You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 29 Next »

Version 6.4.20.1129

New Features

  • Add support for external SQL based user directory, e.g. Keycloak (3344, 3346)

Bug Fixes

  • In SSO, the delivery channels for the activation code were missing (3393)
  • In SSO, error when attempting to register FIDO keys with PIN enabled (3328, 3376)
  • In DAC, group search in the policy window did not work
  • In DAC, executing the AUthentication Activity  task failed (3414)

Version 6.4.20.1029

New Features

  • Support Let's Encrypt
  • Support Deepnet Authenticator in RADIUS logon
  • Support UAC Prompt in the Windows Logon 6.2 and the Computer Logon 1.3
  • Support Network Drive Map in the Windows Logon 6.2 and the Computer Logon 1.3
  • Add new device access notification
  • Add token assignment expiration notification
  • Improve FQDN change and certificate change and renewal
  • Improve performance in AD group membership lookup when there is a larger number of nested groups
  • Administrators can generate the Authorisation Code in the admin console
  • Tokens can be exported from the server and import into the Computer Logon Client to be used for offline logon
  • Support SID as a form of user's login identity, along with SAM account name, down-level domain logon name and UPN
  • Return a RADIUS attribute with multiple values as multiple attributes of the same name

Bug Fixes

  • German umlaut letters caused errors in OOBA push authentication
  • Audit Logs were not exported according to the display filter
  • Preview of User Interface Customisation did not work properly
  • MS-SQL deadlock at a high volume of traffic
  • QR code is not displayed in Gmail
  • Mapping the Personal Email identity attribute to an AD attribute got the error "Attribute is intrinsic"
  • Intrusion Alert did not work
  • WINSSO caused exception
  • MobileID OOBA push message did not beep
  • Renewing a self-signed certificate resulted in different self-signed certificates in different DualShield servers in a cluster
  • Unable to set a default pin in token polices
  • GridID asks for resetting path even if the mode is set to free navigation
  • At login, the answer in Q&A was visible
  • Many minor issues were fixed in the Admin Console

Version 6.3.0.0611

New Features

  • Expiration notification service for AD password
  • Device Quarantine UI for DevicePass, DeviceID and DeviceCert
  • Organizations and users can publish custom applications on the SSO portal and Self-Sevice console.

Bug Fixes

  • DualShield root CA did not have a CN
  • When FQDN is being changed, its self-signed certificate is not updated
  • In some cases, OOBA doesn't work on iOS devices if there are multiple DualShield servers in the system
  • Alert messages do not appear in the Inbox
  • Occasionally, creating a group policy caused Hibernate lazy init error
  • On the DevicePass and DeviceCert activation page, Contact Info is missing

Version 6.2.0.0419

New Features

  • Expiration notification service for token PIN and PATH
  • Add "last access ip" into token
  • Auto refresh user status after lockout period ends
  • If the token does not have PIN, hide the "PIN" entry box
  • Make "Enable Agent Registration" persistent across all DAS instances
  • New UI for RADIUS server EAP options
  • Add "System Info" to show info such as the version of Java, Tomcat and MySQL
  • Enhance the Self-Service Policy so that the Self-Service Console can be completely customised

Bug Fixes

  • At RADIUS logon, token auto provisioning did not work
  • FaceSense enrollment shows black image on Mac
  • Cannot download HOTP token in Deployment Service
  • Scan QR code of HOTP token results "null in ocraSuite" error
  • QR code of Google Authenticator was not displaying in the  Deployment Service if Authorization Code is required
  • Several reflected XSS in DSC, DUA and DRP modules
  • Tomcat 9 error 400 includes the Tomcat version
  • A possible hibernate SQL injection in the message search function in DAC and DMC
  • After upgrade to 6.0, some newly tokens cannot be seen in the user account
  • SAML SP attribute entry box does not accept manual entry
  • Agent's Public URL cannot be set to empty
  • Upgrading 2 DualShield servers simultaneously caused optimistic lock error

Version 6.1.0.0304

Bug Fixes

  • Failed to register RADIUS server 
  • Failed to install DualShield on a machine where JAVA is already installed
  • Unable to edit Radius Client when it is connected to multiple Radius Servers

