Support
 
PhoneGet Quote
 
Support
 
US Sales: +1 888 720 9500
US Support: +1 844 245 1108
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9890

 
 

ADManager Plus MSPs Release Notes

7231 (March 22, 2024)

Issues fixed:

  • Issue in updating ADManager Plus if the default template under Orchestration was deleted.
  • Issue in updating ADManager Plus from build 7224 if ManageEngine Log360 integration was disabled.
  • Issue of help desk technicians not being able to copy any creation or modification templates.
  • Issue of help desk technician group members not being able to login if there is a comma in their full name.
  • Issue of Custom Report filters not functioning as expected with Last N days or Before N days conditions.

7230 (March 06, 2024)

Features:

  • Microsoft 365 risk assessment: Identify potential risks in your Microsoft 365 environment with comprehensive risk assessment reports and implement the recommended mitigation measures straight from the reports.
  • Access certification campaign:
    1. The following entitlements can now be reviewed and certified through access certification campaigns:
      1. NTFS permissions
      2. Microsoft 365 group memberships
      3. Microsoft 365 roles
      4. Microsoft 365 application assignments
    2. You can now track the progress of access certification requests.
  • ServiceDesk Plus - ADManager Plus integration: The integration of ServiceDesk Plus with ADManager Plus now offers support to set account expiry for users and create users with an enhanced layout.
  • Copy GPOs: The capability to copy GPOs from one domain to another within a forest has been included.

Enhancements:

  • ADManager Plus now uses upgraded versions of Apache Tomcat (version 9.0.83), JRE (Zulu JRE 1.8.362) and PostgreSQL (version 15.4).
  • Export operations have been optimised to improve performance and enhance user experience.
  • Detailed Group Members report now provides options to export the result into a single file, a single file grouped by object type, or files grouped by selected objects.
  • ADManager Plus now provides support to email the report directly from the GUI.
  • An option to send a consolidated report after the completion of the automated tasks is added while configuring the notification template.
  • You can now secure the access to shared paths by configuring the credentials of the custom service account for authentication.
  • You can now view the lockout status and time of user accounts in reports.
  • Microsoft 365 fields can now be included in creation or modification templates while using Copy User Attributes.
  • An option to view the macros list supported in custom script has been added to user modification templates.
  • The workflow request page has been redesigned to improve usability and now includes the ability to track the progress of workflows.
  • ADManager Plus offers DC sort intelligence option which when enabled sorts domain controllers according to their response time and retrieves data from the domain controller with the fastest response time.
  • Support to view the security settings (Account Policies, Local Policies, Event Log, Restricted Groups, System Services, Registry, and File System) along with the administrative template settings that will be applied on the selected user and computer has been added to the Resultant Set Of Policy and GPO Modelling reports.
  • It is now possible to specify the duration of group membership while creating workflow requests to add groups, computers, contacts to AD groups, and to add users to Microsoft 365 groups.
  • The GPO Delegation report now includes support for viewing invalid security principals and removing GPO permissions.
  • Support to automate tasks like deleting Microsoft 365 users, disabling remote mailbox, creating computers, modifying users using CSV, and more has been added.
  • The following enhancements have been made to the Orchestration Template:
    1. Decision block that operates according to the previous result, which could be a webhook response, script result, or AD attribute criteria.
    2. Inbound orchestration to pull data from external application and perform actions in ADManager Plus using webhook.
    3. Run orchestration templates directly from the Management, Workflow, Automation, and Automation Policy tabs.
    4. Support for M365 Auto Reply task has been added.
    5. Delegate the orchestration templates to Help Desk Technicians.
  • While selecting reports like Recently Created Users or Soon-to-expire User Accounts as inputs in automation tasks or scheduled reports, you have the option to filter the data based on a specific time frame.
  • ADManager Plus has now enabled the addition of user photos to Microsoft 365 user accounts during user creation or modification.
  • You can now share automations, automation policies, and scheduled reports to help desk technicians with View/Edit permissions, and custom reports with View/Edit/Full Access permissions.
  • The following enhancements have been added to the Admin Audit Report,
    1. Audit for creation or modification of Automation, Scheduled Reports, Custom Reports, Event-driven Automation, Webhook Template, and Orchestration Template has been added.
    2. An option to access the audit history has been included in the Automation and Event-driven Automation pages.
  • An option to view the user entitlements has been added to the Modify Single User page.

Security Fix:

  • The security vulnerability which exposes NTLM V2 hashes, as reported by Metin kandemir, has been fixed.

