Version 6.5.1.0503 (May 03, 2022)

Features & Improvements

• Support Microsoft Remote Desktop Web Client (3674)
• Support TLS 1.3 (3703)
• MS-SQL JDBC driver upgraded to 10.2 (3681)

Bug Fixes

• DualShield with SQL server database upgrading to v6.5.0 failed (3671)
• Deleting and re-adding DeviceID tokens in the same user account caused the license count to increment (3488)
• The user search filter stopped working after moving to the next page (3645)
• Login via the Deepnet Authenticator (DNA) sometimes caused a deadlock (3653)
• OOBA by SMS and Call did not work in v6.5.0 (3679, 3880)
• The "Users have been inactive for n days" did not work (3690)

Version 6.5.0.0401 (April 1, 2022)

New Features

• DeviceID registration and renewal verification using Deepnet Authenticator (3469)
• Introduced DeviceID renewal (3469)
• Improved extraction of DeviceID properties (3473, 3525, 3563)
• Added FIDO2 support (3420)
• Travel velocity detection (3017)
• Replaced log4j with logback in the authentication server module (3447)
• Replaced log4j with logback in the certificate server module (3441)
• Upgraded log4j from 1.2.17 to 2.17.2 in the management console module (3451)
• New Device Sign-in support for Outlook Anywhere and ActiveSync (3516)
• New Device Sign-in support for Computer Logon (3528)
• New Device Sign-in support for Deepnet Authenticator (3529)
• Automatically renew the SSO certificate when the associated let's encrypt certificate has been renewed (3564)
• DualShield Deployment Service - support incoming username as a URL parameter 'username' (3582)
• DualShield SSO - support incoming username as the NameID attribute in the SAML request (3612)
• DualShield SSO - upgraded jquery to 3.6.0 (3590)
• Added "Send Activation Code via email" for DeviceID

Bug Fixes

• Failed to save the Product value in the task 'delete token by product' (3415)
• Error - "500:no enum constant com.deepnet.das.util.LogicalOperator", when navigating to Reports (3463)
• Error - "Gateway type not matched for TELEPHONE" in the Admin Console (3489)
• DualShield Service Console - user-defined token properties were not displayed for T-Pass and MobileID (3545)
• User's external status (Active/Disabled) change not reflected immediately (3561)
• Querying available channels for activation code raised exception (3565)
• LDAPBroker integration error: No signature of method (3569)
• In push token email, QR-Code is always included (3620)
• Searching LDAP user by internal attribute didn't work (3621)
• After LDAP user's internal attributes have been updated, DAC always shows the old values (3624)

Version 6.4.20.1215 (December 15, 2021)

Bug Fixes

• Failed to create new tokens for users who have no tokens (3438)
• Failed to work with DualShield IIS Agent if FQDN was changed in the past (3437)
• Log4J upgraded to 2.16  (3439)

...

• Add support for external SQL based user directory, e.g. Keycloak (3344, 3346)
• Release DualShield MyVD (Beta)

Bug Fixes

• In SSO, the delivery channels for the activation code were missing (3393)
• In SSO, error when attempting to register FIDO keys with PIN enabled (3328, 3376)
• In DAC, group search in the policy window did not work
• In DAC, executing the AUthentication Activity  task failed (3414)

...

• Support Let's Encrypt
• Support Deepnet Authenticator in RADIUS logon
• Support UAC Prompt in the Windows Logon 6.2 and the Computer Logon 1.3
• Support Network Drive Map in the Windows Logon 6.2 and the Computer Logon 1.3
• Add new device access notification
• Add token assignment expiration notification
• Improve FQDN change and certificate change and renewal
• Improve performance in AD group membership lookup when there is a larger number of nested groups
• Administrators can generate the Authorisation Code in the admin console
• Tokens can be exported from the server and import into the Computer Logon Client to be used for offline logon
• Support SID as a form of user's login identity, along with SAM account name, down-level domain logon name and UPN
• Return a RADIUS attribute with multiple values as multiple attributes of the same name

Bug Fixes

• German umlaut letters caused errors in OOBA push authentication
• Audit Logs were not exported according to the display filter
• Preview of User Interface Customisation did not work properly
• MS-SQL deadlock at a high volume of traffic
• QR code is not displayed in Gmail
• Mapping the Personal Email identity attribute to an AD attribute got the error "Attribute is intrinsic"
• Intrusion Alert did not work
• WINSSO caused exception
• MobileID OOBA push message did not beep
• Renewing a self-signed certificate resulted in different self-signed certificates in different DualShield servers in a cluster
• Unable to set a default pin in token polices
• GridID asks for resetting path even if the mode is set to free navigation
• At login, the answer in Q&A was visible
• Many minor issues were fixed in the Admin Console

...

