Versionshinweise

Version 2024.3.7.0 (November 4, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Fixed an issue where some reports could be viewed without the required permissions

  • Core - Fixed an issue where the current password for an entry could be viewed through the password history

  • Core - Fixed an error that occurred when using an AnyIdentity with a gateway while the user had no gateway license

  • Core - Fixed an issue when renaming an entry from the context menu in the Vault tree

  • Core - Fixed an issue where multiple errors were shown in the log when connecting with a domain

  • Core - Fixed an issue with the User Vault after a SQL migration

  • PAM - Fixed an issue when moving a PAM folder to another vault

  • PAM - Fixed an issue when saving password templates in the PAM vault

  • PAM - Fixed an issue where the OTP was not displayed on the PAM entry overview

Version 2024.3.6.0 (October 16, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Added "pwned" information to the Entry Security Analyzer report

  • Core - Added logging when a recording is viewed or downloaded

  • Core - Added support for search functionality in the system vault

  • PAM - Added the 'Entry History' permission for PAM entries and vaults

  • PAM - Fixed an issue where a user could see all accounts in a PAM vault even without the view permission

  • Core - Fixed an issue where users couldn't create new entries after a database restore

  • Core - Fixed an issue with license import when the user had no internet connection and the "Enable Internet Access" feature was enabled

  • Core - Fixed the default authentication behavior for external providers, restoring the previous behavior

  • PAM - Fixed an issue when editing the password template of a PAM vault root

  • PAM - Fixed an issue where the rotation schedule was not displayed in the Password Rotation Report

Version 2024.3.4.0 (October 7, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Added an option to enable or disable Workspace offline mode in user settings

  • Core - Added custom time, view limit, and the ability for recipients to delete messages in the Devo Send feature

  • Core - Enhanced migration process to prevent sending excessive notifications

  • Core - Moved the "Save As" button in Secure Message for easier use and better visibility

  • PAM - Added custom fields to PAM entries

  • PAM - Added status for PAM entries

  • PAM - Added support for PAM vaults in multiple reports

  • Core - Fixed an error in the report when selecting too many parameters

  • Core - Fixed an error that could occur when editing a vault

  • Core - Fixed an issue where a double 2FA prompt could appear after logging off and logging back in

  • Core - Fixed an issue where notification preferences could be lost after updating a user

  • Core - Fixed an issue where removing administrator rights from a user would still leave all vaults assigned to them

  • PAM - Fixed a potential timeout issue when loading a PAM vault in RDM

  • PAM - Fixed an issue where a session could not be opened in the web interface using a PAM account with temporary access

  • PAM - Fixed an issue where the checkout dialog wouldn't close, leading to confusion about whether the checkout was completed

Version 2024.3.3.0 (September 27, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Migrated Winbox Mikrotik entries to align with RDM and prevent breaking the entry when editing in DVLS

  • Core - The API documentation is now visible to all users and no longer restricted to admins

  • PAM - Added support for custom fields

  • PAM - Added the temporary access option to PAM connections

  • PAM - Enabled unmanaged accounts to use JIT elevation

  • Core - Fixed an issue that prevented setting permissions to "Custom" when creating an entry

  • Core - Fixed an issue where backups would fail if the path contained a space at the beginning

  • Core - Fixed an issue where sending a message to multiple users would only send to the first one

  • Core - Fixed an issue where the user-specific settings' password was not resolved when executing an entry

  • Core - Fixed an issue with Azure authentication where the token could not be retrieved in some cases

  • Core - Fixed an issue with the Devo send feature that was broken

  • Core - Fixed the LDAPGetGroupsByUser function to return groups from the parent domain

Version 2024.3.2.0 (September 23, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Added a feature to restrict license auto assignation to specific user groups

  • Core - Allow users to specify permissions requested in temporary access request

  • Core - Web sessions can now be recorded in the browser

  • PAM - Added automatic check-in for PAM accounts

  • PAM - Migrated the PAM permission model to align with the shared vault permissions

  • PAM - The Active Directory (AD) provider can now manage local accounts on domain machines

  • Core - The legacy recording server is no longer supported

  • Core - Added an action available on an entry to easily share that entry

  • Core - Added duplicate for documents stored in database

  • Core - Added expiration time configuration when sending via Devolutions Send

  • Core - Added new 'high-priority' feature in messaging

  • Core - Devo-Send can now be used with Devolutions Server Free edition

  • Core - Export entry tags in 'Entry security analyzer' report

  • Core - Groups can be synchronized with their identity provider

  • Core - Improved offboarding of users by allowing conversion of user vault to a shared vault and unassigning licenses when deleting a user

  • Core - It is now possible to regenerate an application's secret

  • Core - Kestrel installation runs scheduler tasks

  • Core - The Entry Security Analyzer report no longer loads all vaults by default, improving initial load time

  • Core - User groups not found during provider group synchronization now appear as a warning log instead of an error

  • Core - Users and groups can be configured to be synchronized on a regular basis

  • PAM - Improved AnyIdentity provider to be able to use Devolutions Gateway

  • PAM - Just-In-Time (JIT) requested groups now appear in the logs when a request is made during checkout

  • PAM - Support for additional entry types added to PAM usage policy

  • Core - Fixed a performance issue with Active Directory (AD) console

  • Core - Fixed an issue where a document stored in the database could not be duplicated

  • Core - Fixed an issue where a user with a password ending in a space was not functional

  • Core - Fixed an issue where quick connect didn't create logs

  • Core - Fixed an issue with viewing template groups correctly

  • Gateway - Vault's custom variables are now resolved for entries configured with a Devolutions Gateway

  • PAM - Allow application identities to utilize PAM through PowerShell module

  • PAM - Fixed an issue where a user could approve their own check-out even if they didn't have the rights

  • PAM - Fixed an issue where the "Run As" password was erased when editing the provider

  • Web - Several UI fixes

Version 2024.2.13.0 (October 22, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Fixed a issue that prevented the Gateway from functioning

  • Core - Fixed an issue in the "Add" window where some connection types were duplicated

  • Core - Fixed an issue where backups would fail if there was a space at the beginning of the folder path

  • Core - Fixed an issue where removing administrator rights from a user would leave all vaults selected

  • Core - Fixed an issue where sending a secure message to multiple recipients would only send to the first one

Version 2024.2.12.0 (September 26, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - The Entry Security Analyzer report no longer loads all vaults by default, improving initial load time

  • PAM - Enhanced logs to provide more detailed information when a password policy mismatch occurs

  • CVE-2024-6512 PAM - Fixed an issue where users could approve their own requests even when the option was disabled

  • PAM - Fixed an issue where expired checkouts were still accessible when the scheduler was down

  • Core - Fixed an issue that was preventing Devo Send from being used

  • Core - Fixed an issue where custom variables were not resolved for entries configured with a Gateway

  • Core - Fixed an issue where the Reset-DSPamPassword command was not working with the PowerShell module

Version 2024.2.10.0 (August 20, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Allowed spaces in user passwords

  • Core - Fixed an error when exporting a vault in RDM

  • Core - Fixed an issue where IsPrivate = true always had to be specified when adding an entry to the user vault via PowerShell

  • Core - Fixed an issue where starting a session with Quick Connect wasn't generating logs

  • Core- Fixed an error when logging in with conditional access policies

  • PAM - Prevented the creation of folders with identical names at the same level, which was previously causing an error

Version 2024.2.9.0 (July 25, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Fixed an issue where backup codes 2FA were always failing

  • Core - Fixed an issue where LDAP authentication was failing with alternate domain suffix and non-ssl

  • Core - Fixed an issue where password template had wrong information

  • Core - Fixed an issue where session recording settings were not the right one when entry was created from a template

  • Core - Fixed an issue where view password permission was needed to launch a session

  • Core - Fixed an option where PingOne option was available even if PingOne authentication was disabled

  • Core - Fixed Password rotation report to apply filter on last rotation instead of creation date

  • PAM - Fixed an issue where PAM checkout requests were not prompted when launching sessions

  • PAM - Fixed an issue where password can't be shared with Devolutions Send

  • PAM - Fixed an issue where propagation settings were not saved when adding PAM account manually

  • PAM - Fixed an issue where SQL accounts reset password were failing

Version 2024.2.8.0 (July 15, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Significantly improved the performance of the Active Directory Console in the web client

  • Core - Fixed an issue where backup subscription notifications were not sent

  • Core - Fixed an issue where login history was generating error messages

  • Core - Fixed an issue where SSO login was not working with MFA

  • Core - UI fixes

  • PAM - Fixed an issue where PAM accounts remained out of sync after password reset on check-in

  • PAM - Fixed an issue where the Search Mode button was broken in Azure scan configuration

Version 2024.2.6.0 (June 27, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Display the application identity name instead of the application ID in logs and place where we want to identify the application

  • Core - Fixed an issue where editing a permission set was failing

  • Core - Fixed an issue where the wrong logo was displayed in the side panel

  • Core - Fixed an issue where using DUO as 2FA was not possible because the user interface didn't let you enter your code

Version 2024.2.5.0 (June 25, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Support delete of multiple entries

  • Core - Added a log when a user updates the system settings

  • Core - Fixed an issue where Devolutions Gateway farms were not considered in Devolutions Gateway permission report

  • Core - Fixed an issue where entry could not be moved to another vault

  • Core - Fixed an issue where RDM didn't load security change after vault owner changes

  • Gateway - Fixed an issue where alternate host could not be used without port configured

  • Gateway - Fixed issue where it was not possible to watch recording in the web interface

  • PAM - Fixed an issue where PAM vault could not be accessed if checkout policy was deleted

  • Web - Several UI fixes

Version 2024.2.3.0 (June 17, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - 5 new security reports: Administrators, System permissions, Devolutions Gateway permissions, Connection permissions and Vault permissions

  • Core - Added a Devolutions Gateway free license valid for 5 users

  • Core - Added sealed entry feature

  • Core - Added vault content type feature

  • Core - Licenses can now be refreshed to reflect changes

  • Core - PAM license is now assigned to users

  • Core - Support RDM connection to DVLS with Azure Proxy

  • Core - Devolutions Gateway licenses are now by user. A free license valid up to 5 users is now included

  • CVE-2024-4846 Core - Fixed an issue where a user could be authenticated without being asked for the 2FA via another browser tab

  • Core - Actions suggested in security dashboard can now be ignored

  • Core - Added a way to specify icons for light background or dark background

  • Core - Added an action "Select in tree" to focus on an entry when the tree is filtered

  • Core - Added an option to search in all vaults if nothing is found in the current tree

  • Core - Added recording tab on entries to be able to list all recordings

  • Core - Added rule based on user tags in conditional access

  • Core - Added secure message subject in the email sent to user

  • Core - Added support of Door Code entry

  • Core - Allow maximum file size to reach 100 Mb

  • Core - Improved security reports

  • Core - Improved significantly ARD performance

  • PAM - Added a display name on a Just In Time (JIT) elevation group

  • PAM - Improved Just In Time (JIT) elevation to allow the user to set only a subset of groups available on an account during the checkout

  • PAM - Password rotation is now possible in infrastructure vault

  • PAM - Support linked credentials on AnyIdentity provider

  • Rest API - New endpoints to list, create and delete credential entries

  • Web - Allow to change the side panel width

  • Core - Fixed an issue where logs from System Vault were not added in reports

  • Core - Fixed issue where vaults could not be selected as landing page

  • Core - Fixed performance issue with LDAP GetGroupByUser

  • Core - Fixed performance issue with PAM

  • Core - Removed useless logs to avoid too much logs

  • Core - Wait a few seconds to get connection with Database when the server starts in case SQL Server is starting as well

