- Implemented SSH for password changing on Linux accounts.
- Fixed bug with Active Directory Synchronization when pulling users and groups from an organizational unit.
-
Fixed issue with the 'next password' component of Remote Password Changing.
Main Focus: Enhancing Folder Functionality and Security
Features and Enhancements:
-
Added configuration option to allow Secrets to inherit folder permissions by default.
-
Added configuration option so that a user must have view permission on a folder to see it.
-
Users can now create and manage their own folders without them being visible to all users.
-
User now requires Edit permission on a folder to be able to add secrets to it.
-
Added a new 'Everyone' group to include each existing user for easier management and legacy folder permission support.
-
Tightened folder restrictions to require share permission on a parent folder in order to add a child folder.
-
Implemented audit records for when Groups are created, made inactive/active within Secret Server.
-
Implemented audit records for when users and groups are created or made active/inactive from Active Directory.
-
Renamed two Role Based Security permissions: Administer Roles is now Administer Role Permissions and Administer Group Roles is now Administer Role Assignment.
-
Secret Types are now labeled as Secret Templates.
-
Added an 'Evaluation Expiry' notice to alert users when their evaluation is about to expire.
Bugs:
-
Fixed bug when users were made inactive when Secret Server could not connect to Active Directory.
-
Fixed bug where Backup did not work properly if a database name contained certain characters.
-
Fixed error that occurred on the AdminGroupByGroup page when no groups exist.
-
Fixed error when trying to import folders with line breaks in a Secret field.
-
Fixed issue with Password Type configuration not saving correctly in certain situations.
Main Focus: Addressing Role Based Access Control
Features and Enhancements:
-
Implemented Role Based Access Control (Role Based Security) to set granular, assignable permissions for users.
-
Added the ability to launch Remote Desktop from a secret.
-
Added the ability to import secrets by folder.
-
Secrets can now be exported with a folder name.
-
Added ‘Run Now’ button to the Remote Password Changing screen.
-
Implemented a visual keyboard on the login screen to thwart keyloggers.
-
Added the ability to create custom web.config files to override the default impersonation settings that will not be overwritten on upgrades.
-
Added a dropdown on the results screen for users to define the amount of secrets to display.
-
Created a Security Hardening Report that displays the security level of your system’s installation.
-
Created the SecretTypeSetActive.aspx page for quickly setting the active status on Secret Types
-
Improved the ‘Help’ documentation.
-
Groups deleted from Active Directory will now be disabled.
-
Improved performance by adding caching for theming.
-
Specific passwords can be set on the Remote Password Changing - AutoChange feature.
-
Added a preference for showing a full folder path on the home search grid.
-
Implemented robot.txt file to stop search engines from indexing Secret Server installations.
-
Folder creation and editing is now an assignable permission.
-
Added a search textbox to the Users screen.
-
All cookies are now HTTP only for additional security.
-
Added ‘Save and Add New’ button SecretView.aspx.
-
Increased the visual size of the notes field.
Bug Fixes:
-
Fixed bug where an exception was thrown when invalid information was entered in the ‘minimum password length’ configuration option.
-
Fixed bug where the folder picker modal did not work properly when Secret Server was viewed inside a frame.
-
Fixed error where Secret Type export XML format was incorrect.
-
Fixed bug where notification emails did not contain the full URL for the installation.
-
Fixed bug where Integrated Authentication was not setting last login.
-
Fixed bug where permission checkboxes were being displayed when the secret was set to inherit permissions from folder.
-
Fixed bug where duplicate users appeared in the Active Directory synchronization preview.
Main Focus: Improving permission inheritance and bug fixes.
Features and Enhancements:
-
Bulk operations now supports enabling folder inheritance on a secret.
-
Deleted Synchronized Active Directory groups are now disabled within Secret Server.
-
Added support for automatic backups on servers at different locations.
Bug Fixes:
-
Fixed bug when editing folder permissions that include a disabled user.
-
Fixed padding error for secret item history for very large values on secrets.
-
Fixed bug in Remote Password Changing due to new column for inherited permissions.
-
Fixed broken "unmask password" image on 'Secret Edit' page.
-
Fixed 'Remember Me' bug due to .NET 2.0 migration.
-
Fixed 'Close' image on dialog.
-
Fixed paging problem on AdminExport grid.
-
Fixed bug where expiration date did not decrease on old secrets.
Main Focus: Customizing the appearance (themes) and inheriting permissions on folders
Features and Enhancements:
-
Added inheriting permissions on folders.
-
Folders with identical names are now permitted.
-
Added theming to allow customization of of all user interface elements.
-
Added two new themes (Blue Chrome and Corporate).
-
Made "Download Secret Assistant" a configuration setting.
- Strong name signing on all assemblies for improved security.
-
Improved Access Denied message to give more detailed information on Step 3 of the installation process.
-
Added a customizable Login Policy Statement for corporate environments.
-
Added the ability to search by subfolder.
-
Migrated from the Microsoft .NET Framework 1.1 to 2.0.
-
The Admin Folder screen now displays your last selected folder.
-
Improved the Active Directory Query for groups using .NET 2.0 to get past the 1,000 group limit.
Bug Fixes:
-
Fixed bug in Bulk Edit Share that would not allow the removal of all permissions on a new secret.
-
Fixed barchart issue to stop overlapping names.
-
Fixed installation bug where first user is sometimes not created.
- Fixed bug in Configuration related to Update check. (yes/check earlier RN)
- Fixed bug in Two Factor when Active Directory is disabled.
- Fixed issue when using special characters in the database connection string.
- Fixed exception in Secret Type Designer when Secret Type has no fields.
Main Focus: Improve Documentation
-
Added context based help for several pages and added additional help content.
-
Fixed minor XSS (cross-site scripting) issue.
Main Focus: AD Improvements and UI Tweaks
-
Improved performance of AD integration.
-
Added the ability to import secrets with the same name.
-
Fixed AD issue with commas in Usernames.
-
Searching by folder is now disabled when the Search by Folder dialogue is collapsed.
Attention Secret Server Users
|
New Customers
Simply install the ZIP from http://updates.thycotic.net/secretserver/secretserver.zip and you will get the latest release. Existing Customers (Upgrading)
To get the latest release, browse to your Secret Server, look in the header bar (near the logout link) for an alert that will appear telling you that there is a new version. Simply click the alert and follow the on screen instructions to automatically upgrade to the new version (note that you must be logged in as a Secret Server administrator to do the upgrade). PLEASE BACKUP YOUR SECRET SERVER FOLDER AND DATABASE BEFORE DOING THE UPGRADE. If the alert does not appear in the header then either restart IIS or touch the web.config to have Secret Server restart and check for updates.
If you have any questions or issues, please contact our support team.
Unicode
"Unicode is an industry standard designed to allow text and symbols from all of the writing systems of the world to be consistently represented and manipulated by computers."
(http://en.wikipedia.org/wiki/Unicode)
AES 256 bit Encryption
"The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths."
(http://en.wikipedia.org/wiki/Advanced_Encryption_Standard)
SHA-512 Hashing
"SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 are the secure hash algorithms required by law for use in certain U. S. Government applications, including use within other cryptographic algorithms and protocols, for the protection of sensitive unclassified information."
(http://en.wikipedia.org/wiki/SHA512#Applications)
|