Version 6.1.0.0301

New Features

  • Deepnet Authenticator is now available for Web and Cloud applications
  • New authentication method DeviceCert is now available for Web, and Cloud application as well as Modern Authentication for Office clients
  • Smartcard certificate authentication method is now also available for Web and Cloud applications
  • Changing FQDN is now availbale within the admin console.  
  • Changing and Renewing the certificate of the web consoles is now available within the Admin Console
  • New option "Download Token in MobileID App" added to the MobileID policy
  • New option "Remember last login username" added to the Logon policy
  • New option "Remember last login methods" added to the Logon policy

Bug Fixes

  • Downloading token from the MobileID app was malfunctional
  • Remembering last logon methods did not work in a multi-step logon procedure
  • Disabled users were allowed to reset password 
  • The system admin account (SA) was not allowed to login when the license key has expired
  • Application Self Test failed with an incorrect error message
  • The QR code for the Google and Microsoft Authenticator did not work
  • Office 365 ECP login did not work
  • Unable to add Base DN when creating a new Identity Source of OpenLDAP
  • Password Reset did not work in OpenLDAP (ClearOS)
  • Radius server association was lost after editing a radius client
  • Selecting "MS-CHAP2" in RADIUS authentication caused RADIUS authencation to fail
  • Installing DualShield on Linux without legacy components would fail
  • The value of RelayState was not URL encoded
  • HTTP proxy did not work
  • SAML response did not include the correct value of the SAML attribute "SessionNotOnOrAfter", causing some SPs to terminate sessions  within 5 minutes
  • A CORS related issue
  • Trying to unregister OOBA from the MobileID app caused a JSON error
  • In the admin console, some passwords such as the Access User in the Identity Source was included in the data stream
  • On an iOS device clicking "Download App" in DualShield Deployment Service (DDS) console took the user to Google Play

Version 6.0.0.1008

DualShield 6 is the new generation of the DualShield MFA Platform, and DualShield 6.0.0.1008 is the first release of DualShield 6.

All of the web consoles in DualShield have been completely rewritten using the latest web technologies. 

DualShield 6 ConsolesAbbreviationPortURLDualShield 5 ConsolesAbbreviationPortURL
DualShield Administration ConsoleDAC8073https://fqdn:8073/dacDualShield Management ConsoleDMC8073https://fqdn:8073/dmc
DualShield SSO ServerSSO8074, 8075https://fqdn:8074/ssoDualShield SSO Server APPSSO8074, 8075https://fqdn:8074/appsso
DualShield Depolyment ServiceDDS8076https://fqdn:8076/ddsDualShield Provisioning ServerDPS8072https://fqdn:8072/dps
DualShield Service ConsoleDSC8076https://fqdn:8076/dscDualShield Self-Service ConsoleDSS8076https://fqdn:8076/dss
DualShield Reset Password ServiceDRP8076https://fqdn:8076/drpDualShield Reset Password ServiceDRP8076https://fqdn:8076/dps
DualShield Unlock Account ServiceDUA8076https://fqdn:8076/duaDualShield Unlock Account ServiceDUA8076https://fqdn:8076/dps
DualShield Emergency Access ServiceDEA8076https://fqdn:8076/deaDualShield Emergency Access ServiceDEA8076https://fqdn:8076/dps

There are many improvements and bug fixes in DualShield 6, such as

  • Linux logon client that supports offline 2FA logon
  • A new option to prevent naming guessing in the Web logon process 
  • Using email address as the login name instead of UPN
  • A new face recognition engine with improved FAR and FRR
  • Change FQDN by one click in the admin console
  • Change and renew web console certificate in the admin console

There are also some new key features & functions been introduced into DualShield 6:

  • Localization: DualShield 6 supports international languages
  • Customization: DualShield provides more flexible and convenient UI customization which will survive future upgrades
  • DeviceCert Authenticator: A new generation of device fingerprinting technology that supports multiple platforms including Windows, Mac, iOS and Android, and multiple applications including Office 365.
  • Deepnet Authenticator: A new innovative MFA authentication app that delivers an unified MFA experience across devices and operating systems.

However, those new key features are yet to be perfected in the upcoming new updates of DualShield 6 in the near future. 

Change Logs

6.0.0.1008

- Fix replacing console web certificate did not accept wild card certificate

- Fix replacing console web certificate with a server certificate in repository

- Fix EAP settings was lost after upgrading from 5.9 versions

6.0.0.1007

- Fix changing FQDN # If the original FQDN include capital letters then changing FQDN did not work properly.

6.0.0.1006

- Fix EAP settings # EAP settings were not saved properly, causing Radius client such as NetMotion unable to connect

6.0.0.1005

First release of DualShield 6.0


  • No labels