Notes de publication
Version 2024.3.9.0 (November 27, 2024)
Core - Fixed an issue where domain strategies were displayed as blank
Core - Fixed an issue where the "View Password" permission was required to execute an entry
Core - Fixed an issue where the PWN check was performed on an empty password field
PAM - Fixed a timeout issue when loading a PAM vault in RDM
PAM - Fixed an issue where the permission entry overview always displayed Never when set to Custom + Inherited
Version 2024.3.8.0 (November 13, 2024)
Core - Expired messages are now removed automatically upon expiration
Core - Improved performance when switching vaults in RDM
PAM - The domain provider now supports custom LDAP ports
Core - Fixed an issue where Macro/Script/Tool entry types could not be added to the System vault via RDM
Core - Fixed an issue where notifications would not be sent when targeting subfolders using the event filter
Core - Fixed an issue where the permissions 'Entry History' and 'View Sensitive Information' were not displayed in the grant access settings
PAM - Fixed an issue where the "Request Temporary Access" window was not displaying
Version 2024.3.7.0 (November 4, 2024)
CVE-2024-10971Core - Fixed an issue where the current password for an entry could be viewed through the password history
Core - Fixed an issue where some reports could be viewed without the required permissions
Core - Fixed an error that occurred when using an AnyIdentity with a gateway while the user had no gateway license
Core - Fixed an issue when renaming an entry from the context menu in the Vault tree
Core - Fixed an issue where multiple errors were shown in the log when connecting with a domain
Core - Fixed an issue with the User Vault after a SQL migration
PAM - Fixed an issue when moving a PAM folder to another vault
PAM - Fixed an issue when saving password templates in the PAM vault
PAM - Fixed an issue where the OTP was not displayed on the PAM entry overview
Version 2024.3.6.0 (October 16, 2024)
Core - Added "pwned" information to the Entry Security Analyzer report
Core - Added logging when a recording is viewed or downloaded
Core - Added support for search functionality in the system vault
PAM - Added the 'Entry History' permission for PAM entries and vaults
PAM - Fixed an issue where a user could see all accounts in a PAM vault even without the view permission
Core - Fixed an issue where users couldn't create new entries after a database restore
Core - Fixed an issue with license import when the user had no internet connection and the "Enable Internet Access" feature was enabled
Core - Fixed the default authentication behavior for external providers, restoring the previous behavior
PAM - Fixed an issue when editing the password template of a PAM vault root
PAM - Fixed an issue where the rotation schedule was not displayed in the Password Rotation Report
Version 2024.3.4.0 (October 7, 2024)
Core - Added an option to enable or disable Workspace offline mode in user settings
Core - Added custom time, view limit, and the ability for recipients to delete messages in the Devo Send feature
Core - Enhanced migration process to prevent sending excessive notifications
Core - Moved the "Save As" button in Secure Message for easier use and better visibility
PAM - Added custom fields to PAM entries
PAM - Added status for PAM entries
PAM - Added support for PAM vaults in multiple reports
Core - Fixed an error in the report when selecting too many parameters
Core - Fixed an error that could occur when editing a vault
Core - Fixed an issue where a double 2FA prompt could appear after logging off and logging back in
Core - Fixed an issue where notification preferences could be lost after updating a user
Core - Fixed an issue where removing administrator rights from a user would still leave all vaults assigned to them
PAM - Fixed a potential timeout issue when loading a PAM vault in RDM
PAM - Fixed an issue where a session could not be opened in the web interface using a PAM account with temporary access
PAM - Fixed an issue where the checkout dialog wouldn't close, leading to confusion about whether the checkout was completed
Version 2024.3.3.0 (September 27, 2024)
Core - Migrated Winbox Mikrotik entries to align with RDM and prevent breaking the entry when editing in DVLS
Core - The API documentation is now visible to all users and no longer restricted to admins
PAM - Added support for custom fields
PAM - Added the temporary access option to PAM connections
PAM - Enabled unmanaged accounts to use JIT elevation
Core - Fixed an issue that prevented setting permissions to "Custom" when creating an entry
Core - Fixed an issue where backups would fail if the path contained a space at the beginning
Core - Fixed an issue where sending a message to multiple users would only send to the first one
Core - Fixed an issue where the user-specific settings' password was not resolved when executing an entry
Core - Fixed an issue with Azure authentication where the token could not be retrieved in some cases
Core - Fixed an issue with the Devo send feature that was broken
Core - Fixed the LDAPGetGroupsByUser function to return groups from the parent domain
Version 2024.3.2.0 (September 23, 2024)
Core - Added a feature to restrict license auto assignation to specific user groups
Core - Allow users to specify permissions requested in temporary access request
Core - Web sessions can now be recorded in the browser
PAM - Added automatic check-in for PAM accounts
PAM - Migrated the PAM permission model to align with the shared vault permissions
PAM - The Active Directory (AD) provider can now manage local accounts on domain machines
Core - The legacy recording server is no longer supported
Core - Added an action available on an entry to easily share that entry
Core - Added duplicate for documents stored in database
Core - Added expiration time configuration when sending via Devolutions Send
Core - Added new 'high-priority' feature in messaging
Core - Devo-Send can now be used with Devolutions Server Free edition
Core - Export entry tags in 'Entry security analyzer' report
Core - Groups can be synchronized with their identity provider
Core - Improved offboarding of users by allowing conversion of user vault to a shared vault and unassigning licenses when deleting a user
Core - It is now possible to regenerate an application's secret
Core - Kestrel installation runs scheduler tasks
Core - The Entry Security Analyzer report no longer loads all vaults by default, improving initial load time
Core - User groups not found during provider group synchronization now appear as a warning log instead of an error
Core - Users and groups can be configured to be synchronized on a regular basis
PAM - Improved AnyIdentity provider to be able to use Devolutions Gateway
PAM - Just-In-Time (JIT) requested groups now appear in the logs when a request is made during checkout
PAM - Support for additional entry types added to PAM usage policy
Core - Fixed a performance issue with Active Directory (AD) console
Core - Fixed an issue where a document stored in the database could not be duplicated
Core - Fixed an issue where a user with a password ending in a space was not functional
Core - Fixed an issue where quick connect didn't create logs
Core - Fixed an issue with viewing template groups correctly
Gateway - Vault's custom variables are now resolved for entries configured with a Devolutions Gateway
PAM - Allow application identities to utilize PAM through PowerShell module
PAM - Fixed an issue where a user could approve their own check-out even if they didn't have the rights
PAM - Fixed an issue where the "Run As" password was erased when editing the provider
Web - Several UI fixes
Version 2024.2.13.0 (October 22, 2024)
Core - Fixed a issue that prevented the Gateway from functioning
Core - Fixed an issue in the "Add" window where some connection types were duplicated
Core - Fixed an issue where backups would fail if there was a space at the beginning of the folder path
Core - Fixed an issue where removing administrator rights from a user would leave all vaults selected
Core - Fixed an issue where sending a secure message to multiple recipients would only send to the first one
Version 2024.2.12.0 (September 26, 2024)
Core - The Entry Security Analyzer report no longer loads all vaults by default, improving initial load time
PAM - Enhanced logs to provide more detailed information when a password policy mismatch occurs
CVE-2024-6512 PAM - Fixed an issue where users could approve their own requests even when the option was disabled
PAM - Fixed an issue where expired checkouts were still accessible when the scheduler was down
Core - Fixed an issue that was preventing Devo Send from being used
Core - Fixed an issue where custom variables were not resolved for entries configured with a Gateway
Core - Fixed an issue where the Reset-DSPamPassword command was not working with the PowerShell module
Version 2024.2.10.0 (August 20, 2024)
Core - Allowed spaces in user passwords
Core - Fixed an error when exporting a vault in RDM
Core - Fixed an issue where IsPrivate = true always had to be specified when adding an entry to the user vault via PowerShell
Core - Fixed an issue where starting a session with Quick Connect wasn't generating logs
Core- Fixed an error when logging in with conditional access policies
PAM - Prevented the creation of folders with identical names at the same level, which was previously causing an error
Version 2024.2.9.0 (July 25, 2024)
Core - Fixed an issue where backup codes 2FA were always failing
Core - Fixed an issue where LDAP authentication was failing with alternate domain suffix and non-ssl
Core - Fixed an issue where password template had wrong information
Core - Fixed an issue where session recording settings were not the right one when entry was created from a template
Core - Fixed an issue where view password permission was needed to launch a session
Core - Fixed an option where PingOne option was available even if PingOne authentication was disabled
Core - Fixed Password rotation report to apply filter on last rotation instead of creation date
PAM - Fixed an issue where PAM checkout requests were not prompted when launching sessions
PAM - Fixed an issue where password can't be shared with Devolutions Send
PAM - Fixed an issue where propagation settings were not saved when adding PAM account manually
PAM - Fixed an issue where SQL accounts reset password were failing
Version 2024.2.8.0 (July 15, 2024)
Core - Significantly improved the performance of the Active Directory Console in the web client
Core - Fixed an issue where backup subscription notifications were not sent
Core - Fixed an issue where login history was generating error messages
Core - Fixed an issue where SSO login was not working with MFA
Core - UI fixes
PAM - Fixed an issue where PAM accounts remained out of sync after password reset on check-in
PAM - Fixed an issue where the Search Mode button was broken in Azure scan configuration
Version 2024.2.6.0 (June 27, 2024)
Core - Display the application identity name instead of the application ID in logs and place where we want to identify the application
Core - Fixed an issue where editing a permission set was failing
Core - Fixed an issue where the wrong logo was displayed in the side panel
Core - Fixed an issue where using DUO as 2FA was not possible because the user interface didn't let you enter your code
Version 2024.2.5.0 (June 25, 2024)
Core - Support delete of multiple entries
Core - Added a log when a user updates the system settings
Core - Fixed an issue where Devolutions Gateway farms were not considered in Devolutions Gateway permission report
Core - Fixed an issue where entry could not be moved to another vault
Core - Fixed an issue where RDM didn't load security change after vault owner changes
Gateway - Fixed an issue where alternate host could not be used without port configured
