Release notes

Version 2025.1.4.0 (March 19, 2025)

  • If you are using a client (RDM, PowerShell, etc.), version 2025.1 is required for this DVLS version

  • Core - Fixed a potential disconnection issue when using an external login provider

  • Core - Fixed an error when favorites contained entries the user no longer had access to

  • Core - Fixed an issue where scheduled backups did not work on shared paths

  • PAM - Fixed an issue where notification subscriptions were not working with PAM vaults and checkouts

Version 2025.1.3.0 (March 12, 2025)

  • If you are using a client (RDM, PowerShell, etc.), version 2025.1 is required for this DVLS version

  • Core - Added support for portable license feature

  • Core - Added support for ServiceNow as a ticketing service

  • Core - Added support of 'Custom + Inherited' as permission configuration

  • Gateway - Added a way to clean up recordings on Devolutions Gateway

  • Gateway - Added centralized update management

  • PAM - Added a new JIT provisioning account type that allows creating a user in your AD domain for the duration of the checkout time

  • Changed license validation URL from https://api.devolutions.com to https://quoting.devolutions.com. Make sure your network allows access to this URL

  • Core - Added additional duration options for Devolutions Send message

  • Core - Added pwned information to the report

  • Core - Added recording server settings to DVLS

  • Core - Added search functionality in the system vault

  • Core - Added support for push notification to RDM devices (Android)

  • Core - Added support for temporary access on folders

  • Core - Business users can now open sessions

  • Core - Improved the "Launch Session" button

  • Core - My privileged account and My personal credentials are now saved server-side

  • Core - Notifications are now sent upon entry expiration

  • Core - The Entry security analyzer report has been improved to include password complexity compliance

  • Core - The Utilities menu is no longer hidden for business users

  • Core - User vaults can now be disabled by user

  • Gateway - Active session recording can now be read (session shadowing)

  • Gateway - Added support of dynamic connections (Quick Connect, host entries)

  • Gateway - Health check interval is now set to 5 minutes by default

  • Gateway - Storage information is now available for managing recordings

  • PAM - Added a filter to the Active Directory scan to exclude disabled accounts

  • PAM - Import all Windows local administrators instead of only the default administrator

  • PAM - Permissions can now be applied to folders

  • REST Api - Passwords in sessions can now be retrieved

  • Web - Documentation and attachments can't be modified if entry is checked out

  • Web - Sessions are now launched in the same browser tab

  • Core - Fixed a security issue in in-app Secure Messages where network requests were not properly verifying authorization

  • Core - Added logging for sealing/unsealing in entry history

  • Core - Disabled users are now shown as disabled in secure messages

  • Core - Fixed a paging issue on the Gateways page

  • Core - Fixed a performance issue with the Data Source Log report

  • Core - Fixed an error when connecting with SSO in RDM

  • Core - Fixed an issue in the Activity Logs report where the user filter and user column did not match

  • Core - Fixed an issue where the "User already exists" error was no longer displayed when importing Entra ID users

  • Core - Fixed an issue where the JIRA ticketing service was no longer working properly

  • Core - Fixed an issue where users could not be added to an AD Console entry through the web

  • Core - Fixed an issue where users could see the User Vault in the Entry Security Analyzer

  • Core - Fixed an issue where Website entry templates were not visible to business user profiles

  • Core - Fixed the default application access value when importing multiple user groups

  • PAM - Fixed an issue where containers could not be selected during an AD scan

  • PAM - Fixed an issue where PAM account notification subscriptions were no longer working

  • PAM - Fixed an issue where some accounts were displayed as out of sync after a scheduled password reset

  • PAM - Fixed an issue where the PAM Password Rotation Report would crash when using a date filter

  • PAM - Fixed the test connection on PAM providers when using a linked account

  • PAM - Just-In-Time (JIT) groups requested at checkout are now logged

  • Web - Added a color code to the security score

  • Web - Several UI fixes

Version 2024.3.14.0 (March 26, 2025)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • CVE-2025-2277Core - Fixed an exposure of passwords in the web-based SSH authentication component

  • CVE-2025-2278Core - Fixed improper access control in Temporary Access Requests and Checkout Requests endpoints

Version 2024.3.13.0 (March 4, 2025)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - We've updated our integration with your Entra ID environment to align with Microsoft Entra's latest security policies. As part of this update, client secrets with an expiration period longer than two years are now deprecated. Please review and update your current configuration by following the instructions in the following link: https://docs.devolutions.net/server/kb/how-to-articles/azure-portal-configuration-guide-microsoft-authentication

  • CVE-2025-2003PAM - Fixed an issue where the "Add in Root" permission was not respected in PAM vaults

  • Core - Fixed an error that could occur when exporting login history

  • Core - Fixed an issue where the folder structure could disappear when adding or editing entries/folders in RDM

Version 2024.3.12.0 (February 20, 2025)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Added the OTP section for business users

  • Core - Fixed a double MFA prompt issue when connecting through RDMW with "Always Ask for Username" enabled

  • Core - Fixed a duplicate key error in the login history

  • Core - Fixed a null reference exception when a subscription could not find the user or user group

  • Core - Fixed an intermittent issue when logging in with MFA

  • Core - Fixed an issue where the Entry Security Analyzer displayed incorrect dates

  • PAM - Fixed an error when assigning a checkout review

  • PAM - Fixed an error when resetting an Oracle account password

  • PAM - Fixed an error where scanning was not working with AnyIdentity provider

  • PAM - Fixed an issue where subscriptions to PAM accounts were no longer working

  • PAM - Fixed an issue where users could not see PAM entry logs

Version 2024.3.11.0 (January 16, 2025)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • CVE-2025-1231PAM - Fixed an issue where Oracle user passwords were not reset after check-in

  • Core - Fixed an issue where custom permissions were lost after being edited from the Workspace

  • Core - Fixed an issue where scheduled backups would not start if more than one scheduler was installed on the same database

  • Core - Fixed an issue where search functionality did not work in the 'Auto Create on First Login' group selection

  • Core - Fixed an issue where the "Assign Users to Group" window would break after canceling

  • PAM - Fixed an error where revoking rights on a deleted account generated excessive logs

  • PAM - Fixed an issue where some scheduled password resets were not working

  • PAM - Fixed an issue where some users were unavailable when granting temporary access to an entry

Version 2024.3.10.0 (December 18, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Fixed an issue where logging in was unavailable for a short amount of time after restarting the server

  • Core - Fixed an issue where the right-click menu was cut off if the entry was at the bottom of the screen

  • Core - Fixed an issue where the token was not refreshed when using external providers

Version 2024.3.9.0 (November 27, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • CVE-2024-12149Core - Fixed an issue with incorrect permission assignments in the user migration feature

  • Core - Fixed an issue where domain strategies were displayed as blank

  • Core - Fixed an issue where the "View Password" permission was required to execute an entry

  • Core - Fixed an issue where the PWN check was performed on an empty password field

  • PAM - Fixed a timeout issue when loading a PAM vault in RDM

  • PAM - Fixed an issue where the permission entry overview always displayed Never when set to Custom + Inherited

