The following is a list of issues addressed in this release.
The following is a list of issues addressed in this release.
The following is a list of issues, including those attributed to third-party products, known to exist at the time of release.
Known issue |
Issue ID |
On the Helpdesk Site, if the AutoGenerated password is enabled, the AutoGenerated password is not accepted, and the button is displayed by default. This issue occurs, if the company does not have a password policy set in Active Directory. Workaround: Set the password policy in Active Directory. |
264489 |
The Q&A Policy can be saved without filling the mandatory questions fields. By leaving these fields empty, certain self-service workflows will not work. Workaround: Always provide mandatory questions when you are configuring the Q&A Policy. |
261495 |
When scheduling tasks, the administrator can select a date which has already passed, and schedule a task for that day. For example, the administrator can select 2020-12-31 when, in fact, the current date is 2021-01-01. A status message is displayed of the un-register scheduled task. Workaround: Currently, there is no workaround for this issue. |
261496 |
Installing the hotfix locks the service account when UPN is used as service account. Workaround: Change the service account to "domainname\username" format and provide a password for the same service account user, and then, install the hotfix. |
255614 |
Users may fail to log in on the Self-Service site using their user principal names (UPNs). Workaround: Remove the corresponding managed domain from user scopes of configured Management Policies and add it again. |
203516 |
On the Self-Service site, users may fail to authenticate themselves with passwords, if passwords contain only blank characters. Workaround: Users must change passwords so that passwords do not contain only blank characters. |
217751 |
If you add a domain group to a user scope on the Administration site and then rename the group using standard Active Directory management tools (for instance, the “Active Directory Users and Groups” console), Password Manager may not rename the group on the User Scope page of the Administration site. Workaround: Remove the group from the user scope and add it again. |
220304 |
If a user belongs to user scopes of two Management Policies, the user may receive two email notifications instead of one when enforcement rules and reminders are applied. Workaround: Either remove the user from the user scope of one Management Policy or from user scopes of enforcement rules and reminders belonging to a single Management Policy. |
220778 |
If a domain management account is disabled or its password is changed, Password Manager continues to access managed domains and no errors occur. |
221124 |
After importing the configuration to a Password Manager instance, there may be no notification on the Administration site that the account used to connect to the domain is invalid if the Password Manager Service account is used for connection. Workaround:
|
259528 |
Search for users may fail on the Self-Service and Helpdesk sites and a list of domain controllers for a managed domain may fail to be displayed on the Administration site, when a new domain controller is being promoted in the environment. Workaround: Stop all Password Manager application pools in the IIS and start them after the domain controller has been promoted and corresponding changes have been replicated. |
315876 |
When two Management Policies have mutually exclusive user scopes, search for users on the Self-Service or Helpdesk site may fail. Workaround: Do not create Management Policies with mutually exclusive user scopes, i.e. do not add the same groups to the scope of users allowed to access the Self-Service site in one Management Policy and to the scope of users denied access to the Self-Service site in the other Management Policy. |
324517 |
When several domains sharing the same UPN suffix are added to the user scope, Password Manager may fail to find users on the Self-Service site when search for users belonging to a domain other than the first one is performed by a user principal name. Workaround: Perform the following steps on the “Search and Logon Options” page of the Administration site:
|
353295 |
After upgrade, the Password Manager service may not start as expected. Workaround: Use the Services console (Services.msc) to start the Password Manager service: Right-click that service in the console, and then click Start. |
468736 |
After upgrade, you may view old QPM* application(s) in the IIS Manager console. Workaround: You may safely delete the old QPM* application(s) in the IIS Manager console. |
468735 |
Form authentication fails for admin site if the domain name is not specified. Workaround: Provide the Domain name or Username to log into the Admin site. |
98052 |
Browser session crashes and an error is displayed in the windows event log, when the dictionary file between the size of 10 MB to 20 MB is edited from the Password Policy. Workaround: If any modifications have to be made to the Dictionary file exceeding size greater than 10 MB, it has to be edited from the domain machine where the Password Policy Manager (PPM) is installed. |