Gateway - Fixed issue where it was not possible to watch recording in the web interface
PAM - Fixed an issue where PAM vault could not be accessed if checkout policy was deleted
Web - Several UI fixes
Version 2024.2.3.0 (June 17, 2024)
Core - 5 new security reports: Administrators, System permissions, Devolutions Gateway permissions, Connection permissions and Vault permissions
Core - Added a Devolutions Gateway free license valid for 5 users
Core - Added sealed entry feature
Core - Added vault content type feature
Core - Licenses can now be refreshed to reflect changes
Core - PAM license is now assigned to users
Core - Support RDM connection to DVLS with Azure Proxy
Core - Devolutions Gateway licenses are now by user. A free license valid up to 5 users is now included
CVE-2024-4846 Core - Fixed an issue where a user could be authenticated without being asked for the 2FA via another browser tab
Core - Actions suggested in security dashboard can now be ignored
Core - Added a way to specify icons for light background or dark background
Core - Added an action "Select in tree" to focus on an entry when the tree is filtered
Core - Added an option to search in all vaults if nothing is found in the current tree
Core - Added recording tab on entries to be able to list all recordings
Core - Added rule based on user tags in conditional access
Core - Added secure message subject in the email sent to user
Core - Added support of Door Code entry
Core - Allow maximum file size to reach 100 Mb
Core - Improved security reports
Core - Improved significantly ARD performance
PAM - Added a display name on a Just In Time (JIT) elevation group
PAM - Improved Just In Time (JIT) elevation to allow the user to set only a subset of groups available on an account during the checkout
PAM - Password rotation is now possible in infrastructure vault
PAM - Support linked credentials on AnyIdentity provider
Rest API - New endpoints to list, create and delete credential entries
Web - Allow to change the side panel width
Core - Fixed an issue where logs from System Vault were not added in reports
Core - Fixed issue where vaults could not be selected as landing page
Core - Fixed performance issue with LDAP GetGroupByUser
Core - Fixed performance issue with PAM
Core - Removed useless logs to avoid too much logs
Core - Wait a few seconds to get connection with Database when the server starts in case SQL Server is starting as well
Web - Several UI fixes
Version 2024.1.15.0 (June 25, 2024)
CVE-2024-4846 Core - Fixed an issue where a user could be authenticated without being asked for the 2FA via another browser tab
Core - Fixed an issue where linked account cause problem in RDM
Core - Fixed an issue where user synchronisation was failing
Version 2024.1.14.0 (May 16, 2024)
Core - Fixed an issue affecting user cleanup for Okta users
Core - Fixed an issue where new password templates were saved with incorrect default values
Core - Fixed an issue where some subscriptions were being lost
Version 2024.1.13.0 (May 2, 2024)
Core - Fixed an issue where modifying an entry via the PowerShell module did not generate a log
Core - Fixed an issue where the domain controller name could not be explicitly entered in the Domain Authentication configuration
PAM - Fixed an issue preventing non-administrators from deleting accounts
PAM - Fixed an issue preventing the deletion of a PAM vault
PAM - Fixed an issue preventing the setting of a custom 'Max checkout time' in vault checkout settings
PAM - Fixed an issue where account heartbeats from AnyIdentity were not functioning
Version 2024.1.12.0 (April 23, 2024)
DEVO-2024-0007Core - Fixed a potential vulnerability related to LDAP injection
Core - Fixed a connection issue with Devolutions Gateway when using LDAP
Core - Fixed a security issue allowing users to see alarm and door codes while editing an entry without the proper view password rights
Core - Fixed an issue where an incorrect error message was displayed when credentials were set to prompt on connection
Core - Fixed an issue where synchronizer previews were not functioning with LDAPS
Core - Fixed an issue with synchronizer when set on My domain setting
PAM - Fixed an issue where referrals to unreachable child domains break password reset and validation
Version 2024.1.11.0 (April 9, 2024)
Core - Improved error handling for lost connections during web Active Directory use
Core - Microsoft cache is disabled when Microsoft authentication is turned off
DEVO-2024-0006 Core - Fixed a security issue where JIT requested group names could be forged in checkout requests
Core - Fixed a search functionality issue allowing PAM entries to be searched without administrator privileges
Core - Fixed an issue preventing the use of 'Prompt on connection' in the web client
Core - Fixed an issue where users weren't being saved in scheduled reports
Core - Fixed the incorrect rotation schedule time displayed in exported Password rotation reports
PAM - Resolved an issue where the password wasn't consistently updated in the checkout dialog after being reset during check-in
Version 2024.1.10.0 (April 3, 2024)
Core - AD synchronizer can now launch using credentials inherited
Core - Fixed a connection issue involving AD accounts and LDAP UserValidity
Core - Fixed a connection issue with RDM using the free version
Core - Fixed an issue causing an Unauthorized error when attempting to connect to RDM
Core - Fixed an issue where the success backup notification stopped working
Version 2024.1.9.0 (March 28, 2024)
Core - Added door code entry feature
Core - Added user validity check to the domain diagnostic tools
Core - Migrated old free licenses to new ones and enabled switching to a free license by removing the existing license
Core - Fixed a bug where non-configured domains were not displayed in the source list during Authentication migration
Core - Fixed an issue preventing the editing of vault security levels
Core - Fixed an issue where vaults available for access requests were not visible
Core - Resolved a "bad request" error occurring when attempting to connect to RDM with multiple authentication windows open
PAM - Fixed an issue preventing the saving of unmanaged account passwords
Version 2024.1.8.0 (March 26, 2024)
PAM - Improved logging for AD user synchronization failures
PAM - Fixed an issue where users could see accounts without the proper permissions
DEVO-2024-0005 PAM - Fixed a JIT feature issue allowing requests for unauthorized groups
Core - Corrected an issue where the scheduler version wasn't updating on the dashboard
Core - Fixed a connection error when using Netbios name with AD accounts
Core - Resolved a bug preventing password management accounts from saving template groups
PAM - Corrected a bug allowing checkout times beyond the maximum limit
PAM - Fixed a bug preventing PAM readers from launching sessions
UI fixes
Version 2024.1.6.0 (March 18, 2024)
Core - Added an option to display 100 items per page
Core - Added grid size option to the 'Assigned To' section of a License
Core - Removed the possibility to remove all authentication methods, which previously caused users to be unable to connect
PAM - Added more detailed errors for when resetting a Domain user fails
Core - Fixed an issue where Domain configuration was wiped out in some cases
Core - Fixed an issue where gateways weren't shown when indexing recordings
Core - Fixed an issue where the folder type and override name were not retained when adding an entry from a template
Core - Fixed an issue where the vault owner assignment page was not displayed
Core - Fixed an issue where users' 2FA was still active after being disabled
Core - Fixed an issue where using AD Domain Provider with LDAP's GetGroupsByUser function caused errors
PAM - Checkout button now shown in red when checked out by another user
PAM - Fixed an issue where an approver was unable to approve a request when the time was set to custom mode
PAM - Fixed an issue where updating PAM account attributes was impossible when the provider was unreachable
Version 2024.1.4.0 (March 5, 2024)
Core - Active Directory web console is now supported
Core - Added PingOne identity provider as authentication
Core - Added support for sending passwords through in-app messaging or Devolutions Send
Core - Administrators can now configured which notifications they want to receive by email
Core - Domain authentication can now use Devolutions Gateway
Core - DVLS can now be used without license (Free version up to 10 users)
Core - Improved our LDAP stack for Active Directory authentication
PAM - Account used to access Devolutions Server Database are now saved in an internal vault
PAM - Provider's password can now be managed and rotated
Rest API - 3 endpoints are now available to get secret/credential value. API documentation is also available from the UI
Scheduler - Support high availability
Core - Upgraded application from .NET 6 to .NET 8
PAM - Migrate PAM account to be able to support documentations and attachments
Core - Authentication with Azure/Okta can be configured to validate the token on a regular basis. Client changes required
Core - Added a way to know if a user has a user vault or not and warn the user when it is deleted
Core - Added vaults and user groups columns in users report
Core - Added vaults and user groups in user reports
Core - Password list can now shows more password in the page
Core - Prevent users to remove all MFA supported if MFA is required to login
Gateway - Support multiple domains to reach the right KDC server
PAM - Documentations and attachments are now possible on PAM account
PAM - Support favorite vault with PAM vaults
Web - Improved the web interface and show all vaults in the side menu
Web - Support for hardware-accelerated cursors and Kerberos with RDP web client
Core - Fixed an issue where notifications could be accessed without permission
DEVO-2024-0002 PAM - Fixed an issue where PAM Azure account is not removed from groups after JIT elevation
Core - Fixed an issue where log cleanup could failed with SQL timeout if too much data had to be deleted
Core - Fixed an issue where serialization error was raised during vault import from .rdx file
Core - Fixed an issue where user was logged in automatically after a force logout by the application
Core - Fixed SSO login with Workspace Browser Extension
PAM - Fixed an issue where PAM account attributes could not be updated if provider was unreachable
Web - Several UI fixes
Version 2023.3.18.0 (May 23, 2024)
DEVO-2024-0007Core - Fixed a potential vulnerability related to LDAP injection
Version 2023.3.17.0 (April 17, 2024)
DEVO-2024-0005 PAM - Fixed a JIT feature issue allowing requests for unauthorized groups
DEVO-2024-0006 Core - Fixed a security issue where JIT requested group names could be forged in checkout requests
Version 2023.3.16.0 (March 8, 2024)
DEVO-2024-0002 PAM - Fixed an issue where PAM Azure account is not removed from groups after JIT elevation
Core - Fixed an issue where documentation entry could not be created
Core - Fixed an issue where SAP Fronend Server Entry (AddOn) could not be displayed
Version 2023.3.14.0 (February 7, 2024)
Core - Added logs to investigate issues with PublicWebInstanceInformation endpoint
Core - Fixed an issue where login SSO failed with Workspace Web Extension
Core - Fixed an issue where scheduled reports were empty
PAM - Fixed an issue where marking an account as read gave an error
PAM - Fixed an issue where rights were not resolved correctly
PAM - Fixed an issue where standalone credential password was viewable without checkout
Web - Several UI fixes
Version 2023.3.13.0 (December 19, 2023)
Gateways - Now supports multiple KDC servers
Core - Fixed an issue where launching sessions through the web client was not working
Core - Fixed an issue where non-admin users were unable to search in PAM vaults