Version 2024.3.8.0 (November 13, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Expired messages are now removed automatically upon expiration

  • Core - Improved performance when switching vaults in RDM

  • PAM - The domain provider now supports custom LDAP ports

  • Core - Fixed an issue where Macro/Script/Tool entry types could not be added to the System vault via RDM

  • Core - Fixed an issue where notifications would not be sent when targeting subfolders using the event filter

  • Core - Fixed an issue where the permissions 'Entry History' and 'View Sensitive Information' were not displayed in the grant access settings

  • PAM - Fixed an issue where the "Request Temporary Access" window was not displaying

Version 2024.3.7.0 (November 4, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • CVE-2024-10971Core - Fixed an issue where the current password for an entry could be viewed through the password history

  • CVE-2024-12148Core - Fixed an issue where some reports could be viewed without the required permissions

  • Core - Fixed an error that occurred when using an AnyIdentity with a gateway while the user had no gateway license

  • Core - Fixed an issue when renaming an entry from the context menu in the Vault tree

  • Core - Fixed an issue where multiple errors were shown in the log when connecting with a domain

  • Core - Fixed an issue with the User Vault after a SQL migration

  • PAM - Fixed an issue when moving a PAM folder to another vault

  • PAM - Fixed an issue when saving password templates in the PAM vault

  • PAM - Fixed an issue where the OTP was not displayed on the PAM entry overview

Version 2024.3.6.0 (October 16, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Added "pwned" information to the Entry Security Analyzer report

  • Core - Added logging when a recording is viewed or downloaded

  • Core - Added support for search functionality in the system vault

  • PAM - Added the 'Entry History' permission for PAM entries and vaults

  • CVE-2025-2280Core - Fixed an issue where users could bypass the browser extension restriction

  • PAM - Fixed an issue where a user could see all accounts in a PAM vault even without the view permission

  • Core - Fixed an issue where users couldn't create new entries after a database restore

  • Core - Fixed an issue with license import when the user had no internet connection and the "Enable Internet Access" feature was enabled

  • Core - Fixed the default authentication behavior for external providers, restoring the previous behavior

  • PAM - Fixed an issue when editing the password template of a PAM vault root

  • PAM - Fixed an issue where the rotation schedule was not displayed in the Password Rotation Report

Version 2024.3.4.0 (October 7, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Added an option to enable or disable Workspace offline mode in user settings

  • Core - Added custom time, view limit, and the ability for recipients to delete messages in the Devo Send feature

  • Core - Enhanced migration process to prevent sending excessive notifications

  • Core - Moved the "Save As" button in Secure Message for easier use and better visibility

  • PAM - Added custom fields to PAM entries

  • PAM - Added status for PAM entries

  • PAM - Added support for PAM vaults in multiple reports

  • Core - Fixed an error in the report when selecting too many parameters

  • Core - Fixed an error that could occur when editing a vault

  • Core - Fixed an issue where a double 2FA prompt could appear after logging off and logging back in

  • Core - Fixed an issue where notification preferences could be lost after updating a user

  • Core - Fixed an issue where removing administrator rights from a user would still leave all vaults assigned to them

  • PAM - Fixed a potential timeout issue when loading a PAM vault in RDM

  • PAM - Fixed an issue where a session could not be opened in the web interface using a PAM account with temporary access

  • PAM - Fixed an issue where the checkout dialog wouldn't close, leading to confusion about whether the checkout was completed

Version 2024.3.3.0 (September 27, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Migrated Winbox Mikrotik entries to align with RDM and prevent breaking the entry when editing in DVLS

  • Core - The API documentation is now visible to all users and no longer restricted to admins

  • PAM - Added support for custom fields

  • PAM - Added the temporary access option to PAM connections

  • PAM - Enabled unmanaged accounts to use JIT elevation

  • Core - Fixed an issue that prevented setting permissions to "Custom" when creating an entry

  • Core - Fixed an issue where backups would fail if the path contained a space at the beginning

  • Core - Fixed an issue where sending a message to multiple users would only send to the first one

  • Core - Fixed an issue where the user-specific settings' password was not resolved when executing an entry

  • Core - Fixed an issue with Azure authentication where the token could not be retrieved in some cases

  • Core - Fixed an issue with the Devo send feature that was broken

  • Core - Fixed the LDAPGetGroupsByUser function to return groups from the parent domain

Version 2024.3.2.0 (September 23, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.3 is required for this DVLS version

  • Core - Added a feature to restrict license auto assignation to specific user groups

  • Core - Allow users to specify permissions requested in temporary access request

  • Core - Web sessions can now be recorded in the browser

  • PAM - Added automatic check-in for PAM accounts

  • PAM - Migrated the PAM permission model to align with the shared vault permissions

  • PAM - The Active Directory (AD) provider can now manage local accounts on domain machines

  • Core - The legacy recording server is no longer supported

  • Core - Added an action available on an entry to easily share that entry

  • Core - Added duplicate for documents stored in database

  • Core - Added expiration time configuration when sending via Devolutions Send

  • Core - Added new 'high-priority' feature in messaging

  • Core - Devo-Send can now be used with Devolutions Server Free edition

  • Core - Export entry tags in 'Entry security analyzer' report

  • Core - Groups can be synchronized with their identity provider

  • Core - Improved offboarding of users by allowing conversion of user vault to a shared vault and unassigning licenses when deleting a user

  • Core - It is now possible to regenerate an application's secret

  • Core - Kestrel installation runs scheduler tasks

  • Core - The Entry Security Analyzer report no longer loads all vaults by default, improving initial load time

  • Core - User groups not found during provider group synchronization now appear as a warning log instead of an error

  • Core - Users and groups can be configured to be synchronized on a regular basis

  • PAM - Improved AnyIdentity provider to be able to use Devolutions Gateway

  • PAM - Just-In-Time (JIT) requested groups now appear in the logs when a request is made during checkout

  • PAM - Support for additional entry types added to PAM usage policy

  • Core - Fixed a performance issue with Active Directory (AD) console

  • Core - Fixed an issue where a document stored in the database could not be duplicated

  • Core - Fixed an issue where a user with a password ending in a space was not functional

  • Core - Fixed an issue where quick connect didn't create logs

  • Core - Fixed an issue with viewing template groups correctly

  • Gateway - Vault's custom variables are now resolved for entries configured with a Devolutions Gateway

  • PAM - Allow application identities to utilize PAM through PowerShell module

  • PAM - Fixed an issue where a user could approve their own check-out even if they didn't have the rights

  • PAM - Fixed an issue where the "Run As" password was erased when editing the provider

  • Web - Several UI fixes

Version 2024.2.13.0 (October 22, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Fixed a issue that prevented the Gateway from functioning

  • Core - Fixed an issue in the "Add" window where some connection types were duplicated

  • Core - Fixed an issue where backups would fail if there was a space at the beginning of the folder path

  • Core - Fixed an issue where removing administrator rights from a user would leave all vaults selected

  • Core - Fixed an issue where sending a secure message to multiple recipients would only send to the first one

Version 2024.2.12.0 (September 26, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - The Entry Security Analyzer report no longer loads all vaults by default, improving initial load time