115957 |
On Windows Server 2019, services for Password Manager and rSMS is stopped. Workaround: Ensure that the DC machine and clients are at two separate entities. |
127587 |
rSMS service restart is required for custom log path and custom certificate changes. |
113794 |
A warning is displayed by the One Identity rSMS Service when you try to uninstall/ upgrade existing Password Manager version while the rSMS service is still running. Workaround: Accept the Warning and proceed with the uninstallation. |
116469 |
In Quick Connect, unable to synchronize passwords when password is changed from the target to the source Active Directory system. Workaround: Restart the Quick Connect Capture Agent Service on all the source and target systems. |
167573 |
On the Password Manager Administrator site, the page keeps loading after removing a custom workflow that was added. Workaround: Refresh the page to completely delete the custom workflow. |
169056 |
Password Manager self-service site is not launched on SPE through a 32-bit system. Workaround: Recommend to use the Legacy self-service site on a 32-bit system. |
167871 |
The user interface does not function as expected, when a large organizational unit (OU) is unregistered and the unregister task is stopped. Workaround: Refresh the unregister user page. |
168143 |
Unable to edit or delete the translated questions in the Q&A profile. Workaround: Add another translated language to edit the previous translated question. |
168957 |
The Password Policy Rules are not displayed in the Legacy self service site or the Password Manager self service site for Password Manager ADLDS. Workaround: Password Policy rules are displayed when the configured ADLDS instance and the Password Manager server instance is configured on the same machine |
169763 |
Not able to access the Password Manager Administrator site when the domain user is the member of the local PMAdmin group. Workaround: For PM versions 5.8.x or later, users must be a part of the local PMAdmin group and either of IIS_IUSRS or Administrators group to access the PMAdmin site. |
170441 |
#OPERATOR_ACCOUNT_NAME#, #OPERATOR_IP#, #WORKFLOW_RESULT#, and #WORKFLOW_SUMMARY# parameters are not populated in the email notification. |
141728 |
After upgrading Password Manager to 5.9.x, duplicate URL references are created for user site. Workaround: Open the location where the shortcuts of the URL are present and delete, if not required. |
169921 |
Allow users to specify different password for this system option is not working as expected. Workaround: Restart the Quick Connect Capture Agent Service on all the source and target systems. |
169325 |
After upgrading to Password Manager 5.9.x ADLDS version, search and logon page under General Settings menu displays an error when modified. Workaround: Replace the sAMAccountName attribute with cn in the Helpdesk site page under search and logon options for the option Users must enter the following user account attribute for identification. |
170560 |
Issues in user search setting for Helpesk in ADLDS. Workaround: Search the user by the cn attribute though mail is the specified attribute in the helpdesk site of search and logon options. |
169384 |
In Password Manager ADLDS, the UI is not updated when a password policy is created. Workaround: After a new policy is created, Click Save and immediately cancel the wizard of Create policy. Page refreshes to display the already created policy |
170587 |
After upgrading to 5.9.x, My notification for a custom workflow cannot be edited in the Password Manager Self Service site. Workaround: It is recommended to use Legacy Self Service Site to edit My Notification. |
171589 |
User Status Statistics, scheduled task fails intermittently. |
171590 |
Symmetry rule fails to validate the password containing non-consecutive characters. Workaround: Administrators must avoid configuring the symmetry criteria Maximum number of consecutive characters within a password, that read the same in both directions (pass4554word) under the Symmetry Rule. |
220177 |
In the Password Manager Self-Service site of the ADLDS version of Password Manager, Change Language link of Q & A profile is not available in the Register page. Workaround: It is recommended to use the Legacy self-service site. |
221453 |
When appropriate Authentication methods are not selected,Forgot My Password workflow screen is blank. Workaround: It is recommended to configure the Register workflow settings making Security Questions as one of the registration modes. |
221389 |
Dictionary rule is not working as expected when 2 beginning characters of a dictionary word option is selected. Workaround: Configure the complete word from the dictionary(QPMDictionary.txt) as part of the Dictionary rule. |
221468 |
During Password reset, helpdesk site accepts both previous/old passwords. Workaround: user has to manually enter a different password during a short duration of password reset. |
114822 |
Post upgrade of Password Manager from 5.6.3 to 5.9.x, My questions and answers profile workflow still exists. Workaround: Navigate toMy questions and answers profile workflow. Open the Workflow Settings page and navigate to the Availability tab. Click Never under Enable the workflow and Show the workflow on the Self-Service site options, and then click OK. |