Issues Fixed:

  • Issue in unlocking help desk technicians even if they do not exceed the total technician count allowed by their license.
  • User migration using the ADMT module in ADManager Plus failing when the user display name has a comma.
  • A minor issue in forest level duplication of email attribute when root domain is not added to ADManager Plus.
  • Email notifications are not getting triggered when a user is enabled or disabled using the Modify Single User management action.
  • Inability to view the templates by help desk technicians without the super admin role while delegating creation and modification templates to other technicians.
  • Bitlocker Disabled Computers and Bitlocker Enabled Computers reports producing inconsistent data when the Exclude Child OU(s) option is selected.
  • The email notification triggered after completion of the Modify User Attributes automation does not include the changes made to the custom attributes.
  • Issue in saving the user creation template with changes to the Microsoft 365 license without selecting a value for the Country attribute.
  • The time set for Session Expiry Time in the Connection Settings under the Admin tab is not being applied to the product globally.
  • Management actions performed directly from the reports are not updated when the Check All users option is selected.
  • Delay in creating single or bulk groups when a high number of members are added using CSV.
  • Grouping conditions option missing in user creation and modification templates has been added.
  • The All Users report displays the manager details even after the manager account is deleted in AD.
  • Issue in running backup schedules and performing restoration due to difficulties in establishing connection with elasticsearch.
  • Inconsistencies in backup schedules and data restoration due to difficulties in fetching data.
  • Issue in performing GPO backup due to intermittent product restarts.

7224 (February 19, 2024)

Features:

  • SOAR Workflow: Integrating ManageEngine's SIEM solution, Log360, with ADManager Plus will allow your SOC team to carry out AD management actions from Log360 as part of threat response and security remediation.

7223 (January 22, 2024)

Fixes:

The following issues have been fixed in this release:

  • An authenticated RCE security vulnerability (CVE-2024-0252) in the load balancer component has been fixed. This vulnerability was reported by Joe Zhoy.
  • An information disclosure security vulnerability reported by Samuel has been fixed.

7221, 7222 (December 08, 2023)

Enhancements:

  • Two new Microsoft 365 reports have been introduced to give insights into last logon time of users and inactive users in your tenant.
  • An option to allow or restrict technicians from viewing all other technician's audit data is added to the Help Desk Audit Reports.
  • ADManager Plus now supports certificate-based authentication for Microsoft 365 tenant. You can now update the certificate details under Domain/Tenant Settings to authenticate your account against Azure AD.
  • ADManager Plus has now enhanced its integration capabilities by extending support for various business application like ServiceDesk Plus Cloud, JIRA, Freshservice, and more. These integrations come with preconfigured settings are designed to enhance identity management, governance, and AD management.

Issues fixed:

  • The email ID shown during user creation and in Help Desk Audit Reports has been updated to display the E-mail attribute value.
  • The Refine Results configurations in custom reports are not accounted when the report is triggered using an automation task.
  • The users deleted using the Modify Single User task are still being displayed in the list.
  • Issue in setting the In/Out Policy while creating or modifying a room mailbox.
  • The workflow requests created using automation is showing duplicate entries.
  • Issue in connecting to Microsoft SQL database to generate reports when there is a space in the database name.
  • The country name Macau SAR has been updated to Macao SAR as listed in Active Directory.
  • Technicians and workflow requesters were facing difficulty in searching and navigating to choose user creation templates when there are multiple templates available during the user creation process.
  • The page range selection was not working as expected under the creation and modification template pages.
  • Minor issues while creating Microsoft 365 shared mailbox and modifying Microsoft 365 mail-enabled security and distribution groups.

7220 (November 18, 2023)

Features:

  • GPO management and reporting: The following new features have been added under GPO management and reporting,
    • View the GPOs linked to OUs that do not have any security principals and perform management actions to disable or remove those GPO links using the GPOs Linked To Empty OUs report.
    • Ability to reorder the GPOs linked to a particular OU, domain, or site using the GPO Links Priority task.
    • View the GPO preference settings like Environment, Files, Folders, Ini Files for user and computer configurations using the GPO Settings report.
    • Select specific security principals to which the GPO application should be denied using the Manage GPOs task.

Enhancements:

  • Support to automate Microsoft 365 tasks like Microsoft 365 Mailbox Conversion, Add Users to Microsoft 365 groups, Microsoft 365 Mailbox Delegation, Modify Microsoft 365 Mailbox Permission, Mailbox Auto Reply, and more.
  • The automation history popup now displays the input data fetched from the external HCM application and the execution status, with an option to export this data as a report.
  • ADManager Plus can be now be integrated with any application that responds to nested API calls.
  • You can now group the creation and modification templates. This functionality is helpful in delegating HDTs to perform management actions using a specific group of templates.
  • You can now create shared mailboxes in bulk using the CSV and template options.
  • The reset password API now supports random password generation.
  • The search group API will now display group type and manager data in response.
  • The webhook template now supports x-www-form-urlencoded message type.
  • It is now possible to migrate the existing bundled or external PostgreSQL database to a different external PostgreSQL databases (AWS and Azure).
  • An editable drop-down has been added for the City and State fields in user creation, user modification, contact creation and contact modification templates.

Issues fixed:

  • Issue in sharing automation to other technicians due to the access denial alert.
  • Issue in adding or removing a user from a unified group using modification template.
  • The issue of DC Replication Status report displaying all DCs in the forest instead of the ones from the selected domain.
  • Upgradation of product with high availability enabled taking longer than expected.
  • The process of upgrading the product with high availability enabled is taking longer than expected.
  • The exported report attached to the notification email after performing bulk user modification using CSV not including all the attributes.
  • The requesters who were added before upgrading to versions above 7200, were not able to select templates while requesting a creation or modification task.
  • The Add to Group task when performed across domains, running indefinitely under delayed tasks.
  • The manager data not displayed properly in the notification mail triggered from event-driven automation tasks.