Version 2023.3.12.0 (December 13, 2023)
Core - Can now retrieve passwords from PAM Account entries on Public API
Core - Fixed an error that occurred when attempting to retrieve groups by user with Active Directory
Core - Fixed an issue with OTP (One-Time Password) on the Workspace web browser
PAM - Fixed an issue where PAM Oracle accounts couldn't be added or edited
PAM - Fixed an issue where scheduled PAM account password resets were not respecting time settings
Version 2023.3.10.0 (November 29, 2023)
Core - Added support for Active Directory and Microsoft Hyper-V dashboard entries
Core - Added support for different URL paths for the authentication page
Core - Added support for hardware-accelerated cursors and Kerberos on RDP web client
Core - Improved user experience by remembering the last login type and automatically selecting the last authentication type
Core - Fixed a performance issue occurring with a high number of users and user groups
Core - Fixed an issue when renaming a folder on the contextual menu
Core - Fixed an issue where the Workspace browser extension was consistently pwned checking even when the feature was disabled
Core - Fixed several issues related to licenses
Gateway - Fixed an issue where the recording date was inaccurately set to the re-indexing date
Version 2023.3.8.0 (November 21, 2023)
Core - Added clipboard support on RDP web client
Core - Added support for CredSSP in Windows PAM Provider
Core - Rebrand Devolutions web login to Workspace browser extension
CVE-2023-6264 Core - Fixed an issue where gateways list was leaked in Content-Security-Policy header
Core - Fixed an error occurring when attempting to import AD users with PAM account discovery that contain accents in the username
Core - Fixed an issue where Yubikey MFA was not functioning
Version 2023.3.7.0 (November 13, 2023)
Core - Fixed a performance issue related to TOR validation
Core - Fixed an error that occurred when attempting to use Yubikey with Duo
Core - Fixed an issue where certain licenses were displayed as expired
Gateway - Fixed an error occurring when attempting to ping
Pam - Fixed an issue where connection failed for the AD provider when the username included the domain name
Version 2023.3.6.0 (November 7, 2023)
Core - Added a filter for subscriptions by tags
Core - Added language support for redirection links
PAM - Added HTTPS support for the Windows provider
Core - Fixed a serialization error
Core - Fixed an error that occurred when selecting VPN entries
Core - Fixed an issue duplicate server routes that were causing an SSO Login Error on the web
Core - Fixed an issue where the trial license was always displayed as free
Web - Several UI fixes
Version 2023.3.5.0 (November 3, 2023)
Core - Fixed an issue where a lot of exceptions were logged in data source logs
Core - Fixed an issue where Workspace users were not able to get user vault entries
Web - Several UI fixes
Version 2023.3.4.0 (November 1, 2023)
Core - Advanced search can now specify the operation between filters
Core - Dashboard can show card only if data is present
Core - Include archived data in reports
Core - New user settings to show/hide specific entries (archived, disabled, expired) in the tree
Core - Push notifications to Workspace can be enabled/disabled
Core - Support new license format
Core - Support of tags on users
Core - Support Windows Authentication through the web interface
Core - Temporary access can now be requested on credentials
Core - User behavior analytics is available on the system dashboard
Core - User interface profile can now be used to simplify the web interface
Core - Users can be synchronized with their identity provider
PAM - Allow user to send checkout requests to all approvers
PAM - Checkout request can be assigned to a user to help in the approval process
PAM - Just In Time (JIT) elevation for provider Azure AD
PAM - Propagation can now be configured on every level: vaults, folders, and entries
PAM - Support of PAM Active Directory provider through Devolutions Gateway
Web - SSH and Telnet sessions can now be launched through Web Client (via Devolutions Gateway)
Web - System vault can be edited in the web interface
Core - Removed support of legacy security
Core - 'Force token public IP validation' setting is now false by default
Core - An email is sent to the administrator when the scheduler is down
Core - By default, on new installation, log cleanup is configured
Core - Default value to enable DWL for Website entry is now available
Core - Security dashboard shows if offline is available on vaults
Core - Support new entries in the web interface: firearm, insurance number and access code
Core - Use X-Forwarded-For configuration is disabled by default in the new installation
Core - Workspace can be configured by scanning a QR code available in the web interface
Core- Added an icon to the Expired Entry List to show that a password is re-used
Gateway - Added the Gateway ID in the web interface
PAM - Improve PAM usage policies to support more context where PAM accounts can be used
PAM - PAM section is now always visible even without a license
Core - Fix slowness issues when temporary access was enabled
Core - Fixed an issue when the list of forbidden passwords disappeared when too large
Core - Fixed an issue where Okta users could not be created on first login
Core - Fixed an issue where scheduled reports were not adjusted by daylight saving time
Core - Fixed an issue with the notifications which creates a lot of log
Core - Fixed an issued with variables that were not well resolved in the vault
Gateway - Fixed an issue with Gateway Health to improve performance
PAM - Fixed a performance issue when requesting a PAM vault request
PAM - Fixed an error when Domain Controller was not specified in the AD provider
PAM - Fixed an issue that prevented manual check-in when a checkout had timed out
Web - Several UI fixes
Version 2023.2.11.0 (November 9, 2023)
CVE-2023-5358 Core - Fixed an issue that allows users to retrieve logs from vaults or entries they are not allowed to access
Version 2023.2.10.0 (October 24, 2023)
PAM - Fixed an issue that prevented manual check-in when a checkout had timed out
Web - Several UI fixes
Version 2023.2.9.0 (October 3, 2023)
PAM - Fixed vulnerability issue with the PAM propagation script
Core - Fixed an issue where the Disconnection Data Source settings were not saved properly
Core - Importing google password doesn't create a legacy website anymore
Version 2023.2.8.0 (September 20, 2023)
Core - User notifications can now be sent based on user type
Core - Fixed an issue where all sessions were returned as running session
Core - Fixed an issue where comments on session close were not saved
Core - Fixed an issue where user without all rights in Active Directory can not be used to configure a domain
Version 2023.2.7.0 (September 11, 2023)
Core - Fixed an issue where error was thrown if an entry was linked on a deleted entry in user vault
Core - Fixed an issue where Okta user can't be created as read only
Core - Fixed an issue where properties "Override RDP Setting" in CyberArk Dashboard entry were not saved
Core - Fixed an issue where scheduled reports were not affected by daylight saving time change
Core - Fixed an issue where Windows Authentication failed if Force token public IP validation was set to true
Core - Fixed issue where opened sessions list was always empty
Gateway - TCP hostname is always marked as not configured in diagnostics
PAM - Fixed an issue where AnyIdentity action script fails when a non-mandatory property is configured as a parameter
PAM - Fixed an issue where PAM account can't be edited when the account is in a folder
Version 2023.2.6.0 (August 21, 2023)
Core - Fixed an issue when a User Vault entry is duplicated in the Favorites tab and could not be removed from the User Vault
Core - Fixed an issue when Azure cache erased on Internet loss
Core - Fixed an issue when trying to navigate to a favorite in the user vault
Core - Fixed an issue with the shared vault dashboard that kept refreshing in a loop
Core - Fixed error when filtering (user or user groups) accounts in Microsoft Users Import dialog
Gateway - Fixed an issue when an error occurred when accessing Devolutions Gateway Permission
PAM - Fixed Pam featured not enabled bug
Recording Server - Fixed issue when recording could be saved 'remote'
Version 2023.2.5.0 (July 25, 2023)
Core - Added PAM usage policies for Microsoft RDS Dashboard and Active Directory Dashboard
Core - Fixed an issue where Devolutions Gateway name was not shown in opened connections report
Core - Fixed an issue where user could not be imported from Azure AD
Core - Fixed temporary access request report to be able to export it
Gateway - Fixed an issue where Devolutions Gateway configuration could not be published
Version 2023.2.4.0 (July 18, 2023)
PAM - Added all sessions type in PAM usage policies configuration
Core - Fixed an issue where all alarm codes were deleted even if only one had to be deleted
Core - Fixed an issue where CyberArk entry could not be saved with SAML authentication
Core - Fixed an issue where grant temporary access was failling
Core - Fixed an issue where no notification was sent on the Azure AD user created automatically
Core - Fixed an issue where roles can't be retrieved
Core - Fixed an issue where tree could not be loaded in web interface
Core - Fixed temporary access request report to be able to export it
PAM - Allow uppercase and underscore on ssh username
Version 2023.2.3.0 (July 6, 2023)
Core - Entry Security Analyzer report can now be done with one or many vaults
Gateway - Allow a custom TCP Hostname on Devolutions Gateway
Core - Fixed an issue where Syslog configured with UDP didn't work
Core - Fixed an issue where VPN entries from system vault were not listed
PAM - Don't show Privileged Access section without PAM license
Recording Server - Fix an issue where recordings can't be indexed
Web - Several UI fixes
Version 2023.2.2.0 (June 27, 2023)
Core - Improved warning message when passwords don't comply with password security settings
Core - New Devolutions Server installation set 'Enable internet access' to true
PAM - Added checkout reason in logs/reports
PAM - Added support for preferred domain controller in AD provider
Recording Server - Added a tool to re-index recordings from different Devolutions Gateways
Core - Fixed an issue where activity logs could not be opened
Core - Fixed an issue where entries can't be saved in system vault
Core - Fixed an issue where no notification was sent if the delete operation was made with RDM
Gateway - Fixed an issue where Devolutions Gateway could not be used if no ID was configured on it
Web - Several UI fixes
Version 2023.2.1.0 (June 20, 2023)
Recording Server - Devolutions Gateway should be used to act as recording server
Core - Added a search tool in System Settings
Core - Added IP List entry type
Core - Added PowerShell Terminal Remoting Directly in the Web Interface
Core - Added the ability to assign a vault owner
Core - Added the ability to link two user accounts to the same license
Core - Added the ability to request access to other vaults
Gateway - Devolutions Gateway can now act as recording server
Gateway - Devolutions Gateway can now be configured for load balancing
PAM - Added temporary just-in-time(JIT) elevation at checkout
PAM - Added the ability to propagate PAM passwords to after rotation
PAM - Expanded privileged account availability with PAM usage policies
Core - Added more information in log for login information (IP, iso code, emergency access)
Core - Changed default strategy for AD "Get groups by user" from Principal to Directory entry token group
Core - Current and latest version of services/gateways are now shown in the system dashboard
Core - Dashboard user interface improvement
Core - SMTP server and Syslog server status are now shown in the system dashboard
