This cumulative public hotfix resolves the following issues for Password Manager 5.9.5, including AD LDS version.
The following is a list of issues investigated in this update.
|SelfService Site||Before, when using the SelfService Site to create custom activities or workflows, the ActivityFailure error message was missing. Now, if an error occurs, this error message is visible.||271412|
|SelfService Site||There was an issue with the duplication of error messages. These duplicated error messages are now removed.||262221|
|SelfService Site||The SelfService Site handled custom activity scripts differently compared to the legacy SelfService Site. Certain activity controls showed an incorrect value, not the "text" data that should have appeared on the screen. The issue has been fixed and now the expected value is shown.||267337|
During initialization, the user could not select custom certificates on the SelfService site Initialization page. Now the dropdown lists all available certificates and the user is able to select any them.
Offline Password Reset
In cases, when the user is different from the last logged in user, or due to a policy restriction, Windows does not store the data of the last logged in user, when there is an attempt to reset the user's password offline with the generation of a challenge code, the generated code was invalid and not accepted. This issue is fixed now.
This hotfix also includes cumulatively the following fixes:
|SelfService Site||Previously, enabling reCAPTCHA v3 on the Self-Service site did not work, and users could bypass the reCAPTCHA check regardless of its results. This issue is now fixed and reCAPTCHA v3 is supported on the Self-Service site.||251284|
|Password Policy Manager||Previously, the Password Policy Manager component did not work when Local Security Authority (LSA) protection was enabled in the environment in which Password Manager has been running. This issue has been fixed by replacing the previously unsigned DLLs with signed DLLs.|
NOTE: This change affects only Password Manager installations that have Password Policy Manager installed in an LSA-enabled environment. It does not affect installations that do not have Password Policy Manager installed, or that have Password Policy Manager installed in an environment with LSA disabled.
Previously, if the maximum password age rule failed, the Next button was unavailable. This issue has been fixed and now the Next button is available.
Previously, when the Unlock My Account workflow was set to be always visible, the account header showed the user status as Registered+Locked even when the user status was unlocked. This issue has been fixed and now the account header shows the user status appropriately.
Previously, when the language was set to Chinese (Traditional), when entering a password to access the Manage My Profile page, the page failed to load and an error message appeared. This issue has been fixed and now the page loads normally.
Previously, during RADIUS 2FA authentication an error occured when two AD attributes (mobile phone and email) were not filled. The issue has been fixed so that RADIUS 2FA authentication can be used now even when these two AD attributes are not filled.
Previously, when using RADIUS 2FA authentication or Starling authentication where a pincode is typed in, an error occured when the Enter key was used instead of clicking on Continue. This issue has been fixed and now it works with both the Enter key and with Continue.
Previously, when using the Reset password workflow at the Helpdesk Site to generate a new password, the Next button was unavailable. This issue has been fixed and the Next button is now available.
The /PMSelfService URL name was previously case-sensitive, meaning that if it has not been typed exactly, then the page did not load, or was redirected to the root of IIS. This has been fixed by making /PMSelfService case-insensitive.
Previously, the new SelfService Site could not be reached if a non-standard port number (other than 80 or 443) has been specified in the IIS settings. This issue has been fixed so that the SelfService Site can now be reached even when non-standard port numbers are used in the IIS settings.
Previously, if showing domain selection was configured on the Admin Site, the setting was only available on the SelfService site for the HelpDesk role. This issue has been fixed, so domain selection is now available on the SelfService Site for every role.
Installing this hotfix
To install this hotfix