  • PAM - Enhanced logs to provide more detailed information when a password policy mismatch occurs

  • CVE-2024-6512 PAM - Fixed an issue where users could approve their own requests even when the option was disabled

  • PAM - Fixed an issue where expired checkouts were still accessible when the scheduler was down

  • Core - Fixed an issue that was preventing Devo Send from being used

  • Core - Fixed an issue where custom variables were not resolved for entries configured with a Gateway

  • Core - Fixed an issue where the Reset-DSPamPassword command was not working with the PowerShell module

Version 2024.2.10.0 (August 20, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Allowed spaces in user passwords

  • Core - Fixed an error when exporting a vault in RDM

  • Core - Fixed an issue where IsPrivate = true always had to be specified when adding an entry to the user vault via PowerShell

  • Core - Fixed an issue where starting a session with Quick Connect wasn't generating logs

  • Core- Fixed an error when logging in with conditional access policies

  • PAM - Prevented the creation of folders with identical names at the same level, which was previously causing an error

Version 2024.2.9.0 (July 25, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Fixed an issue where backup codes 2FA were always failing

  • Core - Fixed an issue where LDAP authentication was failing with alternate domain suffix and non-ssl

  • Core - Fixed an issue where password template had wrong information

  • Core - Fixed an issue where session recording settings were not the right one when entry was created from a template

  • Core - Fixed an issue where view password permission was needed to launch a session

  • Core - Fixed an option where PingOne option was available even if PingOne authentication was disabled

  • Core - Fixed Password rotation report to apply filter on last rotation instead of creation date

  • PAM - Fixed an issue where PAM checkout requests were not prompted when launching sessions

  • PAM - Fixed an issue where password can't be shared with Devolutions Send

  • PAM - Fixed an issue where propagation settings were not saved when adding PAM account manually

  • PAM - Fixed an issue where SQL accounts reset password were failing

Version 2024.2.8.0 (July 15, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Significantly improved the performance of the Active Directory Console in the web client

  • Core - Fixed an issue where backup subscription notifications were not sent

  • Core - Fixed an issue where login history was generating error messages

  • Core - Fixed an issue where SSO login was not working with MFA

  • Core - UI fixes

  • PAM - Fixed an issue where PAM accounts remained out of sync after password reset on check-in

  • PAM - Fixed an issue where the Search Mode button was broken in Azure scan configuration

Version 2024.2.6.0 (June 27, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Display the application identity name instead of the application ID in logs and place where we want to identify the application

  • Core - Fixed an issue where editing a permission set was failing

  • Core - Fixed an issue where the wrong logo was displayed in the side panel

  • Core - Fixed an issue where using DUO as 2FA was not possible because the user interface didn't let you enter your code

Version 2024.2.5.0 (June 25, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - Support delete of multiple entries

  • Core - Added a log when a user updates the system settings

  • Core - Fixed an issue where Devolutions Gateway farms were not considered in Devolutions Gateway permission report

  • Core - Fixed an issue where entry could not be moved to another vault

  • Core - Fixed an issue where RDM didn't load security change after vault owner changes

  • Gateway - Fixed an issue where alternate host could not be used without port configured

  • Gateway - Fixed issue where it was not possible to watch recording in the web interface

  • PAM - Fixed an issue where PAM vault could not be accessed if checkout policy was deleted

  • Web - Several UI fixes

Version 2024.2.3.0 (June 17, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.2 is required for this DVLS version

  • Core - 5 new security reports: Administrators, System permissions, Devolutions Gateway permissions, Connection permissions and Vault permissions

  • Core - Added a Devolutions Gateway free license valid for 5 users

  • Core - Added sealed entry feature

  • Core - Added vault content type feature

  • Core - Licenses can now be refreshed to reflect changes

  • Core - PAM license is now assigned to users

  • Core - Support RDM connection to DVLS with Azure Proxy

  • Core - Devolutions Gateway licenses are now by user. A free license valid up to 5 users is now included

  • CVE-2024-4846 Core - Fixed an issue where a user could be authenticated without being asked for the 2FA via another browser tab

  • Core - Actions suggested in security dashboard can now be ignored

  • Core - Added a way to specify icons for light background or dark background

  • Core - Added an action "Select in tree" to focus on an entry when the tree is filtered

  • Core - Added an option to search in all vaults if nothing is found in the current tree

  • Core - Added recording tab on entries to be able to list all recordings

  • Core - Added rule based on user tags in conditional access

  • Core - Added secure message subject in the email sent to user

  • Core - Added support of Door Code entry

  • Core - Allow maximum file size to reach 100 Mb

  • Core - Improved security reports

  • Core - Improved significantly ARD performance

  • PAM - Added a display name on a Just In Time (JIT) elevation group

  • PAM - Improved Just In Time (JIT) elevation to allow the user to set only a subset of groups available on an account during the checkout

  • PAM - Password rotation is now possible in infrastructure vault

  • PAM - Support linked credentials on AnyIdentity provider

  • Rest API - New endpoints to list, create and delete credential entries

  • Web - Allow to change the side panel width

  • Core - Fixed an issue where logs from System Vault were not added in reports

  • Core - Fixed issue where vaults could not be selected as landing page

  • Core - Fixed performance issue with LDAP GetGroupByUser

  • Core - Fixed performance issue with PAM

  • Core - Removed useless logs to avoid too much logs

  • Core - Wait a few seconds to get connection with Database when the server starts in case SQL Server is starting as well

  • Web - Several UI fixes

Version 2024.1.15.0 (June 25, 2024)

  • CVE-2024-4846 Core - Fixed an issue where a user could be authenticated without being asked for the 2FA via another browser tab

  • Core - Fixed an issue where linked account cause problem in RDM

  • Core - Fixed an issue where user synchronisation was failing

Version 2024.1.14.0 (May 16, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Fixed an issue affecting user cleanup for Okta users

  • Core - Fixed an issue where new password templates were saved with incorrect default values

  • Core - Fixed an issue where some subscriptions were being lost

Version 2024.1.13.0 (May 2, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Fixed an issue where modifying an entry via the PowerShell module did not generate a log

  • Core - Fixed an issue where the domain controller name could not be explicitly entered in the Domain Authentication configuration

  • PAM - Fixed an issue preventing non-administrators from deleting accounts

  • PAM - Fixed an issue preventing the deletion of a PAM vault

  • PAM - Fixed an issue preventing the setting of a custom 'Max checkout time' in vault checkout settings

  • PAM - Fixed an issue where account heartbeats from AnyIdentity were not functioning

Version 2024.1.12.0 (April 23, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • DEVO-2024-0007Core - Fixed a potential vulnerability related to LDAP injection

  • Core - Fixed a connection issue with Devolutions Gateway when using LDAP

  • Core - Fixed a security issue allowing users to see alarm and door codes while editing an entry without the proper view password rights

  • Core - Fixed an issue where an incorrect error message was displayed when credentials were set to prompt on connection

  • Core - Fixed an issue where synchronizer previews were not functioning with LDAPS

