Changelog
  • 15 minutes to read
  • Dark
    Light
  • PDF

Changelog

  • Dark
    Light
  • PDF

Article Summary

Release date: Monday, October 16, 2023

Check below the new features, improvements, and errors fixed in this version of senhasegura.


⚙ Changelog per module

PAM - Credential Management

Bug fixes

ItemDescription
67Fixed the bug causing an issue when creating a segregated parameter where the platform reported that the devices were added to the list of devices. However, after saving and returning the configuration, the devices disappear.
69Fixed issue where, when registering a credential policy with a timeframe for expiration superior of ‘30 days’ timeframe, for example, 45 days, the period was shown as 2 months or a decimal number like 1.5 months.
1539Fixed a translation issue within the credential policies. Previously, when configuring the policy with an expiration time of 1 hour, it was displayed as 1 time.
1489Fixed a bug that caused a problem with usernames and tags in Access Groups. The bug affected the use of the [#USERNAME#] tag, which forced the information to be lowercase. This issue was affecting the functionality to substitute the username of a logged-in user, which, in turn, was impacting credentials access.
866Fixed a bug that caused a problem showing shortcuts to download files. The bug happened when starting a session using RDP and SSH proxy in credential details. The issue happened even when the credential did not have these connectors registered.
76Fixed the bug where the option Enable remote application usage was set to No on the device, the user still had access to the remote applications.
1584Fixed an error where, when registering a new policy and filling the field Reuse the same password for with a number, without filling in the measure unity, the system returned Error 500 - Internal Server Error.
81The "Tags" field of the Credential Record now only allows the following special characters: "@#( ):/._-][". Any other character will be considered invalid.

Product Updates

ItemDescription
1430The credential inactivation functionality has been deactivated and replaced by the Just In Time process. As a result, old settings will no longer be taken into account and the Just In Time process must be configured for the credential.
815Added a new functionality allowing the users to visualize reports of approvers by group.
126Added new options in system parameters to enforce multi-factor authentication for starting sessions or viewing the credential password, even when the Trust this computer option is enabled. However, the Trust this computer setting will still apply to all other actions.

New Feature

ItemDescription
114Added a new functionality where the user can register a secret key in the credential register form that will be used to generate a TOTP (Time-based one-time password) to log in on social networks.
1042Added a feature that allows the user to access the output of the executions performed to change the credential password. This new feature can be accessed in the credentials' password history.
159A new feature has been added to the Devices section, allowing users to edit, view, clone, and inactivate a device directly from the devices list. Also, users can now add a credential from the Action column by clicking the three dots and selecting the + Add Credential option.

Translation Fix

ItemDescrição
747Fixed a translation issue where the strings Settings and User were not translated correctly.
1539Fixed a translation issue where the time for expiration in the credential policies isn't appropriately translated to Portuguese, showing 1 minute in both languages.
1539Fixed a translation issue within the credential policies. Previously, when configuring the policy with an expiration time of 1 hour, it was displayed as 1 time.
1689Fixed a translation issue where one of the cards from the Network Connector status dashboard was shown in a different language from the system.

PAM - Session Management

Bug fixes

ItemDescription
744Fixed the bug that automatically deactivates the ClearTextType option on the RDP Proxy sessions when there is network instability.
83Fixed the Logs Export translation error from a remote session, which caused the report to be shown in Portuguese even though the language selected was different.
1097Fixed the error that shows the global connection banner instead of the banner added in device segregation in a proxy session.
1352Fixed the bug on Web Proxy SSH sessions with enabled SUDO automation, where the system returned two hash messages at the terminal and didn't conclude the process of the sudo su command.
130Fixed the bug where an email indicating the generation of the session video was sent before the transfer of files between the instances had been completed.

Product Updates

ItemDescription
626Deleted the option 'Record RemoteApp of this session' from the Action icon on the Remote Sessions page since this option doesn't offer any functionality, and other available options on the platform offer this function.

New Feature

ItemDescription
535The Portugal keyboard layout option was included in the System Parameters on the Remote Sessions settings.
64Added the "enable use of personal credential" option for segregated parameters by Group, Credentials, and Origin in a remote session.

Translation fix

ItemDescription
77Fixed the Russian and Polish translation bug when the user accessed the Access History from the Reports component, and the data wasn't shown, instead, it was an error message.
1219Changed the string with the example on how must be the standard writing to request a command execution.

PAM - Settings

Bug fixes

ItemDescription
75Fixed an issue where, in certain instances, logging into senhasegura would result in the page refreshing and prompting for user and password input again, requiring a reattempt at login.

Product Updates

ItemDescription
1208Added ProID to the list of OpenID providers.
46Fixed an issue where user groups managed through provisioning integrations (AD/SCIM) were experiencing member overwriting with each execution.
182Improved the error message in LDAP authentication testing. This enhancement provides more specific and informative feedback, aiding in troubleshooting LDAP authentication.
569Added a new command in Orbit-CLI to allow the removal of TOTP as the default MFA method in the tool.

