Secret Server

Release Notes - Latest Release 6.2

3.2.000011

Main Focus: Improve Documentation

  • Added context based help for several pages and added additional help content.
  • Fixed minor XSS (cross-site scripting) issue.
3.2.000010

Main Focus: AD Improvements and UI Tweaks

  • Improved performance of AD integration.
  • Added the ability to import Secrets with the same name.
  • Fixed AD issue with commas in Usernames.
  • Searching by folder is now disabled when the Search by Folder dialogue is collapsed.

Archived Release Notes

3.2.000000 3.1.000007
3.1.000006
3.1.000005
3.1.000003
3.1.000002
3.1.000000
3.0.000001 3.0.000000
2.2.000000
2.1.000006
2.1.000005
2.1.000000
2.0.000000
1.2.000000


3.2.000000

  • Implemented unlimited administrator mode, allowing a Secret Server administrator(s) to work with all secrets within the system.
  • Added a read-only user type that can only view Secrets.
  • Administrators can require that each secret is assigned to a folder.
  • Audit Usage report tracks the total amount of secret audits conducted by month.
  • Secret Age report records the amount of days until a secret expires.
  • Created a report on the top 10 users within your Secret Server that records the amount of Secrets these users view.
  • Secret Type report displays the most popular Secret Types used and the percentage of Secrets they account for.
  • Top 10 user report records the activity of the most popular users within your Secret Server.
  • The password expiration functionality now gives all users the ability to expire a secret before its set date. Forcing a secret to expire is recorded in the User Audit report.
  • Field types are now selected by using a drop down list when editing/creating a Secret Type.
  • Administrators can now view Active Directory groups.
  • Implemented file attachments for Secrets. This option can be selected on the Secret Type edit page.
  • Export Secret feature now provides the ability to export Secrets by folder.
  • Administering folders now has a simple interface.
  • Fixed Folder Export bug that wouldn't allow Administrators to export folders while running on an SSL certificate.
  • Fixed bug where inactive users appeared in "Add Share" or "Edit Share" on the bulk operations dialogue of the Home page.
  • Fixed bug where inactive groups appeared on the secret share page.
  • Fixed Two Factor authentication bug that didn't allow AD or Windows Integrated Authentication users to login.
Start of page

3.1.000007

  • Fixed a bug in Active Directory synchronization that incorrectly disabled some users.
  • Fixed the export Secrets feature to work with SSL.
Start of page

3.1.000006

  • Added the "Synchronize Now" button to allow Administrators to force an Active Directory Synchronization.
  • Improved System Logging by adding more detail to help diagnose issues.
  • Fixed case sensitivity bug in Active Directory Synchronization.
Start of page

3.1.000005

  • Secret Assistant - Now works with Secret Server Online Edition
  • Secret Assistant - Handles errors when closing/opening windows
  • Secret Assistant - Guesses input form elements when no site definition is available
  • Secret Assistant - Now supports active directory users
  • Fixed login token to be backwards compatible on upgrades
    • System log now captures events for help with configuration and debugging
  • System log now captures events for help with configuration and debugging
Start of page

3.1.000003

  • Fixed Display Name used as Common Name bug in AD Synchronization
  • Fixed CN= bug in AD Synchronizaion
  • Fixed Windows Authentication for SQL Server not working on background threads (bulk move to folder, etc)
  • Added webservices to support Secret Assistant
Start of page

3.1.000002

  • Windows Integrated Authentication feature
  • Fixed issue on Active Directory Synchronization
  • Fixed Active Directory create user password validation
  • Fixed Domain cookie to be persistent
  • Fixed Share auditing
Start of page

3.1.000000

  • The Active Directory Add-On now features synchronization. Secret Server now synchronizes users, groups and group membership with the Active Directory.
  • Added Remote Password Changing Add-On. Secret Server now automatically updates passwords on remote accounts when they expire. Supported accounts include Microsoft Windows, Microsoft Active Directory and Microsoft SQL Server.
  • Administrators have the option of keeping a configurable length history log on any secret field.
  • Implemented nested folders allowing for multiple sub-folders.
  • Administrators are now able to force HTTPS. Enabling this feature will automatically redirect the user to use SSL.
  • Added inactivity timeout feature for logins when users leave their workstations unattended.
  • Login passwords can be forced to require special characters, numbers, length, etc.
  • IP Address ranges for accessing Secret Server can be restricted per user by the administrator.
  • Administrators are able to set secret expirations on a Secret Type through the Secret Type Designer.
  • Enhanced folder functionality by giving administrators the ability to set default permissions to folders.
  • Added support to the Mobile Edition for the Apple iPhone.
  • Enhanced user interface by adding expired secret dialog and treeview of nested folders.
  • Password masking now defaults to "On" for new users. In addition, administrators can force password masking for all users.
  • Login page now remembers your last Domain for AD users.
  • Enhanced User Audit Report drop down list to selectively show inactive users.
  • Enhanced search screen to remember parameters and search results.
  • Improved installer/upgrader to remember database password.
  • Fixed Administration Export screen to escape notes field correctly.
  • Fixed new user screen to not require password for AD users.
  • Fixed bug that occurred when trying to login using LDAP user when that username already exists locally.
  • Fixed bug that occurred when trying to create a secret with no fields.
  • Fixed bug to correctly authenticate AD administrators on the Administration Export page.
Start of page