Core - Temporary access can be created by the approver and permission will be granted to the user at the right moment
Core - Temporary access can be requested on entry with link to other entries for credentials, vpn
Core - Temporary access request can now be requested for future use
Core - Upgraded System Dashboard with Syslog and Email Services
PAM - Added more information in logs when an error occurs
PAM - Added PAM checkout requests in advance
PAM - Checkout request can be created by the approver and permission will be granted to the user at the right moment
PAM - New setting to limit the checkout time
PAM - Scripts in AnyIdentity providers can now be ran as a specific user
CVE-2023-2400 Improper deletion of resources in the user management feature
Core - Fixed an issue where search entries failed if current vault contains special character (%) in description
Core - Security Policies is now renamed Conditional Access Policies
Core - Submit a support ticket is available only for admin
Web - Several UI fixes
Version 2023.1.8.0 (May 25, 2023)
Core - Fixed an issue where emergency access failed and user could not access his server
Core - Fixed an issue where HeidiSQL entry type could not be selected
Version 2023.1.7.0 (May 9, 2023)
Core - Added logs during Okta login
Core - Migrate from ADAL (Azure Active Directory Authentication Library) to MSAL (Microsoft Authentication Library) for Azure
Core - Fixed an issue where custom fields migration was long
Core - Fixed an issue where Windows Authentication failed for first connection
Core - Support ASP.NET 7
PAM - Fixed an account where password rotation failed
PAM - Fixed an issue where PAM account can't be created by a non admin user
PAM - Fixed an issue where scheduled password rotation happens multiple times
Version 2023.1.6.0 (April 21, 2023)
CVE-2023-0951 Core - Fixed an issue where package created to be sent to support could be downloaded by non admin user
Core - Added sender username in secure message push notification in Workspace
Core - Fixed an issue where authentication migration from Devolutions Server user to another authentication type failed with an exception
Core - Fixed an issue where passwords with only permission to execute were not sent to DWL
Core - Fixed an issue where session start time in logs was invalid
Core - Increased the startup time limit to avoid server to be stopped during data migration when server is starting
PAM - Fixed an issue where loading privileged accounts list failed with a timeout
Version 2023.1.5.0 (March 30, 2023)
Core - Support users migration from Azure AD to Azure AD (different domain name)
Web - MikroTik entry can now be edited in DVLS web interface
Core - Fixed an issue where Azure AD groups were not migrated on startup and Azure AD groups were not found anymore for users
Core - Fixed an issue where entry security analyzer report was not including password lists
Core - Fixed an issue where locked application keys were not list in Users Locked report
Core - Fixed an issue where two logins were needed to access DVLS
Web - Several UI fixes
Version 2023.1.4.0 (March 22, 2023)
Core - Improved performance when system retrieves Azure AD groups
Core - Report an issue can be sent to any user, not only administrator
PAM - Added forbidden password check for standalone account
Web - Gateway list is now paged when you want to select a gateway on a connection
Core - Added logs when an entry is added or restored from the web interface
Core - Fixed an issue where checkouts were not visible for administrator in dashboard
Core - Fixed an issue where forbidden passwords list is not visible
Core - Fixed an issue where some folders were missing for DWL
Core - Fixed an issue where synchronizer created wrong folder structure
Web - Several UI fixes
Version 2023.1.3.0 (March 14, 2023)
Core - Added support for global images
Core - An issue on an entry can now be reported to notify administrators
Core - Notifications can now be sent to devices running Workspace
PAM - Added a function to generate script headers of AnyIdentity Providers
PAM - Added a function to test Powershell scripts of AnyIdentity Providers
PAM - AnyIdentity Providers can now be imported/exported
Web - Added System Dashboard to display services state
Web - Improved the dashboard to be customizable
Web - RDP session can now e launched through Web Client (via Devolutions Gateway)
Web - VPN/Gateway can now be edited in Web Interface
Core - Added a new contact type Team/Department
Core - Added a new IT Asset data entry type
Core - Added a new vehicle data entry type
Core - Added a report to find connections with specific status
Core - Added a warning message if less than 10% of a license is available
Core - Added an Archived and Broken Entry status
Core - Added contact link support in Software/License entry
Core - Added many reports in the scheduled report list
Core - Added password generator button in certificate entry
Core - Added the possibility to assign a contact to the credit card owner
Core - Microsoft Authentication cache can now be desactivated
Core - User information from Microsoft users are now synchronized with DVLS users
Gateway - A reg file or a Powershell Script can be downloaded to configure KDC proxy
PAM - Added a link to PAM Provider GitHub repository in AnyIdentity Templates
PAM - Added timeout setting for SSH local user provider
PAM - Renamed Custom Providers by AnyIdentity Providers
Web - Added custom fields edition
Web - Information on dashboard can now be clicked to see the specific information
Web - Moved DVLS license information under Administration -> License
Web - Vaults can now be searched by description
Core - Fixed an issue where authentication cache was used even if it was disabled
Core - Fixed an issue where copy password button was not available in the overview when it should
Core - Fixed an issue where message about http connection in system dashboard was displayed even if the connection was https
Core - Fixed an issue where scheduled AD synchronizer created incorrect folder names
Core - Fixed an issue where users were not logged in even if the credentials were valid
Core - Fixed issue where administrators were not able to use Launcher
Web - Minor UI fixes
Web - Several UI fixes
Version 2022.3.13.0 (February 21, 2023)
CVE-2023-0951 Core - Fixed a few API endpoints where users without permission were authorized
CVE-2023-0952 Core - Fixed an issue where linked credential could be leaked on edit entry
CVE-2023-0953 Core - Fixed an issue where SQL injection was possible
CVE-2023-1201 Core - Fixed an issue with improper access control to attachment in secure messages
Core - Fixed an issue where an administrator was not able to connect to DVLS through Launcher
Core - Fixed an issue where Credential filter could not be used in PAM Checkout notification
Core - Fixed an issue where RDM connection failed with Windows Auth and a security policy was configured with an AD group
Version 2022.3.12.0 (February 13, 2023)
Core - Fixed an issue in Devolutions Gateway User Access report
PAM - Fixed an issue where scans were failing in some cases
Web - Fixed an issue where connection name was not visible during edition in dark theme
Version 2022.3.10.0 (February 2, 2023)
[DEVO-2023-0002] Core - Fixed a security issue where sensitive data was returned even if the user didn't have access to it
Core - Avoid to send an email on successful backup if user doesn't want to receive it
Core - Fixed an issue where tags with a dot were not displayed correctly
Core - Fixed the hyperlink in backup confirmation email
PAM - Fixed an issue where some PAM vaults or PAM accounts were not found
Version 2022.3.9.0 (January 24, 2023)
Gateway - Support Telnet connection through Devolutions Gateway
PAM - Enable OTP for standalone account
Core - Avoid to log useless exception
Core - Avoid to send email on backup success if user doesn't want it
Core - Fixed an issue where deadlock could occur with old Azure AD or Domain groups
Core - Fixed an issue where entries could not be added in folders with DWL
Core - Fixed an issue with Azure SMTP Connections
Core - Fixed an issue with Password Generator where settings were not applied
Version 2022.3.8.0 (December 21, 2022)
Core - Added a password generator button on password field in certificate entry
Core - Improved performance when listing users from a domain, Azure or Okta group
Core - Fixed an issue where some server settings were not saved properly
Core - Updated the Microsoft users migration to manage missing UPNs
PAM - Fixed an issue where only 25 accounts were displayed in PAM vault
Version 2022.3.7.0 (December 13, 2022)
Core - Added a way to export active users
Core - Added a way to select JIRA tickets from other filters (not only the default filter)
Core - Added configuration to support non-admin user to launch synchronizer
Core - Support user/user group cache for Microsoft Azure Authentication
Core - Fixed an issue where an error was raised during authentication migration
Core - Fixed an issue where opening documentation in new tab didn't work
Gateway - Fixed an issue where Gateway ID was not synchronized with the Gateway
Web - Several UI fixes
Version 2022.3.6.0 (December 1, 2022)
Core - Added HTTP compression to improve performance
Version 2022.3.5.0 (November 25, 2022)
Core - Sub connections can now be resurect with their parent
PAM - Added password rotation schedule at the folder level
PAM - Checkout request or approval can now specify end time instead of checkout duration
Core - Fixed an issue where accessing license was not possible in some cases for free edition
Core - Fixed an issue where Devolutions Launcher application access was not available even for administrator users
Core - Fixed an issue where entry credential was not available in DWL in some cases
Core - Fixed an issue where search result didn't focus on the entry selected in the result
Core - Fixed issues with VMWare Synchronizer (update of prerequesite needed on DVLS Server via DVLS-Console)
Core - Prompt for comment didn't work in a few cases
Gateway - Fixed an issue where Devolutions Gateway ID was not synchronized automatically by the scheduler
Gateway - Fixed issues where scheduler returned an error when no revocation list was stored in database
Web - Several UI fixes
Version 2022.3.4.0 (November 10, 2022)
Core - Added a button to refresh user information from AD to all users
Core - Added a warning message if a vault has too many entries
Core - Added a way to exclude characters with password template and generator
Core - Added an option to keep all logs archived
Core - Added an option to save password in a shared vault from a secured message
Core - Disable email 2FA if the server doesn't have SMTP configuration
Core - Display the password history in the web interface for the password list entry type
Gateway - Support 'auto assign' with Gateway licenses
Core - Fixed an issue where attachments couldn't be added in private vault
Core - Fixed an issue where deleting a notification was failing
Core - Fixed an issue where DWL couldn't retrieve website entries from shared vaults
Core - Fixed an issue where reading attachments was raising an error when the encryption at rest was not enabled
Core - Fixed an issue where scheduled reports were adding 30 days instead of running same date every month
Core - Fixed an issue where viewing the password didn't ask for a comment even if it was requested
PAM - Fixed an issue where refreshing the page was loading the first PAM vault
Recording Server - Fixed an issue where processor couldn't complete when a certificate was not trusted
Web - Several UI fixes
Version 2022.3.3.0 (November 3, 2022)
Core - Fixed an issue where authentication migration didn't work if username was the same between source and destination
Core - Fixed an issue where RDM could not used any module with license (CyberArk, BeyondTrust, ...)
