Zurück
-
Titel
Password Manager 5.9.5 cumulative hotfix -
Beschreibung
The following is a list of issues investigated in this update.
Product component Resolved issue Defect ID Administration Site Previously, if the administrator started the unregistration process of a large organization unit (OU), and attempted to unregister other users, or groups while the unregistration process of the large OU was still in progress, then the product interface would stop working. This issue has been fixed, and now, the product interface keeps working as intended. 168143 Administration Site On the Administration Site, if the Select default Language for email in the Email Template is configured as English (United States), the users will receive emails only in English, irrespective of the language chosen during registration. This issue has been fixed, and now, the users receive emails in the language they specified during registration. 85543 Helpdesk Site Some users with specific usernames or passwords were unable to log in to the Helpdesk Site. This issue has been fixed, and these affected users are now able to log in to the Helpdesk Site. 277535 Self-Service Site On the Self-Service Site, the password complexity validation differed from the Active Directory validation. This issue has been fixed now. 278455 Administration Site Saving the settings of the Clear old records from reporting database task (located under General Settings > Scheduled Tasks) was not possible, if the time format of the setting was other than "MM/DD/YYYY". Now, the administrator can save the settings with any date format. 249542, 278371, 285137 This hotfix also includes cumulatively the following fixes:
Product component Resolved issue Defect ID Self-Service Site There was an issue with custom activity controls (for example, textboxes or radiobuttons) not being visible on the Self-Service site, if multiple custom activity controls were configured. This issue has been fixed, and now the custom activity controls are always visible when they should be. 282733 Self-Service Site Previously, there was a conflict with ReCaptcha settings. When a new workflow was created with ReCaptcha set to v3, this workflow did not pass, if a ReCaptcha v2 was passed earlier successfully. This issue has been fixed now by adding a condition that checks whether the site key has already been used by ReCaptcha, and resets the process accordingly. 283667 User Site Previously, when moving the User Site from its default /PMUser path to another location (for example, to the root of the domain URL), configured dictionary rules did not work, and image files related to the User Site could not be found by Password Manager. These issues are now fixed: images used on the site now load correctly, and the configured dictionary rules also work properly if the default path is changed. 276154 User Site / Self-Service Site Previously, users were unable to change their password due to a configuration error affecting the dictionary validation rule of user password management. The issue occured when Password Manager was installed and run with local user privileges, and the Password Manager service tried accessing the dictionary file of the configured dictionary rule with those local privileges instead of the permissions provided via domain connections. This issue has been solved and now, when Password Manager runs as local host, the service checks the presence of the dictionary file via the data provided in the domain connection.
273805 Self-Service Site Previously, when changing or resetting the password on the Self-Service Site, when the password was copy-pasted from the clipboard, the Continue button was enabled even when the password failed the dictionary validation rule. The issue has been fixed by ensuring that the Continue button remains disabled if dictionary rule validation fails. 280199 Self-Service Site
Previously, reCAPTCHA v2 protection did not work properly on the Self-Service Site, causing numerous errors:
Configured reCAPTCHA v2 protection could block users from searching for their account.
It could prevent users from logging in, even if they passed the reCAPTCHA test.
When the General Settings > Search and Logon Settings > Security Settings > Show a security image every time a search is performed setting was enabled, the reCAPTCHA v2 check could let users search for their account, even if they failed the reCAPTCHA test.
These issues are now solved, and reCAPTCHA v2 protection now works as intended.
277207
Self-Service Site When resizing the browser window of the new Self-Service site, the display of certain items, for example, the account logo or text lines, were incoherent. The appearance of the Self-Service site has been improved and the display of information responds to the browser window's width correctly. 276196 Self-Service Site Previously, the Password Manager Self-Service Site displayed a CAPTCHA security image every time when searching for a user, even if the General Settings > Search and Logon Options > Security Settings > Show a security image to prevent bot attacks > Show a security image every time the search is performed setting was disabled on the Administration Site. In addition, Password Manager accepted any value provided by the user whenever the CAPTCHA check was not supposed to appear.
This issue is now fixed, and the related security settings work as intended.261426 Administration Site Previously, the WYSIWYG email editor (for example, in General Settings > Email Template or in the Workflow editor), had the following issues:
- Attempting to add or modify an online image with the Body > Add Image > URL field resulted in the Add/Edit Images pop-up dialog disappearing.
- Attempting to edit the email body text with the Body > Edit HTML pop-up dialog resulted in the cursor frequently moved to the Subject line, making it impossible to edit the body text with the Edit HTML pop-up dialog.
267661, 85624, 85625 Self-Service Site Fixed a potential vulnerability in a third-party component of Password Manager by updating jQuery library to v3.5.1. 268487 Administration Site Previously, the Password Policies > Password Policy Properties > Policy Rules > User Properties Rule > Prevent users from using account properties as part of passwords > The entire value of a user property setting had a misleading name. This is because the option does not actually check the specified password against the entire length of the selected user property, if the user property contains any non-alphabetical characters (such as . or @). Instead, this setting validates the password against entire words found in the specified user property.