  • Core - Fixed an issue with synchronizer when set on My domain setting

  • PAM - Fixed an issue where referrals to unreachable child domains break password reset and validation

Version 2024.1.11.0 (April 9, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Improved error handling for lost connections during web Active Directory use

  • Core - Microsoft cache is disabled when Microsoft authentication is turned off

  • DEVO-2024-0006 Core - Fixed a security issue where JIT requested group names could be forged in checkout requests

  • Core - Fixed a search functionality issue allowing PAM entries to be searched without administrator privileges

  • Core - Fixed an issue preventing the use of 'Prompt on connection' in the web client

  • Core - Fixed an issue where users weren't being saved in scheduled reports

  • Core - Fixed the incorrect rotation schedule time displayed in exported Password rotation reports

  • PAM - Resolved an issue where the password wasn't consistently updated in the checkout dialog after being reset during check-in

Version 2024.1.10.0 (April 3, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - AD synchronizer can now launch using credentials inherited

  • Core - Fixed a connection issue involving AD accounts and LDAP UserValidity

  • Core - Fixed a connection issue with RDM using the free version

  • Core - Fixed an issue causing an Unauthorized error when attempting to connect to RDM

  • Core - Fixed an issue where the success backup notification stopped working

Version 2024.1.9.0 (March 28, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Added door code entry feature

  • Core - Added user validity check to the domain diagnostic tools

  • Core - Migrated old free licenses to new ones and enabled switching to a free license by removing the existing license

  • Core - Fixed a bug where non-configured domains were not displayed in the source list during Authentication migration

  • Core - Fixed an issue preventing the editing of vault security levels

  • Core - Fixed an issue where vaults available for access requests were not visible

  • Core - Resolved a "bad request" error occurring when attempting to connect to RDM with multiple authentication windows open

  • PAM - Fixed an issue preventing the saving of unmanaged account passwords

Version 2024.1.8.0 (March 26, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • PAM - Improved logging for AD user synchronization failures

  • PAM - Fixed an issue where users could see accounts without the proper permissions

  • DEVO-2024-0005 PAM - Fixed a JIT feature issue allowing requests for unauthorized groups

  • Core - Corrected an issue where the scheduler version wasn't updating on the dashboard

  • Core - Fixed a connection error when using Netbios name with AD accounts

  • Core - Resolved a bug preventing password management accounts from saving template groups

  • PAM - Corrected a bug allowing checkout times beyond the maximum limit

  • PAM - Fixed a bug preventing PAM readers from launching sessions

  • UI fixes

Version 2024.1.6.0 (March 18, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Added an option to display 100 items per page

  • Core - Added grid size option to the 'Assigned To' section of a License

  • Core - Removed the possibility to remove all authentication methods, which previously caused users to be unable to connect

  • PAM - Added more detailed errors for when resetting a Domain user fails

  • Core - Fixed an issue where Domain configuration was wiped out in some cases

  • Core - Fixed an issue where gateways weren't shown when indexing recordings

  • Core - Fixed an issue where the folder type and override name were not retained when adding an entry from a template

  • Core - Fixed an issue where the vault owner assignment page was not displayed

  • Core - Fixed an issue where users' 2FA was still active after being disabled

  • Core - Fixed an issue where using AD Domain Provider with LDAP's GetGroupsByUser function caused errors

  • PAM - Checkout button now shown in red when checked out by another user

  • PAM - Fixed an issue where an approver was unable to approve a request when the time was set to custom mode

  • PAM - Fixed an issue where updating PAM account attributes was impossible when the provider was unreachable

Version 2024.1.4.0 (March 5, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2024.1 is required for this DVLS version

  • Core - Active Directory web console is now supported

  • Core - Added PingOne identity provider as authentication

  • Core - Added support for sending passwords through in-app messaging or Devolutions Send

  • Core - Administrators can now configured which notifications they want to receive by email

  • Core - Domain authentication can now use Devolutions Gateway

  • Core - DVLS can now be used without license (Free version up to 10 users)

  • Core - Improved our LDAP stack for Active Directory authentication

  • PAM - Account used to access Devolutions Server Database are now saved in an internal vault

  • PAM - Provider's password can now be managed and rotated

  • Rest API - 3 endpoints are now available to get secret/credential value. API documentation is also available from the UI

  • Scheduler - Support high availability

  • Core - Upgraded application from .NET 6 to .NET 8

  • PAM - Migrate PAM account to be able to support documentations and attachments

  • Core - Authentication with Azure/Okta can be configured to validate the token on a regular basis. Client changes required

  • Core - Added a way to know if a user has a user vault or not and warn the user when it is deleted

  • Core - Added vaults and user groups columns in users report

  • Core - Added vaults and user groups in user reports

  • Core - Password list can now shows more password in the page

  • Core - Prevent users to remove all MFA supported if MFA is required to login

  • Gateway - Support multiple domains to reach the right KDC server

  • PAM - Documentations and attachments are now possible on PAM account

  • PAM - Support favorite vault with PAM vaults

  • Web - Improved the web interface and show all vaults in the side menu

  • Web - Support for hardware-accelerated cursors and Kerberos with RDP web client

  • Core - Fixed an issue where notifications could be accessed without permission

  • DEVO-2024-0002 PAM - Fixed an issue where PAM Azure account is not removed from groups after JIT elevation

  • Core - Fixed an issue where log cleanup could failed with SQL timeout if too much data had to be deleted

  • Core - Fixed an issue where serialization error was raised during vault import from .rdx file

  • Core - Fixed an issue where user was logged in automatically after a force logout by the application

  • Core - Fixed SSO login with Workspace Browser Extension

  • PAM - Fixed an issue where PAM account attributes could not be updated if provider was unreachable

  • Web - Several UI fixes

Version 2023.3.18.0 (May 23, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2023.3 is required for this DVLS version

  • DEVO-2024-0007Core - Fixed a potential vulnerability related to LDAP injection

Version 2023.3.17.0 (April 17, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2023.3 is required for this DVLS version

  • DEVO-2024-0005 PAM - Fixed a JIT feature issue allowing requests for unauthorized groups

  • DEVO-2024-0006 Core - Fixed a security issue where JIT requested group names could be forged in checkout requests

Version 2023.3.16.0 (March 8, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2023.3 is required for this DVLS version

  • DEVO-2024-0002 PAM - Fixed an issue where PAM Azure account is not removed from groups after JIT elevation

  • Core - Fixed an issue where documentation entry could not be created

  • Core - Fixed an issue where SAP Fronend Server Entry (AddOn) could not be displayed

Version 2023.3.14.0 (February 7, 2024)

  • If you are using a client (RDM, PowerShell, etc.), version 2023.3 is required for this DVLS version

  • Core - Added logs to investigate issues with PublicWebInstanceInformation endpoint

  • Core - Fixed an issue where login SSO failed with Workspace Web Extension

  • Core - Fixed an issue where scheduled reports were empty

  • PAM - Fixed an issue where marking an account as read gave an error

  • PAM - Fixed an issue where rights were not resolved correctly

  • PAM - Fixed an issue where standalone credential password was viewable without checkout