7212 (October 30, 2023)

Fixes:

The following issues have been fixed in this release:

  • Product crashing when the GPO synchronisation activity is initiated in the backend.
  • Issue in creating help desk roles if the role name has special characters in it.
  • Single user creation in AD, along with simultaneous provisioning in Microsoft 365, running indefinitely under delayed tasks.
  • Inability to create a single shared mailbox in Microsoft 365.

7211 (October 10, 2023)

What's new:

  • Public key certificate used during service pack upgrade is up-to-date.

Issues fixed:

  • Issues in applying the recent service packs to upgrade from build 7203 to the later builds.

7210 (September 29, 2023)

Features:

  • Identity risk assessment: ADManager Plus' Identity Risk Assessment feature helps organizations in detecting potential identity risk indicators in your AD environment. This tool provides a risk score based on NIST SP 800-30 guidelines, and identifies potential vulnerabilities and threats to the system, as well as providing strategies for remediation to help secure the system.
  • Access certification: Review and validate entitlements by creating automated access review campaigns. This helps your organization prevent privilege creep, improve security posture, and adhere to compliance regulations by regularly reviewing user entitlements.
  • Contact and GPO migration: You can now perform inter-forest and intra-forest Contacts and GPOs migration.
  • Improved user and group migration: Flexibility to move users and groups, along with their SID history and membership across forests with additional migration settings.

Enhancements:

  • GPO reports: The following enhancements have been made to the GPO reports,
    • GPOs with specific settings report now supports searching of major security settings in all or selected GPOs.
    • Security Filter and WMI Filter columns added to GPO reports: All GPOs & Linked AD Objects, Recently Created GPOs, Recently Modified GPOs, Disabled GPOs, Computer Settings, and User Settings Disabled GPOs.
  • Schedule reports: Standard Scheduler and Advanced Scheduler functionalities are now available together under Schedule Reports page.
  • Custom reports: New enhancements added for custom reports as mentioned below,
    • New built-in custom report added to retrieve Shared Mailbox Users.
    • Refine Results option to filter the data being fetched from the database.
    • Filter from Report option to use the filter settings configured in the chosen report.
    • Export custom reports to CSVDE format.
    • New filter conditions for attributes like Simple Display Name, Street Address and Direct Reports.
    • New columns Smart Card, User Account Control, User Account Control Flag added to the result.
  • Orchestration: The following new enhancements have been made to the Orchestration feature:
    • You can now add conditions based on Object Name and Template Name while creating new orchestration profiles.
    • New blocks like Modify users by CSV/Template, Move TS Home folders, Set Mailbox Rights, Move/Delete Profile, and more added for creating new orchestration templates.
    • OAuth authorization support added for webhook.
    • Macro support for custom attributes added to parameter configuration in webhook.
  • Security response headers: You can now add default security headers while configuring HTTPS settings to protect the product from various vulnerabilities.
  • Two-factor authentication: The below enhancements are added to the 2FA configuration under Logon Settings,
    • RSA authenticator: ADManager Plus now supports REST API-based integration with RSA Secure ID, besides SDK-based integration. It is recommended to use REST API-based integration as RSA Security LLC has deprecated SDK-based integration.
    • Duo Security: ADManager Plus now supports Duo Web SDK v4 with universal prompt which provides a simplified and accessible Duo login experience.
  • Integration with ManageEngine EventLog Analyzer: You can now integrate ADManager Plus with ManageEngine EventLog Analyzer for log forwarding.
  • Backup: The backup add-on now comes with the following enhancements,
    • It is now possible to store Active Directory and Azure Active Directory backups in archives, to ensure prolonged data retention.
    • Azure AD Policies and Administrative Units can now be backed up and restored.
  • AD Explorer: New enhancements added to AD Explorer as mentioned below,
    • The top panel now includes the following tabs,
      • Entitlements: Lists the group membership and folder permission details of users and groups. A section named M365 Entitlements will be available if the AD user also has an Azure AD account which shows the list of M365 groups the user is a member of, along with assigned licenses, roles, and mailbox permissions.
      • Objects: When a container or OU is clicked, it displays the list of users, groups, contacts, and other containers within it.
      • History: Displays the list of modifications made to the chosen object using ADManager Plus. It also maintains a record of access updates made during access certification campaigns.
    • A refresh button next to the domain name to sync current data instantaneously.
  • Search AD objects: The following enhancements have been added to the this functionality,
    • Revamped search console with new customizations and advanced search options.
    • Search Settings option added to configure the search criteria. Admins can customize and freeze the search criteria for users by using the Set Globally checkbox.
    • New management actions like reset user password, add or remove group members and delete contact have been added.
  • Support to group filter conditions by specific criteria has been added for all reports including Custom Reports, Schedule Reports and also, Search AD Objects.
  • The M365 tenant configuration is moved under Domain Settings. It is no longer available under Admin tab.
  • New match criteria Between (for any condition specifying date) and Not Like can be used while adding conditions.
  • Prevent Duplication option now checks for duplicates across forests and Azure AD tenants.
  • You can now fetch M365 guest users and their manager details while configuring automation using M365 reports as input. This can be used to automate guest users clean-up and get approval from respective managers before blocking or deleting them.
  • Exclude Nested MemberOf option added to Groups for Users report to avoid displaying nested group memberships.
  • You can now modify the manager of computer through workflow or automation using Modify Managed By Of Computers management action.
  • Support for Inactive Azure AD Users report added to Automation.