Version 2022.3.2.0 (November 1, 2022)
Database upgrade required
Core - Added a way to migrate users from an authentication mode to another (from Active Directory to Azure AD for exemple)
Core - Added permission set to assign permission easily on users
Core - Added support to Okta authentication
Core - Added support to SMTP modern authentication with Azure
Core - Implemented attachment and documentation support for sub connections
Gateway - Added Kerberos authentication via KDC Proxy
Gateway - Added new reports to display Devolutions Gateway permission
Gateway - Added permissions on Devolutions Gateway
Gateway - Sessions launched via Devolutions Gateway can now be killed
PAM - Added description field on PAM account
PAM - Added support for generic providers
Web - Added markdown WYSIWYG documentation editor
Core - RDM User license must be set in the data source
Core - RDM users need one license assigned for each user account
Core - Added a button to refresh favorites
Core - Added a way to select the main account type to bypass the authentication type on login
Core - Added an option to select Azure behavior on login
Core - Added one button in login page for each Active Directory configured
Core - Added options to select Azure behavior on login
Core - Added support for multiple emails in email configuration
Core - Button label can now be configured in login page
Core - Connection icon can now be customized
Core - Improved RDM connection stability with Devolutions Server
Core - Improved security dashboard UI
Core - Removed the option "Current Windows session" as credentials for AD configuration
Core - Renamed 'Custom User' by 'Devolutions Server User'
Gateway - Added a filter in the Devolutions Gateway list
PAM - Added log messages if PAM password propagation failed
PAM - Added possibility to include PAM vaults in search side bar
PAM - Changed the way PAM account are displayed: Removed tiles and display a tree
PAM - Improved PAM Heartbeat failed message to differentiate provider and account name
Core - Fixed an issue where administrator received an exception about telemetry when internet was not available
Core - Fixed an issue where attachments were corrupted after download
Core - Fixed an issue where backup was failing with invalid path on Linux SQL Server
Core - Fixed an issue where folder structure was visible in DWL even if user didn't have access to the folder
Core - Fixed an issue where importing Azure AD accounts didn't fill the first and last name
Core - Fixed an issue where license capacity could be exceeded
Core - Fixed an issue where Okta groups were recognized as Devolutions Server groups
Core - Fixed an issue where Okta groups were viewed as Devolutions Server groups
Core - Fixed an issue where password set on an attachment was not shown correctly
Core - Fixed an issue where read only users could add attachments or documentation
Core - Fixed an issue where SMTP configuration was not migrated correctly
Core - Fixed an issue where success page was prompted after Windows Authentication
Core - Fixed an issue where user update could lost user group assignments
Core - Fixed an issue where username field could be missing in Emergency Login
Core - Fixed an issue where users avatar were missing
Core - Fixed an issue where Website entry could not be saved with a Password Management license
Core - Fixed an issue where wrong RDM version was loged in reports
Core - Fixed issue in My Account Settings where Dashlane Password and KeePass Server Password were not obfuscated
Core - Fixed issue where email could not be sent in some cases
Core - Removed sensitive information from public endpoint
PAM - Added log message if password propagation failed
PAM - Fixed an issue where PAM section was not available even with a license
Web - Several UI fixes
Web - Several UI fixes
Web - Several UI fixes
Version 2022.2.11.0 (October 3, 2022)
Core - Fixed an issue where emergency login could not be used in some cases
Core - Fixed an issue where vault could not be deleted for some users
Version 2022.2.10.0 (September 6, 2022)
Core - Fixed an issue where SQLException was raised when launching a RDP session
Core - Fixed an issue where user could be disconnected without logoff request
Core - Website entry can now be used by user with Password Management license
PAM - Fixed an issue where checkin was failing with SQL exception
Web - Several UI fixes
Version 2022.2.9.0 (August 23, 2022)
Core - Avoid to send an error email to administrator when a user fails to logon
Core - Fixed an issue where password on attachment is not shown properly after saving it
Recording Server - Fixed issue where network interruption cause the recording to be lost
Version 2022.2.8.0 (July 29, 2022)
Core - Add one button per Active Directory on the login page
Core - Improve ticketing system configuration
Core - Labels on login page can now be configured
Core - Vault password has to respect password template
Core - Don't send notification to user who made the operation on an entry
Core - Fixed an issue where custom user expiration was impacting domain users or AAD users
Core - Fixed an issue where user could have a white page after login
Core - Fixed an issue where users could be included in a domain group or AAD group even if he was not a member
Web - Several UI fixes
Version 2022.2.6.0 (July 11, 2022)
Core - Automatically logout idle users on web interface can be disabled
Core - Update security dashboard to adjust scoring
PAM - Improve the copy button to avoid a sub menu for OTP on PAM account
Core - Fixed an issue where default expiration was not set in secure message
Core - Fixed an issue where default vault was assigned to users by default even if that vault was not in user template configuration
Core - Fixed an issue where favorite folder could not be created
Core - Fixed an issue where getting the datasource information was failing
Core - Fixed an issue where login with Microsoft/Azure AD user was failing
Core - Fixed an issue where user could be in an Azure Group in DVLS even if it was not member of that group in Azure AD
Core - Fixed an issue where user could not be saved if an invalid license was assigned to that user
PAM - Fixed an issue where Azure AD Users provider secret key could not be updated
PAM - Fixed an issue where fetching groups of a scan configuration was failing
Web - Several UI fixes
Version 2022.2.5.0 (July 4, 2022)
Database upgrade required
Core - Emergency access to allow an access even if providers are down (Azure or AD)
Core - New permission : "Delete Documentation"
Core - New permission : "View Sensitive"
Core - Notifications : Users can be notified on actions made on entries
Core - Security policies available to allow/deny users with different conditions
Core - Security policies available to force/skip 2FA with different conditions
Gateway - Support for new protocols : VNC, ARD, SCP, SFTP, PowerShell (WinRM, SSH), Embedded Websites
PAM - Add link with ticketing system (JIRA) to list tickets during the checkout operation
PAM - Support for password reset for MySQL users, Oracle users and Cisco users
PAM - Support for standalone privileged accounts
Core - .NET 6.0 is now required
Gateway - Devolutions Gateway now requires a license (unlicensed usage will be refused except for side-by-side installation that can have up to 5 concurrent sessions without a license)
Core - Website entry (previously "Web Browser (HTTP/HTTPS)") now has Devolutions Web Login enabled by default
Core - Added "append to the username" and "prepend to the username" modes for OTP usage
Core - Added a button to test ticketing system configuration
Core - Added more fields in asset dashboard (UPN, custom fields)
Core - Allow restoring deleted documentation pages
Core - Dashboard page has been removed and integrated on vault dashboard to be like RDM
Core - Redesign the login page
Core - Redesign the web interface
Core - Removed sensitive data from user list
Core - Security improvement: use new function (PBKDF2-HMAC-SHA1) to calculate the password hash
Core - Show the group name or username in permission table
Core - Support exporting/importing the documentation of an entry
PAM - Added filters for providers and scan configurations
PAM - Improve the reset password confirmation prompt
PAM - Renamed Team Folder by PAM Vault
Core - Fixed an issue where 2FA was bypassed when connecting with Windows Authentication
Core - Fixed an issue where adding images in documentation was raising an error
Core - Fixed an issue where Azure AD user can't be imported manually
Core - Fixed an issue where Entry Security Analyzer report was not available for user with permission
Core - Fixed an issue where microsoft user was not able to login if he had been added manually
Core - Fixed an issue where the client IP was not set properly
Core - Fixed an issue where user couldn't access the gateway configuration even if he had the permission
Core - Fixed an issue where user remains connected after disconnecting him through 'Connected user list'
Core - Fixed an issue where wrong RDM versions were saved in Login History report
Core - Fixed diagnostic report to be the same as RDM
Core - Fixed issue where a new user could have rights if a user with the same name has already existed
Core - Fixed security issue by processing "Entry Security Analyzer" permission
Core - Improved error message when vault name already exists
Core - Removed the vault assignment window when importing users. Vaults from user template are used
PAM - Fixed an issue where a folder could not be deleted
PAM - Fixed an issue where all accounts were returned for a non admin user
PAM - Fixed an issue where view roles definitons couldn't be access from quick scan
PAM - Fixed an issue where windows scan failed if no local user exist
PAM - Removed redirect URI field in Azure AD provider configuration
Web - Fixed an issue where long vault name with hyphen broke the avatar
Web - Fixed an issue where multiple or wrong vault icon were shown
Web - Fixed an issue where view password button could disappear in the entry overview
Web - Several UI fixes
Version 2022.1.13.0 (May 11, 2022)
Core - Initial support for Devolutions Workspace
Core - Improve Office365 authentication process. The redirect URI in Azure must be changed
Core - Added logs during Windows authentication process
Core - Support Microsoft Authentication Library (MSAL) for Office365 authentication
Core - Use object ID instead of UPN for Office365 users
Web - Improve UI of Devolutions Gateway diagnostic
Core - Cleanup tokens table
Core - Fixed an issue where Devolutions Gateway could not be uploaded
Core - Fixed an issue where expiration date didn't show up in password list
Core - Fixed an issue where landing page was not applied after a login
Core - Fixed an issue where user group type was wrong after import
Core - Removed "SessionRequired" errors sent to administrator
Recording Server - Fixed an issue where recording server used 100% CPU
Web - Several UI fixes
Version 2022.1.12.0 (April 4, 2022)
Core - Give more information to user when they can't be logged in
Core - Logs can be cleaned up with a timeframe
Core - Office365 authentication supports automatic user creation from a specific group
Core - Removed some exceptions sent to administrator that were not critical
Core - Support multiple vaults export
Core - Fixed an issue if a vault template has been created
Core - Fixed an issue where DWL can't find the matching sub-connections
Core - Fixed issues in the login process
PAM - Fixed an issue where importing from a scan didn't work the first time
PAM - Fixed an issue where searching a PAM account changed the priviledged account folder
PAM - Fixed an issue with SSH scan
Web - Several UI fixes
Version 2022.1.10.0 (March 15, 2022)
Core - Added a "Move" permission on entries
Core - Added a menu item to expand/collapse all in vault tree
Core - Administrators can now ask a change password at next logon when they reset user password
Core - Allow $REPOSITORY_NAME$ variable in name
Core - ARD entry: Add configurable connection timeout
Core - Removed Wayk Client entry
Core - Support 2FA with Windows Authentication
Core - Support export/import multiple vaults with attachments and documents
Core - Support password expiration on custom users
Gateway - Added a diagnostic tool
PAM - Added a search tool to help selecting a privileged account
Core - Fixed a few authentication issues
Core - Fixed an issue when exporting entries kept folders even if user asked to remove them
Core - Fixed an issue where dates what not displayed
Core - Fixed an issue where RDM logoff was failing
PAM - Fixed an issue where searching in PAM Account didn't search in folders
Web - Several UI fixes
Version 2022.1.9.0 (February 18, 2022)
Core - RDM 2022.1 is mandatory to use DVLS 2022.1. Connection from old RDM will be refused
Core - Entry's name can now be edited directly in the vault tree
Core - Move Devolutions Launcher CAL and users CAL licenses to Administration/License section
Core - Support gender "Unspecified" for passport entry
Core - Fixed an issue where documentation page links didn't work
Core - Fixed an issue where Domain Functional Level 2012R2 was not supported