• Expiration notification service for AD password
• Device Quarantine UI for DevicePass, DeviceID and DeviceCert
• Organizations and users can publish custom applications on the SSO portal and Self-Sevice console.

Bug Fixes

• DualShield root CA did not have a CN
• When FQDN is being changed, its self-signed certificate is not updated
• In some cases, OOBA doesn't work on iOS devices if there are multiple DualShield servers in the system
• Alert messages do not appear in the Inbox
• Occasionally, creating a group policy caused Hibernate lazy init error
• On the DevicePass and DeviceCert activation page, Contact Info is missing

...

• Expiration notification service for token PIN and PATH
• Add "last access ip" into token
• Auto refresh user status after lockout period ends
• If the token does not have PIN, hide the "PIN" entry box
• Make "Enable Agent Registration" persistent across all DAS instances
• New UI for RADIUS server EAP options
• Add "System Info" to show info such as the version of Java, Tomcat and MySQL
• Enhance the Self-Service Policy so that the Self-Service Console can be completely customised

Bug Fixes

• At RADIUS logon, token auto provisioning did not work
• FaceSense enrollment shows black image on Mac
• Cannot download HOTP token in Deployment Service
• Scan QR code of HOTP token results "null in ocraSuite" error
• QR code of Google Authenticator was not displaying in the  Deployment Service if Authorization Code is required
• Several reflected XSS in DSC, DUA and DRP modules
• Tomcat 9 error 400 includes the Tomcat version
• A possible hibernate SQL injection in the message search function in DAC and DMC
• After upgrade to 6.0, some newly tokens cannot be seen in the user account
• SAML SP attribute entry box does not accept manual entry
• Agent's Public URL cannot be set to empty
• Upgrading 2 DualShield servers simultaneously caused optimistic lock error

Version 6.1.0.0304

Bug Fixes

• Failed to register RADIUS server 
• Failed to install DualShield on a machine where JAVA is already installed
• Unable to edit Radius Client when it is connected to multiple Radius Servers

...

• Deepnet Authenticator is now available for Web and Cloud applications
• New authentication method DeviceCert is now available for Web, and Cloud application as well as Modern Authentication for Office clients
• Smartcard certificate authentication method is now also available for Web and Cloud applications
• Changing FQDN is now availbale within the admin console.  
• Changing and Renewing the certificate of the web consoles is now available within the Admin Console
• New option "Download Token in MobileID App" added to the MobileID policy
• New option "Remember last login username" added to the Logon policy
• New option "Remember last login methods" added to the Logon policy

Bug Fixes

• Downloading token from the MobileID app was malfunctional
• Remembering last logon methods did not work in a multi-step logon procedure
• Disabled users were allowed to reset password 
• The system admin account (SA) was not allowed to login when the license key has expired
• Application Self Test failed with an incorrect error message
• The QR code for the Google and Microsoft Authenticator did not work
• Office 365 ECP login did not work
• Unable to add Base DN when creating a new Identity Source of OpenLDAP
• Password Reset did not work in OpenLDAP (ClearOS)
• Radius server association was lost after editing a radius client
• Selecting "MS-CHAP2" in RADIUS authentication caused RADIUS authencation to fail
• Installing DualShield on Linux without legacy components would fail
• The value of RelayState was not URL encoded
• HTTP proxy did not work
• SAML response did not include the correct value of the SAML attribute "SessionNotOnOrAfter", causing some SPs to terminate sessions  within 5 minutes
• A CORS related issue
• Trying to unregister OOBA from the MobileID app caused a JSON error
• In the admin console, some passwords such as the Access User in the Identity Source was included in the data stream
• On an iOS device clicking "Download App" in DualShield Deployment Service (DDS) console took the user to Google Play

...

All of the web consoles in DualShield have been completely rewritten using the latest web technologies. 

There are many improvements and bug fixes in DualShield 6, such as

...