215892 |
In the Password Manager version 5.8.2 and 5.9.x, reconnecting to a domain is successful only after the two attempts. Workaround: Clicking on Add Domain Connection for two times will add a new domain connection. |
166950 |
Inappropriate error message appears when recaptcha not entered for the second time. Workaround: Search users with correct username and recaptcha. |
217064 |
In the Password Manager self-service site of the Password Manager version 5.9.x, password history does not appear. Workaround: It is recommended to use the Legacy self-service site. |
221152 |
In the Password Manager self-service site, select language option does not change the language in the Display user agreement action. Workaround: It is recommended to use the Legacy version of self-service site. |
217068 |
Few column data required for custom activities are not available on the reports generated on ADLDS. |
170355 |
Location sensitive Authentication (LSA) feature does not work if self-service site request contain IPV6 address. Workaround: Do not access the self service site from an external network, where the request contains an IPV6 address. LSA currently works only for IPv4 addresses. |
221571 |
Forgot My Password, Manage My Passwords fails in ADLDS environment, when the userscope is configured with ADLDS account. Workaround: Do not configure the userscope of Password Manager for ADLDS using "The following AD LDS account:" |
220171 |
Corporate phone attribute does not get imported from primary instance onto the secondary replication instance in the Re-initialization page. Workaround: The Corporate phone attribute could be manually changed on the secondary instance to have the same value for Corporate Phone on both the PM Instances. |
229200 |
Users receive both default and custom email notifications, when Q&A profile is updated with any other language(other than English) in the Self service site. Workaround : Change the settings in Email user if workflow succeeds workflow to Customize for the Select email template to use: option. |
219401 |
Password Manager for ADLDS does not support Dictionary rule in OI Password policies. Workaround: Do not configure dictionary rule in Password Manager for ADLDS. |
97249 |
When the Select default Language for email in the Email Template is configured as English(United States), users will receive emails only in English irrespective of the language chosen during registration, in the Self service site. |
85543 |
Web interface customization does not get applied on Password Manager(AD and ADLDS), when the App pool account is a domain user with minimal permission. |
233658 |
Unregister user task does not run when scheduled from the secondary instance of the Password Manager server. Workaround: It is recommended to schedule an Unregister Users task on the Primary instance of Password Manager. |
233679 |
reCAPTCHA v3 does not work in Password Manager self-service site. Workaround: It is recommended to use reCAPTCHA v2 instead of reCAPTCHA v3 for reCAPTCHA activity. |
251284 |
Post upgrade, Active Directory sites (Scheduled Task) are in disabled state. Workaround: Post upgrade, manually enable the Active Directory sites. |
246147 |
This section provides system requirements for installing and running Password Manager and its components.
Before installing Password Manager, ensure your system meets the following minimum hardware and software requirements for Full Installation and Distributed Installation, if you have the Self-Service site and Helpdesk site installed on separate systems.
Requirement |
Details | ||
Platform |
1.6 GHz or higher | ||
Memory |
At least 4 GB RAM | ||
Hard Disk Space |
2.7 GB of free disk space
| ||
Operating System |
Password Manager can be run on any of the following operating systems:
| ||
Internet Information Services |
On the Web server, Password Manager requires any of the following IIS versions:
To ensure best practice security, Password Manager should be configured to use HTTPS. For more information, see Administrator Guide. | ||
Web Browser |
Microsoft Internet Explorer 11 Microsoft Edge Mozilla Firefox 10 or later Apple Safari 5 or later Google Chrome 15 or later | ||
Microsoft .NET Framework |
Microsoft .NET Framework 4.7.2
| ||
Visual C++ Runtime Libraries |
Visual C++ Runtime Libraries 2017 Visual C++ Runtime Libraries 2010 Visual C++ Runtime Libraries x86 and x64 are included with the Password Manager distribution package. You must install Visual C++ Runtime Libraries 2010 and Visual C++ Runtime Libraries 2017 before you install Password Manager. | ||
Acrobat Reader |
Acrobat Reader DC Acrobat Reader DC 17.009.20044 is included with the Password Manager distribution package. | ||
Minimum screen resolution |
1280*1024 pixels |
Password Manager supports Windows Server 2012 R2 and later versions in domain and forest functional levels, including domains operating in a mixed mode. Note that Password Manager installation is not supported on Windows 2008 and earlier versions.
© 2022 One Identity LLC. ALL RIGHTS RESERVED. Feedback 이용 약관 개인정보 보호정책