  • Web - Several UI fixes

Version 2024.1.15.0 (June 25, 2024)

  • CVE-2024-4846 Core - Fixed an issue where a user could be authenticated without being asked for the 2FA via another browser tab

  • Core - Fixed an issue where linked account cause problem in RDM

  • Core - Fixed an issue where user synchronisation was failing

Version 2024.1.14.0 (May 16, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Fixed an issue affecting user cleanup for Okta users

  • Core - Fixed an issue where new password templates were saved with incorrect default values

  • Core - Fixed an issue where some subscriptions were being lost

Version 2024.1.13.0 (May 2, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Fixed an issue where modifying an entry via the PowerShell module did not generate a log

  • Core - Fixed an issue where the domain controller name could not be explicitly entered in the Domain Authentication configuration

  • PAM - Fixed an issue preventing non-administrators from deleting accounts

  • PAM - Fixed an issue preventing the deletion of a PAM vault

  • PAM - Fixed an issue preventing the setting of a custom 'Max checkout time' in vault checkout settings

  • PAM - Fixed an issue where account heartbeats from AnyIdentity were not functioning

Version 2024.1.12.0 (April 23, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • DEVO-2024-0007Core - Fixed a potential vulnerability related to LDAP injection

  • Core - Fixed a connection issue with Devolutions Gateway when using LDAP

  • Core - Fixed a security issue allowing users to see alarm and door codes while editing an entry without the proper view password rights

  • Core - Fixed an issue where an incorrect error message was displayed when credentials were set to prompt on connection

  • Core - Fixed an issue where synchronizer previews were not functioning with LDAPS

  • Core - Fixed an issue with synchronizer when set on My domain setting

  • PAM - Fixed an issue where referrals to unreachable child domains break password reset and validation

Version 2024.1.11.0 (April 9, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Improved error handling for lost connections during web Active Directory use

  • Core - Microsoft cache is disabled when Microsoft authentication is turned off

  • DEVO-2024-0006 Core - Fixed a security issue where JIT requested group names could be forged in checkout requests

  • Core - Fixed a search functionality issue allowing PAM entries to be searched without administrator privileges

  • Core - Fixed an issue preventing the use of 'Prompt on connection' in the web client

  • Core - Fixed an issue where users weren't being saved in scheduled reports

  • Core - Fixed the incorrect rotation schedule time displayed in exported Password rotation reports

  • PAM - Resolved an issue where the password wasn't consistently updated in the checkout dialog after being reset during check-in

Version 2024.1.10.0 (April 3, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - AD synchronizer can now launch using credentials inherited

  • Core - Fixed a connection issue involving AD accounts and LDAP UserValidity

  • Core - Fixed a connection issue with RDM using the free version

  • Core - Fixed an issue causing an Unauthorized error when attempting to connect to RDM

  • Core - Fixed an issue where the success backup notification stopped working

Version 2024.1.9.0 (March 28, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Added door code entry feature

  • Core - Added user validity check to the domain diagnostic tools

  • Core - Migrated old free licenses to new ones and enabled switching to a free license by removing the existing license

  • Core - Fixed a bug where non-configured domains were not displayed in the source list during Authentication migration

  • Core - Fixed an issue preventing the editing of vault security levels

  • Core - Fixed an issue where vaults available for access requests were not visible

  • Core - Resolved a "bad request" error occurring when attempting to connect to RDM with multiple authentication windows open

  • PAM - Fixed an issue preventing the saving of unmanaged account passwords

Version 2024.1.8.0 (March 26, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • PAM - Improved logging for AD user synchronization failures

  • PAM - Fixed an issue where users could see accounts without the proper permissions

  • DEVO-2024-0005 PAM - Fixed a JIT feature issue allowing requests for unauthorized groups

  • Core - Corrected an issue where the scheduler version wasn't updating on the dashboard

  • Core - Fixed a connection error when using Netbios name with AD accounts

  • Core - Resolved a bug preventing password management accounts from saving template groups

  • PAM - Corrected a bug allowing checkout times beyond the maximum limit

  • PAM - Fixed a bug preventing PAM readers from launching sessions

  • UI fixes

Version 2024.1.6.0 (March 18, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Added an option to display 100 items per page

  • Core - Added grid size option to the 'Assigned To' section of a License

  • Core - Removed the possibility to remove all authentication methods, which previously caused users to be unable to connect

  • PAM - Added more detailed errors for when resetting a Domain user fails

  • Core - Fixed an issue where Domain configuration was wiped out in some cases

  • Core - Fixed an issue where gateways weren't shown when indexing recordings

  • Core - Fixed an issue where the folder type and override name were not retained when adding an entry from a template

  • Core - Fixed an issue where the vault owner assignment page was not displayed

  • Core - Fixed an issue where users' 2FA was still active after being disabled

  • Core - Fixed an issue where using AD Domain Provider with LDAP's GetGroupsByUser function caused errors

  • PAM - Checkout button now shown in red when checked out by another user

  • PAM - Fixed an issue where an approver was unable to approve a request when the time was set to custom mode

  • PAM - Fixed an issue where updating PAM account attributes was impossible when the provider was unreachable

Version 2024.1.4.0 (March 5, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Active Directory web console is now supported

  • Core - Added PingOne identity provider as authentication

  • Core - Added support for sending passwords through in-app messaging or Devolutions Send

  • Core - Administrators can now configured which notifications they want to receive by email

  • Core - Domain authentication can now use Devolutions Gateway

  • Core - DVLS can now be used without license (Free version up to 10 users)

  • Core - Improved our LDAP stack for Active Directory authentication

  • PAM - Account used to access Devolutions Server Database are now saved in an internal vault

  • PAM - Provider's password can now be managed and rotated

  • Rest API - 3 endpoints are now available to get secret/credential value. API documentation is also available from the UI

  • Scheduler - Support high availability

  • Core - Upgraded application from .NET 6 to .NET 8

  • PAM - Migrate PAM account to be able to support documentations and attachments

  • Core - Authentication with Azure/Okta can be configured to validate the token on a regular basis. Client changes required

  • Core - Added a way to know if a user has a user vault or not and warn the user when it is deleted

  • Core - Added vaults and user groups columns in users report

  • Core - Added vaults and user groups in user reports

  • Core - Password list can now shows more password in the page

  • Core - Prevent users to remove all MFA supported if MFA is required to login

  • Gateway - Support multiple domains to reach the right KDC server

  • PAM - Documentations and attachments are now possible on PAM account

  • PAM - Support favorite vault with PAM vaults

  • Web - Improved the web interface and show all vaults in the side menu

  • Web - Support for hardware-accelerated cursors and Kerberos with RDP web client

  • Core - Fixed an issue where notifications could be accessed without permission

  • DEVO-2024-0002 PAM - Fixed an issue where PAM Azure account is not removed from groups after JIT elevation

  • Core - Fixed an issue where log cleanup could failed with SQL timeout if too much data had to be deleted

  • Core - Fixed an issue where serialization error was raised during vault import from .rdx file

  • Core - Fixed an issue where user was logged in automatically after a force logout by the application

  • Core - Fixed SSO login with Workspace Browser Extension

  • PAM - Fixed an issue where PAM account attributes could not be updated if provider was unreachable

  • Web - Several UI fixes

Version 2023.3.18.0 (May 23, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2023.3 is required for this DVLS version

  • DEVO-2024-0007Core - Fixed a potential vulnerability related to LDAP injection

Version 2023.3.17.0 (April 17, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2023.3 is required for this DVLS version

  • DEVO-2024-0005 PAM - Fixed a JIT feature issue allowing requests for unauthorized groups

  • DEVO-2024-0006 Core - Fixed a security issue where JIT requested group names could be forged in checkout requests

Version 2023.3.16.0 (March 8, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2023.3 is required for this DVLS version

  • DEVO-2024-0002 PAM - Fixed an issue where PAM Azure account is not removed from groups after JIT elevation

  • Core - Fixed an issue where documentation entry could not be created

  • Core - Fixed an issue where SAP Fronend Server Entry (AddOn) could not be displayed

Version 2023.3.14.0 (February 7, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2023.3 is required for this DVLS version

  • Core - Added logs to investigate issues with PublicWebInstanceInformation endpoint

  • Core - Fixed an issue where login SSO failed with Workspace Web Extension

  • Core - Fixed an issue where scheduled reports were empty

  • PAM - Fixed an issue where marking an account as read gave an error

  • PAM - Fixed an issue where rights were not resolved correctly

  • PAM - Fixed an issue where standalone credential password was viewable without checkout

  • Web - Several UI fixes

Version 2023.3.13.0 (December 19, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Gateways - Now supports multiple KDC servers

  • Core - Fixed an issue where launching sessions through the web client was not working

  • Core - Fixed an issue where non-admin users were unable to search in PAM vaults

Version 2023.3.12.0 (December 13, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Can now retrieve passwords from PAM Account entries on Public API

  • Core - Fixed an error that occurred when attempting to retrieve groups by user with Active Directory

  • Core - Fixed an issue with OTP (One-Time Password) on the Workspace web browser

  • PAM - Fixed an issue where PAM Oracle accounts couldn't be added or edited

  • PAM - Fixed an issue where scheduled PAM account password resets were not respecting time settings

Version 2023.3.10.0 (November 29, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Added support for Active Directory and Microsoft Hyper-V dashboard entries

  • Core - Added support for different URL paths for the authentication page

  • Core - Added support for hardware-accelerated cursors and Kerberos on RDP web client

  • Core - Improved user experience by remembering the last login type and automatically selecting the last authentication type

  • Core - Fixed a performance issue occurring with a high number of users and user groups

  • Core - Fixed an issue when renaming a folder on the contextual menu

  • Core - Fixed an issue where the Workspace browser extension was consistently pwned checking even when the feature was disabled

  • Core - Fixed several issues related to licenses

  • Gateway - Fixed an issue where the recording date was inaccurately set to the re-indexing date

Version 2023.3.8.0 (November 21, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Added clipboard support on RDP web client

  • Core - Added support for CredSSP in Windows PAM Provider

  • Core - Rebrand Devolutions web login to Workspace browser extension

  • CVE-2023-6264 Core - Fixed an issue where gateways list was leaked in Content-Security-Policy header

  • Core - Fixed an error occurring when attempting to import AD users with PAM account discovery that contain accents in the username

  • Core - Fixed an issue where Yubikey MFA was not functioning

Version 2023.3.7.0 (November 13, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Fixed a performance issue related to TOR validation

  • Core - Fixed an error that occurred when attempting to use Yubikey with Duo

  • Core - Fixed an issue where certain licenses were displayed as expired

  • Gateway - Fixed an error occurring when attempting to ping

  • Pam - Fixed an issue where connection failed for the AD provider when the username included the domain name

Version 2023.3.6.0 (November 7, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Added a filter for subscriptions by tags

  • Core - Added language support for redirection links

  • PAM - Added HTTPS support for the Windows provider

  • Core - Fixed a serialization error

  • Core - Fixed an error that occurred when selecting VPN entries

  • Core - Fixed an issue duplicate server routes that were causing an SSO Login Error on the web

  • Core - Fixed an issue where the trial license was always displayed as free

  • Web - Several UI fixes

Version 2023.3.5.0 (November 3, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Fixed an issue where a lot of exceptions were logged in data source logs

  • Core - Fixed an issue where Workspace users were not able to get user vault entries

  • Web - Several UI fixes

Version 2023.3.4.0 (November 1, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Advanced search can now specify the operation between filters