To better reflect the actual behavior of this setting, it has been renamed to Entire words in properties.272386 Password Manager Service Previously, deleting the Password Manager log folder resulted in the Password Manager Service being unable to start. This issue has been fixed so that the Password Manager Service now automatically re-creates the log folder upon launch if the specified folder does not exist. 274716 Password Manager Fixed a potential logo pixelation on the Splash Screen. 273659 Self-Service Site If the Display user agreement workflow step was added to a workflow, and it was customized with HTML modifiers, the text showed up in a raw format on the Self-Service Site. The text now shows up formatted, and correctly, if HTML modifiers were used in the workflow step. 272671 Helpdesk Site On the HelpDesk site users were unable to authenticate with some special characters in the password. The issue has been fixed. 115992 Password Manager Service In scenarios where the configuration environment contains multiple PM servers, there was an issue with replication caused by RADIUS scheduled task. Now, when RADIUS scheduled task runs, the shared storage files are only updated, if needed. 272902 Password Manager Service There was an issue with IP address logging. If there was a Network Load Balancer in the configuration enviroment, then the logged IP address was the NLB's IP address instead of the client's IP address. To correct this, a X-Forwarded-For header has been added in an extra line to the log file. This way, the IP address sequence starts with the client's IP address and it is followed by the IP addresses of each router and NLB, separated with comma (,). 84855 Self-Service Site Before, when using the Self-Service Site to create custom activities or workflows, the ActivityFailure error message was missing. Now, if an error occurs, this error message is visible. 271412 Self-Service Site There was an issue with the duplication of error messages. These duplicated error messages are now removed. 262221 Self-Service Site The Self-Service Site handled custom activity scripts differently compared to the legacy Self-Service Site. Certain activity controls showed an incorrect value, not the "text" data that should have appeared on the screen. The issue has been fixed and now the expected value is shown. 267337 Self-Service Site During initialization, the user could not select custom certificates on the Self-Service Site Initialization page. Now the dropdown lists all available certificates and the user is able to select any them. 267634 Offline Password Reset In cases, when the user is different from the last logged in user, or due to a policy restriction, Windows does not store the data of the last logged in user, when there is an attempt to reset the user's password offline with the generation of a challenge code, the generated code was invalid and not accepted. This issue is fixed now. 268648 Self-Service Site Previously, enabling reCAPTCHA v3 on the Self-Service site did not work, and users could bypass the reCAPTCHA check regardless of its results. This issue is now fixed and reCAPTCHA v3 is supported on the Self-Service site. 251284 Password Policy Manager Previously, the Password Policy Manager component did not work when Local Security Authority (LSA) protection was enabled in the environment in which Password Manager has been running. This issue has been fixed by replacing the previously unsigned DLLs with signed DLLs.
NOTE: This change affects only Password Manager installations that have Password Policy Manager installed in an LSA-enabled environment. It does not affect installations that do not have Password Policy Manager installed, or that have Password Policy Manager installed in an environment with LSA disabled.263832 Self-Service Site Previously, if the maximum password age rule failed, the Next button was unavailable. This issue has been fixed and now the Next button is available. 264254 Self-Service Site Previously, when the Unlock My Account workflow was set to be always visible, the account header showed the user status as Registered+Locked even when the user status was unlocked. This issue has been fixed and now the account header shows the user status appropriately. 262655 Self-Service Site Previously, when the language was set to Chinese (Traditional), when entering a password to access the Manage My Profile page, the page failed to load and an error message appeared. This issue has been fixed and now the page loads normally. 264289 Self-Service Site Previously, during RADIUS 2FA authentication an error occured when two AD attributes (mobile phone and email) were not filled. The issue has been fixed so that RADIUS 2FA authentication can be used now even when these two AD attributes are not filled. 261694 Self-Service Site Previously, when using RADIUS 2FA authentication or Starling authentication where a pincode is typed in, an error occured when the Enter key was used instead of clicking on Continue. This issue has been fixed and now it works with both the Enter key and with Continue. 262442 Helpdesk Site Previously, when using the Reset password workflow at the Helpdesk Site to generate a new password, the Next button was unavailable. This issue has been fixed and the Next button is now available. 263377 Self-Service Site The /PMSelfService URL name was previously case-sensitive, meaning that if it has not been typed exactly, then the page did not load, or was redirected to the root of IIS. This has been fixed by making /PMSelfService case-insensitive. 261808 Self-Service Site Previously, the new Self-Service Site could not be reached if a non-standard port number (other than 80 or 443) has been specified in the IIS settings. This issue has been fixed so that the Self-Service Site can now be reached even when non-standard port numbers are used in the IIS settings. 261730 Self-Service Site Previously, if showing domain selection was configured on the Admin Site, the setting was only available on the Self-Service Site for the HelpDesk role. This issue has been fixed, so domain selection is now available on the Self-Service Site for every role. 262435 -
Ursache
Defects:16814385543277535278455249542, 278371, 285137 -
Lösung
Please download the hotfix here.
Installing the hotfix
To install this hotfix
- Extract the contents of the supplied .zip archive into a temporary folder on the local drive where it is installed.
- Rename the extracted PasswordManager-5.9.5-SOL334561.exe.rename file to remove the .rename file name extension.
- Run the file PasswordManager-5.9.5-SOL334561.exe and follow the on-screen instructions to complete the hotfix installation.
- Clear previously cached images and files from your browser before you run the installed hotfix.
- Re-schedule the Clear old records from reporting database task (under General Settings > Scheduled Tasks) when the installation of the hotfix is complete.