Core - Fixed an issue where login was not possible on an HTTP installation where the hostname was used in URL
Core - Fixed an issue where SMS 2FA was failing
Core - Fixed Windows Authentication
Web - Fixed web client to avoid cryptokey exception
Web - Several UI fixes
Version 2022.1.7.0 (February 15, 2022)
Database upgrade required
Core - Email notifications for temporary access
Core - Support for DVLS PAM entry
Gateway - License integration
Gateway - SSH connection support
PAM - Azure AD Provider
PAM - Local Windows Accounts Provider
PAM - PAM Dashboard in Remote Desktop Manager
Core - .NET Framework 4.8 is now required
Core - HTTPS is strongly recommended, application encryption level will be removed
Core - Initial OAuth support. Windows authentication is no longer supported with 2FA
Gateway - Devolutions Gateway now requires a license (unlicensed usage will show a warning)
DWL has to be logged in separately
Core - "DNS Name" has been replaced by "Access URI"
Core - Added "Privileged Account" on the folder credential option
Core - Added a group filter in import AD Users dialog
Core - Added server and client IP address in syslog messages
Core - Added UserInfoHistory in the cleanup logs feature
Core - Don't accept domain with functional level too low
Core - Fixed an issue where user can't be imported if a domain was down
Core - Improved multi vault search performance
Core - Search results in passwords list
Core - Sort TAGS in the dashboard and tag selection dialog
Core - Support for new RDM file format (v2) to import
Gateway - Added option "Force using IP address for RDP connections"
Gateway - Added support for alternate hosts
Gateway - Support inherited Gateway
PAM - Added a password template at provider level
PAM - Added scan delta summary
PAM - Improved error message on synchronization status
PAM - Move all PAM Account at root level in a team folder
Web - Added 'Assign All Vaults' button in users and user groups dialogs
Web - Added a few SSH properties in Edit view
Web - Added a search bar in 'Privileged account credential' type selection
Web - Added a warning on entry deletion if a shortcut exist
Web - Added icon in PAM UI to help color blind people
Web - Added shortcut icon in vault tree
Web - Only admin user can submit a support ticket
Web - Rebranded Devolutions Authenticator to Devolutions Workspace
Web - Sort approvers in PAM checkout dialog
Web - Support DVLS PAM entry in web interface
Core - DVLS Free doesn't support PAM
Core - Fixed an issue to display the right number of users in a license
Core - Fixed an issue where "Automatic User Creation" parameter was not saved
Core - Fixed an issue where "Prompt for comment" was not displayed with "Copy API key"
Core - Fixed an issue where a user without the view password permission could view the password
Core - Fixed an issue where changing the time for O365 caching was not saved
Core - Fixed an issue where custom user groups can not be created without custom authentication activated
Core - Fixed an issue where documentation view was wrong
Core - Fixed an issue where Duo returns invalid 2FA with a domain user
Core - Fixed an issue where entries with temporary access were not sent back to DWL
Core - Fixed an issue where export vault was not logged
Core - Fixed an issue where password in passwords list could be lost
Core - Fixed an issue where passwords in private vault were not available in web interface
Core - Fixed an issue where RDM connection to DVLS failed
Core - Fixed an issue where RDM was disconnected from DVLS
Core - Fixed an issue where some folders in vaults were not available in RDM
Core - Fixed an issue where ticket number was not saved in activity logs
Core - Fixed an issue where user was not able to login
Core - Fixed issue where date format was wrong
Core - Fixed Syslog message format to set the hostname with DVLS IP
Core - Include Local Account entries in password rotation reports
PAM - Fixed an issue where PAM checkouts failed with a non-admin user
Web - Fixed an issue where view attachment with pdf extension failed
Web - Fixed translation strings
Web - Several UI fixes
Web - Several UI fixes
Version 2021.2.14.0 (December 13, 2021)
Added robots.txt for security purpose
Fixed an issue where custom user groups can not be created without custom authentication activated
Fixed an issue where passwords were lost after sorting passwords in a password list
Version 2021.2.13.0 (November 18, 2021)
Core - Added a new license for the PAM Module (the license is included for those already using the PAM module with a DVLS license bought before September 30th 2021)
PAM - Added local Windows account management
Web - Added an option to regenerate Devolutions Gateway key pair on demand
Web - Added batch edit to grant permissions all at once on an entry
Core - Fixed an issue where a user can delete entries without permission
Core - Fixed the display of shortcut entries
Core - Stack overflow error when migrating the domain user groups with their SID
PAM - Fixed an issue where approval workflow didn't work when approved by an "approver"
Web - Several UI fixes
Version 2021.2.10.0 (October 25, 2021)
Core- Manage OTP option getting OTP from link credentials
Web - Added an "apply to all" action when setting the allowed applications
Web - Added the option to view the Gateway's logs and opened sessions
Web- Added a filter ''Has access'' in security grant permission & Vault assignment
Core - Root is empty exception- can't save entry
Core - SQL exception when refreshing cache using legacy security
Core- Error LockRecursionException
Core- Notifications with negative conditions
Core- Option - Enable Remote Monitoring SSH
PAM- Saving security permission on folder
Web - Cannot save a second template
Web - Error while trying to check out a PAM account in the vault section
Web- System Message formatting
Version 2021.2.8.0 (October 4, 2021)
Database upgrade required
Free version available for 3 users / 100 entries
Multi-domain supported with Platinum license type
PAM - Password Propagation
PAM - Password rotation report
PAM - Password rotation Scheduled
Web - Added Asset section on entries
Web - Support synchronizer entry
Web- Can import from Google Password csv file
Improved Devolutions Gateway to use key pair from DVLS, older deployments need to be reconfigured
2FA available in all edition
Core - New option to sent scheduled report to an email address that is not a user
Core - Sends email when a temporary access is granted
Deprecated Authanvil and Vasco as 2FA
PAM - a message is sent when a request is approved
PAM - added OTP on privilege account
PAM - CheckOut request are Auto approve when done by approver him self
PAM - Report of password rotation
RDM- Document in entries available in Offline mode
Web - Add indicator when attachment and document are link to the entry
Web - Simplify the Documentation tutorial editor
Web - Template available in Quick add setting per vault
Web- Add OTP source on session entry
Web- Better performance loading vault
Web- Improve way of granting permission
When assigning system permission, the read only user are no longer shown
Hide Password Template mode Readable in entry setting
Several fixes & adjustments
Web - Edit user Administrator , fix the number of vaults
Version 2021.1.20.0 (July 19, 2021)
Core - The column is missing from LogingHistory_Archive
Web - Error parsing dates when using custom dates on reports
Version 2021.1.19.0 (June 30, 2021)
Core - connections/partial endpoint returns private key although it is Sensitive information
Issue when adding a documentation on entries
Version 2021.1.17.0 (June 17, 2021)
Core - Added VMRC as launchable connection type for the launcher
Core - New system setting for Authentication Office365- recurrence on the schedule cache
Core - Support Temporary access requests
Core - Added daily caching refresh for domain and Office 365 users
Core - Added usage of DNS name instead of the IP address for Radius 2FA
Core - Updated SMTP options when configuring emails
Web - Add Tel protocol to phone numbers on the entries dashboard
Web - Added confirmation when moving and entry using drag & drop
Web - Updated the background image for 2K display
Core - "Invalid data sent" when trying to save the Host Linked(Vault)/Inherited
Core - Allow rest api usage by applications
Core - Can't download Session recording form Recording Server in RDM
Core - Error when generating the expired entries report
Core - Fixed required permissions to edit an entry's documentation
Web - Cannot access administration if app name is ADMIN
Web - Fixed the resolving when the checkout setting is set to root
Web - save credentials and content in a message sent
Version 2021.1.10.0 (May 11, 2021)
Core - Fix errors on connection with user that has no shared vault available
Core - Fix opened connections report conversion error
Core - Fix X-Forwarded-For usage
Web - Fix vault selector not loading
Version 2021.1.9.0 (April 16, 2021)
Web - Added options to export the user vault when migration fails
Core - Fix User vault migration with names longer than 200 characters
Core - Unable to save both User CAL and Launcher licenses
Core - Unable to save the Email settings without Username and Password
Core - Unable to save VPN with Wayk bastion
Version 2021.1.7.0 (March 30, 2021)
Core - Added support for Devolutions Gateway (Jet)
Core - Added the "Last login" report
Core - Added the entry type: azure service principal
Core - Added the field Tenant ID on API Key
PAM - Added a system of policies on team folders for easier management
PAM - Added the delta between results when scanning a domain
Web - Added support for default icon color
Web - Added the option when enter a licence or request a trial when the license is expired or when there is no license
Web - The interface is available in read-only when the license is expired or when there is no license
Web - The scheduled reports now support more reports
Core - The user vault has now the same features as a standard vault (i.e.: attachments, history, documentation)
Introduced a distinction between sensitive properties and passwords in Information Entries. The view password permissions now only affect passwords specifically
Core - Added a timeout setting to Radius configuration
Core - Added Devolutions Authentificator as a supported 2FA
Core - Added handling of the custom controls on web entries for DWL
Core - Added the authentication method on the login history report
Core - Added the expression "is not" when setting a filter on a subscription
Core - SqlException when starting a connection from a templage
Core - Syslog events, only sends the title of the stack trace
Core - Updated the library for sending emails
Web - Added a download button on document's dashboard
Web - Added a message when the license is expired
Web - Added custom fields on web entries
Web - Added multiple gateways on SCP and SFTP entries
Web - Added multiple gateways on SSH Shel, SSH Tunnel and SSH Port Forward entries
Web - Added Recents, on the new entry dialog
Web - Added recovery codes for OTPs
Web - Added the "Disconnect Data Source" option in the administration section
Web - Added the OPT on Web entries
Web - Added the option to set the "Allow Offline" to a vault
Web - Added the options to view and download the Private key
Web - changed UI
Web - Manage the password setting "Force Default Template"
Web - Remove the email being mandatory when creating a user
Web - secure message, Added the options to "Delete All" and "Mark all as read"
Web - Update the default date range to "today" instead of "Last 7 days" on the activity log report
Web - Updated Radius login labels
Web - Updated the icons
Web - Updated the scrolling when navigating to an entry from the search
Core - Access was denied on api call for the documentaion
Core - Error SecurityTokenExpiredException received several time a day
Core - Error when adding an email to a user that didn't already had one
Core - Error when enabling the Windows Event Log
Core - Error when importing in the Private Vault
Core - Error with RDM on limited mode
Core - Fix access denied error on documentation
Core - Fix CORS
Core - Fix templates showing in the activity logs
Core - MaxMind GeoIP block everything
Core - Sql Injection
Core - Updated date format on reports
Core - Updated the default STMP Port
Core - Updated the SQL Queries when doing cleanup tasks to avoid timeouts
Core - Wrong log in "Connected User" report when connected from the Launcher
RDM - Cannot download Session recording form Recording Server in RDM
Web - "Prompt for comment" memo is overflow window is not tall enough
Web - Bad email format result in JSON error when editing a user
Web - Checkout UI issue on Firefox
Web - Error when trying to upload an SSH key
Web - Fix cannot assign users and user groups when creation a vault
Web - Fix error on reports when no vault is selected
Web - Fix loading the domain user speed issue
Web - Fix secure message color in dark mode
Web - Fix should not be able to set status on an entry when a check out is required
Web - Fix the vault menu item being available when there are no vault
Web - Fix variable not resolved on connections
Web - Fix variable not resolved on sub-connections