  • Core - Dashboard can show card only if data is present

  • Core - Include archived data in reports

  • Core - New user settings to show/hide specific entries (archived, disabled, expired) in the tree

  • Core - Push notifications to Workspace can be enabled/disabled

  • Core - Support new license format

  • Core - Support of tags on users

  • Core - Support Windows Authentication through the web interface

  • Core - Temporary access can now be requested on credentials

  • Core - User behavior analytics is available on the system dashboard

  • Core - User interface profile can now be used to simplify the web interface

  • Core - Users can be synchronized with their identity provider

  • PAM - Allow user to send checkout requests to all approvers

  • PAM - Checkout request can be assigned to a user to help in the approval process

  • PAM - Just In Time (JIT) elevation for provider Azure AD

  • PAM - Propagation can now be configured on every level: vaults, folders, and entries

  • PAM - Support of PAM Active Directory provider through Devolutions Gateway

  • Web - SSH and Telnet sessions can now be launched through Web Client (via Devolutions Gateway)

  • Web - System vault can be edited in the web interface

  • Core - Removed support of legacy security

  • Core - 'Force token public IP validation' setting is now false by default

  • Core - An email is sent to the administrator when the scheduler is down

  • Core - By default, on new installation, log cleanup is configured

  • Core - Default value to enable DWL for Website entry is now available

  • Core - Security dashboard shows if offline is available on vaults

  • Core - Support new entries in the web interface: firearm, insurance number and access code

  • Core - Use X-Forwarded-For configuration is disabled by default in the new installation

  • Core - Workspace can be configured by scanning a QR code available in the web interface

  • Core- Added an icon to the Expired Entry List to show that a password is re-used

  • Gateway - Added the Gateway ID in the web interface

  • PAM - Improve PAM usage policies to support more context where PAM accounts can be used

  • PAM - PAM section is now always visible even without a license

  • Core - Fix slowness issues when temporary access was enabled

  • Core - Fixed an issue when the list of forbidden passwords disappeared when too large

  • Core - Fixed an issue where Okta users could not be created on first login

  • Core - Fixed an issue where scheduled reports were not adjusted by daylight saving time

  • Core - Fixed an issue with the notifications which creates a lot of log

  • Core - Fixed an issued with variables that were not well resolved in the vault

  • Gateway - Fixed an issue with Gateway Health to improve performance

  • PAM - Fixed a performance issue when requesting a PAM vault request

  • PAM - Fixed an error when Domain Controller was not specified in the AD provider

  • PAM - Fixed an issue that prevented manual check-in when a checkout had timed out

  • Web - Several UI fixes

Version 2023.2.11.0 (November 9, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • CVE-2023-5358 Core - Fixed an issue that allows users to retrieve logs from vaults or entries they are not allowed to access

Version 2023.2.10.0 (October 24, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • PAM - Fixed an issue that prevented manual check-in when a checkout had timed out

  • Web - Several UI fixes

Version 2023.2.9.0 (October 3, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • PAM - Fixed vulnerability issue with the PAM propagation script

  • Core - Fixed an issue where the Disconnection Data Source settings were not saved properly

  • Core - Importing google password doesn't create a legacy website anymore

Version 2023.2.8.0 (September 20, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - User notifications can now be sent based on user type

  • Core - Fixed an issue where all sessions were returned as running session

  • Core - Fixed an issue where comments on session close were not saved

  • Core - Fixed an issue where user without all rights in Active Directory can not be used to configure a domain

Version 2023.2.7.0 (September 11, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - Fixed an issue where error was thrown if an entry was linked on a deleted entry in user vault

  • Core - Fixed an issue where Okta user can't be created as read only

  • Core - Fixed an issue where properties "Override RDP Setting" in CyberArk Dashboard entry were not saved

  • Core - Fixed an issue where scheduled reports were not affected by daylight saving time change

  • Core - Fixed an issue where Windows Authentication failed if Force token public IP validation was set to true

  • Core - Fixed issue where opened sessions list was always empty

  • Gateway - TCP hostname is always marked as not configured in diagnostics

  • PAM - Fixed an issue where AnyIdentity action script fails when a non-mandatory property is configured as a parameter

  • PAM - Fixed an issue where PAM account can't be edited when the account is in a folder

Version 2023.2.6.0 (August 21, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - Fixed an issue when a User Vault entry is duplicated in the Favorites tab and could not be removed from the User Vault

  • Core - Fixed an issue when Azure cache erased on Internet loss

  • Core - Fixed an issue when trying to navigate to a favorite in the user vault

  • Core - Fixed an issue with the shared vault dashboard that kept refreshing in a loop

  • Core - Fixed error when filtering (user or user groups) accounts in Microsoft Users Import dialog

  • Gateway - Fixed an issue when an error occurred when accessing Devolutions Gateway Permission

  • PAM - Fixed Pam featured not enabled bug

  • Recording Server - Fixed issue when recording could be saved 'remote'

Version 2023.2.5.0 (July 25, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - Added PAM usage policies for Microsoft RDS Dashboard and Active Directory Dashboard

  • Core - Fixed an issue where Devolutions Gateway name was not shown in opened connections report

  • Core - Fixed an issue where user could not be imported from Azure AD

  • Core - Fixed temporary access request report to be able to export it

  • Gateway - Fixed an issue where Devolutions Gateway configuration could not be published

Version 2023.2.4.0 (July 18, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • PAM - Added all sessions type in PAM usage policies configuration

  • Core - Fixed an issue where all alarm codes were deleted even if only one had to be deleted

  • Core - Fixed an issue where CyberArk entry could not be saved with SAML authentication

  • Core - Fixed an issue where grant temporary access was failling

  • Core - Fixed an issue where no notification was sent on the Azure AD user created automatically

  • Core - Fixed an issue where roles can't be retrieved

  • Core - Fixed an issue where tree could not be loaded in web interface

  • Core - Fixed temporary access request report to be able to export it

  • PAM - Allow uppercase and underscore on ssh username

Version 2023.2.3.0 (July 6, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - Entry Security Analyzer report can now be done with one or many vaults

  • Gateway - Allow a custom TCP Hostname on Devolutions Gateway

  • Core - Fixed an issue where Syslog configured with UDP didn't work

  • Core - Fixed an issue where VPN entries from system vault were not listed

  • PAM - Don't show Privileged Access section without PAM license

  • Recording Server - Fix an issue where recordings can't be indexed

  • Web - Several UI fixes

Version 2023.2.2.0 (June 27, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - Improved warning message when passwords don't comply with password security settings

  • Core - New Devolutions Server installation set 'Enable internet access' to true

  • PAM - Added checkout reason in logs/reports

  • PAM - Added support for preferred domain controller in AD provider

  • Recording Server - Added a tool to re-index recordings from different Devolutions Gateways

  • Core - Fixed an issue where activity logs could not be opened

  • Core - Fixed an issue where entries can't be saved in system vault

  • Core - Fixed an issue where no notification was sent if the delete operation was made with RDM

  • Gateway - Fixed an issue where Devolutions Gateway could not be used if no ID was configured on it

  • Web - Several UI fixes

Version 2023.2.1.0 (June 20, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Recording Server - Devolutions Gateway should be used to act as recording server

  • Core - Added a search tool in System Settings

  • Core - Added IP List entry type

  • Core - Added PowerShell Terminal Remoting Directly in the Web Interface

  • Core - Added the ability to assign a vault owner

  • Core - Added the ability to link two user accounts to the same license

  • Core - Added the ability to request access to other vaults

  • Gateway - Devolutions Gateway can now act as recording server

  • Gateway - Devolutions Gateway can now be configured for load balancing

  • PAM - Added temporary just-in-time(JIT) elevation at checkout

  • PAM - Added the ability to propagate PAM passwords to after rotation

  • PAM - Expanded privileged account availability with PAM usage policies

  • Core - Added more information in log for login information (IP, iso code, emergency access)

  • Core - Changed default strategy for AD "Get groups by user" from Principal to Directory entry token group

  • Core - Current and latest version of services/gateways are now shown in the system dashboard

  • Core - Dashboard user interface improvement

  • Core - SMTP server and Syslog server status are now shown in the system dashboard

  • Core - Temporary access can be created by the approver and permission will be granted to the user at the right moment

  • Core - Temporary access can be requested on entry with link to other entries for credentials, vpn

  • Core - Temporary access request can now be requested for future use

  • Core - Upgraded System Dashboard with Syslog and Email Services

  • PAM - Added more information in logs when an error occurs

  • PAM - Added PAM checkout requests in advance

  • PAM - Checkout request can be created by the approver and permission will be granted to the user at the right moment

  • PAM - New setting to limit the checkout time

  • PAM - Scripts in AnyIdentity providers can now be ran as a specific user

  • CVE-2023-2400 Improper deletion of resources in the user management feature

  • Core - Fixed an issue where search entries failed if current vault contains special character (%) in description

  • Core - Security Policies is now renamed Conditional Access Policies

  • Core - Submit a support ticket is available only for admin

  • Web - Several UI fixes

Version 2023.1.8.0 (May 25, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • Core - Fixed an issue where emergency access failed and user could not access his server

  • Core - Fixed an issue where HeidiSQL entry type could not be selected

Version 2023.1.7.0 (May 9, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • Core - Added logs during Okta login

  • Core - Migrate from ADAL (Azure Active Directory Authentication Library) to MSAL (Microsoft Authentication Library) for Azure

  • Core - Fixed an issue where custom fields migration was long

  • Core - Fixed an issue where Windows Authentication failed for first connection

  • Core - Support ASP.NET 7

  • PAM - Fixed an account where password rotation failed

  • PAM - Fixed an issue where PAM account can't be created by a non admin user

  • PAM - Fixed an issue where scheduled password rotation happens multiple times

Version 2023.1.6.0 (April 21, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • CVE-2023-0951 Core - Fixed an issue where package created to be sent to support could be downloaded by non admin user

  • Core - Added sender username in secure message push notification in Workspace

  • Core - Fixed an issue where authentication migration from Devolutions Server user to another authentication type failed with an exception

  • Core - Fixed an issue where passwords with only permission to execute were not sent to DWL

  • Core - Fixed an issue where session start time in logs was invalid

  • Core - Increased the startup time limit to avoid server to be stopped during data migration when server is starting

  • PAM - Fixed an issue where loading privileged accounts list failed with a timeout

Version 2023.1.5.0 (March 30, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • Core - Support users migration from Azure AD to Azure AD (different domain name)

  • Web - MikroTik entry can now be edited in DVLS web interface

  • Core - Fixed an issue where Azure AD groups were not migrated on startup and Azure AD groups were not found anymore for users

  • Core - Fixed an issue where entry security analyzer report was not including password lists

  • Core - Fixed an issue where locked application keys were not list in Users Locked report

  • Core - Fixed an issue where two logins were needed to access DVLS

  • Web - Several UI fixes

Version 2023.1.4.0 (March 22, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • Core - Improved performance when system retrieves Azure AD groups

  • Core - Report an issue can be sent to any user, not only administrator

  • PAM - Added forbidden password check for standalone account

  • Web - Gateway list is now paged when you want to select a gateway on a connection

  • Core - Added logs when an entry is added or restored from the web interface

  • Core - Fixed an issue where checkouts were not visible for administrator in dashboard

  • Core - Fixed an issue where forbidden passwords list is not visible

  • Core - Fixed an issue where some folders were missing for DWL

  • Core - Fixed an issue where synchronizer created wrong folder structure

  • Web - Several UI fixes

Version 2023.1.3.0 (March 14, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • Core - Added support for global images