Issues Fixed:

  • Issue in creating users using naming format for Logon Name under user creation templates.
  • Issue in duplicate User Principal Names (UPN) leading to intermittent SSO login issues for the technicians.
  • Issue in executing few bulk management actions because the page continues to load indefinitely after importing a CSV file and clicking the apply button.
  • Issue in re-enabling built-in technicians after they are forced out due to revoked roles.
  • Issue in viewing the Account expires value when the attribute is dragged and dropped under General tab of any management template and the value is set to Select.
  • Issue in contacting DCs to fetch information while running multiple DC reports.
  • Issue in updating sAMAccountName of HDTs under Delegation when they are modified in AD preventing HDTs from logging in.
  • Issue in using Prioritize Rules functionality under User Creation Templates due to Prioritize Rules pop-up not getting displayed properly.
  • Issue in migrating ADManager Plus' database from the bundled PostgreSQL to an external PostgreSQL.

Other Changes:

  • The default timeStamp for the Account Expiry attribute has been changed to 11:59:59 PM instead of 12:00:00 AM when the End of option is selected.
  • The Random Password Policy, which previously had a limit of 32 characters, has now been extended to allow passwords up to 256 characters in length.

7203 (July 30, 2023)

Enhancements:

  • All non-English language builds (Chinese, Japanese, German, French, Italian, Dutch, Turkish, and Spanish) have now been updated with all the latest features.

Fixes:

  • Issue in applying a naming format for user principal name (UPN), when a User Creation Template configured with Creation Rules and Custom Attributes is applied.
  • The security vulnerabilities CVE-2023-39912 reported by Son Nguyen from VNG Security and CVE-2023-41904 reported by the vector research team have been fixed.

7202 (July 01, 2023)

Fixes:

The following issues have been fixed in this release.

  • A security vulnerability reported by dalt4sec.
  • Issue in modifying the manager attribute by technicians with custom help desk roles.
  • Unparseable date exception in non-English builds when setting account expiry date to End of in Single User Modification.
  • A security vulnerability (CVE-2023-38332) reported by dalt4sec.

7201 (June 20, 2023)

Fixes:

The following issues have been fixed in this release:

  • Two security vulnerabilities reported by dalt4sec, including CVE-2023-35785, have been fixed in the release.

7200 (June 13, 2023)

Important update:

  • From 7200, updating ADManager Plus using the service pack has been restricted if your ADManager Plus instance is using PostgreSQL version older than 10. You will be forced to update PostgreSQL to 10.18 or migrate to MS SQL during installation.
  • You will be shown a warning message while installing the 32-bit version of ADManager Plus. It is advised to install or migrate to 64-bit architecture for better performance.

Features:

  1. Management:
    • While configuring Creation Rules in User Creation Templates you can:
      • Import and export them to CSV
      • Reorder based on priority
      • Preview before importing
      • Preview while copying them from an existing template
    • You can now remove or enable mailbox accounts for users or groups using Single User Modification task and Single Group Modification task respectively.
    • You can now edit the GPO Preference settings like Environment, Files, Folders, Ini Files values for user and computer configurations directly using GPO Management task.
    • You can now perform Force GPO Update operation on domain computers instantly.
  2. Reports:
    • You can view the GPOs that are directly linked or inherited in the Direct and Inherited GPO Links report.
    • You can see the list of users and groups that have access to the selected GPOs in the GPO Delegation report.
    • The GPO Modeling report simulates the possible Administrative Template settings that will be applied on the selected user and/or computer.
    • Scheduled reports can be directly shared with users or groups that are added as help desk technicians.
    • You can now schedule Google Workspace Reports.
    • View the Employee ID of the Google Workspace user accounts in the Google Workspace Users report by adding the column in the result.
    • You can now see the Local Administrator Password Solution (LAPS) password and LAPS expiry time in AD Explorer and Workstation Computers report with adequate permissions.
  3. Delegation:
    • Anomaly detection: ADManager Plus now uses machine learning to establish a baseline for help desk technicians' and admins' activities, and detect anomalies by flagging activities that deviate from the baseline.
  4. Workflow:
    • Service Level Agreements (SLA): SLA in Workflow help users to take appropriate actions on pending and time-sensitive requests in the most efficient manner.
      • In order to escalate a SLA violation to multiple levels, you can define a set of conditions based on the delay in response.
      • At each level of the escalation, actions like changing workflow priority, sending notifications in required frequencies, re-assigning requests to selected technicians and changing the status of the request can be performed.
      • You can set priorities among the SLAs for any conflicting SLA conditions.
    • Any AD user can now be added as a Workflow Reviewer even if they are not a help desk technician.
    • Workflow now supports assigning Approver and Executor roles to Help Desk Technician groups. You can also assign Reviewer role to AD groups.
    • You can now add groups while setting Rule Criteria to the Workflow Requesters attribute under Assigning Rules.
    • %ManagerOfRequester% macro support added for reviewer and approver under Assigning Rules.
  5. Automation:
    • Automation can be directly shared to users or groups who are added as help desk technicians.
  6. Google Workspace:
    • You can now link multiple Google Workspace accounts to the same domain.
    • Sync AD users with their Google Workspace accounts created with the same email ID by refreshing the Google Workspace account in the Admin tab.
    • Instantly create independent Google Workspace accounts without the requirement of pre-existing AD user accounts.
    • You can now add Employee ID for the Google Workspace user accounts.
  7. Admin:
    • You can now directly add help desk technician groups to Technician Name while configuring profile criteria under Notification Profile.
  8. Backup add-on:
    • Azure Active Directory backup and recovery: Backup and restore your Azure AD environment in addition to the existing AD and Google Workspace backup and recovery feature. Support to backup Azure AD objects including users, groups, devices, applications, directory roles and domains is added.
  9. Load balancing: ADManager Plus now supports load balancing, which distributes the workload across multiple servers simultaneously. This helps improve performance, eliminate downtime, and provide a better experience for users accessing the product.