  • Web - Several UI fixes

Version 2023.3.13.0 (December 19, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Gateways - Now supports multiple KDC servers

  • Core - Fixed an issue where launching sessions through the web client was not working

  • Core - Fixed an issue where non-admin users were unable to search in PAM vaults

Version 2023.3.12.0 (December 13, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Can now retrieve passwords from PAM Account entries on Public API

  • Core - Fixed an error that occurred when attempting to retrieve groups by user with Active Directory

  • Core - Fixed an issue with OTP (One-Time Password) on the Workspace web browser

  • PAM - Fixed an issue where PAM Oracle accounts couldn't be added or edited

  • PAM - Fixed an issue where scheduled PAM account password resets were not respecting time settings

Version 2023.3.10.0 (November 29, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Added support for Active Directory and Microsoft Hyper-V dashboard entries

  • Core - Added support for different URL paths for the authentication page

  • Core - Added support for hardware-accelerated cursors and Kerberos on RDP web client

  • Core - Improved user experience by remembering the last login type and automatically selecting the last authentication type

  • Core - Fixed a performance issue occurring with a high number of users and user groups

  • Core - Fixed an issue when renaming a folder on the contextual menu

  • Core - Fixed an issue where the Workspace browser extension was consistently pwned checking even when the feature was disabled

  • Core - Fixed several issues related to licenses

  • Gateway - Fixed an issue where the recording date was inaccurately set to the re-indexing date

Version 2023.3.8.0 (November 21, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Added clipboard support on RDP web client

  • Core - Added support for CredSSP in Windows PAM Provider

  • Core - Rebrand Devolutions web login to Workspace browser extension

  • CVE-2023-6264 Core - Fixed an issue where gateways list was leaked in Content-Security-Policy header

  • Core - Fixed an error occurring when attempting to import AD users with PAM account discovery that contain accents in the username

  • Core - Fixed an issue where Yubikey MFA was not functioning

Version 2023.3.7.0 (November 13, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Fixed a performance issue related to TOR validation

  • Core - Fixed an error that occurred when attempting to use Yubikey with Duo

  • Core - Fixed an issue where certain licenses were displayed as expired

  • Gateway - Fixed an error occurring when attempting to ping

  • Pam - Fixed an issue where connection failed for the AD provider when the username included the domain name

Version 2023.3.6.0 (November 7, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Added a filter for subscriptions by tags

  • Core - Added language support for redirection links

  • PAM - Added HTTPS support for the Windows provider

  • Core - Fixed a serialization error

  • Core - Fixed an error that occurred when selecting VPN entries

  • Core - Fixed an issue duplicate server routes that were causing an SSO Login Error on the web

  • Core - Fixed an issue where the trial license was always displayed as free

  • Web - Several UI fixes

Version 2023.3.5.0 (November 3, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Fixed an issue where a lot of exceptions were logged in data source logs

  • Core - Fixed an issue where Workspace users were not able to get user vault entries

  • Web - Several UI fixes

Version 2023.3.4.0 (November 1, 2023)

  • If you are using RDM as the client, RDM 2023.3 is required for this DVLS version

  • Core - Advanced search can now specify the operation between filters

  • Core - Dashboard can show card only if data is present

  • Core - Include archived data in reports

  • Core - New user settings to show/hide specific entries (archived, disabled, expired) in the tree

  • Core - Push notifications to Workspace can be enabled/disabled

  • Core - Support new license format

  • Core - Support of tags on users

  • Core - Support Windows Authentication through the web interface

  • Core - Temporary access can now be requested on credentials

  • Core - User behavior analytics is available on the system dashboard

  • Core - User interface profile can now be used to simplify the web interface

  • Core - Users can be synchronized with their identity provider

  • PAM - Allow user to send checkout requests to all approvers

  • PAM - Checkout request can be assigned to a user to help in the approval process

  • PAM - Just In Time (JIT) elevation for provider Azure AD

  • PAM - Propagation can now be configured on every level: vaults, folders, and entries

  • PAM - Support of PAM Active Directory provider through Devolutions Gateway

  • Web - SSH and Telnet sessions can now be launched through Web Client (via Devolutions Gateway)

  • Web - System vault can be edited in the web interface

  • Core - Removed support of legacy security

  • Core - 'Force token public IP validation' setting is now false by default

  • Core - An email is sent to the administrator when the scheduler is down

  • Core - By default, on new installation, log cleanup is configured

  • Core - Default value to enable DWL for Website entry is now available

  • Core - Security dashboard shows if offline is available on vaults

  • Core - Support new entries in the web interface: firearm, insurance number and access code

  • Core - Use X-Forwarded-For configuration is disabled by default in the new installation

  • Core - Workspace can be configured by scanning a QR code available in the web interface

  • Core- Added an icon to the Expired Entry List to show that a password is re-used

  • Gateway - Added the Gateway ID in the web interface

  • PAM - Improve PAM usage policies to support more context where PAM accounts can be used

  • PAM - PAM section is now always visible even without a license

  • Core - Fix slowness issues when temporary access was enabled

  • Core - Fixed an issue when the list of forbidden passwords disappeared when too large

  • Core - Fixed an issue where Okta users could not be created on first login

  • Core - Fixed an issue where scheduled reports were not adjusted by daylight saving time

  • Core - Fixed an issue with the notifications which creates a lot of log

  • Core - Fixed an issued with variables that were not well resolved in the vault

  • Gateway - Fixed an issue with Gateway Health to improve performance

  • PAM - Fixed a performance issue when requesting a PAM vault request

  • PAM - Fixed an error when Domain Controller was not specified in the AD provider

  • PAM - Fixed an issue that prevented manual check-in when a checkout had timed out

  • Web - Several UI fixes

Version 2023.2.11.0 (November 9, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • CVE-2023-5358 Core - Fixed an issue that allows users to retrieve logs from vaults or entries they are not allowed to access

Version 2023.2.10.0 (October 24, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • PAM - Fixed an issue that prevented manual check-in when a checkout had timed out

  • Web - Several UI fixes

Version 2023.2.9.0 (October 3, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • PAM - Fixed vulnerability issue with the PAM propagation script

  • Core - Fixed an issue where the Disconnection Data Source settings were not saved properly

  • Core - Importing google password doesn't create a legacy website anymore

Version 2023.2.8.0 (September 20, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - User notifications can now be sent based on user type

  • Core - Fixed an issue where all sessions were returned as running session

  • Core - Fixed an issue where comments on session close were not saved

  • Core - Fixed an issue where user without all rights in Active Directory can not be used to configure a domain

Version 2023.2.7.0 (September 11, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - Fixed an issue where error was thrown if an entry was linked on a deleted entry in user vault

  • Core - Fixed an issue where Okta user can't be created as read only

  • Core - Fixed an issue where properties "Override RDP Setting" in CyberArk Dashboard entry were not saved

  • Core - Fixed an issue where scheduled reports were not affected by daylight saving time change

  • Core - Fixed an issue where Windows Authentication failed if Force token public IP validation was set to true

  • Core - Fixed issue where opened sessions list was always empty

  • Gateway - TCP hostname is always marked as not configured in diagnostics

  • PAM - Fixed an issue where AnyIdentity action script fails when a non-mandatory property is configured as a parameter