New Feature

ItemDescription
298Implemented an integration enabling the use of AuthID as a Multi-Factor Authentication (MFA) method for Login, Password retrieval, and Session initiation.
173Added a parameter in the AD server registration to determine whether the domain to be used will be based on the authentication credential or the Account domain field.

Translation Fixes

ItemDescription
84Fixed a translation issue for the following terms in the French version: "SSH keys", "New application", Approval workflow", and "Lifecycle state".
612The string Provider user has been replaced by two new strings for the screens of editing and creating Authentication Providers.

Orbit

Bug fixes

ItemDescription
571Fixed the issue causing the senhasegura Orbit not to display the Application backup logs when a backup was created using Orbit-CLI.
652senhasegura logs no longer include a "Server not found" error message when a user skips registering a backup server for the application.
1389Fixed an issue where, after creating a cluster using the CLI and accessing the web interface, the option "External Cluster" was selected instead of "Cluster." This fix ensures that the correct option, "Cluster," is displayed as expected.
1680Fixed an issue where the cluster was consistently mounted in external mode, despite selecting or typing to mount it in normal mode.
640Fixed an issue where the integration with ITSM GLPI allowed closed GLPI tickets to be accepted as justifications in the senhasegura approval workflow.
1331Fixed an issue where deactivated SMTP accounts with the default account setting enabled were causing interference with email delivery.

Product Updates

ItemDescription
140Updated the justification screen for a Workflow Approval to set the "Start Access" field to the current time by default and set the default for the "Access end" field to be 30 minutes after the current time.
1079The "PAM Approver" role in User Management no longer has permission to view session details.
553On the Application Licenses screen, the Provisioning column has been removed as this product is no longer offered.
94Added the information about the number of available CPUs for the server in the "General Information" section of the Orbit > Server > Information menu.
95When selecting a module, its screen will automatically load. This will happen by default when switching modules.
134Added a new parameter in "System Parameters > Security" to enable integration with Hardware Security Modules (HSM).
169Added an option in the Orbit application settings for Syslog messages not to use the Network Connector.
1743Added permissions "System.Common.List" and "System.Common.Write" to the "PAM Administrator" role, enabling the ability to view the list of devices when creating/editing a credential..

New Feature

ItemDescription
792Implemented Audit Tracking for User Groups. This enhancement ensures that when creating or editing a user group, corresponding events will be generated in the syslog.
145Added a monitoring dashboard for Network Connector accessible through the menu "Devices > Settings > Network Connector > Monitoring".

Translation fix

ItemDescription
1518Fixed an issue where English terms were displayed in the Notifications settings screen when the user's system language was set to Portuguese. All terms and labels are now presented in the correct language.
1505Fixed an issue in the Server Information menu where the "I18N" string is no longer displayed next to the CPU text field.

Task Manager

Bug fixes

ItemDescription
779Fixed the bug that was preventing the creation of cloned groups with the same permissions as the original group. Now, whenever a new group is created using the Clone feature, all the permissions selected from the original group will be replicated.

Product Updates

ItemDescription
1362The 'View details' feature no longer appears in the Operations screen's Action column when a user tries to change a password with non-existent credentials. Given that these credentials don't trigger the password change process, there are no details to showcase.

New Feature

ItemDescription
162Added the action to activate/deactivate tasks registered in the component.

Behavior

Bug fixes

ItemDescription
157Adjusted the names of reports to match their corresponding menus.
157Fixed the inconsistency that displayed a divergent number of sessions/events when clicking on View event log. This inconsistency caused the number of records to differ from those displayed in the previous report.

Product Updates

ItemDescription
147Organized the user filter alphabetically in the User posture graph.
147Renamed the session Days logged to Total logins in the User posture graph.
147Added a pop-up feature that displays all of the user's locations when clicking Locations in the Behavior session of the User posture graph. This report can also be found in PANEL > Reports > Access to the system > Access by location.
147Added a pop-up feature that displays a Remote sessions report when clicking on the pie charts of the session's Device type, Device criticality, and Credential criticality.
147Added a session Score column in the High-risk session.
147Added a View more button to open a report that contains all of the users' sessions with risk. This report can also be accessed in Behavior > Behavior Analysis > Sessions with risk.
148Behavior log files have been separated from syslog files. The new log file is called notify.log
149Renamed some of the columns in the Excessive views report. The new names are Device, Credential, Credential Type, Additional information, Views, Average risk, and Action > Details.
149Renamed the column Username to Credential in the reports Views on unusual time, Unusual credential views, Views with unusual origin, and Unusual views.
150Refactored the Access by unusual origin report format to align with the standard template. Columns now include Origin, User, Sessions, and Average risk and Action.
150Added an Action column in the Access by unusual origin, Accesses at unusual time, Accesses with unusual average length, and Unusual accesses reports. In this column, users can access the log and the video of the selected session.
157Reorganized the menus of the Behavior component and applied icons to each menu.
157Added a new path inside Behavior to access Audited commands. Click Behavior > Settings > Audited commands.

