Version 6.4.20.1129
New Features
- Add support for external SQL based user directory, e.g. Keycloak (3344, 3346)
Bug Fixes
- In SSO, the delivery channels for the activation code were missing (3393)
- In SSO, error when attempting to register FIDO keys with PIN enabled (3328, 3376)
- In DAC, group search in the policy window did not work
- In DAC, executing the AUthentication Activity task failed (3414)
Version 6.4.20.1029
New Features
- Support Let's Encrypt
- Support Deepnet Authenticator in RADIUS logon
- Support UAC Prompt in the Windows Logon 6.2 and the Computer Logon 1.3
- Support Network Drive Map in the Windows Logon 6.2 and the Computer Logon 1.3
- Add new device access notification
- Add token assignment expiration notification
- Improve FQDN change and certificate change and renewal
- Improve performance in AD group membership lookup when there is a larger number of nested groups
- Administrators can generate the Authorisation Code in the admin console
- Tokens can be exported from the server and import into the Computer Logon Client to be used for offline logon
- Support SID as a form of user's login identity, along with SAM account name, down-level domain logon name and UPN
- Return a RADIUS attribute with multiple values as multiple attributes of the same name
Bug Fixes
- German umlaut letters caused errors in OOBA push authentication
- Audit Logs were not exported according to the display filter
- Preview of User Interface Customisation did not work properly
- MS-SQL deadlock at a high volume of traffic
- QR code is not displayed in Gmail
- Mapping the Personal Email identity attribute to an AD attribute got the error "Attribute is intrinsic"
- Intrusion Alert did not work
- WINSSO caused exception
- MobileID OOBA push message did not beep
- Renewing a self-signed certificate resulted in different self-signed certificates in different DualShield servers in a cluster
- Unable to set a default pin in token polices
- GridID asks for resetting path even if the mode is set to free navigation
- At login, the answer in Q&A was visible
- Many minor issues were fixed in the Admin Console
Version 6.3.0.0611
New Features
- Expiration notification service for AD password
- Device Quarantine UI for DevicePass, DeviceID and DeviceCert
- Organizations and users can publish custom applications on the SSO portal and Self-Sevice console.
Bug Fixes
- DualShield root CA did not have a CN
- When FQDN is being changed, its self-signed certificate is not updated
- In some cases, OOBA doesn't work on iOS devices if there are multiple DualShield servers in the system
- Alert messages do not appear in the Inbox
- Occasionally, creating a group policy caused Hibernate lazy init error
- On the DevicePass and DeviceCert activation page, Contact Info is missing
Version 6.2.0.0419
New Features
- Expiration notification service for token PIN and PATH
- Add "last access ip" into token
- Auto refresh user status after lockout period ends
- If the token does not have PIN, hide the "PIN" entry box
- Make "Enable Agent Registration" persistent across all DAS instances
- New UI for RADIUS server EAP options
- Add "System Info" to show info such as the version of Java, Tomcat and MySQL
- Enhance the Self-Service Policy so that the Self-Service Console can be completely customised
Bug Fixes
- At RADIUS logon, token auto provisioning did not work
- FaceSense enrollment shows black image on Mac
- Cannot download HOTP token in Deployment Service
- Scan QR code of HOTP token results "null in ocraSuite" error
- QR code of Google Authenticator was not displaying in the Deployment Service if Authorization Code is required
- Several reflected XSS in DSC, DUA and DRP modules
- Tomcat 9 error 400 includes the Tomcat version
- A possible hibernate SQL injection in the message search function in DAC and DMC
- After upgrade to 6.0, some newly tokens cannot be seen in the user account
- SAML SP attribute entry box does not accept manual entry
- Agent's Public URL cannot be set to empty
- Upgrading 2 DualShield servers simultaneously caused optimistic lock error
Version 6.1.0.0304
Bug Fixes
- Failed to register RADIUS server
- Failed to install DualShield on a machine where JAVA is already installed
- Unable to edit Radius Client when it is connected to multiple Radius Servers
Version 6.1.0.0301
New Features
- Deepnet Authenticator is now available for Web and Cloud applications
- New authentication method DeviceCert is now available for Web, and Cloud application as well as Modern Authentication for Office clients
- Smartcard certificate authentication method is now also available for Web and Cloud applications
- Changing FQDN is now availbale within the admin console.
- Changing and Renewing the certificate of the web consoles is now available within the Admin Console
- New option "Download Token in MobileID App" added to the MobileID policy
- New option "Remember last login username" added to the Logon policy
- New option "Remember last login methods" added to the Logon policy
Bug Fixes
- Downloading token from the MobileID app was malfunctional
- Remembering last logon methods did not work in a multi-step logon procedure
- Disabled users were allowed to reset password
- The system admin account (SA) was not allowed to login when the license key has expired
- Application Self Test failed with an incorrect error message
- The QR code for the Google and Microsoft Authenticator did not work
- Office 365 ECP login did not work
- Unable to add Base DN when creating a new Identity Source of OpenLDAP
- Password Reset did not work in OpenLDAP (ClearOS)
- Radius server association was lost after editing a radius client
- Selecting "MS-CHAP2" in RADIUS authentication caused RADIUS authencation to fail
- Installing DualShield on Linux without legacy components would fail
- The value of RelayState was not URL encoded
- HTTP proxy did not work
- SAML response did not include the correct value of the SAML attribute "SessionNotOnOrAfter", causing some SPs to terminate sessions within 5 minutes
- A CORS related issue
- Trying to unregister OOBA from the MobileID app caused a JSON error
- In the admin console, some passwords such as the Access User in the Identity Source was included in the data stream
- On an iOS device clicking "Download App" in DualShield Deployment Service (DDS) console took the user to Google Play
...