Enhancements:

  1. Management:
    • New fields added in the Creation Rules of User Creation and Modification Templates to add or remove Microsoft 365 licenses, Microsoft 365 group memberships, MS Teams and channels, mailbox server and mailbox store, Google Workspace groups, and more.
    • You can now specify time along with date to the Account Expiry attributes.
    • You can now copy rules while configuring Creation Rules.
    • Computer creation templates now support Creation Rules.
    • You can perform the following operations while configuring templates,
      • Use the Immediate Duplication Check option to instantaneously check duplicates values for the fields which support duplication check.
      • Prevent Duplication support added for Alias field in contact creation.
      • Provide access to users or groups to add the computer to a domain.
    • ADManager Plus now provides cross domain manager support, with which you can choose a manager from any domain while creating or modifying users.
    • Performance enhanced for Add to Group and Remove from Group tasks carried out under Management, Workflow or Automation tabs.
  2. Reports:
    • NTFS Reports:
      • Option to view all the permissions of a specific folder cumulatively within the results of Shares in the Servers, Folders Accessible by Accounts and Non-Inheritable Folders reports.
      • You can now use Refine Results option to filter NTFS permissions in Shares in the Servers and Folder accessible by Accounts reports as per requirement.
      • You can now run the Folders Accessible by Accounts and Non-Inheritable Folders reports for multiple folders simultaneously.
      • CSV import support has been added for the Accounts field in Folders Accessible by Accounts report.
      • Elasticsearch support enabled for NTFS Reports module.
    • You can now use the tree view option in Detailed Group Members report to view the list of direct and nested group members exclusively. It also provides the following features:
      • Prevents the redundant display of circular groups (a group nested inside its own group).
      • Provides the Hide Duplicate Objects option to avoid showing nested group members that are already shown at the parent level.
      • Provides the List View option to view details about individual members and their nested group memberships.
    • You can view the GPO owner details in GPO reports by adding the Owner column in the result.
  3. Delegation:
    • You can now specify Authtoken Name (required name), Scope (type of action to be performed like create, delete or modify) and Expiration Time (time until which the authtoken can be used) while generating authtokens.
    • A new column History has been added under Technician Authtokens tab that provides authtoken's usage history.
    • Details of the used authtokens is added in the Help Desk Audit Reports.
  4. Automation:
    • The automation process for the Mailbox Auto Reply task now supports macros for Microsoft 365 attributes.
  5. REST APIs:
    • REST APIs added for the below actions:
      • In User Management, move user from one OU to another.
      • In OU Management, search OU and delete OU.
      • In Computer Management, search, enable, disable, delete, add or remove from groups and move from one OU to another.
      • To remove authtokens of help desk technicians.

Issues Fixed:

  • Issue in generating Technician Logon Report for inactive technicians.
  • Issue in extracting memberOf attribute value (if specified) while using search user REST API.
  • Issue in displaying the GPO delegation details for certain users.
  • Issue in generating the Real Last Logon report as the User Logon Count column displays zero for certain users.
  • Issue in autoscrolling while using Enable Drag-n-Drop option in templates.
  • Security vulnerabilities reported by dalt4sec and Trend Micro, have been fixed.
  • A security vulnerability (CVE- 2023-38743) reported by an anonymous user in Trend Micro's Zero Day Initiative has been fixed.
  • Issue in displaying reports due to inconsistent data in few columns caused by database dumping.

7188 (June 07, 2023)

Fixes:

The following issues have been fixed in this release:

  • A security vulnerability reported by dalt4sec, has been fixed in this release.

7186 (April 15, 2023)

Fixes:

The following issues have been fixed in this release:

  • An issue which displayed No data available error message while generating or exporting the Group Members scheduled report.
  • Inability to add file servers in group-based delegation and issues in delegating Microsoft 365 tasks.