  • Core - An issue on an entry can now be reported to notify administrators

  • Core - Notifications can now be sent to devices running Workspace

  • PAM - Added a function to generate script headers of AnyIdentity Providers

  • PAM - Added a function to test Powershell scripts of AnyIdentity Providers

  • PAM - AnyIdentity Providers can now be imported/exported

  • Web - Added System Dashboard to display services state

  • Web - Improved the dashboard to be customizable

  • Web - RDP session can now e launched through Web Client (via Devolutions Gateway)

  • Web - VPN/Gateway can now be edited in Web Interface

  • Core - Added a new contact type Team/Department

  • Core - Added a new IT Asset data entry type

  • Core - Added a new vehicle data entry type

  • Core - Added a report to find connections with specific status

  • Core - Added a warning message if less than 10% of a license is available

  • Core - Added an Archived and Broken Entry status

  • Core - Added contact link support in Software/License entry

  • Core - Added many reports in the scheduled report list

  • Core - Added password generator button in certificate entry

  • Core - Added the possibility to assign a contact to the credit card owner

  • Core - Microsoft Authentication cache can now be desactivated

  • Core - User information from Microsoft users are now synchronized with DVLS users

  • Gateway - A reg file or a Powershell Script can be downloaded to configure KDC proxy

  • PAM - Added a link to PAM Provider GitHub repository in AnyIdentity Templates

  • PAM - Added timeout setting for SSH local user provider

  • PAM - Renamed Custom Providers by AnyIdentity Providers

  • Web - Added custom fields edition

  • Web - Information on dashboard can now be clicked to see the specific information

  • Web - Moved DVLS license information under Administration -> License

  • Web - Vaults can now be searched by description

  • Core - Fixed an issue where authentication cache was used even if it was disabled

  • Core - Fixed an issue where copy password button was not available in the overview when it should

  • Core - Fixed an issue where message about http connection in system dashboard was displayed even if the connection was https

  • Core - Fixed an issue where scheduled AD synchronizer created incorrect folder names

  • Core - Fixed an issue where users were not logged in even if the credentials were valid

  • Core - Fixed issue where administrators were not able to use Launcher

  • Web - Minor UI fixes

  • Web - Several UI fixes

Version 2022.3.13.0 (February 21, 2023)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • CVE-2023-0951 Core - Fixed a few API endpoints where users without permission were authorized

  • CVE-2023-0952 Core - Fixed an issue where linked credential could be leaked on edit entry

  • CVE-2023-0953 Core - Fixed an issue where SQL injection was possible

  • CVE-2023-1201 Core - Fixed an issue with improper access control to attachment in secure messages

  • Core - Fixed an issue where an administrator was not able to connect to DVLS through Launcher

  • Core - Fixed an issue where Credential filter could not be used in PAM Checkout notification

  • Core - Fixed an issue where RDM connection failed with Windows Auth and a security policy was configured with an AD group

Version 2022.3.12.0 (February 13, 2023)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Fixed an issue in Devolutions Gateway User Access report

  • PAM - Fixed an issue where scans were failing in some cases

  • Web - Fixed an issue where connection name was not visible during edition in dark theme

Version 2022.3.10.0 (February 2, 2023)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • [DEVO-2023-0002] Core - Fixed a security issue where sensitive data was returned even if the user didn't have access to it

  • Core - Avoid to send an email on successful backup if user doesn't want to receive it

  • Core - Fixed an issue where tags with a dot were not displayed correctly

  • Core - Fixed the hyperlink in backup confirmation email

  • PAM - Fixed an issue where some PAM vaults or PAM accounts were not found

Version 2022.3.9.0 (January 24, 2023)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Gateway - Support Telnet connection through Devolutions Gateway

  • PAM - Enable OTP for standalone account

  • Core - Avoid to log useless exception

  • Core - Avoid to send email on backup success if user doesn't want it

  • Core - Fixed an issue where deadlock could occur with old Azure AD or Domain groups

  • Core - Fixed an issue where entries could not be added in folders with DWL

  • Core - Fixed an issue with Azure SMTP Connections

  • Core - Fixed an issue with Password Generator where settings were not applied

Version 2022.3.8.0 (December 21, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Added a password generator button on password field in certificate entry

  • Core - Improved performance when listing users from a domain, Azure or Okta group

  • Core - Fixed an issue where some server settings were not saved properly

  • Core - Updated the Microsoft users migration to manage missing UPNs

  • PAM - Fixed an issue where only 25 accounts were displayed in PAM vault

Version 2022.3.7.0 (December 13, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Added a way to export active users

  • Core - Added a way to select JIRA tickets from other filters (not only the default filter)

  • Core - Added configuration to support non-admin user to launch synchronizer

  • Core - Support user/user group cache for Microsoft Azure Authentication

  • Core - Fixed an issue where an error was raised during authentication migration

  • Core - Fixed an issue where opening documentation in new tab didn't work

  • Gateway - Fixed an issue where Gateway ID was not synchronized with the Gateway

  • Web - Several UI fixes

Version 2022.3.6.0 (December 1, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Added HTTP compression to improve performance

Version 2022.3.5.0 (November 25, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Sub connections can now be resurect with their parent

  • PAM - Added password rotation schedule at the folder level

  • PAM - Checkout request or approval can now specify end time instead of checkout duration

  • Core - Fixed an issue where accessing license was not possible in some cases for free edition

  • Core - Fixed an issue where Devolutions Launcher application access was not available even for administrator users

  • Core - Fixed an issue where entry credential was not available in DWL in some cases

  • Core - Fixed an issue where search result didn't focus on the entry selected in the result

  • Core - Fixed issues with VMWare Synchronizer (update of prerequesite needed on DVLS Server via DVLS-Console)

  • Core - Prompt for comment didn't work in a few cases

  • Gateway - Fixed an issue where Devolutions Gateway ID was not synchronized automatically by the scheduler

  • Gateway - Fixed issues where scheduler returned an error when no revocation list was stored in database

  • Web - Several UI fixes

Version 2022.3.4.0 (November 10, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Added a button to refresh user information from AD to all users

  • Core - Added a warning message if a vault has too many entries

  • Core - Added a way to exclude characters with password template and generator

  • Core - Added an option to keep all logs archived

  • Core - Added an option to save password in a shared vault from a secured message

  • Core - Disable email 2FA if the server doesn't have SMTP configuration

  • Core - Display the password history in the web interface for the password list entry type

  • Gateway - Support 'auto assign' with Gateway licenses

  • Core - Fixed an issue where attachments couldn't be added in private vault

  • Core - Fixed an issue where deleting a notification was failing

  • Core - Fixed an issue where DWL couldn't retrieve website entries from shared vaults

  • Core - Fixed an issue where reading attachments was raising an error when the encryption at rest was not enabled

  • Core - Fixed an issue where scheduled reports were adding 30 days instead of running same date every month

  • Core - Fixed an issue where viewing the password didn't ask for a comment even if it was requested

  • PAM - Fixed an issue where refreshing the page was loading the first PAM vault

  • Recording Server - Fixed an issue where processor couldn't complete when a certificate was not trusted

  • Web - Several UI fixes

Version 2022.3.3.0 (November 3, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Fixed an issue where authentication migration didn't work if username was the same between source and destination

  • Core - Fixed an issue where RDM could not used any module with license (CyberArk, BeyondTrust, ...)

Version 2022.3.2.0 (November 1, 2022)

Database upgrade required

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Added a way to migrate users from an authentication mode to another (from Active Directory to Azure AD for exemple)

  • Core - Added permission set to assign permission easily on users

  • Core - Added support to Okta authentication

  • Core - Added support to SMTP modern authentication with Azure

  • Core - Implemented attachment and documentation support for sub connections

  • Gateway - Added Kerberos authentication via KDC Proxy

  • Gateway - Added new reports to display Devolutions Gateway permission

  • Gateway - Added permissions on Devolutions Gateway

  • Gateway - Sessions launched via Devolutions Gateway can now be killed

  • PAM - Added description field on PAM account

  • PAM - Added support for generic providers

  • Web - Added markdown WYSIWYG documentation editor

  • Core - RDM User license must be set in the data source

  • Core - RDM users need one license assigned for each user account

  • Core - Added a button to refresh favorites

  • Core - Added a way to select the main account type to bypass the authentication type on login

  • Core - Added an option to select Azure behavior on login

  • Core - Added one button in login page for each Active Directory configured

  • Core - Added options to select Azure behavior on login

  • Core - Added support for multiple emails in email configuration

  • Core - Button label can now be configured in login page

  • Core - Connection icon can now be customized

  • Core - Improved RDM connection stability with Devolutions Server

  • Core - Improved security dashboard UI

  • Core - Removed the option "Current Windows session" as credentials for AD configuration

  • Core - Renamed 'Custom User' by 'Devolutions Server User'

  • Gateway - Added a filter in the Devolutions Gateway list

  • PAM - Added log messages if PAM password propagation failed

  • PAM - Added possibility to include PAM vaults in search side bar

  • PAM - Changed the way PAM account are displayed: Removed tiles and display a tree

  • PAM - Improved PAM Heartbeat failed message to differentiate provider and account name

  • Core - Fixed an issue where administrator received an exception about telemetry when internet was not available

  • Core - Fixed an issue where attachments were corrupted after download

  • Core - Fixed an issue where backup was failing with invalid path on Linux SQL Server

  • Core - Fixed an issue where folder structure was visible in DWL even if user didn't have access to the folder

  • Core - Fixed an issue where importing Azure AD accounts didn't fill the first and last name

  • Core - Fixed an issue where license capacity could be exceeded

  • Core - Fixed an issue where Okta groups were recognized as Devolutions Server groups

  • Core - Fixed an issue where Okta groups were viewed as Devolutions Server groups

  • Core - Fixed an issue where password set on an attachment was not shown correctly

  • Core - Fixed an issue where read only users could add attachments or documentation

  • Core - Fixed an issue where SMTP configuration was not migrated correctly

  • Core - Fixed an issue where success page was prompted after Windows Authentication

  • Core - Fixed an issue where user update could lost user group assignments

  • Core - Fixed an issue where username field could be missing in Emergency Login

  • Core - Fixed an issue where users avatar were missing

  • Core - Fixed an issue where Website entry could not be saved with a Password Management license

  • Core - Fixed an issue where wrong RDM version was loged in reports

  • Core - Fixed issue in My Account Settings where Dashlane Password and KeePass Server Password were not obfuscated

  • Core - Fixed issue where email could not be sent in some cases

  • Core - Removed sensitive information from public endpoint

  • PAM - Added log message if password propagation failed

  • PAM - Fixed an issue where PAM section was not available even with a license

  • Web - Several UI fixes

  • Web - Several UI fixes

  • Web - Several UI fixes

Version 2022.2.11.0 (October 3, 2022)

  • If you are using RDM as the client, RDM 2022.2 is required for this DVLS version

  • Core - Fixed an issue where emergency login could not be used in some cases

  • Core - Fixed an issue where vault could not be deleted for some users

Version 2022.2.10.0 (September 6, 2022)

  • If you are using RDM as the client, RDM 2022.2 is required for this DVLS version

  • Core - Fixed an issue where SQLException was raised when launching a RDP session

  • Core - Fixed an issue where user could be disconnected without logoff request

  • Core - Website entry can now be used by user with Password Management license

  • PAM - Fixed an issue where checkin was failing with SQL exception

  • Web - Several UI fixes

Version 2022.2.9.0 (August 23, 2022)

  • If you are using RDM as the client, RDM 2022.2 is required for this DVLS version