  • PAM - Fixed an issue where PAM account can't be edited when the account is in a folder

Version 2023.2.6.0 (August 21, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - Fixed an issue when a User Vault entry is duplicated in the Favorites tab and could not be removed from the User Vault

  • Core - Fixed an issue when Azure cache erased on Internet loss

  • Core - Fixed an issue when trying to navigate to a favorite in the user vault

  • Core - Fixed an issue with the shared vault dashboard that kept refreshing in a loop

  • Core - Fixed error when filtering (user or user groups) accounts in Microsoft Users Import dialog

  • Gateway - Fixed an issue when an error occurred when accessing Devolutions Gateway Permission

  • PAM - Fixed Pam featured not enabled bug

  • Recording Server - Fixed issue when recording could be saved 'remote'

Version 2023.2.5.0 (July 25, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - Added PAM usage policies for Microsoft RDS Dashboard and Active Directory Dashboard

  • Core - Fixed an issue where Devolutions Gateway name was not shown in opened connections report

  • Core - Fixed an issue where user could not be imported from Azure AD

  • Core - Fixed temporary access request report to be able to export it

  • Gateway - Fixed an issue where Devolutions Gateway configuration could not be published

Version 2023.2.4.0 (July 18, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • PAM - Added all sessions type in PAM usage policies configuration

  • Core - Fixed an issue where all alarm codes were deleted even if only one had to be deleted

  • Core - Fixed an issue where CyberArk entry could not be saved with SAML authentication

  • Core - Fixed an issue where grant temporary access was failling

  • Core - Fixed an issue where no notification was sent on the Azure AD user created automatically

  • Core - Fixed an issue where roles can't be retrieved

  • Core - Fixed an issue where tree could not be loaded in web interface

  • Core - Fixed temporary access request report to be able to export it

  • PAM - Allow uppercase and underscore on ssh username

Version 2023.2.3.0 (July 6, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - Entry Security Analyzer report can now be done with one or many vaults

  • Gateway - Allow a custom TCP Hostname on Devolutions Gateway

  • Core - Fixed an issue where Syslog configured with UDP didn't work

  • Core - Fixed an issue where VPN entries from system vault were not listed

  • PAM - Don't show Privileged Access section without PAM license

  • Recording Server - Fix an issue where recordings can't be indexed

  • Web - Several UI fixes

Version 2023.2.2.0 (June 27, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Core - Improved warning message when passwords don't comply with password security settings

  • Core - New Devolutions Server installation set 'Enable internet access' to true

  • PAM - Added checkout reason in logs/reports

  • PAM - Added support for preferred domain controller in AD provider

  • Recording Server - Added a tool to re-index recordings from different Devolutions Gateways

  • Core - Fixed an issue where activity logs could not be opened

  • Core - Fixed an issue where entries can't be saved in system vault

  • Core - Fixed an issue where no notification was sent if the delete operation was made with RDM

  • Gateway - Fixed an issue where Devolutions Gateway could not be used if no ID was configured on it

  • Web - Several UI fixes

Version 2023.2.1.0 (June 20, 2023)

  • If you are using RDM as the client, RDM 2023.2 is required for this DVLS version

  • Recording Server - Devolutions Gateway should be used to act as recording server

  • Core - Added a search tool in System Settings

  • Core - Added IP List entry type

  • Core - Added PowerShell Terminal Remoting Directly in the Web Interface

  • Core - Added the ability to assign a vault owner

  • Core - Added the ability to link two user accounts to the same license

  • Core - Added the ability to request access to other vaults

  • Gateway - Devolutions Gateway can now act as recording server

  • Gateway - Devolutions Gateway can now be configured for load balancing

  • PAM - Added temporary just-in-time(JIT) elevation at checkout

  • PAM - Added the ability to propagate PAM passwords to after rotation

  • PAM - Expanded privileged account availability with PAM usage policies

  • Core - Added more information in log for login information (IP, iso code, emergency access)

  • Core - Changed default strategy for AD "Get groups by user" from Principal to Directory entry token group

  • Core - Current and latest version of services/gateways are now shown in the system dashboard

  • Core - Dashboard user interface improvement

  • Core - SMTP server and Syslog server status are now shown in the system dashboard

  • Core - Temporary access can be created by the approver and permission will be granted to the user at the right moment

  • Core - Temporary access can be requested on entry with link to other entries for credentials, vpn

  • Core - Temporary access request can now be requested for future use

  • Core - Upgraded System Dashboard with Syslog and Email Services

  • PAM - Added more information in logs when an error occurs

  • PAM - Added PAM checkout requests in advance

  • PAM - Checkout request can be created by the approver and permission will be granted to the user at the right moment

  • PAM - New setting to limit the checkout time

  • PAM - Scripts in AnyIdentity providers can now be ran as a specific user

  • CVE-2023-2400 Improper deletion of resources in the user management feature

  • Core - Fixed an issue where search entries failed if current vault contains special character (%) in description

  • Core - Security Policies is now renamed Conditional Access Policies

  • Core - Submit a support ticket is available only for admin

  • Web - Several UI fixes

Version 2023.1.8.0 (May 25, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • Core - Fixed an issue where emergency access failed and user could not access his server

  • Core - Fixed an issue where HeidiSQL entry type could not be selected

Version 2023.1.7.0 (May 9, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • Core - Added logs during Okta login

  • Core - Migrate from ADAL (Azure Active Directory Authentication Library) to MSAL (Microsoft Authentication Library) for Azure

  • Core - Fixed an issue where custom fields migration was long

  • Core - Fixed an issue where Windows Authentication failed for first connection

  • Core - Support ASP.NET 7

  • PAM - Fixed an account where password rotation failed

  • PAM - Fixed an issue where PAM account can't be created by a non admin user

  • PAM - Fixed an issue where scheduled password rotation happens multiple times

Version 2023.1.6.0 (April 21, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • CVE-2023-0951 Core - Fixed an issue where package created to be sent to support could be downloaded by non admin user

  • Core - Added sender username in secure message push notification in Workspace

  • Core - Fixed an issue where authentication migration from Devolutions Server user to another authentication type failed with an exception

  • Core - Fixed an issue where passwords with only permission to execute were not sent to DWL

  • Core - Fixed an issue where session start time in logs was invalid

  • Core - Increased the startup time limit to avoid server to be stopped during data migration when server is starting

  • PAM - Fixed an issue where loading privileged accounts list failed with a timeout

Version 2023.1.5.0 (March 30, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • Core - Support users migration from Azure AD to Azure AD (different domain name)

  • Web - MikroTik entry can now be edited in DVLS web interface

  • Core - Fixed an issue where Azure AD groups were not migrated on startup and Azure AD groups were not found anymore for users

  • Core - Fixed an issue where entry security analyzer report was not including password lists

  • Core - Fixed an issue where locked application keys were not list in Users Locked report

  • Core - Fixed an issue where two logins were needed to access DVLS

  • Web - Several UI fixes

Version 2023.1.4.0 (March 22, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • Core - Improved performance when system retrieves Azure AD groups

  • Core - Report an issue can be sent to any user, not only administrator

  • PAM - Added forbidden password check for standalone account

  • Web - Gateway list is now paged when you want to select a gateway on a connection

  • Core - Added logs when an entry is added or restored from the web interface

  • Core - Fixed an issue where checkouts were not visible for administrator in dashboard

  • Core - Fixed an issue where forbidden passwords list is not visible

  • Core - Fixed an issue where some folders were missing for DWL

  • Core - Fixed an issue where synchronizer created wrong folder structure

  • Web - Several UI fixes

Version 2023.1.3.0 (March 14, 2023)

  • If you are using RDM as the client, RDM 2023.1 is required for this DVLS version

  • Core - Added support for global images

  • Core - An issue on an entry can now be reported to notify administrators

  • Core - Notifications can now be sent to devices running Workspace

  • PAM - Added a function to generate script headers of AnyIdentity Providers

  • PAM - Added a function to test Powershell scripts of AnyIdentity Providers

  • PAM - AnyIdentity Providers can now be imported/exported

  • Web - Added System Dashboard to display services state

  • Web - Improved the dashboard to be customizable

  • Web - RDP session can now e launched through Web Client (via Devolutions Gateway)

  • Web - VPN/Gateway can now be edited in Web Interface

  • Core - Added a new contact type Team/Department

  • Core - Added a new IT Asset data entry type

  • Core - Added a new vehicle data entry type

  • Core - Added a report to find connections with specific status

  • Core - Added a warning message if less than 10% of a license is available

  • Core - Added an Archived and Broken Entry status

  • Core - Added contact link support in Software/License entry

  • Core - Added many reports in the scheduled report list

  • Core - Added password generator button in certificate entry

  • Core - Added the possibility to assign a contact to the credit card owner

  • Core - Microsoft Authentication cache can now be desactivated

  • Core - User information from Microsoft users are now synchronized with DVLS users

  • Gateway - A reg file or a Powershell Script can be downloaded to configure KDC proxy

  • PAM - Added a link to PAM Provider GitHub repository in AnyIdentity Templates

  • PAM - Added timeout setting for SSH local user provider

  • PAM - Renamed Custom Providers by AnyIdentity Providers

  • Web - Added custom fields edition

  • Web - Information on dashboard can now be clicked to see the specific information

  • Web - Moved DVLS license information under Administration -> License

  • Web - Vaults can now be searched by description

  • Core - Fixed an issue where authentication cache was used even if it was disabled

  • Core - Fixed an issue where copy password button was not available in the overview when it should

  • Core - Fixed an issue where message about http connection in system dashboard was displayed even if the connection was https

  • Core - Fixed an issue where scheduled AD synchronizer created incorrect folder names

  • Core - Fixed an issue where users were not logged in even if the credentials were valid

  • Core - Fixed issue where administrators were not able to use Launcher

  • Web - Minor UI fixes

  • Web - Several UI fixes

Version 2022.3.13.0 (February 21, 2023)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • CVE-2023-0951 Core - Fixed a few API endpoints where users without permission were authorized

  • CVE-2023-0952 Core - Fixed an issue where linked credential could be leaked on edit entry

  • CVE-2023-0953 Core - Fixed an issue where SQL injection was possible

  • CVE-2023-1201 Core - Fixed an issue with improper access control to attachment in secure messages

  • Core - Fixed an issue where an administrator was not able to connect to DVLS through Launcher

  • Core - Fixed an issue where Credential filter could not be used in PAM Checkout notification

  • Core - Fixed an issue where RDM connection failed with Windows Auth and a security policy was configured with an AD group

Version 2022.3.12.0 (February 13, 2023)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Fixed an issue in Devolutions Gateway User Access report

  • PAM - Fixed an issue where scans were failing in some cases

  • Web - Fixed an issue where connection name was not visible during edition in dark theme

Version 2022.3.10.0 (February 2, 2023)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • [DEVO-2023-0002] Core - Fixed a security issue where sensitive data was returned even if the user didn't have access to it

  • Core - Avoid to send an email on successful backup if user doesn't want to receive it

  • Core - Fixed an issue where tags with a dot were not displayed correctly

  • Core - Fixed the hyperlink in backup confirmation email

  • PAM - Fixed an issue where some PAM vaults or PAM accounts were not found

Version 2022.3.9.0 (January 24, 2023)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Gateway - Support Telnet connection through Devolutions Gateway

  • PAM - Enable OTP for standalone account

  • Core - Avoid to log useless exception

  • Core - Avoid to send email on backup success if user doesn't want it

  • Core - Fixed an issue where deadlock could occur with old Azure AD or Domain groups

  • Core - Fixed an issue where entries could not be added in folders with DWL

  • Core - Fixed an issue with Azure SMTP Connections

  • Core - Fixed an issue with Password Generator where settings were not applied

Version 2022.3.8.0 (December 21, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Added a password generator button on password field in certificate entry

  • Core - Improved performance when listing users from a domain, Azure or Okta group

  • Core - Fixed an issue where some server settings were not saved properly

  • Core - Updated the Microsoft users migration to manage missing UPNs

  • PAM - Fixed an issue where only 25 accounts were displayed in PAM vault

Version 2022.3.7.0 (December 13, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Added a way to export active users

  • Core - Added a way to select JIRA tickets from other filters (not only the default filter)

  • Core - Added configuration to support non-admin user to launch synchronizer

  • Core - Support user/user group cache for Microsoft Azure Authentication

  • Core - Fixed an issue where an error was raised during authentication migration

  • Core - Fixed an issue where opening documentation in new tab didn't work

  • Gateway - Fixed an issue where Gateway ID was not synchronized with the Gateway

  • Web - Several UI fixes

Version 2022.3.6.0 (December 1, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Added HTTP compression to improve performance

Version 2022.3.5.0 (November 25, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Sub connections can now be resurect with their parent

  • PAM - Added password rotation schedule at the folder level

  • PAM - Checkout request or approval can now specify end time instead of checkout duration

  • Core - Fixed an issue where accessing license was not possible in some cases for free edition

  • Core - Fixed an issue where Devolutions Launcher application access was not available even for administrator users

  • Core - Fixed an issue where entry credential was not available in DWL in some cases

  • Core - Fixed an issue where search result didn't focus on the entry selected in the result

  • Core - Fixed issues with VMWare Synchronizer (update of prerequesite needed on DVLS Server via DVLS-Console)

  • Core - Prompt for comment didn't work in a few cases

  • Gateway - Fixed an issue where Devolutions Gateway ID was not synchronized automatically by the scheduler

  • Gateway - Fixed issues where scheduler returned an error when no revocation list was stored in database

  • Web - Several UI fixes

Version 2022.3.4.0 (November 10, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Added a button to refresh user information from AD to all users

  • Core - Added a warning message if a vault has too many entries

  • Core - Added a way to exclude characters with password template and generator

  • Core - Added an option to keep all logs archived

  • Core - Added an option to save password in a shared vault from a secured message

  • Core - Disable email 2FA if the server doesn't have SMTP configuration

  • Core - Display the password history in the web interface for the password list entry type

  • Gateway - Support 'auto assign' with Gateway licenses

  • Core - Fixed an issue where attachments couldn't be added in private vault

  • Core - Fixed an issue where deleting a notification was failing

  • Core - Fixed an issue where DWL couldn't retrieve website entries from shared vaults

  • Core - Fixed an issue where reading attachments was raising an error when the encryption at rest was not enabled

  • Core - Fixed an issue where scheduled reports were adding 30 days instead of running same date every month

  • Core - Fixed an issue where viewing the password didn't ask for a comment even if it was requested

  • PAM - Fixed an issue where refreshing the page was loading the first PAM vault

  • Recording Server - Fixed an issue where processor couldn't complete when a certificate was not trusted

  • Web - Several UI fixes

Version 2022.3.3.0 (November 3, 2022)

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Fixed an issue where authentication migration didn't work if username was the same between source and destination

  • Core - Fixed an issue where RDM could not used any module with license (CyberArk, BeyondTrust, ...)

