Chat now with support
Chat with Support

Authentication Services 4.2.2 - Release Notes

One Identity Authentication Services 4.2.2

One Identity Authentication Services 4.2.2

Release Notes

December 2019

These release notes provide information about the One Identity Authentication Services 4.2.2 release.

About this release

Authentication Services extends the capabilities of UNIX, Linux, and Mac systems to seamlessly and transparently join Active Directory and integrate Unix identities with Active Directory Windows accounts.

Authentication Services 4.2.2 is a minor release that includes:

  • Starling enhancements
  • Cloud service platform support

New features

The following new features are now available with Authentication Services 4.2.2:

  • Starling enhancements (797136)

    The administrator can set up a proxy url from Quest Authentication and use Starling two-factor authentication to log in. Any phone number or email attribute can be selected. The default time can be changed. Messaging includes the hardware being authorized.

    The feature is available on multiple platforms including running Starling on Oracle Solaris 10 x86_64 and on AIX 7.1/7.2.

  • Cloud Service platform support
    • Google Cloud Platform Managed Service for Microsoft Active Directory
    • AWS Directory Service for Microsoft Active Directory (also called AWS Managed Microsoft AD)

Resolved issues

The following is a list of issues addressed in Authentication Services 4.2.2.

Table 1: General resolved issues
Resolved Issue

Issue ID

vastool: Fix incorrect option to user checkaccess.

308319

vastool: Fix symlink issue on Linux PPC64LE during configure pam.

706559

vastool: When unconfiguring passwd on Solaris 11, remove added use_first_pass.

764742

smartcard: Better handle smartcards with multiple slots.

797298

vgp: Validate sudoers file before attempting to modify it.

801114

vastool: During join, if the computer password failed to set properly, stop there instead of continuing the join.

802574

packaging: During uninstall, suppress unconfigure selinux messages.

803790

vastool: Better handle cross domain / forest starling detection and caching.

804042 and 804045

scripts: Add version check to install.sh on Solaris 10 for 8/11 (Update 10).

804105

krb5: Fix joining to domains with a lot of DCs on AIX and Solaris.

804788

vastool: On Solaris 11.4, configure a 64-bit libsudo_vas library to match the new 64-bit sudo binary.

804856

vastool: When running vastool starling check with debug, add --debug-verbose to the call to starling.

804894

vastool: Fix configure selinux issue on RedHat 6.x.

805417

vasd: vas_ccache_renew was filling up /tmp/ duplicating files on renewing.

805560

status: Add additional check for users.starling before checking Starling configuration / status.

805666

vastool: During join, set msDS-SupportedEncryptionTypes to 524319 from 31 to disable Resource SID Compression, to help with cross domain/forest group memberships in mixed domain functional level situations.

806078

krb5: Update Heimdal to the latest version, 7.7.0.

NA

Known issues

The following is a list of issues known to exist at the time of release.

Table 2: Known Issues
Known Issue Issue ID
auth: Cross forest user with child domains can fail to log in. There is a workaround using capaths, see KB 54961. 802683
vgp: Setting smb-dialect-range to include 3+ triggers downloading of files to fail. 804186
Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents