Chat now with support
Chat with Support

Safeguard Authentication Services 5.1.3 - Release Notes

Safeguard Authentication Services 5.1.3

Safeguard Authentication Services 5.1.3

Release Notes

16 November 2023, 16:45

These release notes provide information about the Safeguard Authentication Services 5.1.3 release. For the most recent documents and product information, see Safeguard Authentication Services - Technical Documentation.

About this release

Safeguard Authentication Services extends the capabilities of UNIX, Linux, and Mac systems to seamlessly and transparently join Active Directory and integrate UNIX identities with Active Directory Windows accounts.

Safeguard Authentication Services 5.1.3 is a minor release that includes various bug and stability fixes. For a list of fixes included in this release, see Resolved issues.

End of support notice

After careful consideration, One Identity ceased the development of Management Console for Unix (MCU). Therefore, MCU entered limited support for all versions on 01 April 2021, with support for all versions reached end of life on 01 November 2021. For the definitions of support, see the Software Product Support Lifecycle Policy.

As One Identity retired the MCU, its feature set has been built into modern platforms, starting with Software Distribution and Profiling. Customers that use MCU to deploy Safeguard Authentication Services and Safeguard for Sudo can now use the One Identity Ansible collections for those products. For the Ansible collections, see Ansible Galaxy.

Resolved issues

The following is a list of issues addressed in this release.

Table 1: General resolved issues in version 5.1.3
Resolved Issue Issue ID

Previously, failed if either username-attr-name or groupname-attr-name was set in vas.conf. After the fix, will not fail even if either of the mentioned configuration variable is set.

435511 can now import One Identity endpoint public key on distributions using the RPM Package Manager.

Some Linux distributions, for example, SLES, enforce package signature verification if the package is signed, so failed to install the packages until the One Identity endpoint public key was not imported. From now on, in interactive or simple mode during a package install or update, will ask if package signature verification is needed. In unattended mode, it will import the public key automatically unless the --disable-public-key-import argument is specified.


Added support for djoin files generated on Windows Server 2022.

Previously, djoin files contained the Offline Domain Join credentials during an unattended join (see the vastool join -j option). If this file was generated on Windows Server 2022, Safeguard Authentication Services failed to parse it.


Fixed an issue where the database process sometimes crashed during groups caching on HP-UX systems. The issue was fixed by using a different method to create the SQL statement string.


Fixed an issue where if Safeguard Authentication Services failed to reach a cross forest domain controller during schema cache update, it stored the schema cache without the information about that forest, and defaulted to Windows 2003 R2. Since this schema information change also triggered a flush, it lost the user and group cache of that forest if it was operating schemaless.

The issue is now fixed.


Previously, vastool flush srvinfo failed to remove invalid entries from the srvinfo cache. After the fix, vastool flush srvinfo removes all entries.


Fixed an issue where the state of authselect could not be restored during package removal or a full deconfiguration. This caused PAM modules to be modified outside of authselect.


Fixed an issue where old filesets remained installed after an update if the new package was built for a different AIX version.

The fileset names in AIX packages will not contain the AIX version anymore. During update, old filesets get marked as obsolete, and if the update is successful, they are removed.


The Safeguard Authentication Services 5.1.2 version shipped bad builds for Linux ppc64le and aarch64. This caused exception handling to not work, resulting in several potential crashes, for example, when applying a group policy.

The issue is now fixed.


Previously, asdcom crashed on AIX when vasd daemon was not running. The vasd daemon also crashed occasionally.

These issues are now fixed.


Fixed an issue where vasd child processes logged all unexpected signals at debug level 2.

This issue was fixed by making sure unexpected signals are logged at error level.


Supported platforms

The following table provides a list of supported UNIX and Linux platforms for Safeguard Authentication Services.

CAUTION: In Safeguard Authentication Services version 5.1.3, the following platforms and architectures are no longer supported:

  • Apple MacOS versions 10.15, 11.0, 11.1, 11.2

  • HP-UX PA architectures

Table 2: UNIX agent: Supported platforms




Alma Linux

8, 9

x86_64, AARCH64, PPC64le, s390x

Amazon Linux

AMI, 2, AL2022


Apple MacOS

11.3 and above

x86_64, ARM64

CentOS Linux

6, 7, 8

s390x, PPC64, PPC64LE, x86, x86_64, AARCH64

CentOS Stream

8, 9

x86_64, AARCH64, PPC64LE, s390x


Current supported releases

x86_64, x86, AARCH64

Fedora Linux

Current supported releases

x86_64, x86, AARCH64, PPC64LE


12.x, 13.x






6.1 TL9, 7.1 TL3, TL4, TL5, 7.2, 7.3

Power 4+


Current supported releases

x86_64, x86, AARCH64, PPC64LE, s390x

Oracle Enterprise Linux (OEL)

6, 7, 8, 9

x86_64, AARCH64

Oracle Solaris

10 8/11 (Update 10), 11.x

SPARC, x64

Red Hat Enterprise Linux (RHEL)

6, 7, 8, 9

s390x, PPC64, PPC64LE, x86, x86_64, AARCH64

Rocky Linux

8, 9

x86_64, AARCH64, PPC64LE, s390x

SuSE Linux Enterprise Server (SLES)/Workstation

12, 15

s390x, PPC64, PPC64LE, x86, x86_64, AARCH64


Current supported releases

x86_64, x86, AARCH64

System requirements

Before installing Safeguard Authentication Services 5.1.3, ensure that your system meets the minimum hardware and software requirements for your platform. The operating system patch level, hardware, and disk requirements vary by UNIX, Linux, and Active Directory platform, and are detailed in the One Identity Safeguard Authentication Services Administration Guide.

NOTE: When setting up a virtual environment, carefully consider the configuration aspects such as CPU, memory availability, I/O subsystem, and network infrastructure to ensure the virtual layer has the necessary resources available. Please consult One Identity's Product Support Policies for more information on environment virtualization.

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating