Password Manager 5.10 - Release Notes

The following is a list of issues addressed in One Identity Password Manager 5.10.0.

Table 2: Resolved issues – General Password Manager Issues
Resolved issue	Issue ID
The country code is now the primary key, not the phone tag. More countries can be added with the same phone tag.	306075
New users can now be registered if the change password option is flagged for the user. If the request comes from outside of the PDC, then the application will bind to AD through the PDC.	308490

Table 3: Resolved issues – Password Manager Administration Site
Resolved issue	Issue ID
Previously, while adding a new domain connection, if the user provided an incorrect NETBIOS name, and saved the dialog, Password Manager allowed saving the dialog. This caused several other problems if the user attempted to use Password Manager normally. Now Password Manager will not even allow the user save the dialog if it cannot find a domain with the provided NETBIOS name.	303985
When clearing the Comment Attribute, the string "<not set>" was inserted in the attribute. Now when clearing the Comment Attribute, no string is inserted in the attribute, and it is tagged empty. Only the explorer displays the default "<not set>" text, because it is empty.	218165
The Password Policy Export functionality has been fixed, now the file starts to download if export is clicked.	314570

Table 4: Resolved issues – Password Manager Self-Service Site
Resolved issue	Issue ID
Form pre-validation on multiple Q&A questions displayed a warning message if any question was left unselected. Now the Self-Service Site disables the items in the context list of selectable questions field based on the current selections and user-created questions (if there is any). The Tab and Enter key functionalities have been improved too.	305861
Pressing Enter in the "Forgot my password" workflow did not submit the form. Now the users can submit their form by pressing the Enter key.	306195
Tabbing to next question in "Forgot my password" form did not work properly. The user had to press the Tab key twice to go to each next field Now the users can step through the form by pressing the Tab once.	306194
Previously the splash screen logos were not customizable, due to an issue with the customization page. This is now fixed and the site functions correctly.	302268
The "Continue" button was enabled when a user attempted to change the password with a word that was flagged from the dictionary. This issue has been fixed. Now if the user types in a password that contains any of the dictionary's words with the criteria defined in the policy, then the "Continue" button is not enabled.	284327

Known issues

The following is a list of issues, including those attributed to third-party products, that are known to exist at the time of the One Identity Password Manager 5.10.0 release.

