification reminder mails.
- Issue with Macros in Password Expiry Notification when the option 'on specific days' is selected.
- Issue with 'Force Enrollment' in Standard Edition.
- Issue in 'Notification Delivery Reports' for enrollment notifications.
New in ManageEngine ADSelfService Plus 4.5 Build 4581 (Feb 20, 2013)
- Enhancement
- An improved Dashboard with Domain-based view and refresh option.
- Fixed
- Issue in user interface when using context in URL.
New in ManageEngine ADSelfService Plus 4.5 Build 4580 (Feb 7, 2013)
- Feature:
- ADSelfService Plus now extends its support for Arabic language.
- Enhancements:
- Efficient use of available license during auto enrollment.
- Fixed:
- The maximum size of e-mail messages such as password expiry notification has been increased.
- Issue in assigning an attribute as Read-Only and Mandatory in Self-Update layout.
- Issue in viewing hierarchy of an employee with special characters in user name.
- Issue in configuring Site Based DC.
New in ManageEngine ADSelfService Plus 4.5 Build 4572 (Feb 4, 2013)
- Feature:
- Support for Postgres Database Server (for product's database) in addition to the MS SQL and MySQL support available already.
- Enhancements:
- Filters to extract Audit Reports specific to a domain have been included.
- More password security options: 'copy & paste' of passwords in the fields are disallowed now.
- More security answer strengtheners: Option to force the user to use letters (a-z), numbers and symbols in the answers.
- Fixed:
- Issue of computer name missing from the lists of GINA "Installed-Machines" and "Error-Machines", when the computer is moved to a new OU or renamed.
- Issue of administrator's language settings overriding users' language settings on "reset password/unlock account" pages.
- Issue related to custom attributes update in "My Info" page.
- Inability to view manager's details in the organization chart if it contained special characters.
- Issue of enrollment notifications to OUs excluded from a policy by "do not inherit" option.
New in ManageEngine ADSelfService Plus 4.5 Build 4571 (Feb 4, 2013)
- New:
- Support for Postgres Database Server (for product’s database) in addition to the MS SQL and MySQL support.
- Enhancement:
- Filters to extract Audit Reports specific to a domain have been included.
- More password security options: ‘copy & paste’ of passwords in the fields are disallowed now.
- More security answer strengtheners: Option to force the user to use letters (a-z), numbers and symbols in the answers.
- Fixed:
- Issue of computer name missing from the lists of GINA "Installed-Machines' and "Error-Machines", when the computer is moved to a new OU or renamed.
- Issue of administrator’s language settings overriding users’ language settings on “reset password/unlock account” pages.
- Issue related to custom attributes update in "My Info" page.
- Inability to view manager’s details in the organization chart if it contained special characters.
- Issue of enrollment notifications to OUs excluded from a policy by “do not inherit” option.
New in ManageEngine ADSelfService Plus 4.5 Build 4570 (Feb 4, 2013)
- New:
- Multi-platform Password Synchronizer - Synchronize Password/Account changes made using ADSelfService Plus with 'BM i/AS400' and 'HP UX' systems.
- Fixed:
- Issue with 'Manager Field' selection in Self-Update.
- Issue in displaying 'Password Patterns' in Password Strength Analyzer.
- Audit Reports - Sorting and Export related issues.
New in ManageEngine ADSelfService Plus 4.5 Build 4560 (Feb 4, 2013)
- New:
- Force users to enroll' with ADSelfService Plus the minute they log in to their machines.
- User Attempts Audit Report - Keep track of all User logins and Reset Password/ Account Unlock attempts made in ADSelfService Plus.
- Enhanced:
- Administrators can now decide whether to choose a default value for Checkboxes & Radio-buttons in Self-Update layout or not.
- Fixed:
- Issue in 'Text/Mail Auto-generated Password to End-user'.
- Issue related to Reset Password when 'Enforce Password History settings' is enabled.
- Issue related to the display of ADSelfService Plus policies during Security Q&A configuration.
- Vulnerability issue in 'Domain configuration' and 'Technicians Settings' pages.
New in ManageEngine ADSelfService Plus 4.5 Build 4550 (Feb 4, 2013)
- Enhanced:
- Heightened security against ‘Cross-site scripting’, ‘CSRF issue’, and ‘Denial of Service attack’.
- Encryption of database passwords for enhanced security.
- Checkbox to control the default value for drop-down menu in ‘Self-update layout’.
- ADSelfService Plus GINA is now compatible with 'Chekpoint Full Disk Encryption' client ('Pre-Boot Authentication' compatibility is not supported)
- Fixed:
- Issue related to the delivery of ‘Enrollment Notification’ to ‘Restricted users’.
- Apt handling of ‘SMS credits’ in the event of a SMS relay error to ‘Clickatell’ server.
- Performance issues related to bulk installation of GINA and mailing ‘Notification delivery status’ to administrator.
- Issues faced when E-mail IDs and Organizational Unit names contain special characters.
- No more recurring ‘column header’ on reports exported as a CSV file.
- Issues faced during ‘Reset Password’ process when Verification code alone is enabled.
New in ManageEngine ADSelfService Plus 4.5 Build 4544 (Feb 4, 2013)
- Fixed:
- Overwriting of virtual IP Configuration Issue.
- Rare occurrence of a 'Denied Access to Self Service Portal' for random user(s).
- Service Pack Updation issue.