Web - Infinite loading when Azure token expires
Web - Missing icons on the web interface
Web - notification subscriber edit window is not tall enough
Web - On the Login History reports is not showing all entries
Web - RDP Template doesn't save "local ressources"
Web - Tab title is not updated
Web - The licence count is not updated when managing licenses
Web - The password reset is not applied when switching users
Web - The recurrence is not shown properly on the scheduled report calendar
Web - The website does not load properly when the the database is not reachable
Web - UI issue in Vault on Firefox
Web - UI issue when adding a user
Web - Unable to create a Contact Company entry in a folder
Web - User loses its license when changing the user type
Web -Cannot change Offline Mode for user groups
Version 2020.3.22.0 (June 29, 2021)
Core - connections/partial endpoint returns private key although it is Sensitive information
Setting Offline mode with User group
Version 2020.3.19.0 (May 11, 2021)
Core - Fix X-Forwarded-For usage
Version 2020.3.18.0 (April 13, 2021)
Core - Restrict-CORS
Core - SQL injection when deleting a user
Version 2020.3.17.0 (January 12, 2021)
Added ‘Privileged Access' to the list of available landing pages
Improved performance on login with a domain user
Fixed domain caching on when using multi-domains
Fixed saving items in ‘My Account Settings' using RDM
Fixed the vault used when resurrecting an entry
The Devolutions Server URL is now case-insensitive
Version 2020.3.14.0 (December 8, 2020)
Web - Added a setting to use or not the x-forwarded-for for the IpAddress
Web - Added an option to keep the template name or not when creating an entry
Web - Added the option to import roles from a domain with using the cache
Web - Secure message, added expiry date
Web - Updated the color on the error messages
Core - Fix end point for the CLI
Core - Fix error on notification when auto-creating a user
Core - Fix error on notification when creating an entry
Core - Fix the domain cache issue when setting the user's domain
Web - Fix 404 on the admin page
Web - Fix Incomplete Export File
Web - Fix loss of data on iDrac
Web - Fix loss of data on Ilo
Web - Fix loss of data on SSH Shell X11 forwarding
Web - Fix scheduled report - Error when using only 1 vault
Web - Fix the alternate 2FA
Web - Fix unable to see the log details on a deleted entry
Web - Vault assignment, show the list in alphabetical order
Version 2020.3.12.0 (November 17, 2020)
Core : Fix server restriction for users allowed to manage users
Version 2020.3.11.0 (November 16, 2020)
Web - Send files as attachments in a Secure Message
Web - Add export to Activity Logs
Web - New filters for Users and Groups administration sections
Web - Possible to import Active Directory users even with cache disabled
Web - Refresh information on an Active Directory user from the domain in Users section
Fix Active Directory auto create user issue when a group is specified
Fix error in SQL query to get Opened Connections
Fix query to get all expired and expiring entries in Report and Dashboard
View Password from the entry should behave the same way as the action view password
Web - Do not allow Duplicate action on root
Version 2020.3.8.0 (October 28, 2020)
Core : Security setting to block Tor clients from accessing the server
PAM - New built-in roles with specific rights for easy assignment
PAM - New onboarding wizard to facilitate initial import of Privileged Accounts
Web - Added "Duplicate entry" command
Web - Each Vault has a Dashboard & option to disable
Web - Possible to configure custom icons for server login page and toolbar
Web - Support for License administration section
Web : Added capability of exporting the User Vault ( Private Vault)
Web : New Security dashboard in Administration menu
Core : Active Directory integration supports multiple root containers
Core : Back up can be Encrypted with a password
Core : DataSource Logs and Administration Logs can be sent by emails Notification - new category
Core : DNS name server setting now used in notifications
Core : Improved Email template for Notifications
Core : System Settings - New RDM Version Management section
PAM - Add option to filter out system users on SSH scans
PAM - Add OU browser for Active Directory scans
PAM - Different options available to define Approver + a pre-define Role
PAM - Include account SID for Active Directory scans
PAM - Possible to Approve or Deny and Check in from RDM Dashboard
PAM - Possible to Approve or Deny checkouts from the secure message received
PAM - Possible to force Check in from the Checkout Manager Active
Web - Add input boxes for Comment on open and Comment on close
Web - Add new dashboard when selecting Vault root in tree view
Web - Add option to resurrect deleted attachments
Web - Add possibility to insert Ticket number on Insert comment and Close comment
Web - Add support for Duplicate action on entries
Web - Add support for Passportal My Account Settings
Web - Added flag for Favorite Vaults, greatly improves the search and the Vault Selector
Web - Favorites can now contain links to entries of User Vault (Private Vault)
Web - Improved data contained in the Server Diagnostics report
Web - Option to disable the new Vault Dashboard
Web - Removed number of character limit from Secure Messages
Web - Searching for entries now possible to include description & Url or equivalent URL in search fields
Web - User Vault (private vault) entries can now select Credentials repository from other vaults
Web : Choose Theme - Light, Dark or Default will default to your browser theme
Web : Database Diagnostics report now available from Reports section
Web : Deleted Attachments can be viewed and be restored
Web : Entry from User vault (Private Vault) can be added in your Favorites
Core - Active Directory cache now includes embedded groups for Universal Groups
Core - Application Users should not be included in the user count
Core - Fixed memory leaks in Scheduler service
Core - Windows Authentication user binding when UPN is empty
PAM - Fix error when creating a Provider and a Scan at the same time
PAM - Fixed Reset Password Schedule recurrence
Web - Add validation for Password Template name on creation
Web - Contact type entries lose custom icon when editing
Web - Corrupted Secure Message would prevent loading all the Secure Messages of the user
Web - Entry custom icon is now saved when also renaming or moving the entry
Web - Fix 2FA configure later feature by giving anti forgery token when 2FA configuration is required
Web - Fix alarm entry type creation in private vault
Web - Fix CyberArk validations to support saving entry
Web - Fix Email Settings save button when changes other fields than Password
Web - Fix export from private vault to contain entries in sub-folders
Web - Save changes to Active Directory Domain Authentication without entering administrator credentials
Web - User with Manage Users permission could not import Active Directory or Office 365 users
Web -Test email setting without a username or password should not send error email to administrator
Version 2020.2.10.0 (September 3, 2020)
Radius shared secret lost following upgrade
The user accounts name that end with letter u deletion when set permissions
User could be logged on as different user with Windows Authentication
Version 2020.2.9.0 (August 6, 2020)
Can now select Pam Credential in User specific Setting: with RDM need version 2020.2.18.0
For RDM, fix connection state for sub-connections viewed by users
For RDM, fix CyberArk AAM type to be save
Web - Fix passwords being lost when moving a Password List entry with drag and drop
Version 2020.2.8.0 (July 23, 2020)
Add option to activate the Auto-notification for Duo 2FA
Improve performance when querying Activity Logs for a non-admin user
Web- Improve UI of the Cleanup logs feature
Console - fix default setting at installation
Fix error when domain cache update process ( AD & Azure)
Fix the Add entry using the Prompt Add with the browser extension (chrome and firefox)
Web - Password Templates is now showing in the Password generator
Web import - added warning if the Master key of file is missing
Web- Fix the Import roles from LDAP or Azure if done with non-admin user
Web- wont see the Shortcut entry from a folder that to don't have the right for
When refreshing the tree it now keeps the same tree view (keeps open folder that was open)
Version 2020.2.7.0 (June 25, 2020)
Added Master password on Vault
Added Syslog type Notifications, giving the ability to send Notifications to multiple Syslog servers
Added the user Language setting in User Template
Last Usage log report
Logs Cleanup feature to archive and purge. See In Administration/ Logs to enable
New Time-based access for Users
PAM - Ability to export Privileged Accounts
New setting to Enable internet access. False by default, disables Gravatars & Have I been Pwned
Add Private Vault Search as Credential Type
Add the value ''None'' when selecting Vault for automatic user creation
Attachment will now resurrect with their entry after deletion
Console: Step added to create a default administrator account on first install
Link automatic user creation to User Template settings
Manage custom images for Vaults
PAM - Improve message for denied checkout email message
Support entry type API Key
Support splitting Wallet entry into: Membership, Driver License and Social Security Number
Web - Add a search option in the entry Search to support Username & URL
Web - Add support for Gateway Credentials for RDP entries
Web Entry Website: added the compare type options to support Equivalent URL with DWL
Fix external link in a Secure note entry
Fix possible date conversion error when getting entries for Expired Entries Report
Fix right-click on item when in Vault view is in List type
Fix saving Checkout Comment in the logs
Fix Vault selection for Domain Automatic User Creation
PAM - Deleted folder account should still show in the Logs
Password Template maximum length increased to 1024
Pwned Password ‘Always Ignore' not working in Private Vault
Remove download link for Certificate entry when user does not have permission
Unable to save Passportal entry if option ‘Always prompt for password' is activated
Web - Can't edit permissions in the Security tab for an already created template
Web - Cannot choose a credential from a Password List in an Entry
Web - Cannot choose a credential from a Password List in User Specific Setting
Web - Entry search. Fix the entry selected during a search now Focus in the tree view
Web - Exporting entries by selecting the Vault root returns an invalid file
Web - Fix Documentation history
Web - Fix Expiring Report option for All Vaults
Web - Fix OTP entry of Private Vault
Version 2020.1.13.0 (May 13, 2020)
Possible performance issue in RDM managing Roles
Version 2020.1.12.0 (May 7, 2020)
Change Secure Message - Use the full name of user first instead of the username showed on the user list to sent the message
User that has Manage Roles can now see and manage all roles , except administrator roles
User that has right to grant permission on entries can now see all roles
Web error cause by a missing permission on entry in the Web interface
Version 2020.1.10.0 (April 14, 2020)
PAM -Accounts section,can drag and drop folder in other folder
Syslog improvements - Added heartbeat and a few administrative events
Web - Add Vault filter in the Expired Entry Scheduled Report
Web - Admin-Email settings added validation
Web - Can move entries by drag and drop in Vault tree view
Web - Can now Export entries
Web - Visual improvements to user Dashboard page
Check In/Out On close comment not saved
Console - Fix upgrade instructions not showing up
Console - When changing user password
Console -Fix possible database error when regenerating encryption keys
Error XML on new vault properties
PAM - Add missing information in Notifications for new SQL Provider
PAM - Fix language inconsistencies in log messages
RDP entry link to a file cannot be edited
Web - Add a visual indication when you try to edit a role/user and the server does not let you
Web - Deprecate entry type Login Account
Web - Fix error when forcing user to change password at next login
Web - Fix Google Authentication two factor registration key which was in wrong format
Web - Fix resolved permissions text in entry security
Web - PassPortal Always prompt for organization passphrase checkbox can't be checked
Web - Password List Copy Domain/Password does not log the action
Web - Sending Private Entry in Secure Message should not include folders
Web - Two Factor login window not showing in IE and Safari
Web - Vault - Add in root - setting cannot be changed
Version 2020.1.7.0 (March 12, 2020)
New Encryption Keys was added. We strongly recommend to export a new Encryption backup file
Web: Added a new report: Non default permission entries
Web: Added a new Section in entry dashboard : Permissions . Overview of rights for the entry
DPS Web - Add option to clear activity logs
DPS Web - Import users and roles from LDAP and Azure has now a filter
PAM - Cards in dashboard can now be clicked to got to section
PAM - Reset Password Schedule now syncs the credentials afterward