  • Core - Avoid to send an error email to administrator when a user fails to logon

  • Core - Fixed an issue where password on attachment is not shown properly after saving it

  • Recording Server - Fixed issue where network interruption cause the recording to be lost

Version 2022.2.8.0 (July 29, 2022)

  • If you are using RDM as the client, RDM 2022.2 is required for this DVLS version

  • Core - Add one button per Active Directory on the login page

  • Core - Improve ticketing system configuration

  • Core - Labels on login page can now be configured

  • Core - Vault password has to respect password template

  • Core - Don't send notification to user who made the operation on an entry

  • Core - Fixed an issue where custom user expiration was impacting domain users or AAD users

  • Core - Fixed an issue where user could have a white page after login

  • Core - Fixed an issue where users could be included in a domain group or AAD group even if he was not a member

  • Web - Several UI fixes

Version 2022.2.6.0 (July 11, 2022)

  • If you are using RDM as the client, RDM 2022.2 is required for this DVLS version

  • Core - Automatically logout idle users on web interface can be disabled

  • Core - Update security dashboard to adjust scoring

  • PAM - Improve the copy button to avoid a sub menu for OTP on PAM account

  • Core - Fixed an issue where default expiration was not set in secure message

  • Core - Fixed an issue where default vault was assigned to users by default even if that vault was not in user template configuration

  • Core - Fixed an issue where favorite folder could not be created

  • Core - Fixed an issue where getting the datasource information was failing

  • Core - Fixed an issue where login with Microsoft/Azure AD user was failing

  • Core - Fixed an issue where user could be in an Azure Group in DVLS even if it was not member of that group in Azure AD

  • Core - Fixed an issue where user could not be saved if an invalid license was assigned to that user

  • PAM - Fixed an issue where Azure AD Users provider secret key could not be updated

  • PAM - Fixed an issue where fetching groups of a scan configuration was failing

  • Web - Several UI fixes

Version 2022.2.5.0 (July 4, 2022)

Database upgrade required

  • RDM and Devolutions Server Console 2022.2 are required to use this version

  • Core - Emergency access to allow an access even if providers are down (Azure or AD)

  • Core - New permission : "Delete Documentation"

  • Core - New permission : "View Sensitive"

  • Core - Notifications : Users can be notified on actions made on entries

  • Core - Security policies available to allow/deny users with different conditions

  • Core - Security policies available to force/skip 2FA with different conditions

  • Gateway - Support for new protocols : VNC, ARD, SCP, SFTP, PowerShell (WinRM, SSH), Embedded Websites

  • PAM - Add link with ticketing system (JIRA) to list tickets during the checkout operation

  • PAM - Support for password reset for MySQL users, Oracle users and Cisco users

  • PAM - Support for standalone privileged accounts

  • Core - .NET 6.0 is now required

  • Gateway - Devolutions Gateway now requires a license (unlicensed usage will be refused except for side-by-side installation that can have up to 5 concurrent sessions without a license)

  • Core - Website entry (previously "Web Browser (HTTP/HTTPS)") now has Devolutions Web Login enabled by default

  • Core - Added "append to the username" and "prepend to the username" modes for OTP usage

  • Core - Added a button to test ticketing system configuration

  • Core - Added more fields in asset dashboard (UPN, custom fields)

  • Core - Allow restoring deleted documentation pages

  • Core - Dashboard page has been removed and integrated on vault dashboard to be like RDM

  • Core - Redesign the login page

  • Core - Redesign the web interface

  • Core - Removed sensitive data from user list

  • Core - Security improvement: use new function (PBKDF2-HMAC-SHA1) to calculate the password hash

  • Core - Show the group name or username in permission table

  • Core - Support exporting/importing the documentation of an entry

  • PAM - Added filters for providers and scan configurations

  • PAM - Improve the reset password confirmation prompt

  • PAM - Renamed Team Folder by PAM Vault

  • Core - Fixed an issue where 2FA was bypassed when connecting with Windows Authentication

  • Core - Fixed an issue where adding images in documentation was raising an error

  • Core - Fixed an issue where Azure AD user can't be imported manually

  • Core - Fixed an issue where Entry Security Analyzer report was not available for user with permission

  • Core - Fixed an issue where microsoft user was not able to login if he had been added manually

  • Core - Fixed an issue where the client IP was not set properly

  • Core - Fixed an issue where user couldn't access the gateway configuration even if he had the permission

  • Core - Fixed an issue where user remains connected after disconnecting him through 'Connected user list'

  • Core - Fixed an issue where wrong RDM versions were saved in Login History report

  • Core - Fixed diagnostic report to be the same as RDM

  • Core - Fixed issue where a new user could have rights if a user with the same name has already existed

  • Core - Fixed security issue by processing "Entry Security Analyzer" permission

  • Core - Improved error message when vault name already exists

  • Core - Removed the vault assignment window when importing users. Vaults from user template are used

  • PAM - Fixed an issue where a folder could not be deleted

  • PAM - Fixed an issue where all accounts were returned for a non admin user

  • PAM - Fixed an issue where view roles definitons couldn't be access from quick scan

  • PAM - Fixed an issue where windows scan failed if no local user exist

  • PAM - Removed redirect URI field in Azure AD provider configuration

  • Web - Fixed an issue where long vault name with hyphen broke the avatar

  • Web - Fixed an issue where multiple or wrong vault icon were shown

  • Web - Fixed an issue where view password button could disappear in the entry overview

  • Web - Several UI fixes

Version 2022.1.13.0 (May 11, 2022)

  • Core - Initial support for Devolutions Workspace

  • Core - Improve Office365 authentication process. The redirect URI in Azure must be changed

  • Core - Added logs during Windows authentication process

  • Core - Support Microsoft Authentication Library (MSAL) for Office365 authentication

  • Core - Use object ID instead of UPN for Office365 users

  • Web - Improve UI of Devolutions Gateway diagnostic

  • Core - Cleanup tokens table

  • Core - Fixed an issue where Devolutions Gateway could not be uploaded

  • Core - Fixed an issue where expiration date didn't show up in password list

  • Core - Fixed an issue where landing page was not applied after a login

  • Core - Fixed an issue where user group type was wrong after import

  • Core - Removed "SessionRequired" errors sent to administrator

  • Recording Server - Fixed an issue where recording server used 100% CPU

  • Web - Several UI fixes

Version 2022.1.12.0 (April 4, 2022)

  • Core - Give more information to user when they can't be logged in

  • Core - Logs can be cleaned up with a timeframe

  • Core - Office365 authentication supports automatic user creation from a specific group

  • Core - Removed some exceptions sent to administrator that were not critical

  • Core - Support multiple vaults export

  • Core - Fixed an issue if a vault template has been created

  • Core - Fixed an issue where DWL can't find the matching sub-connections

  • Core - Fixed issues in the login process

  • PAM - Fixed an issue where importing from a scan didn't work the first time

  • PAM - Fixed an issue where searching a PAM account changed the priviledged account folder

  • PAM - Fixed an issue with SSH scan

  • Web - Several UI fixes

Version 2022.1.10.0 (March 15, 2022)

  • Core - Added a "Move" permission on entries

  • Core - Added a menu item to expand/collapse all in vault tree

  • Core - Administrators can now ask a change password at next logon when they reset user password

  • Core - Allow $REPOSITORY_NAME$ variable in name

  • Core - ARD entry: Add configurable connection timeout

  • Core - Removed Wayk Client entry

  • Core - Support 2FA with Windows Authentication

  • Core - Support export/import multiple vaults with attachments and documents

  • Core - Support password expiration on custom users

  • Gateway - Added a diagnostic tool

  • PAM - Added a search tool to help selecting a privileged account

  • Core - Fixed a few authentication issues

  • Core - Fixed an issue when exporting entries kept folders even if user asked to remove them

  • Core - Fixed an issue where dates what not displayed

  • Core - Fixed an issue where RDM logoff was failing

  • PAM - Fixed an issue where searching in PAM Account didn't search in folders

  • Web - Several UI fixes

Version 2022.1.9.0 (February 18, 2022)

  • Core - RDM 2022.1 is mandatory to use DVLS 2022.1. Connection from old RDM will be refused

  • Core - Entry's name can now be edited directly in the vault tree

  • Core - Move Devolutions Launcher CAL and users CAL licenses to Administration/License section

  • Core - Support gender "Unspecified" for passport entry

  • Core - Fixed an issue where documentation page links didn't work

  • Core - Fixed an issue where Domain Functional Level 2012R2 was not supported

  • Core - Fixed an issue where login was not possible on an HTTP installation where the hostname was used in URL

  • Core - Fixed an issue where SMS 2FA was failing

  • Core - Fixed Windows Authentication

  • Web - Fixed web client to avoid cryptokey exception

  • Web - Several UI fixes

Version 2022.1.7.0 (February 15, 2022)

Database upgrade required

  • RDM and Devolutions Server Console 2022.1 are required to use this version

  • Core - Email notifications for temporary access

  • Core - Support for DVLS PAM entry

  • Gateway - License integration

  • Gateway - SSH connection support

  • PAM - Azure AD Provider

  • PAM - Local Windows Accounts Provider

  • PAM - PAM Dashboard in Remote Desktop Manager

  • Core - .NET Framework 4.8 is now required

  • Core - HTTPS is strongly recommended, application encryption level will be removed

  • Core - Initial OAuth support. Windows authentication is no longer supported with 2FA

  • Gateway - Devolutions Gateway now requires a license (unlicensed usage will show a warning)

  • DWL has to be logged in separately

  • Core - "DNS Name" has been replaced by "Access URI"

  • Core - Added "Privileged Account" on the folder credential option

  • Core - Added a group filter in import AD Users dialog

  • Core - Added server and client IP address in syslog messages

  • Core - Added UserInfoHistory in the cleanup logs feature

  • Core - Don't accept domain with functional level too low

  • Core - Fixed an issue where user can't be imported if a domain was down

  • Core - Improved multi vault search performance

  • Core - Search results in passwords list

  • Core - Sort TAGS in the dashboard and tag selection dialog

  • Core - Support for new RDM file format (v2) to import

  • Gateway - Added option "Force using IP address for RDP connections"

  • Gateway - Added support for alternate hosts

  • Gateway - Support inherited Gateway

  • PAM - Added a password template at provider level

  • PAM - Added scan delta summary

  • PAM - Improved error message on synchronization status

  • PAM - Move all PAM Account at root level in a team folder

  • Web - Added 'Assign All Vaults' button in users and user groups dialogs

  • Web - Added a few SSH properties in Edit view

  • Web - Added a search bar in 'Privileged account credential' type selection

  • Web - Added a warning on entry deletion if a shortcut exist

  • Web - Added icon in PAM UI to help color blind people

  • Web - Added shortcut icon in vault tree

  • Web - Only admin user can submit a support ticket

  • Web - Rebranded Devolutions Authenticator to Devolutions Workspace

  • Web - Sort approvers in PAM checkout dialog

  • Web - Support DVLS PAM entry in web interface

  • Core - DVLS Free doesn't support PAM

  • Core - Fixed an issue to display the right number of users in a license

  • Core - Fixed an issue where "Automatic User Creation" parameter was not saved

  • Core - Fixed an issue where "Prompt for comment" was not displayed with "Copy API key"

  • Core - Fixed an issue where a user without the view password permission could view the password

  • Core - Fixed an issue where changing the time for O365 caching was not saved

  • Core - Fixed an issue where custom user groups can not be created without custom authentication activated