Table 5: Known issues
Known issue	Issue ID
Currently, the Password Policy Manager (PPM) component does not support Local Security Authority (LSA) protection.	295089
When User Principal Name (UPN) is used as service account, installing a Password Manager hotfix can lock the service account. Workaround To solve the problem: Change the service account to the domainname\username format. Provide a password for the same service account user. Install the Password Manager hotfix.	255614
Following a Password Manager upgrade, the General > Settings > Scheduled Tasks > Active Directory Sites task is disabled. Workaround After upgrading Password Manager to a newer version, enable the Active Directory Sites task manually.	246147
When scheduled from the secondary instance of the Password Manager server, the General Settings > Unregister Users task does not run. Workaround Schedule the Unregister Users task on the primary instance of Password Manager.	233679
If the application pool identity is a domain user with minimal permissions, then Web interface customization changes are not applied to the Self-Service and Helpdesk Sites.	233658
In the General Settings > Instance Reinitalization page, the Corporate phone attribute is not imported from the primary instance to the secondary instance. Workaround Update the Corporate phone attribute manually on the secondary instance to have the same value as on the primary Password Manager instance.	229200
If the Password Manager Self-Service Site contains an IPv6 address, the location-sensitive authentication (LSA) feature does not work. Workaround LSA currently supports IPv4 addresses only. Therefore, do not access the Password Manager Self-Service Site from an external network where the request contains an IPV6 address.	221571
When configuring a dictionary rule in the Password Manager Administration Site, the Policy Rules > Dictionary Rule > Enable dictionary lookup to reject passwords that contain > Beginning characters of a dictionary word setting does not work correctly if you specify only 2 beginning characters. Workaround One Identity recommends using the A complete word from the dictionary (QPMDictionary.txt) setting when configuring a dictionary rule.	221468
If no appropriate authentication methods are configured for it, the Forgot My Password screen may appear blank in the Password Manager Self-Service Site or Helpdesk Site. Workaround In the Password Manager Administration Site, One Identity recommends configuring the Register workflow with Security Questions as one of its registration modes.	221389
When a symmetry rule is configured with the Policy Rules > Symmetry Rule setting of the Password Manager Administration Site, it may fail to validate passwords containing non-consecutive characters. Workaround Do not use the Policy Rules > Symmetry Rule > Maximum number of consecutive characters within a password, that read the same in both directions (pass4554word) setting.	220177
In a Password Manager for AD LDS environment, if the User Scope is configured with an AD LDS account, the Forgot My Password and Manage My Passwords workflows will fail. Workaround When configuring a User Scope, do not use The following AD LDS account setting of the Access account > Edit AD LDS Instance Connection dialog.	220171
When a Questions and Answers Policy is updated with any language other than English, users may receive both the default and the custom email notifications on the Password Manager Self-Service Site. Workaround For the Email user if workflow succeeds workflow, change the value of the Select email template to use setting to Customize.	219401
When searching users with reCAPTCHA enabled, not entering reCAPTCHA for the second time results in a non-human readable error message. Workaround Always search for users with the correct username and with the reCAPTCHA check completed.	217064
Upgrading Password Manager from version 5.6.3 to 5.9.x keeps the previous My Questions and Answers profile workflow. Workaround To solve the problem: In the Password Manager Administration Site, navigate to the My Questions and Answers profile workflow. Open Workflow Settings > Availability. Set Enable the workflow to Never. Select Show the workflow on the Self-Service site. To apply your changes, click OK.	215892
The User Status Statistics scheduled task may fail intermittently.	171590
After upgrading to Password Manager 5.9.x, the My Notifications custom workflow cannot be edited in the Password Manager Self-Service Site. Workaround One Identity recommends to use the legacy Self-Service Site to edit the My Notifications workflow.	171589
When using Password Manager for AD LDS, the Password Policies page of the Administration Site is not updated when a password policy is created. Workaround After a new Password Policy is created, click Save, and immediately cancel the Add New Policy wizard. The page will refresh and list the new policy.	170587
After upgrading to Password Manager for AD LDS 5.9.x, the General Settings > Search and Logon Options menu may display an error when its settings are modified. Workaround To solve this problem: In the Password Manager for AD LDS Helpdesk Site, navigate to General Settings > Search and Logon Options. In the Users must enter the following user account attribute for identification setting, change the value from sAMAccountName to cn.	170560
Domain users may not be able to access the Password Manager Administration Site, even if they are members of the local PMAdmin group. Workaround When using Password Manager 5.8.x or newer, domain users can access the Administration Site only if they are members of both the local PMAdmin group, and either the IIS_IUSRS group or the Administrators group.	170441
In Password Manager for AD LDS, certain column data required for custom activities are not available in generated reports.	170355
After upgrading Password Manager from an earlier version to 5.9.x, the upgrade process may create duplicate URL references for the Password Manager User Site. Workaround Manually delete URL shortcuts that are not required.	169921
When a Password Manager for AD LDS instance and the Password Manager for AD LDS server instance are not configured on the same machine, Password Policy Rules are not displayed in the new and legacy Password Manager for AD LDS Self-Service Sites. Workaround Configure the Password Manager for AD LDS instance and the Password Manager for AD LDS server instance on the same machine.	169763
The user search settings of the Password Manager for AD LDS Helpdesk Site may work incorrectly. Workaround To solve the problem: In the Password Manager for AD LDS Helpdesk Site, navigate to General Settings > Search and Logon Options. Use the cn attribute instead of mail to search for users.	169384
When editing a Questions and Answers Policy, you may be unable to edit or delete translated questions. Workaround To edit existing translated questions, add another translated language.	168957
The Password Manager Self-Service Site may not launch on Secure Password Extension (SPE) through a 32-bit operating system. Workaround If you have a 32-bit operating system, One Identity recommends to use the legacy Self-Service Site.	167871
When a password is changed from the target Active Directory (AD) system to that of the source AD, One Identity Quick Connect may be unable to synchronize passwords. Workaround Restart the Quick Connect Capture Agent Service on all the source and target systems.	167573
In Password Manager versions 5.8.2 and 5.9.x, you can only reconnect to a domain on the second attempt. Workaround To solve the problem: In the Password Manager Administration Site, select the User Scope, Helpdesk Scope or Password Policy you want to configure. Click Add domain connection twice to add a new domain connection.	166950
In email notifications, the #OPERATOR_ACCOUNT_NAME#, #OPERATOR_IP#, #WORKFLOW_RESULT#, and #WORKFLOW_SUMMARY# parameters are not populated.	141728
On Windows Server 2019, the Password Manager Service and One Identity rSMS Service may stop. Workaround To solve the problem, make sure that the domain controller machine and the clients are at two separate entities.	127587
When editing a dictionary file between the size of 10–20 MB from a Password Policy, the web browser session may crash, and an error may appear in the Windows Event Viewer. Workaround If you must modify a dictionary file larger than 10 MB, edit it from the domain machine where Password Policy Manager (PPM) is installed.	115957
When performing a password reset with the Password Manager Helpdesk Site, the site also accepts the previous/old password. Workaround Manually enter a different password during the short duration of the password reset.	114822