3.0.000001

  • Fixed bug in the secret export log.
  • Fixed email bug in Two Factor Authentication.
  • Fixed bug that appeared when trying to upgrade Secret Server with an inactive Active Directory user.
  • Fixed escaping problem involving single quotes on tooltips.
  • Fixed bug when copying to clipboard with multiple lines of text.
  • Fixed duplicate bug in the Favorite Secrets dialogue.
  • Fixed bug when removing own permissions from a secret.
Start of page

3.0.000000

  • Active Directory integration now supports multiple domains.
  • Redesigned the user interface for the entire application.
  • Bulk operations can be used for moving Secrets to folders and giving sharing permissions.
  • Favorite Secrets can now be selected by each user.
  • Administrators can export Secrets for compliance with offline requirements. All exports are fully audited and require an administrator password.
  • Two Factor Authentication can be activated per user and sends a pin code to their email account on login.
  • Fully localizable to different languages - now ships with English and Russian.
  • Added customizable help documentation and tool tips.
  • All actions made on user accounts are audited.
  • Added ability to unmask passwords when viewing a secret.
  • Inactive users, groups and Secret types are hidden by default.
  • Extended Secret field size on SQL Server to 1991 characters.
  • Fixed bug where Mac users would see mobile edition.
  • Fixed sorting issues on various grids and dropdowns.
  • Fixed Search and Browse All to return results in same order.
Start of page

2.2.000000

  • Added folders on the Home screen to categorize Secrets. Folders can be customized for your installation and may be used to separate customers, regions, office locations, departments, etc.
  • Implemented Naming Pattern feature to standardize Secret names entered by users when creating Secrets.
  • Enhanced Password Generate feature in Secret Type Designer to allow administrators the ability to set password requirements by defining the character set and length.
  • Fixed bug in User Audit screen to prevent empty dates from being selected.
  • Increased MaxRequestLength in Import Secrets to accept 20mb of information, allowing for thousands of Secrets to be imported at one time.
  • Fixed bug in Secret Type Designer to ensure that the Password checkbox always stays checked.
Start of page

2.1.000006

  • Fixed intermittent PKCS padding exception.
  • Fixed maximum length issue when decrypting certain Unicode Secrets.
Start of page

2.1.000005

  • Upgraded AES encryption strength from 128 bit to 256 bit on all secrets.
  • Upgraded user password hashing from SHA-1 to SHA-512.
  • Symmetrically encrypted data is now salted when encrypted - this means two Secrets with the same value will not have the same encrypted value.
  • Added "lite" user interface when using mobile device (compatible with Windows Mobile, BlackBerry and Palm).
Start of page

2.1.000000

  • Fixed configuration error for MS Access users.
  • Now compatible with most mobile devices such as Windows mobile, Black Berry and Palm.
  • Enhanced Webservices support for the IE toolbar.
  • Secret Field Descriptions are now available
  • Fixed failure count error when re-enabling a user.
  • Improved overall performance, including the "home" screen.
  • Researched and improved Microsoft's OutOfMemoryException (which only occurs on certain machines).
  • Active Directory integration can now be configured per-user.
  • All Secrets require at least one person to have share/view permissions (to prevent orphaning Secrets).
  • Groups now appear before users in drop down lists when sharing secrets for easier navigation.
  • Resolved issues with Secret Type Designer regarding edit and up/down arrows.
  • The Secret Search and Import pages now display only "Active" Secret Types.
  • Users can now audit other users that share the same secret.
  • Notes fields now preserve text formatting.

Start of page

2.0.000000

  • Added a new Administration toolbar item
  • Secret Type to and from XML
  • Secret Type Designer - allows users to create their own secret types
  • Simple reports - User Audit Report
  • Secret View page is now friendlier when you can't access the secret
  • Extended search to allow searching by secret type
  • Improved Search performance
  • Updated the GUI to new 2.0 look
  • Added Secret Field Description to Secret Type Designer
Start of page

1.2.000000

  • Slashes are now escaped on Secret View page avoiding any clipboard failures
  • Quick Search added to the tabs/toolbar
  • Secrets can now be "deleted" (marked as inactive)
  • Notes field is now multiline (like real notes)
  • URL fields in Secrets are now clickable
  • Browse all was very slow and has been reworked for much better performance when there are lots of Secrets
  • Importer has been extended to support any Secret Type
  • Enforces single browser per login for improved security
  • Added "Bank Account" Secret Type
  • Added more Remember Me settings to allow timeout after a period in minutes, hours and/or days
  • Support for browser toolbar in Secret Server (via web services)
© 2010 Thycotic