  • Core - Fixed an issue where documentation view was wrong

  • Core - Fixed an issue where Duo returns invalid 2FA with a domain user

  • Core - Fixed an issue where entries with temporary access were not sent back to DWL

  • Core - Fixed an issue where export vault was not logged

  • Core - Fixed an issue where password in passwords list could be lost

  • Core - Fixed an issue where passwords in private vault were not available in web interface

  • Core - Fixed an issue where RDM connection to DVLS failed

  • Core - Fixed an issue where RDM was disconnected from DVLS

  • Core - Fixed an issue where some folders in vaults were not available in RDM

  • Core - Fixed an issue where ticket number was not saved in activity logs

  • Core - Fixed an issue where user was not able to login

  • Core - Fixed issue where date format was wrong

  • Core - Fixed Syslog message format to set the hostname with DVLS IP

  • Core - Include Local Account entries in password rotation reports

  • PAM - Fixed an issue where PAM checkouts failed with a non-admin user

  • Web - Fixed an issue where view attachment with pdf extension failed

  • Web - Fixed translation strings

  • Web - Several UI fixes

  • Web - Several UI fixes

Version 2021.2.14.0 (December 13, 2021)

  • Added robots.txt for security purpose

  • Fixed an issue where custom user groups can not be created without custom authentication activated

  • Fixed an issue where passwords were lost after sorting passwords in a password list

Version 2021.2.13.0 (November 18, 2021)

  • Core - Added a new license for the PAM Module (the license is included for those already using the PAM module with a DVLS license bought before September 30th 2021)

  • PAM - Added local Windows account management

  • Web - Added an option to regenerate Devolutions Gateway key pair on demand

  • Web - Added batch edit to grant permissions all at once on an entry

  • Core - Fixed an issue where a user can delete entries without permission

  • Core - Fixed the display of shortcut entries

  • Core - Stack overflow error when migrating the domain user groups with their SID

  • PAM - Fixed an issue where approval workflow didn't work when approved by an "approver"

  • Web - Several UI fixes

Version 2021.2.10.0 (October 25, 2021)

  • Core- Manage OTP option getting OTP from link credentials

  • Web - Added an "apply to all" action when setting the allowed applications

  • Web - Added the option to view the Gateway's logs and opened sessions

  • Web- Added a filter ''Has access'' in security grant permission & Vault assignment

  • Core - Root is empty exception- can't save entry

  • Core - SQL exception when refreshing cache using legacy security

  • Core- Error LockRecursionException

  • Core- Notifications with negative conditions

  • Core- Option - Enable Remote Monitoring SSH

  • PAM- Saving security permission on folder

  • Web - Cannot save a second template

  • Web - Error while trying to check out a PAM account in the vault section

  • Web- System Message formatting

Version 2021.2.8.0 (October 4, 2021)

Database upgrade required

  • Free version available for 3 users / 100 entries

  • Multi-domain supported with Platinum license type

  • PAM - Password Propagation

  • PAM - Password rotation report

  • PAM - Password rotation Scheduled

  • Web - Added Asset section on entries

  • Web - Support synchronizer entry

  • Web- Can import from Google Password csv file

  • Improved Devolutions Gateway to use key pair from DVLS, older deployments need to be reconfigured

  • 2FA available in all edition

  • Core - New option to sent scheduled report to an email address that is not a user

  • Core - Sends email when a temporary access is granted

  • Deprecated Authanvil and Vasco as 2FA

  • PAM - a message is sent when a request is approved

  • PAM - added OTP on privilege account

  • PAM - CheckOut request are Auto approve when done by approver him self

  • PAM - Report of password rotation

  • RDM- Document in entries available in Offline mode

  • Web - Add indicator when attachment and document are link to the entry

  • Web - Simplify the Documentation tutorial editor

  • Web - Template available in Quick add setting per vault

  • Web- Add OTP source on session entry

  • Web- Better performance loading vault

  • Web- Improve way of granting permission

  • When assigning system permission, the read only user are no longer shown

  • Hide Password Template mode Readable in entry setting

  • Several fixes & adjustments

  • Web - Edit user Administrator , fix the number of vaults

Version 2021.1.20.0 (July 19, 2021)

  • Core - The column is missing from LogingHistory_Archive

  • Web - Error parsing dates when using custom dates on reports

Version 2021.1.19.0 (June 30, 2021)

  • Core - connections/partial endpoint returns private key although it is Sensitive information

  • Issue when adding a documentation on entries

Version 2021.1.17.0 (June 17, 2021)

  • Core - Added VMRC as launchable connection type for the launcher

  • Core - New system setting for Authentication Office365- recurrence on the schedule cache

  • Core - Support Temporary access requests

  • Core - Added daily caching refresh for domain and Office 365 users

  • Core - Added usage of DNS name instead of the IP address for Radius 2FA

  • Core - Updated SMTP options when configuring emails

  • Web - Add Tel protocol to phone numbers on the entries dashboard

  • Web - Added confirmation when moving and entry using drag & drop

  • Web - Updated the background image for 2K display

  • Core - "Invalid data sent" when trying to save the Host Linked(Vault)/Inherited

  • Core - Allow rest api usage by applications

  • Core - Can't download Session recording form Recording Server in RDM

  • Core - Error when generating the expired entries report

  • Core - Fixed required permissions to edit an entry's documentation

  • Web - Cannot access administration if app name is ADMIN

  • Web - Fixed the resolving when the checkout setting is set to root

  • Web - save credentials and content in a message sent

Version 2021.1.10.0 (May 11, 2021)

  • Core - Fix errors on connection with user that has no shared vault available

  • Core - Fix opened connections report conversion error

  • Core - Fix X-Forwarded-For usage

  • Web - Fix vault selector not loading

Version 2021.1.9.0 (April 16, 2021)

  • Web - Added options to export the user vault when migration fails

  • Core - Fix User vault migration with names longer than 200 characters

  • Core - Unable to save both User CAL and Launcher licenses

  • Core - Unable to save the Email settings without Username and Password

  • Core - Unable to save VPN with Wayk bastion

Version 2021.1.7.0 (March 30, 2021)

  • Remote Desktop Manager 2021.X update required

  • Core - Added support for Devolutions Gateway (Jet)

  • Core - Added the "Last login" report

  • Core - Added the entry type: azure service principal

  • Core - Added the field Tenant ID on API Key

  • PAM - Added a system of policies on team folders for easier management

  • PAM - Added the delta between results when scanning a domain

  • Web - Added support for default icon color

  • Web - Added the option when enter a licence or request a trial when the license is expired or when there is no license

  • Web - The interface is available in read-only when the license is expired or when there is no license

  • Web - The scheduled reports now support more reports

  • Core - The user vault has now the same features as a standard vault (i.e.: attachments, history, documentation)

  • Introduced a distinction between sensitive properties and passwords in Information Entries. The view password permissions now only affect passwords specifically

  • Core - Added a timeout setting to Radius configuration

  • Core - Added Devolutions Authentificator as a supported 2FA

  • Core - Added handling of the custom controls on web entries for DWL

  • Core - Added the authentication method on the login history report

  • Core - Added the expression "is not" when setting a filter on a subscription

  • Core - SqlException when starting a connection from a templage

  • Core - Syslog events, only sends the title of the stack trace

  • Core - Updated the library for sending emails

  • Web - Added a download button on document's dashboard

  • Web - Added a message when the license is expired

  • Web - Added custom fields on web entries

  • Web - Added multiple gateways on SCP and SFTP entries

  • Web - Added multiple gateways on SSH Shel, SSH Tunnel and SSH Port Forward entries

  • Web - Added Recents, on the new entry dialog

  • Web - Added recovery codes for OTPs

  • Web - Added the "Disconnect Data Source" option in the administration section

  • Web - Added the OPT on Web entries

  • Web - Added the option to set the "Allow Offline" to a vault

  • Web - Added the options to view and download the Private key

  • Web - changed UI

  • Web - Manage the password setting "Force Default Template"

  • Web - Remove the email being mandatory when creating a user

  • Web - secure message, Added the options to "Delete All" and "Mark all as read"

  • Web - Update the default date range to "today" instead of "Last 7 days" on the activity log report

  • Web - Updated Radius login labels

  • Web - Updated the icons

  • Web - Updated the scrolling when navigating to an entry from the search

  • Core - Access was denied on api call for the documentaion

  • Core - Error SecurityTokenExpiredException received several time a day

  • Core - Error when adding an email to a user that didn't already had one

  • Core - Error when enabling the Windows Event Log

  • Core - Error when importing in the Private Vault

  • Core - Error with RDM on limited mode

  • Core - Fix access denied error on documentation

  • Core - Fix CORS

  • Core - Fix templates showing in the activity logs

  • Core - MaxMind GeoIP block everything

  • Core - Sql Injection

  • Core - Updated date format on reports

  • Core - Updated the default STMP Port

  • Core - Updated the SQL Queries when doing cleanup tasks to avoid timeouts

  • Core - Wrong log in "Connected User" report when connected from the Launcher

  • RDM - Cannot download Session recording form Recording Server in RDM

  • Web - "Prompt for comment" memo is overflow window is not tall enough

  • Web - Bad email format result in JSON error when editing a user

  • Web - Checkout UI issue on Firefox

  • Web - Error when trying to upload an SSH key

  • Web - Fix cannot assign users and user groups when creation a vault

  • Web - Fix error on reports when no vault is selected

  • Web - Fix loading the domain user speed issue

  • Web - Fix secure message color in dark mode

  • Web - Fix should not be able to set status on an entry when a check out is required

  • Web - Fix the vault menu item being available when there are no vault

  • Web - Fix variable not resolved on connections

  • Web - Fix variable not resolved on sub-connections

  • Web - Infinite loading when Azure token expires

  • Web - Missing icons on the web interface

  • Web - notification subscriber edit window is not tall enough

  • Web - On the Login History reports is not showing all entries

  • Web - RDP Template doesn't save "local ressources"

  • Web - Tab title is not updated

  • Web - The licence count is not updated when managing licenses

  • Web - The password reset is not applied when switching users

  • Web - The recurrence is not shown properly on the scheduled report calendar

  • Web - The website does not load properly when the the database is not reachable

  • Web - UI issue in Vault on Firefox

  • Web - UI issue when adding a user

  • Web - Unable to create a Contact Company entry in a folder

  • Web - User loses its license when changing the user type

  • Web -Cannot change Offline Mode for user groups

Version 2020.3.22.0 (June 29, 2021)

  • Core - connections/partial endpoint returns private key although it is Sensitive information

  • Setting Offline mode with User group

Version 2020.3.19.0 (May 11, 2021)

  • Core - Fix X-Forwarded-For usage

Version 2020.3.18.0 (April 13, 2021)

  • Core - Restrict-CORS

  • Core - SQL injection when deleting a user

Version 2020.3.17.0 (January 12, 2021)

  • Added ‘Privileged Access' to the list of available landing pages

  • Improved performance on login with a domain user

  • Fixed domain caching on when using multi-domains

  • Fixed saving items in ‘My Account Settings' using RDM

  • Fixed the vault used when resurrecting an entry

  • The Devolutions Server URL is now case-insensitive

Version 2020.3.14.0 (December 8, 2020)

