立即与支持人员聊天
与支持团队交流

Safeguard Privilege Manager for Windows 4.6 - Release Notes

Known issues

The following is a list of issues, including those attributed to third-party products, known to exist at the time of release.

Table 3: General known issues
Known Issue Issue ID

Some log files are still being created and maintained on the system drive even when Safeguard Privilege Manager for Windows has been installed to a non-system drive.

618

Some duplicate records exist in the database and could be optimized.

624

Error 1920 encountered during a PM Client installation repair (initiated from Add/Remove Programs), if the PM Client was manually installed.

Workaround: Instead of performing a repair, manually uninstall, then reinstall the Client.

721

CSEHostEngine.log grows quickly.

824

Table 4: Installation and Upgrade known issues
Known Issue Issue ID

There is an issue with sending data from clients to the database installed with the Safeguard Privilege Manager for Windows Console if there is an older Privilege Authority or Safeguard Privilege Manager for Windows Client running on the network.

Workaround: Ensure the following:

  • The Client Data Collection Settings in the Advanced Policy Settings for the relevant Group Policy Object (GPO) are enabled.

  • The Safeguard Privilege Manager for Windows Server information is correct.

  • The Privilege Authority clients are upgraded to the current version.

1568

Some files may still exist on your computer even after the Console or Client are uninstalled.

1837

After uninstalling the Safeguard Privilege Manager for Windows Console from a computer that also has the Safeguard Privilege Manager for Windows Client installed, the Start menu shortcut to the Safeguard Privilege Manager for Windows User Guide will fail to open the guide. Instead, the shortcut prompts the user for the location of the PAClient.msi file.

Workaround: Uninstall and re-install the Client. Alternatively, reinstall the Console.

1960

Table 5: Licensing known issues
Known Issue Issue ID

Applying a Professional license fails to prevent a rule with an expiration date from expiring.

Workaround: After you apply the license, open a rule that is going to expire, make your changes, and save the rule.

932

Applying a Professional license to an installation with an expired trial license can result in the loss of previously saved policies.

535

Table 6: Server known issues
Known Issue Issue ID

Sometimes when configuring the reporting feature, the connection to the web service fails on the last step of the wizard.

Workaround

Try again by clicking Previous, then Next again.

834

If you select a remote Safeguard Privilege Manager for Windows Server on a computer with a firewall enabled, you may encounter a Database Connection error when using the Reporting or Discovery and Remediation functions.

Workaround: Add the following firewall exceptions to the remote Safeguard Privilege Manager for Windows Server:

  • SQL Server Browser Service:

    %ProgramFiles(x86)%\Microsoft SQL Server\90\Shared\sqlbrowser.exe
  • SQL Server <ServerName>: %ProgramFiles%\Microsoft SQL Server\MSSQL10.PAREPORTING\MSSQL\Binn\sqlservr.exe

1105

If Windows Firewall is configured to deny connections (the Don’t allow exceptions and Block all connections options are chosen in all other operating systems), Safeguard Privilege Manager for Windows does not automatically override the settings when configuring firewall exceptions during the Safeguard Privilege Manager for Windows Server setup.

Workaround: Add an exception to the firewall manually for %ProgramFiles(x86)%\One Identity\Safeguard Privilege Manager for Windows\Console\Data Collection Service\PADataCollectionWinSvc.exe.

1657

If the administrator is prompted to reboot the computer after installing a prerequisite while using the Privilege Manager Server Setup wizard:

Once the computer is rebooted and setup wizard continues, the administrator must click the Back button to reenter any of the Server Email Notification Configuration settings they entered prior to the reboot.

1980

If the administrator is changing the selected Safeguard Privilege Manager for Windows Server that the Console points to by setting up a Server on the local computer:

After the wizard and Safeguard Privilege Manager for Windows Server Configuration are closed, the administrator may have to reopen the dialog. If the reporting screens still appear to be pulling data from the previously selected server, the administrator has to make sure the newly configured Safeguard Privilege Manager for Windows Server is the currently selected server.

1981

Table 7: Self-Service Elevation known issues
Known Issue Issue ID

The Self-Service Elevation Request Prompt does not appear for an MSI Windows installer file.

Workaround: Launch the Self-Service Elevation Request Form via the Elevate! button. You must configure the corresponding Self-Service Elevation Request settings.

1311

Some processes do not trigger the Self-Service Elevation Request Prompt even though they trigger User Account Control (UAC).

1674

On Windows Server 2012 R2, if your client is running on a system with UAC turned off:

When you right-click the Safeguard Privilege Manager for Windows icon in the Windows system tray and select the View status of advanced features dialog, the Self-Service Elevation Request and Self-Service Elevation Request (ActiveX installations) options should display as N/A (Not Applicable). Instead, it will incorrectly display an Enabled status.

1865

Table 8: Rules known issues
Known Issue Issue ID

A login failure occurs when connecting to the database and web service if you are using a SQL Server from an untrusted domain.