7185 (March 28, 2023)

Enhancements:

  • Custom HCM integration :
    • You can now provision users who were previously skipped when the automation process is run for any HCM application with Sync Type as Incremental.
    • For OAuth, you can now use client credentials as the Grant Type in Authorization.
    • You can now customize the Repeat Calling this Endpoint configuration by replacing the field values with EndpointURL or any Header to get consecutive page responses.
    • OAuth authorization now supports uploading client certificate.
    • Added SOAP API support in addition to REST API. It supports both XML and JSON responses too.

Issues fixed:

  • Issue in displaying replication errors in the domain settings.
  • Issue in sending scheduled reports via email in UTF-8 format with BOM (Byte Order Marketing).
  • Issue while using Copy User Attribute to append memberof attribute values in user creation template.
  • Issue in loading the page while configuring Server Settings, when Retain database backup files option is empty in the Retention Settings tab.
  • Issue with rules not getting populated automatically in the user creation and modification template when the template is set as default.
  • Issue in the Custom Report result if both Last Logon Time Stamp and Last Logon Time filters are selected.

7184 (March 18, 2023)

Fixes

The following issues have been fixed in this release:

  • An issue which prevented technicians from logging into the product in certain scenarios.

7183 (March 15, 2023)

Important update:

  • End of support for PostgresSQL 9.2.x: ADManager Plus will soon end support for PostgreSQL version 9.2. Please upgrade to the latest PostgreSQL version or migrate to Microsoft SQL to continue using ADManager Plus.

Features:

  • Enable remote mailbox: Option to enable and modify remote mailbox for users in bulk.
  • Auto-install hotfixes: Option to automatically download and install ADManager Plus' hotfix updates.

Enhancements:

  • Reports:
    • You can now schedule and store reports without creating sub-folders.
    • Exported custom reports will now display users' photos whenever the User Photo column has been added.
    • Flexibility to export reports with desired objects.
  • Members of a delegated group can now change the default template assigned to a group in group-based delegation.
  • Option to filter users who are not members of any group in the Users Not in Groups report in Automation.
  • You can now check if your ADManager Plus installation location is secure or not in Security Hardening settings.
  • You can now view who created a template in the product.
  • Pop-ups that display Microsoft 365 data in Management, Workflow, Automation, and other modules now use REST APIs to relay information.
  • In a high availability-enabled environment, applying service packs in the primary server would automatically update your ADManager Plus instance in the secondary server.
  • API keys in UltiPro and BambooHR integrations are now masked in the UI.
  • Performance enhancements for optimized AD synchronization.
  • Third-party JavaScript libraries have been upgraded to these versions:
    • jQuery UI 1.13.2
    • Bootstrap 3.4.1
    • Moment 2.29.1
    • JSoup 1.11.3
    • ojdbc8-19.15.0.0.1

Issues fixed:

  • Issue in displaying the members of groups whose member count exceeds 1000 in the Advanced Filter option of Real Last Logon reports.
  • Issue of data mismatch in Mailbox Enabled Users reports' results.
  • Inability to configure the retention policies of Microsoft 365 users when special characters were specified in a retention policy's name.
  • Issue of help desk technicians not being able to unlock users via the reset password console, when the 'Deny Bulk Modification' option was also enabled in the role delegated to them.
  • Issue of service pack application failure when large volumes of temporary tables were retained during backups.
  • Issue in sending notifications via SMS using the POST method.
  • Issue with the macros specified in webhook templates.
  • Issue of technicians not being able to delete non-delegated and unused templates.
  • A security vulnerability reported by metin has been fixed.
  • A security vulnerability (CVE-2023-35786) reported by metin has been fixed.

7182 (January 24, 2023)

The following issues have been fixed in this release:

  • High memory utilization issue across environments having M365 configurations with a huge volume of objects.

7181 (January 16, 2023)

Fixes:

The following issues have been fixed in this release:

  • An issue which prevented users from opening the password-protected reports has been fixed.

7180 (December 31, 2022)

Features:

  • Group Migration: Flexibility to move groups, along with their SID history and membership across domains in a forest with and without using the Active Directory Migration Tool (ADMT).

Enhancements:

  • REST APIs:
    • You can now create, delete, move, search and list the members of a group using REST APIs.
    • Ability to locate users by specifying LDAP attributes like sAMAccountName, employeeID, and more while modifying a user's attributes using REST API.
  • You can now secure access to your mail server using OAuth, besides basic authentication.
  • Flexibility to create and use naming formats in the Data Source - LDAP Attribute Mapping section while integrating with a custom HCM solution.
  • Option to skip 2FA for help desk technicians.
  • Customize columns while configuring the member, memberOf and manager attributes of objects during provisioning.
  • Duration can now be specified as N days while creating workflow requests to add users to groups, enable users, etc.
  • The sAMAccountName of group members will now be displayed when the members view filter is applied to the All Groups report's result.
  • Any leading and trailing spaces specified in search options will now be automatically removed.

Fixes:

The following issues have been fixed in this release:

  • Automations were not closed or cancelled when the product was stopped or restarted during execution.
  • The Service is currently unavailable error message was displayed while modifying groups using CSV, whenever a non-existing AD group was specified in the CSV file.
  • Issue in adding cross-forest members to groups.
  • Help desk technicians were unable to view NTFS shares after upgrading to build 7163 and above.
  • Error in sending workflow notifications via SMS as there was an issue in fetching the value of %UserMobileNumber% and other related macros.