System requirements

Password Manager Service and Administration Site requirements

Before installing Password Manager , ensure your system meets the following minimum hardware and software requirements. These requirements are applicable both to Full Installation and Distributed Installation (when the Self-Service Site and the Helpdesk Site are installed on separate systems).

Table 6: Password Manager Service and Administration Site requirements

Requirement

Details

Platform

1.6 GHz or higher.

Memory

At least 4 GB RAM.

Hard disk space

2.7 GB of free disk space.

NOTE: If .NET Framework is already installed, then installation may require less disk space.

Operating system

Password Manager can be run on any of the following operating systems:

Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022

NOTE: Consider the following operating system and machine restrictions:

Password Manager is not supported on Windows Server Core mode setup.
One Identity does not recommend installing Password Manager on the machine where the Domain Controller (DC) server is installed.
Password Manager supports Windows Server 2012 R2 and later versions in domain and forest functional levels, including domains operating in a mixed mode.
Password Manager does not support Windows 2008 and earlier versions.

Internet Information Services

Password Manager requires any of the following Microsoft Internet Information Services (IIS) versions on the web server of your environment:

IIS 7.0
IIS 7.5
IIS 8.0
IIS 10.0

TIP: To ensure best practice security, configure Password Manager to use HTTPS. For more information, see Password Manager 5.10.0 Administrator Guide or Password Manager 5.10.0 Administrator Guide (AD LDS Edition).

Web browser

Password Manager supports the following web browsers:

Microsoft Internet Explorer 11
Microsoft Edge
Mozilla Firefox 10 or later
Apple Safari 5 or later
Google Chrome 15 or later

Microsoft .NET Framework

Microsoft .NET Framework 4.7.2

NOTE: Install .NET Framework before you install Password Manager.

Visual C++ Runtime Libraries

Password Manager supports the following Visual C++ Runtime Libraries:

Visual C++ Runtime Libraries 2017
Visual C++ Runtime Libraries 2010

Visual C++ Runtime Libraries x86 and x64 are included in the Password Manager distribution package.

NOTE: Install Visual C++ Runtime Libraries 2010 and Visual C++ Runtime Libraries 2017 before you install Password Manager.

Adobe Acrobat Reader

Acrobat Reader DC

NOTE: Acrobat Reader DC 17.009.20044 is included with the Password Manager distribution package.

Minimum screen resolution

1280x1024 pixels

Seleccione su producto:

Con el fin de ofrecerle un mejor servicio, complete el campo Motivo del chat:

Soluciones recomendadas para su problema

Password Manager 5.10 - Release Notes

Resolved issues

Known issues

System requirements

Password Manager Service and Administration Site requirements

Password Manager Service and Administration Site requirements