  • Web - Added a setting to use or not the x-forwarded-for for the IpAddress

  • Web - Added an option to keep the template name or not when creating an entry

  • Web - Added the option to import roles from a domain with using the cache

  • Web - Secure message, added expiry date

  • Web - Updated the color on the error messages

  • Core - Fix end point for the CLI

  • Core - Fix error on notification when auto-creating a user

  • Core - Fix error on notification when creating an entry

  • Core - Fix the domain cache issue when setting the user's domain

  • Web - Fix 404 on the admin page

  • Web - Fix Incomplete Export File

  • Web - Fix loss of data on iDrac

  • Web - Fix loss of data on Ilo

  • Web - Fix loss of data on SSH Shell X11 forwarding

  • Web - Fix scheduled report - Error when using only 1 vault

  • Web - Fix the alternate 2FA

  • Web - Fix unable to see the log details on a deleted entry

  • Web - Vault assignment, show the list in alphabetical order

Version 2020.3.12.0 (November 17, 2020)

  • Core : Fix server restriction for users allowed to manage users

Version 2020.3.11.0 (November 16, 2020)

  • Web - Send files as attachments in a Secure Message

  • Web - Add export to Activity Logs

  • Web - New filters for Users and Groups administration sections

  • Web - Possible to import Active Directory users even with cache disabled

  • Web - Refresh information on an Active Directory user from the domain in Users section

  • Fix Active Directory auto create user issue when a group is specified

  • Fix error in SQL query to get Opened Connections

  • Fix query to get all expired and expiring entries in Report and Dashboard

  • View Password from the entry should behave the same way as the action view password

  • Web - Do not allow Duplicate action on root

Version 2020.3.8.0 (October 28, 2020)

  • Core : Security setting to block Tor clients from accessing the server

  • PAM - New built-in roles with specific rights for easy assignment

  • PAM - New onboarding wizard to facilitate initial import of Privileged Accounts

  • Web - Added "Duplicate entry" command

  • Web - Each Vault has a Dashboard & option to disable

  • Web - Possible to configure custom icons for server login page and toolbar

  • Web - Support for License administration section

  • Web : Added capability of exporting the User Vault ( Private Vault)

  • Web : New Security dashboard in Administration menu

  • Core : Active Directory integration supports multiple root containers

  • Core : Back up can be Encrypted with a password

  • Core : DataSource Logs and Administration Logs can be sent by emails Notification - new category

  • Core : DNS name server setting now used in notifications

  • Core : Improved Email template for Notifications

  • Core : System Settings - New RDM Version Management section

  • PAM - Add option to filter out system users on SSH scans

  • PAM - Add OU browser for Active Directory scans

  • PAM - Different options available to define Approver + a pre-define Role

  • PAM - Include account SID for Active Directory scans

  • PAM - Possible to Approve or Deny and Check in from RDM Dashboard

  • PAM - Possible to Approve or Deny checkouts from the secure message received

  • PAM - Possible to force Check in from the Checkout Manager Active

  • Web - Add input boxes for Comment on open and Comment on close

  • Web - Add new dashboard when selecting Vault root in tree view

  • Web - Add option to resurrect deleted attachments

  • Web - Add possibility to insert Ticket number on Insert comment and Close comment

  • Web - Add support for Duplicate action on entries

  • Web - Add support for Passportal My Account Settings

  • Web - Added flag for Favorite Vaults, greatly improves the search and the Vault Selector

  • Web - Favorites can now contain links to entries of User Vault (Private Vault)

  • Web - Improved data contained in the Server Diagnostics report

  • Web - Option to disable the new Vault Dashboard

  • Web - Removed number of character limit from Secure Messages

  • Web - Searching for entries now possible to include description & Url or equivalent URL in search fields

  • Web - User Vault (private vault) entries can now select Credentials repository from other vaults

  • Web : Choose Theme - Light, Dark or Default will default to your browser theme

  • Web : Database Diagnostics report now available from Reports section

  • Web : Deleted Attachments can be viewed and be restored

  • Web : Entry from User vault (Private Vault) can be added in your Favorites

  • Core - Active Directory cache now includes embedded groups for Universal Groups

  • Core - Application Users should not be included in the user count

  • Core - Fixed memory leaks in Scheduler service

  • Core - Windows Authentication user binding when UPN is empty

  • PAM - Fix error when creating a Provider and a Scan at the same time

  • PAM - Fixed Reset Password Schedule recurrence

  • Web - Add validation for Password Template name on creation

  • Web - Contact type entries lose custom icon when editing

  • Web - Corrupted Secure Message would prevent loading all the Secure Messages of the user

  • Web - Entry custom icon is now saved when also renaming or moving the entry

  • Web - Fix 2FA configure later feature by giving anti forgery token when 2FA configuration is required

  • Web - Fix alarm entry type creation in private vault

  • Web - Fix CyberArk validations to support saving entry

  • Web - Fix Email Settings save button when changes other fields than Password

  • Web - Fix export from private vault to contain entries in sub-folders

  • Web - Save changes to Active Directory Domain Authentication without entering administrator credentials

  • Web - User with Manage Users permission could not import Active Directory or Office 365 users

  • Web -Test email setting without a username or password should not send error email to administrator

Version 2020.2.10.0 (September 3, 2020)

  • Radius shared secret lost following upgrade

  • The user accounts name that end with letter u deletion when set permissions

  • User could be logged on as different user with Windows Authentication

Version 2020.2.9.0 (August 6, 2020)

  • Can now select Pam Credential in User specific Setting: with RDM need version 2020.2.18.0

  • For RDM, fix connection state for sub-connections viewed by users

  • For RDM, fix CyberArk AAM type to be save

  • Web - Fix passwords being lost when moving a Password List entry with drag and drop

Version 2020.2.8.0 (July 23, 2020)

  • Add option to activate the Auto-notification for Duo 2FA

  • Improve performance when querying Activity Logs for a non-admin user

  • Web- Improve UI of the Cleanup logs feature

  • Console - fix default setting at installation

  • Fix error when domain cache update process ( AD & Azure)

  • Fix the Add entry using the Prompt Add with the browser extension (chrome and firefox)

  • Web - Password Templates is now showing in the Password generator

  • Web import - added warning if the Master key of file is missing

  • Web- Fix the Import roles from LDAP or Azure if done with non-admin user

  • Web- wont see the Shortcut entry from a folder that to don't have the right for

  • When refreshing the tree it now keeps the same tree view (keeps open folder that was open)

Version 2020.2.7.0 (June 25, 2020)

  • Added Master password on Vault

  • Added Syslog type Notifications, giving the ability to send Notifications to multiple Syslog servers

  • Added the user Language setting in User Template

  • Last Usage log report

  • Logs Cleanup feature to archive and purge. See In Administration/ Logs to enable

  • New Time-based access for Users

  • PAM - Ability to export Privileged Accounts

  • New setting to Enable internet access. False by default, disables Gravatars & Have I been Pwned

  • Add Private Vault Search as Credential Type

  • Add the value ''None'' when selecting Vault for automatic user creation

  • Attachment will now resurrect with their entry after deletion

  • Console: Step added to create a default administrator account on first install

  • Link automatic user creation to User Template settings

  • Manage custom images for Vaults

  • PAM - Improve message for denied checkout email message

  • Support entry type API Key

  • Support splitting Wallet entry into: Membership, Driver License and Social Security Number

  • Web - Add a search option in the entry Search to support Username & URL

  • Web - Add support for Gateway Credentials for RDP entries

  • Web Entry Website: added the compare type options to support Equivalent URL with DWL

  • Fix external link in a Secure note entry

  • Fix possible date conversion error when getting entries for Expired Entries Report

  • Fix right-click on item when in Vault view is in List type

  • Fix saving Checkout Comment in the logs

  • Fix Vault selection for Domain Automatic User Creation

  • PAM - Deleted folder account should still show in the Logs

  • Password Template maximum length increased to 1024

  • Pwned Password ‘Always Ignore' not working in Private Vault

  • Remove download link for Certificate entry when user does not have permission

  • Unable to save Passportal entry if option ‘Always prompt for password' is activated

  • Web - Can't edit permissions in the Security tab for an already created template

  • Web - Cannot choose a credential from a Password List in an Entry

  • Web - Cannot choose a credential from a Password List in User Specific Setting

  • Web - Entry search. Fix the entry selected during a search now Focus in the tree view

  • Web - Exporting entries by selecting the Vault root returns an invalid file

  • Web - Fix Documentation history

  • Web - Fix Expiring Report option for All Vaults

  • Web - Fix OTP entry of Private Vault

Version 2020.1.13.0 (May 13, 2020)

  • Possible performance issue in RDM managing Roles

Version 2020.1.12.0 (May 7, 2020)

  • Change Secure Message - Use the full name of user first instead of the username showed on the user list to sent the message

  • User that has Manage Roles can now see and manage all roles , except administrator roles

  • User that has right to grant permission on entries can now see all roles

  • Web error cause by a missing permission on entry in the Web interface

Version 2020.1.10.0 (April 14, 2020)

  • PAM -Accounts section,can drag and drop folder in other folder

  • Syslog improvements - Added heartbeat and a few administrative events

  • Web - Add Vault filter in the Expired Entry Scheduled Report

  • Web - Admin-Email settings added validation

  • Web - Can move entries by drag and drop in Vault tree view

  • Web - Can now Export entries

  • Web - Visual improvements to user Dashboard page

  • Check In/Out On close comment not saved

  • Console - Fix upgrade instructions not showing up

  • Console - When changing user password

  • Console -Fix possible database error when regenerating encryption keys

  • Error XML on new vault properties

  • PAM - Add missing information in Notifications for new SQL Provider

  • PAM - Fix language inconsistencies in log messages

  • RDP entry link to a file cannot be edited

  • Web - Add a visual indication when you try to edit a role/user and the server does not let you

  • Web - Deprecate entry type Login Account

  • Web - Fix error when forcing user to change password at next login

  • Web - Fix Google Authentication two factor registration key which was in wrong format

  • Web - Fix resolved permissions text in entry security

  • Web - PassPortal Always prompt for organization passphrase checkbox can't be checked

  • Web - Password List Copy Domain/Password does not log the action

  • Web - Sending Private Entry in Secure Message should not include folders

  • Web - Two Factor login window not showing in IE and Safari

  • Web - Vault - Add in root - setting cannot be changed

Version 2020.1.7.0 (March 12, 2020)

  • New Encryption Keys was added. We strongly recommend to export a new Encryption backup file

  • Web: Added a new report: Non default permission entries

  • Web: Added a new Section in entry dashboard : Permissions . Overview of rights for the entry

  • DPS Web - Add option to clear activity logs

  • DPS Web - Import users and roles from LDAP and Azure has now a filter

  • PAM - Cards in dashboard can now be clicked to got to section

  • PAM - Reset Password Schedule now syncs the credentials afterward

  • DPS Console - IIS application pool not properly stopped when upgrading DPS server

  • DPS Web - Cannot see the passwords in a Password List in the Private Vault

  • DPS Web - Credential Repository in Private Vault now show the credentials from the Shared Vault

  • DPS Web - Fix issue with Firefox and Safari browsers doubling all API requests

  • DPS Web - Remove Security Groups notion in all sections when not using Legacy Security

  • DPS Web - You can now set the Token Valid Time up to 7 days (10 080 minutes)

  • PAM - Privileged Account used for Brokering with Launcher cannot automatically check-in on connection closed

Version 2020.1.3.0 (February 24, 2020)

  • New Recording Server module available to centralise the sessions recording

  • You can now manage SQL accounts in the PAM component

  • Drag and drop support for file selection for attachments

  • Licensing - automatically assign to new users

  • Remove Local machine and database authentication type

  • View Password on OTP is now logged

  • Web - System Setting save changes notifications

  • Bug - DPS Console potential crashed after upgrading it to version 2019.2.12

  • Bug - Duo hardware token is not displayed as a 2FA device on the web UI

  • Bug - Duo setup on first login doesn't work from RDM

  • DPS - No 2FA prompt in Edge, Explorer and Safari

  • DPS Web - Can't reset 2FA from Office365 users

  • DPS Web - Permission Tab should not display in Private Vault

  • DPS Web - Remove PAM credentials type from Web browser entries

Version 2019.2.12.0 (December 16, 2019)