DPS Console - IIS application pool not properly stopped when upgrading DPS server
DPS Web - Cannot see the passwords in a Password List in the Private Vault
DPS Web - Credential Repository in Private Vault now show the credentials from the Shared Vault
DPS Web - Fix issue with Firefox and Safari browsers doubling all API requests
DPS Web - Remove Security Groups notion in all sections when not using Legacy Security
DPS Web - You can now set the Token Valid Time up to 7 days (10 080 minutes)
PAM - Privileged Account used for Brokering with Launcher cannot automatically check-in on connection closed
Version 2020.1.3.0 (February 24, 2020)
New Recording Server module available to centralise the sessions recording
You can now manage SQL accounts in the PAM component
Drag and drop support for file selection for attachments
Licensing - automatically assign to new users
Remove Local machine and database authentication type
View Password on OTP is now logged
Web - System Setting save changes notifications
Bug - DPS Console potential crashed after upgrading it to version 2019.2.12
Bug - Duo hardware token is not displayed as a 2FA device on the web UI
Bug - Duo setup on first login doesn't work from RDM
DPS - No 2FA prompt in Edge, Explorer and Safari
DPS Web - Can't reset 2FA from Office365 users
DPS Web - Permission Tab should not display in Private Vault
DPS Web - Remove PAM credentials type from Web browser entries
Version 2019.2.12.0 (December 16, 2019)
Added a password policy for custom user. See in Web admin interface /System settings
Console: Added possibility to set password on DPS Console instance
DPS Web - Dark theme
Introducing Privileged Access Management (PAM) component. Activate in Web admin interface/ Password Server settings
PAM - Account discovery (Active Directory and Ubuntu based systems)
PAM - Automatic password rotation upon Check in
PAM - Check out approval process on privilege accounts
DPS - Add a performance cache for users and roles to limit database access
DPS - Add log when Radius authentication fails for each attempt
DPS - Give 30 seconds delay for Radius validation when a second mode of auth is required (ex: Push Notification)
DPS - Give permission to view and edit Vault when user with Manage Vaults permission creates a new Vault
DPS - Logs now contain the server Name including physical server MAC address
DPS - Support Launcher search by name
DPS Web - Fix being unable to open a secure message if it has been sent to multiple recipients
DPS Web - Fix Clear Recent Entries
DPS Web - Fix error when loading secure message received from deleted user
DPS Web - Fix reset button in Multi Vault Advanced Search
DPS Web - Improved advanced search feature with new fields available to search: Username, Tags, Description
DPS Web - Select entry in tree when clicking on search result
Encryption at rest for all data (requires regenerating encryption keys in DPS Console and makes data unreadable using direct SQL queries)
Improved WEB UI in multiple sections
New improved email Notification system making it easier to target specific events by subscriptions. See in Web admin interface / Notification
New streamlined dashboard for entries
Web - Add option copy to clipboard on username and domain
Web - Add support for Authentication settings in the administration section
Web - Move entries between Vaults
Web - Show the resolved value of permissions when set to Inherited or Default
Web - Vault selector 2 column display
DPS - Add DNS name of server to the PAM checkout notification link
DPS - Add Hostname in RDP connection as a required field
DPS - Add log Password Viewed for private entries
DPS - Add log Password Viewed for private entries
DPS - Add Password Viewed log for private entries when logging is enabled on private
DPS - Can now send secure message with only attachments and title
DPS - Check out button is available on folders even if disabled on root folder
DPS - Display roles whole description
DPS - Fix exception when server does not have internet access and Pwned check is required
DPS - Fix expiring entries report that would send too many emails past 100 notifications
DPS - Multi-Vault search shows results user does not have access to view
DPS - Office365 Sync task token can become invalid if scan takes too long
DPS Web - Add Host field in Password List entry table
DPS Web - Add tooltip for role and vault names in case they are too long for column
DPS Web - Documentation doesn't appear in Internet Explorer
DPS Web - Fix bringing user back to last used vault on login instead of default vault
DPS Web - Fix displaying Restore action in Connection History report
DPS Web - Fix launching a session with Pam credentials already checked out
DPS Web - Fix missing template group icon
DPS Web - Fix reloading of the documentation tab of entries when changing entry
DPS Web - Fix removing all users and roles from custom permissions
DPS Web - Fix SSH Port Forward always editing the first entry
DPS Web - Fix web with Internet Explorer
DPS Web - No log when only selecting entry in tree with Pam credentials
DPS Web - Remove error message when root set to never with non-admin user
Web - Add sorting on role names column when assigning roles to users
Web - Add tooltip to role description to be able to see it all when long description
Web - Can't delete a Checkout request Secure Message
Web - Cannot import entries in Private Vault
Web - Display administration logs in descending date order by default
Web - Fix Checkin and Checkout comment on open and close did not show
Web - Fix Dashboard link when your landing page is set to Vaults
Web - Fix disabled entry types still being shown in the list when creating entries
Web - Fix external fonts having to timeout with client that has no internet
Web - Fix switching Vault while in report section Open Connections and Password Analyzer
Web - Manage password Pwned feature exceptions when DPS has no access to the internet
Web - Manage password Pwned feature exceptions when DPS has no access to the internet
Web - Missing security option 'Create vault with restricted access by default'
Version 2019.1.20.0 (August 8, 2019)
DPS - Fix adding an attachment to certificate from RDM
DPS - Fix Auto-create user for Office365
DPS - Fix DWL folders API to support legacy Virtual Folders
DPS - Fix that you could no longer import into Private Vault without the import permission
DPS - Resolve variables in data returned for DWL entries API
DPS - Return root folder for DWL folders API request
Web - Fix Activity Log displaying Default instead of Private Vault for activities on private entries
Web - Fix All Vaults checkbox in Activity Logs page
Version 2019.1.19.0 (July 30, 2019)
DPS - Azure and AD cache group discovery exception when discovered group name is null
DPS - Cannot import in private vault when user does not have import permission
DPS - Exception when secure message has no data
DPS - Exception with text RTF editor in RDM
DPS - Validate user login type before applying auto-create user
Web - Activity logs displaying Default vault instead of Private Vault
Version 2019.1.18.0 (July 9, 2019)
DPS - Improve speed of import operation
DPS Security - Validate maximum attachment size on upload
Web - Fix not being able to use inherited credential in private entries
Version 2019.1.17.0 (July 2, 2019)
DPS - Optimize DB access by fetching all connection states once per Http request
DPS - Optimize server cache to keep entries indexed by Vault
DPS - Fix invalid Duo code when using automatic user creation
Web - Fix import not defaulting to currently selected folder
Version 2019.1.16.0 (June 20, 2019)
DPS - Improve loading time of entry tree in web site
Version 2019.1.15.0 (June 17, 2019)
DPS - Fix being unable to login if Duo is the default required two-factor and it is not configured for user
DPS - Fix Radius authentication not working for a new user account
Version 2019.1.14.0 (June 3, 2019)
DPS - Fix assign role not working in vault management
DPS - Fix copy to clipboard not available in private vault
DPS - Fix issue with importing in private vault
Web - Fix missing Add Folder icon in favorites
Web - Remove checkout button from entries in private vault
Version 2019.1.13.0 (May 31, 2019)
DPS - Fixed an issue with the web token
Version 2019.1.12.0 (May 28, 2019)
DPS - Change default value for Edit Permission security right to be false
DPS - Default Checkout Mode for root must be Optional
DPS - Fix Duo error from RDM when sending SMS
DPS - Fix possible SQL injection with network discovery endpoint
Version 2019.1.11.0 (May 22, 2019)
DPS - User must have execution permission on an entry for it to be usable by DWL
DPS - Properly resolve user vault access for Launcher
DPS Console - Unable to generate QRCode for Google Authentication
Web - Fix being unable to generate new entry from template for sessions
Version 2019.1.10.0 (May 8, 2019)
DPS - Added Display Name to valid email format
DPS - Option to set DN container for Active Directory query
DPS - Set base DN for Active Directory authentication
Web - Add automatic check-in setting
Web - Add support for VMWare type entries
DPS - Appropriately resolve import parent folder
DPS - Capture SQL error messages so that they do not reach user web page
DPS - Fix bug when role has same name as a user
DPS - Fix Enable WebBrowser Extension for DataEntryWeb
DPS - Fix how root permissions are resolved with default DataSourceSettings
Web - Add expiration time for passwords in ClipBoard
Web - Can't see complete username of user in user list
Web - Create Vault permission is not respected
Web - default Check-out Mode of Vault Root setting is now Optional
Web - Fix user being disconnected when trying to use an entry for which he doesn't have access
Web - Fixed issue with not being able to save from template
Web - Import is in the choices at the creation of a template
Web - When adding new Private Vault entries some security options should not be visible
Version 2019.1.9.0 (April 19, 2019)
DPS Console - New Option in Manage database to set Pool Size
Web - New PAM feature can be enabled- in Preview
Web - New search tools in Navigation with multi vault search options
Web - Recent used entries is now in Search
Web Admin - new Applications management for CLI access
Web Admin - New value DNS Name in Server Settings
DPS Console - Scheduler service is now optional when installing DPS
Web - Added Console setting in Web interface: Email
DPS - Using * in documentation search puts user Offline
Web - Assign User on Vault Fix
Web - Fix QRCode generation link for Google Auth
Web - Mouse over Since date shows actual date in tooltip (Report)
Web - Root is selectable when adding Private Connection to Secure Message
Version 2019.1.8.0 (April 16, 2019)
DPS - Add Multi-Vault Search support
DPS - Submit a support ticket when error occurs
DPS Console - Allow upgrade with Windows Server Core
DPS - Add Activity Logs to diagnostic Zip
DPS - Add Custom Fields support for Web Browser entry
DPS - Add encryption key backup step after installing DPS
DPS - Add IIS HTTP headers to diagnostics
DPS - Add Password Server Settings to Server Diagnostics
DPS - Automatic checkin when closing Launcher
DPS - Better logs for Access Denied errors
DPS - Datasource information in downloadable diagnostics
DPS - Email message content with link when user receives a secure message
DPS - Prompt for key backup when regenerating server keys
DPS - Support nested groups for Active Directory and Azure cache
DPS Console - Add IIS HTTP_HEADERS in diagnostics
DPS Console - Database Update / Creation possible on existing database
DPS Console - Remove every setting accessible in web
Web - Button in user profile to submit support ticket
Web - Change location of Vault selection drop-down
Web - Cross browser support for Copy to clipboard
Web - Mouse over Since date shows actual date in tooltip
Web - Remove the privileges in the data source settings when Legacy security is not active
Web - Remove the tab permissions in Roles when Legacy security is not active
DPS - Duo enrollment issue
DPS - Entries opened with Launcher not showing in Opened Connections
DPS - Execute permission not respected when given through a role
DPS - Fill email when auto-creating Office365 users
DPS - Fill first name and last name when auto-creating Office365 users
DPS - Fix bad email settings giving stack overflow
DPS - Fix Edition label when creating new DPS instance
DPS - Fix only administrator can upload a private key
DPS - Fix security when Legacy Security is off
DPS - Fix SQL date conversion
DPS - Ignore case when verifying Netbios name
DPS - Yubikey API must use TLS 1.2
Web - Add missing DataSource setting Force Default Template
Web - Autofocus on 2FA validation fields
Web - Block assignments of users to AD and Office365 roles
Web - Collapse all does not work properly on Select Credentials
Web - Credential Repository and Private Vault credentials show where allowed
Web - Entry log add Duration
Web - Entry log missing active time / duration
Web - Role description not appearing
Web - Roles not in alphabetical order
Web - Unlocking a locked user gives error message
Web - User list not in alphabetical order
Web - Users Locked list does not sort columns