Skip to main content

Changelog

Updates to idemeum software and service

New features

  • Return DC name if configured when request to enroll
  • Return master keys as part of customer by id api
  • Enhance userroleassigner api for customer
  • Added the audit event entries for admin managed password apps

Fixes

  • Fixed an issue where entitlements fetch reporting duplicate key
  • If cannot find the stack name, then do not throw an exception
  • Fix swagger docs
  • Fix Schema name typo for DesktopLoginAppSharedAccountMedia

New features

  • Ehancement for how offline mode functions for a workstation where a service account is assigned. When the workstation is offline, idemeum desktop client will prompt for credentials. Once user enters personal credentials idemeum desktop application will still log the user into workstation with a service account.

New features

  • Added a devops API to trigger entitlement calculation on demand
  • Tenant master key share with users API
  • Add MSP elevated access enabled state to settings response
  • Clear encrypted dek of master key for admin controlled recovery
  • Clear encrypted dek of master key during recovery complete
  • Remove server side encryption and have a domain model support
  • Rest api to get encrypted master keys
  • Added rest api to add tenant master key
  • Added the autofill attributes to the admin managed apps entitlements
  • Added the autofill attributes for admin managed apps
  • Add support for All admins built-in group

Fixes

  • Prevent the deletion of the built in group
  • Return local admin account credentials as part of Lookup
  • Update role assigner api to save encrypted dek of master key
  • Remove radius references from appmanagement yaml file

Fixes

  • Filter out Radius applications if feature is not enabled
  • Associate AppId to the session token and remove implicit old token
  • Added an API to search entitlements by the windows identifier id
  • Rest API for user source connector metadata crud
  • Exposed mspElevatedAccessEnabled flag in user info
  • Added an api to get the user's credentials
  • Provide an API to save rotated credentials for local admin accounts
  • Enhance desktop entitlement fetch API to return
  • Return DC name if configured as part of RFID lookup API
  • Enhance the existing Shared Account Configuration
  • Support to configure Domain controller name
  • Move hrm-rest api to rest module
  • Add another attribute to the managed pass app to save native windows app id
  • Enhance user token API to return user session
  • Group edit functionality is broken when custom attribute is no longer exists
  • Remove the check for feature flags as all of them are enabled
  • Clean up the previous entitlement api call for admin managed password apps
  • Fixed typo in schema name
  • Enhance existing API to search only entitlements for the app types
  • Rename built in all users group
  • Added a feature flag for desktop native autofill
  • Rename all users group
  • Fix TenantSettings save RFID properties
  • Remove the /promote API
  • Apply default flags for Desktop on Tenant creation
  • Enhanced customer resource to honor the mspElevatedAccess

Browser Extension - 2.9.4

Fixes

  • In case of admin managed app, if a browser tab is open for more than expiry of the token, token isn't refreshed

New features

  • Do not display the edit and delete actions in the group list for All Users group
  • Filter out the All Users group that is manually added to the groups listed to the security policy
  • If only one user (the admin) is onboarded allow the changing of the user source
  • Provide chips of non existing groups

Fixes

  • upgrade tslib from 2.5.0 to 2.5.3
  • upgrade ng-apexcharts from 1.7.4 to 1.7.6
  • upgrade ua-parser-js from 1.0.33 to 1.0.35
  • upgrade apexcharts from 3.37.3 to 3.41.0
  • upgrade tslib from 2.5.0 to 2.5.3
  • Username not visible for admin managed apps

New features

  • Daily password prompt for RFID extended to support validation of domain user credentials despite domain users being in logon deny policy

Fixes

  • Improvements to handle offline desktop status from lock screen

New features

  • Added link in the client UI to force manual update to the latest version
  • Enhanced token expiry check from managed password applications

New features

  • Desktop applications can now be shared with all admins on when they are promoted, or when the user recovers from a new device

Fixes

  • Remove the 2 boolean params for enabling/disabling the password app owner
  • Allow desktop to use /passwordmanager/users api
  • Admin managed password apps messes up desktop sharing
  • Do not save username if expression is used
  • Resolve the username for remote web apps
  • Remove the log messages for timing the requests

Fixes

  • Fix to support legacy rf IDEAS readers on Windows IoT by efficiently handling memory

New features

  • Support for launching managed password applications
  • Auto detection of domain password change (by user or domain admin) to update domain credentials in the vault

New features

  • Support to save domain credentials post enrollment

Fixes

  • Return username always in user entitlements api for admin managed app
  • Added the metric for the time it took for user search based on user onboarding attribute
  • Do not allow saving the admin password credentials when app uses domain credentials

New features

  • Introducing tap out mode to support Sign out or Lock. For Sign out users are signed out when the tap out. For Lock the computer is locked and the session is preserved when the user taps out. The mode can be configured in the cloud tenant.

New features

  • Support for native messaging for Chrome extension to support Admin managed password apps

Fixes

  • Fix to run silent installer with or without branding details

Fixes

  • Fix added to support compressed images

Fixes

  • New SDK function call to support both keystroke & non-keystroke RFID readers

New features

  • Support to add custom tile (logon UI) image in RFID mode
  • Password based enrollment for users leveraging cloud directory. Tap the badge, enter domain password, and get automatically enrolled.

New features

  • Support for branding - customize text, logo, and background for Windows login screen
  • Silent installation for a large number of Windows workstations
  • PDQ Deploy tool ceretified for silent installation

Fixes

  • Fix to tackle multiple logon events during idle state for keystroke readers

Fixes

  • RDP client - option provided to enlarge QR-code image

New features

  • Option to disable tap out
  • Admins can configure RFID starting series in admin portal to avoid random keystrokes
  • Support for offline mode/any downstream service is down
  • Ability to refresh desktop settings from idemeum cloud on client machine

New features

  • Support to configure proxy server

New features

  • EJBCA support: instead of AD CS, EJBCA can be replaced as a CA
  • User enrollment during installation in domain joined setup

Fixes

  • Minor bug fix in the update installer

New features

  • QR-code mode: in shared mode, any user can sign-in from lock screen
  • QR-code mode: support for shared service account
  • RDP client: 0ption provided to enlarge QR code image

New features

  • Installation by domain user with local admin rights supported

New features

  • Support for Windows 10 & 11
  • Login via QR-code and RFID
  • Sharing allowed to local user accounts i.e non-domain joined systems
  • Desktop app can now be shared with groups