Workaround: Use the database server on the same trusted domain network environment.

698

When configuring reporting to use an existing SQL Server, clicking Previous in the Configure Database and Services step navigates you to an incorrect wizard step.

Workaround

To navigate to the Select an Existing SQL Server step, click Next.

832

Sometimes changing settings on the Advanced Policy Settings tab of a Group Policy Settings page results in the Network path was not found error once you save the changes to the Group Policy Object (GPO).

Workarounds:

  • Restart the Safeguard Privilege Manager for Windows Console.

  • Check that the changes you made on the Advanced Policy Settings tab of the Group Policy Settings page have been saved. If not, re-apply your changes and save the GPO.

1671

Currently, Safeguard Privilege Manager for Windows displays no feedback message when a user is denied run privileges due to a Blacklist setting.

124

The Rule Type filter on the Instant Elevation Report mistakenly contains Privilege Authority v 2.7-related values. An Instant Elevation Report generated based on these values contains no data.

As a workaround, only use the following filters:

  • file

  • ActiveX

  • Windows Installer

  • script file

1743

Table 9: Reporting known issues
Known Issue Issue ID

The Elevation Activity Report does not display correctly when exported to an .rtf file.

Workaround: Export your Elevation Activity Reports to different file formats.

728

The Console report shows the event time according to the current local time zone. 948

Some reports exported in Excel contain columns that do not display on the generated report page in the Safeguard Privilege Manager for Windows Console.

1738

Resultant Set of Policy (RSoP) output is empty or blank.

For a workaround if the client is installed on your computer and RSoP is failing

  1. Install .NET 3.5 Service Pack 1 (SP1).

  2. Install GPMC, which is part of the Remote Server Administration Tools.

  3. Open a command prompt and change the directory to where the client files are installed, such as the following on an x64 computer: C:\Program Files (x86)\Common Files\One Identity\Safeguard Privilege Manager for Windows\Client

  4. Run the following command: %WINDIR%\Microsoft.NET\Framework\v2.0.50727\regasm.exe" "PrivilegeManager.Reporters.dll" /tlb /nologo /codebase

    RSoP should now work for Safeguard Privilege Manager for Windows.

1881

System requirements

Before installing Safeguard Privilege Manager for Windows 4.6, ensure that your system meets the following minimum hardware and software requirements.

NOTE: The security status of the installation file can become "blocked" after download, inhibiting the ability of the product to be properly installed. For information on detecting and resolving this issue, see KB4268094.

Hardware, software, and operating system requirements
Table 10: Hardware, software and operating system requirements

Component

Hardware

Software

Operating system

Console and Server

  • Processor: 2.0 GHz, dual core equivalent

  • Memory: 4 GB

  • Disk space: 100 MB (Console)

    NOTE: Additional space is required for the Privilege Manager database. For more information, see Database Planning in the Administration Guide.

  • Screen resolution: 1024x768 or higher

  • .NET Framework 4.0

  • Microsoft Group Policy Management Console

  • PDF reader to open the product documents

  • Microsoft Windows 11

  • Microsoft Windows 10

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

  • Microsoft Windows Server 2012 R2

  • Microsoft Windows Server 2012

Note: One Identity recommends using the product with 64-bit operating systems.

Client

As recommended for your operating system.

N/A

  • Microsoft Windows 11

  • Microsoft Windows 10

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

  • Microsoft Windows Server 2012 R2

  • Microsoft Windows Server 2012

Note: One Identity recommends using the product with a 64-bit operating system.

Network requirements

The Safeguard Privilege Manager for Windows Console and Client must be installed on a computer within the Active Directory domain.

Required permissions
  • Local administrator rights to start the Console.

  • Write permissions for Group Policy objects (GPOs) to be configured.

Reporting database requirements

The Safeguard Privilege Manager for Windows Server component requires, Microsoft SQL Server hosted either locally on the machine running the product, or remotely.

The product supports Microsoft SQL Server 2014 to Microsoft SQL Server 2019. Safeguard Privilege Manager for Windows can optionally install SQL Server 2014 SP2 Express.

Product licensing

For more information on the available product editions and applying a license, refer to the Safeguard Privilege Manager for Windows Administration Guide.

Safeguard Privilege Manager for Windows licenses are compatible with only a single major version of the product (for example, 3.x or 4.x). Therefore, when upgrading to new major product version, you need to renew your existing license. To obtain a new license file and properly register the product after upgrade, use the License Assistance portal.

NOTE: Safeguard Privilege Manager for Windows does not transmit license data automatically to One Identity. Instead, you must update the product license manually.

Upgrade and installation instructions

For detailed information about upgrade information, refer to the Safeguard Privilege Manager for Windows Administration Guide.

For detailed information about installing the Console, configuring the Server, and installing the Client, refer to the Safeguard Privilege Manager for Windows Quick Start Guide.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级