7171 (December 06, 2022)

Fixes:

The following issues have been fixed in this release:

  • Office 365 F3 was displayed as Office 365 F1 in the product.
  • Help desk technicians were not able to reset passwords via the reset password console, when the 'Deny Bulk Modification' option was enabled in the role delegated to them.

7170 (November 29, 2022)

Features:

  • Dynamic distribution groups report: Obtain a list of the dynamic distribution groups in your Active Directory environment using this report.

Enhancements:

  • Scheduled reports:
    • Ability to schedule and generate reports on your Active Directory objects using CSV files at a desired time and date.
    • Logon Hour-Based Reports can now be automatically generated at defined intervals.
  • Bulk user creation automations using data from HCM integrations can now be executed successfully even when there's an issue in validating a user's Manager or memberOf attribute in AD.
  • Flexibility to import and use custom attributes configured in your AD schema.
  • The Server Settings UI has been revamped for effectively managing the retention settings of scheduled reports, audit archive reports, and more from a single place.
  • ADManager Plus' Logon Settings has been moved to the Delegation tab for easy access.
  • The following reports have been added to ADManager Plus' dashboard for better visibility:
    • OS-Based report
    • Locked-out Users report
    • Custom reports

Fixes:

The following issues have been fixed in this release:

  • Issue in searching for an AD object using the AD Search option, whenever there is a leading or trailing space in an entry.
  • Issue in locating an AD object using the search option in AD Explorer.
  • Help desk technicians were unable to view user accounts and groups while delegating GPO permissions, when more than 1000 OUs were delegated to them.
  • Help desk technicians were unable to view the users in an OU delegated to them via group-based delegation, while delegating GPO permissions.
  • Issue in adding Microsoft 365 users to channels in Microsoft Teams while creating a Microsoft 365 account for an existing AD user.
  • Unable to send notifications to user's manager using macros when a user creation or modification task is executed via automation.
  • Workflow requests were not automatically closed when a cross-domain management task was successfully executed as a delayed task.
  • Error in fetching the active user account from UltiPro when there is an inactive user account for the given employee ID.

7163 (November 07, 2022)

  • Notification Profile/Notification Templates:
    • You can now use custom macros in notification messages.
    • Option to send reports as part of the email content in notification templates.
    • Flexibility to customize columns in User Creation notification attachments.
    • Options to configure user and group-based profile criteria.
    • Notifications can now be triggered for the Enable User, Disable User and Reset Password actions.
  • You can now manage Distributed File Storage (DFS) Namespaces and their permissions in File Server Management.
  • New actions such as Set folder permission, Remove folder permission and Bulk modify folder permissions using CSV have been added to the automation module.
  • You can now assign Microsoft 365 licenses via automation and workflow.
  • Flexibility to specify filter, select and domainList as parameters in Search user API request.
  • Workday attributes such as Job_Profile_Id, Job_Profile_Name and On_Leave, Location_Id can now be mapped to LDAP attributes in ADManager Plus-Workday integration.

Fixes:

  • Issue in assigning Microsoft 365 licenses while creating users via user creation templates, when none of its service plans are selected.
  • Unable to delete users using the delete icon in Inactive Users report.
  • Error in creating shared mailboxes in Microsoft 365 when the Exchange mailbox and remote mailbox attributes were not configured during shared mailbox creation.
  • Unable to map LDAP attributes to user records in Oracle database.
  • Issue in adding cross-domain members using the Add to Group task in automation.
  • Synchronization issue in updating the changes made to the Manager attribute value specified in templates.

7162 (October 28, 2022)

What's new:

  • In ADManager Plus builds 7162 and above, NTLMv2 SSO can only be enabled after downloading and adding the Jespa JAR file to the product's lib folder. Click here to learn more.

7161 (October 10, 2022)

Fixes:

  • Issue in displaying license pop-up window in the latest build when updated from builds 7102 and older has been fixed.
  • Issue in displaying the search feature in the management tab of the Spanish localized version has been fixed.
  • An authenticated RCE vulnerability, reported by George Koumettou, has been fixed.

7160 (September 26, 2022)

Features:

  • Orchestration: Option to automate a series of tasks in succession at defined time intervals whenever a user or group management task is carried out in the product.
    • Orchestration Profile: Create a management profile and specify the conditions under which an orchestration has to be executed.
    • Templates: Build orchestration templates from scratch and use them to automate tasks.
    • Webhook templates: Create webhook templates and pre-fill them with REST API endpoints, messages, etc. and use them while configuring an orchestration template. You can also predefine webhook fields that hardly change and those that hold crucial data with environmental variables while creating a webhook template.
  • Integration with Power BI and Rapid7: Integrate ADManager Plus with Power BI and Rapid7 servers, and forward logs seamlessly.
  • Google Workspace backup and recovery: Protect user drives, mailboxes, contacts, journals, notes, posts, tasks and calendar items from accidental deletions, insider threats, and ransomware by backing them up.
  • DC Replication Status Report: Report on the replication status of domain controllers and trigger replication instantly using this report.
  • Lingering objects Report: Fetch the lingering objects in your AD and delete them on the go.
  • BitLocker Disabled Computers Report: Obtain a list of the computers that are not encrypted with BitLocker using this report.