Removed

ItemDescription
157Removed the column Privileged of the menus inside Behavior Analysis.

A2A

Bug Fixes

ItemDescription
68Fixed an issue related to updating certain credentials using the API endpoint /iso/pam/credential. This problem led to the device associated with the credential being overwritten, potentially resulting in alterations to access group permissions linked to Device type, Vendor, and Site.

Product Updates

ItemDescription
102Implemented the possibility to activate devices and credentials in our APIs. This has been done by adding the Enable field in the update method.
500Added the possibility to configure the following sessions in the A2A-APIs when creating or updating credentials: Execution settings, Session settings, Additional settings, and JIT settings .

Translation Fixes

ItemDescription
1687Fixed the success message in the API activation response for a credential.

Discovery

Product Updates

ItemDescription
171Improved the device import process following manual imports via discovery. Previously, devices added manually in a discovery process took a long time to be listed.

New Feature

ItemDescription
161Added the capability to include tags for imported devices in the configuration of Discovery glossaries, both through glossary definitions and manual entries.

PEDM - Linux / AD Bridge

No changes.


PEDM - AD Bridge

No changes.


PEDM - Windows

No changes.


PEDM - MacOs

No changes.


DSM (DevOps Secret Manager)

No changes.


Cloud IAM

Bug fixes

ItemDescription
564Fixed an issue that prevented users from editing and updating an AWS account in Cloud IAM.

Product Updates

ItemDescription
565Updated the Cloud IAM to reprocess information from registered Cloud Service Providers every 1 hour to ensure the reports are consistently up-to-date. Also, the 'Reprocess accounts' button was added, so users can update the reports manually whenever necessary.

Executions

Bug fixes

ItemDescription
1072Fixed the bug where the $ sign wasn't accepted as a username value when the Tk Expect plugin made a password change.

MySafe

Bug fixes

ItemDescription
79Fixed the issue where the layout of home cards in MySafe would break when displaying long information. A maximum size limit for all fields was implemented, ensuring that lengthy content is now truncated with ellipses when necessary.
1606Fixed the issue that returned an error with the message "An error occurred while encrypting the text" when creating a note in MySafe with 255 characters or more and configuring the API for encrypted (GET) request of the same note. The new limit is 982 characters.
1363Fixed an issue related to system slowness in the MySafe module. This correction addresses the overall system slowness, improving the performance of the MySafe module.

Product Updates

ItemDescription
105Implemented users' ability to store API keys in MySafe.
125Added a column and a filter field for the URL on the Passwords screen.
125Added a URL column in the password import template spreadsheet for sharing passwords.
125The Name or URL field has been split into two separate fields: one for the Name and one for the URL. Now, when importing your passwords from LastPass or Keeper into MySafe, the name and URL information will go into their respective fields. The information entered previous to this change will remain in the Name field.
125Added a URL field in the password details of the Password screen.
125Added the optional URL field for creating and editing passwords on the Password screen.
125Added a search by URL through the Find an item field of the MySafe homepage.
125Added a URL parameter for getting, creating, and updating passwords in the APIs of MySafe.
1100Changed the password strength level displayed on MySafe's Admin panel to match the categories on the screen. The available categories are Poor, Bad, Good, Best, and Undefined.

New Feature

ItemDescription
655Released new MySafe browser extension.

Domum

Bug fixes

ItemDescription
80Fixed the bug not displaying the correct IP addresses of devices that are members of a domain server on the domum access screen.
1353Fixed the bug that was causing new users from LDAP synchronization not to receive the correct roles.

Product Updates

ItemDescription
318The term Employee has been renamed to Internal user throughout the component.
1232Added a parameter to configure the first access token's minimum and maximum expiration time. The parameter value must be within 1 to 30 minutes to ensure successful login.

New Feature

ItemDescription
689Added a new feature that enables the provisioning of internal users using SCIM tools.
677Added a provisioning configuration in Domum where the system sends an internal user's access link when adding them to a group.
109Domum's internal users can now log in using SSO with SAML. senhasegura homologated these protocols with Okta.

Certificate Manager

Bug fixes

ItemDescription
779Fixed the bug that was preventing the creation of cloned groups with the same permissions as the original group. Now, whenever a new group is created using the Clone feature, all the permissions selected from the original group will be replicated.
1354Fixed the bug that ignored the approval workflow and enabled unauthorized users to view passwords.

Product Updates

ItemDescription
133The Certificate Information icon has been standardized throughout the component. It will be represented by the ID card and visible in the Action column.
138Added the option to save passwords registered during certificate import, without having to import the certificate key along with it.
174The Save button has been renamed to Publish on the certificate publishing screen.

New Feature

ItemDescription
144Added new notifications that inform the expiration of certificates in a consolidated manner. The notifications are sent once a day, gathering all certificates that will expire within the selected period.
188Added the possibility of generating multiple random certificates from a Common Name.

Network Connector

No changes.


Arbitrator

No changes.


Load Balancer

No changes.


Other versions

You can see the older documentation versions here.


Was this article helpful?