  • Added a password policy for custom user. See in Web admin interface /System settings

  • Console: Added possibility to set password on DPS Console instance

  • DPS Web - Dark theme

  • Introducing Privileged Access Management (PAM) component. Activate in Web admin interface/ Password Server settings

  • PAM - Account discovery (Active Directory and Ubuntu based systems)

  • PAM - Automatic password rotation upon Check in

  • PAM - Check out approval process on privilege accounts

  • DPS - Add a performance cache for users and roles to limit database access

  • DPS - Add log when Radius authentication fails for each attempt

  • DPS - Give 30 seconds delay for Radius validation when a second mode of auth is required (ex: Push Notification)

  • DPS - Give permission to view and edit Vault when user with Manage Vaults permission creates a new Vault

  • DPS - Logs now contain the server Name including physical server MAC address

  • DPS - Support Launcher search by name

  • DPS Web - Fix being unable to open a secure message if it has been sent to multiple recipients

  • DPS Web - Fix Clear Recent Entries

  • DPS Web - Fix error when loading secure message received from deleted user

  • DPS Web - Fix reset button in Multi Vault Advanced Search

  • DPS Web - Improved advanced search feature with new fields available to search: Username, Tags, Description

  • DPS Web - Select entry in tree when clicking on search result

  • Encryption at rest for all data (requires regenerating encryption keys in DPS Console and makes data unreadable using direct SQL queries)

  • Improved WEB UI in multiple sections

  • New improved email Notification system making it easier to target specific events by subscriptions. See in Web admin interface / Notification

  • New streamlined dashboard for entries

  • Web - Add option copy to clipboard on username and domain

  • Web - Add support for Authentication settings in the administration section

  • Web - Move entries between Vaults

  • Web - Show the resolved value of permissions when set to Inherited or Default

  • Web - Vault selector 2 column display

  • DPS - Add DNS name of server to the PAM checkout notification link

  • DPS - Add Hostname in RDP connection as a required field

  • DPS - Add log Password Viewed for private entries

  • DPS - Add log Password Viewed for private entries

  • DPS - Add Password Viewed log for private entries when logging is enabled on private

  • DPS - Can now send secure message with only attachments and title

  • DPS - Check out button is available on folders even if disabled on root folder

  • DPS - Display roles whole description

  • DPS - Fix exception when server does not have internet access and Pwned check is required

  • DPS - Fix expiring entries report that would send too many emails past 100 notifications

  • DPS - Multi-Vault search shows results user does not have access to view

  • DPS - Office365 Sync task token can become invalid if scan takes too long

  • DPS Web - Add Host field in Password List entry table

  • DPS Web - Add tooltip for role and vault names in case they are too long for column

  • DPS Web - Documentation doesn't appear in Internet Explorer

  • DPS Web - Fix bringing user back to last used vault on login instead of default vault

  • DPS Web - Fix displaying Restore action in Connection History report

  • DPS Web - Fix launching a session with Pam credentials already checked out

  • DPS Web - Fix missing template group icon

  • DPS Web - Fix reloading of the documentation tab of entries when changing entry

  • DPS Web - Fix removing all users and roles from custom permissions

  • DPS Web - Fix SSH Port Forward always editing the first entry

  • DPS Web - Fix web with Internet Explorer

  • DPS Web - No log when only selecting entry in tree with Pam credentials

  • DPS Web - Remove error message when root set to never with non-admin user

  • Web - Add sorting on role names column when assigning roles to users

  • Web - Add tooltip to role description to be able to see it all when long description

  • Web - Can't delete a Checkout request Secure Message

  • Web - Cannot import entries in Private Vault

  • Web - Display administration logs in descending date order by default

  • Web - Fix Checkin and Checkout comment on open and close did not show

  • Web - Fix Dashboard link when your landing page is set to Vaults

  • Web - Fix disabled entry types still being shown in the list when creating entries

  • Web - Fix external fonts having to timeout with client that has no internet

  • Web - Fix switching Vault while in report section Open Connections and Password Analyzer

  • Web - Manage password Pwned feature exceptions when DPS has no access to the internet

  • Web - Manage password Pwned feature exceptions when DPS has no access to the internet

  • Web - Missing security option 'Create vault with restricted access by default'

Version 2019.1.20.0 (August 8, 2019)

  • DPS - Fix adding an attachment to certificate from RDM

  • DPS - Fix Auto-create user for Office365

  • DPS - Fix DWL folders API to support legacy Virtual Folders

  • DPS - Fix that you could no longer import into Private Vault without the import permission

  • DPS - Resolve variables in data returned for DWL entries API

  • DPS - Return root folder for DWL folders API request

  • Web - Fix Activity Log displaying Default instead of Private Vault for activities on private entries

  • Web - Fix All Vaults checkbox in Activity Logs page

Version 2019.1.19.0 (July 30, 2019)

  • DPS - Azure and AD cache group discovery exception when discovered group name is null

  • DPS - Cannot import in private vault when user does not have import permission

  • DPS - Exception when secure message has no data

  • DPS - Exception with text RTF editor in RDM

  • DPS - Validate user login type before applying auto-create user

  • Web - Activity logs displaying Default vault instead of Private Vault

Version 2019.1.18.0 (July 9, 2019)

  • DPS - Improve speed of import operation

  • DPS Security - Validate maximum attachment size on upload

  • Web - Fix not being able to use inherited credential in private entries

Version 2019.1.17.0 (July 2, 2019)

  • DPS - Optimize DB access by fetching all connection states once per Http request

  • DPS - Optimize server cache to keep entries indexed by Vault

  • DPS - Fix invalid Duo code when using automatic user creation

  • Web - Fix import not defaulting to currently selected folder

Version 2019.1.16.0 (June 20, 2019)

  • DPS - Improve loading time of entry tree in web site

Version 2019.1.15.0 (June 17, 2019)

  • DPS - Fix being unable to login if Duo is the default required two-factor and it is not configured for user

  • DPS - Fix Radius authentication not working for a new user account

Version 2019.1.14.0 (June 3, 2019)

  • DPS - Fix assign role not working in vault management

  • DPS - Fix copy to clipboard not available in private vault

  • DPS - Fix issue with importing in private vault

  • Web - Fix missing Add Folder icon in favorites

  • Web - Remove checkout button from entries in private vault

Version 2019.1.13.0 (May 31, 2019)

  • DPS - Fixed an issue with the web token

Version 2019.1.12.0 (May 28, 2019)

  • DPS - Change default value for Edit Permission security right to be false

  • DPS - Default Checkout Mode for root must be Optional

  • DPS - Fix Duo error from RDM when sending SMS

  • DPS - Fix possible SQL injection with network discovery endpoint

Version 2019.1.11.0 (May 22, 2019)

  • DPS - User must have execution permission on an entry for it to be usable by DWL

  • DPS - Properly resolve user vault access for Launcher

  • DPS Console - Unable to generate QRCode for Google Authentication

  • Web - Fix being unable to generate new entry from template for sessions

Version 2019.1.10.0 (May 8, 2019)

  • DPS - Added Display Name to valid email format

  • DPS - Option to set DN container for Active Directory query

  • DPS - Set base DN for Active Directory authentication

  • Web - Add automatic check-in setting

  • Web - Add support for VMWare type entries

  • DPS - Appropriately resolve import parent folder

  • DPS - Capture SQL error messages so that they do not reach user web page

  • DPS - Fix bug when role has same name as a user

  • DPS - Fix Enable WebBrowser Extension for DataEntryWeb

  • DPS - Fix how root permissions are resolved with default DataSourceSettings

  • Web - Add expiration time for passwords in ClipBoard

  • Web - Can't see complete username of user in user list

  • Web - Create Vault permission is not respected

  • Web - default Check-out Mode of Vault Root setting is now Optional

  • Web - Fix user being disconnected when trying to use an entry for which he doesn't have access

  • Web - Fixed issue with not being able to save from template

  • Web - Import is in the choices at the creation of a template

  • Web - When adding new Private Vault entries some security options should not be visible

Version 2019.1.9.0 (April 19, 2019)

  • DPS Console - New Option in Manage database to set Pool Size

  • Web - New PAM feature can be enabled- in Preview

  • Web - New search tools in Navigation with multi vault search options

  • Web - Recent used entries is now in Search

  • Web Admin - new Applications management for CLI access

  • Web Admin - New value DNS Name in Server Settings

  • DPS Console - Scheduler service is now optional when installing DPS

  • Web - Added Console setting in Web interface: Email

  • DPS - Using * in documentation search puts user Offline

  • Web - Assign User on Vault Fix

  • Web - Fix QRCode generation link for Google Auth

  • Web - Mouse over Since date shows actual date in tooltip (Report)

  • Web - Root is selectable when adding Private Connection to Secure Message

Version 2019.1.8.0 (April 16, 2019)

  • DPS - Add Multi-Vault Search support

  • DPS - Submit a support ticket when error occurs

  • DPS Console - Allow upgrade with Windows Server Core

  • DPS - Add Activity Logs to diagnostic Zip

  • DPS - Add Custom Fields support for Web Browser entry

  • DPS - Add encryption key backup step after installing DPS

  • DPS - Add IIS HTTP headers to diagnostics

  • DPS - Add Password Server Settings to Server Diagnostics

  • DPS - Automatic checkin when closing Launcher

  • DPS - Better logs for Access Denied errors

  • DPS - Datasource information in downloadable diagnostics

  • DPS - Email message content with link when user receives a secure message

  • DPS - Prompt for key backup when regenerating server keys

  • DPS - Support nested groups for Active Directory and Azure cache

  • DPS Console - Add IIS HTTP_HEADERS in diagnostics

  • DPS Console - Database Update / Creation possible on existing database

  • DPS Console - Remove every setting accessible in web

  • Web - Button in user profile to submit support ticket

  • Web - Change location of Vault selection drop-down

  • Web - Cross browser support for Copy to clipboard

  • Web - Mouse over Since date shows actual date in tooltip

  • Web - Remove the privileges in the data source settings when Legacy security is not active

  • Web - Remove the tab permissions in Roles when Legacy security is not active

  • DPS - Duo enrollment issue

  • DPS - Entries opened with Launcher not showing in Opened Connections

  • DPS - Execute permission not respected when given through a role

  • DPS - Fill email when auto-creating Office365 users

  • DPS - Fill first name and last name when auto-creating Office365 users

  • DPS - Fix bad email settings giving stack overflow

  • DPS - Fix Edition label when creating new DPS instance

  • DPS - Fix only administrator can upload a private key

  • DPS - Fix security when Legacy Security is off

  • DPS - Fix SQL date conversion

  • DPS - Ignore case when verifying Netbios name

  • DPS - Yubikey API must use TLS 1.2

  • Web - Add missing DataSource setting Force Default Template

  • Web - Autofocus on 2FA validation fields

  • Web - Block assignments of users to AD and Office365 roles

  • Web - Collapse all does not work properly on Select Credentials

  • Web - Credential Repository and Private Vault credentials show where allowed

  • Web - Entry log add Duration

  • Web - Entry log missing active time / duration

  • Web - Role description not appearing

  • Web - Roles not in alphabetical order

  • Web - Unlocking a locked user gives error message

  • Web - User list not in alphabetical order

  • Web - Users Locked list does not sort columns