Enhancement:

  • You can now assign well-known security principals as security filters to a GPO.
  • Custom Reports:
    • Flexibility to copy a custom report.
    • You can now perform management actions from custom reports.
  • Reports on all computers, recently created computers and BitLocker enabled computers and custom reports now display BitLocker status and recovery passwords.
  • You can now list shared mailboxes and delegate access to them using REST APIs.

Fixes:

The following issues have been fixed in this release:

  • Error in authenticating MS SQL server using Windows Authentication while configuring the server for automated AD user management.
  • Microsoft 365 licenses were not displayed in the product due to Microsoft Graph API issue.
  • When the first N characters option was configured in a naming format, the last N characters were displayed; no name was displayed when the number specified was greater than the length of the name provided.
  • Issue in creating requestor roles with just Modify User Attribute enabled for the Choose Template option.
  • Issue in deleting the Organization attribute of users in bulk, when more than 125 users were selected.
  • Error in fetching a report on inactive computers with the Password Last Set Time filter, via automation.
  • The temporary tables created while generating reports were retained in the database, even after displaying the reports' results.

7151 (August 01, 2022)

Enhancement:

  • ADManager Plus can now be integrated with Jira Service Management Data Center, in addition to Jira Service Management Server.

Fixes:

The following issues have been fixed in this release:

  • Issue in updating to the latest build, when large volumes of data are stored in the tables in Management and Workflow modules.
  • Issue in removing redundant entries in the database caused by Microsoft 365 module changes while updating to the latest build.
  • Issue in updating to the latest build when non-english languages are configured in the machine where ADManager Plus is installed.

7150 (July 20, 2022)

Features:

  • GPO management and reporting: Five new reports have been added for enhanced GPO management and reporting. They are:
    • Resultant Set of Policy Report
    • Linked GPOs Report
    • Empty GPOs Report
    • GPOs with Inactive Policy Settings
    • Comparison of GPOs
  • You can now modify the custom attributes of computer objects.
  • It is now possible to recover the deleted AD groups.
  • Schedule and automate database backups in the product.
  • Option to view disk space information of the server where ADManager Plus is installed.

Enhancements:

  • Management: Option to enable/disable computers from Single Computer Modification
  • Custom HCM authorization: OAuth2.0, Bearer, Basic Authentication and API Key have been added to authorize API requests.
  • Help desk delegation: Customize columns while selecting technicians in the delegation tab.
  • Workflow:
    • Flexibility to add comments in workflow requests.
    • Create workflow requests to add users to Microsoft 365 groups, enable and delete Lync accounts of users, enable litigation hold, and more.
  • AD search: Option to apply filters and customize columns while searching for users, groups, computers and contacts.
  • Naming formats:
    • While configuring naming formats, it is now possible to preview the output format.
    • You can now choose words, initialize capitals, use Nth character, random numbers, and more in naming formats.
    • Option to automatically increase the numbers in the specified alphanumeric name to avoid duplication of attributes like logon name, mail, etc.
  • Automation:
    • Additional options have been added to the reset password action in user automation.
    • Flexibility to copy the configurations of an existing automation policy.
    • While configuring successive tasks in automation policy, it is now possible to set time in minutes.
  • A larger number of Microsoft 365 reports now use Microsoft Graph API in place of Azure AD module for swift communication.
  • Report on security policy settings like account policies, local policies, event log, restricted groups, system services, file system and registry settings using the GPO Settings report.
  • Flexibility to sort domains alphabetically for easy identification.
  • Option to use SMS verification as a two-factor authentication method.
  • You can now configure the department attribute for computer objects.
  • Flexibility to customize columns while modifying users, groups, computers, etc.
  • Administrators can now disable concurrent logins for technicians, and also have the flexibility to sign technicians out of their active sessions.
  • Two new filters, member and memberOf have been added to filter group-based reports' results.
  • Option to create a remote shared mailbox using the shared mailbox creation template.
  • Ability to delegate compliance reports to help desk technicians.
  • You can now search and select OUs while creating AD objects.
  • Member-based group reports have been optimized for enhanced performance.
  • A Custom Script field has been added to the Shared Mailbox Modification Templates.
  • You can now validate the Telephone Number and Mobile attributes with a format of your choice in templates.

Fixes:

The following issues have been fixed in this release:

  • Technicians with ServiceDesk Plus configuration privilege were able to obtain authentication tokens of privileged accounts.
  • Issue in creating workflow requests using REST APIs.
  • Issue in generating reports on active computers and recently created users.
  • The client secret key was missing while configuring a new Microsoft 365 tenant in the product.
  • External senders were able to send messages to groups despite enabling the Requires that all senders are authenticated option for them.
  • Technicians were unable to login to the product due to synchronization issues.
  • Error in displaying user data while modifying users' photos using the Manage User Photos option.
  • Issue in deleting objects from a bulk user modification request in workflow.
  • While creating a new user, technicians other than those with administrator privileges, were unable to configure home folder permissions.