Version 2022.3.2.0 (November 1, 2022)

Database upgrade required

  • If you are using RDM as the client, RDM 2022.3 is required for this DVLS version

  • Core - Added a way to migrate users from an authentication mode to another (from Active Directory to Azure AD for exemple)

  • Core - Added permission set to assign permission easily on users

  • Core - Added support to Okta authentication

  • Core - Added support to SMTP modern authentication with Azure

  • Core - Implemented attachment and documentation support for sub connections

  • Gateway - Added Kerberos authentication via KDC Proxy

  • Gateway - Added new reports to display Devolutions Gateway permission

  • Gateway - Added permissions on Devolutions Gateway

  • Gateway - Sessions launched via Devolutions Gateway can now be killed

  • PAM - Added description field on PAM account

  • PAM - Added support for generic providers

  • Web - Added markdown WYSIWYG documentation editor

  • Core - RDM User license must be set in the data source

  • Core - RDM users need one license assigned for each user account

  • Core - Added a button to refresh favorites

  • Core - Added a way to select the main account type to bypass the authentication type on login

  • Core - Added an option to select Azure behavior on login

  • Core - Added one button in login page for each Active Directory configured

  • Core - Added options to select Azure behavior on login

  • Core - Added support for multiple emails in email configuration

  • Core - Button label can now be configured in login page

  • Core - Connection icon can now be customized

  • Core - Improved RDM connection stability with Devolutions Server

  • Core - Improved security dashboard UI

  • Core - Removed the option "Current Windows session" as credentials for AD configuration

  • Core - Renamed 'Custom User' by 'Devolutions Server User'

  • Gateway - Added a filter in the Devolutions Gateway list

  • PAM - Added log messages if PAM password propagation failed

  • PAM - Added possibility to include PAM vaults in search side bar

  • PAM - Changed the way PAM account are displayed: Removed tiles and display a tree

  • PAM - Improved PAM Heartbeat failed message to differentiate provider and account name

  • Core - Fixed an issue where administrator received an exception about telemetry when internet was not available

  • Core - Fixed an issue where attachments were corrupted after download

  • Core - Fixed an issue where backup was failing with invalid path on Linux SQL Server

  • Core - Fixed an issue where folder structure was visible in DWL even if user didn't have access to the folder

  • Core - Fixed an issue where importing Azure AD accounts didn't fill the first and last name

  • Core - Fixed an issue where license capacity could be exceeded

  • Core - Fixed an issue where Okta groups were recognized as Devolutions Server groups

  • Core - Fixed an issue where Okta groups were viewed as Devolutions Server groups

  • Core - Fixed an issue where password set on an attachment was not shown correctly

  • Core - Fixed an issue where read only users could add attachments or documentation

  • Core - Fixed an issue where SMTP configuration was not migrated correctly

  • Core - Fixed an issue where success page was prompted after Windows Authentication

  • Core - Fixed an issue where user update could lost user group assignments

  • Core - Fixed an issue where username field could be missing in Emergency Login

  • Core - Fixed an issue where users avatar were missing

  • Core - Fixed an issue where Website entry could not be saved with a Password Management license

  • Core - Fixed an issue where wrong RDM version was loged in reports

  • Core - Fixed issue in My Account Settings where Dashlane Password and KeePass Server Password were not obfuscated

  • Core - Fixed issue where email could not be sent in some cases

  • Core - Removed sensitive information from public endpoint

  • PAM - Added log message if password propagation failed

  • PAM - Fixed an issue where PAM section was not available even with a license

  • Web - Several UI fixes

  • Web - Several UI fixes

  • Web - Several UI fixes

Version 2022.2.11.0 (October 3, 2022)

  • If you are using RDM as the client, RDM 2022.2 is required for this DVLS version

  • Core - Fixed an issue where emergency login could not be used in some cases

  • Core - Fixed an issue where vault could not be deleted for some users

Version 2022.2.10.0 (September 6, 2022)

  • If you are using RDM as the client, RDM 2022.2 is required for this DVLS version

  • Core - Fixed an issue where SQLException was raised when launching a RDP session

  • Core - Fixed an issue where user could be disconnected without logoff request

  • Core - Website entry can now be used by user with Password Management license

  • PAM - Fixed an issue where checkin was failing with SQL exception

  • Web - Several UI fixes

Version 2022.2.9.0 (August 23, 2022)

  • If you are using RDM as the client, RDM 2022.2 is required for this DVLS version

  • Core - Avoid to send an error email to administrator when a user fails to logon

  • Core - Fixed an issue where password on attachment is not shown properly after saving it

  • Recording Server - Fixed issue where network interruption cause the recording to be lost

Version 2022.2.8.0 (July 29, 2022)

  • If you are using RDM as the client, RDM 2022.2 is required for this DVLS version

  • Core - Add one button per Active Directory on the login page

  • Core - Improve ticketing system configuration

  • Core - Labels on login page can now be configured

  • Core - Vault password has to respect password template

  • Core - Don't send notification to user who made the operation on an entry

  • Core - Fixed an issue where custom user expiration was impacting domain users or AAD users

  • Core - Fixed an issue where user could have a white page after login

  • Core - Fixed an issue where users could be included in a domain group or AAD group even if he was not a member

  • Web - Several UI fixes

Version 2022.2.6.0 (July 11, 2022)

  • If you are using RDM as the client, RDM 2022.2 is required for this DVLS version

  • Core - Automatically logout idle users on web interface can be disabled

  • Core - Update security dashboard to adjust scoring

  • PAM - Improve the copy button to avoid a sub menu for OTP on PAM account

  • Core - Fixed an issue where default expiration was not set in secure message

  • Core - Fixed an issue where default vault was assigned to users by default even if that vault was not in user template configuration

  • Core - Fixed an issue where favorite folder could not be created

  • Core - Fixed an issue where getting the datasource information was failing

  • Core - Fixed an issue where login with Microsoft/Azure AD user was failing

  • Core - Fixed an issue where user could be in an Azure Group in DVLS even if it was not member of that group in Azure AD

  • Core - Fixed an issue where user could not be saved if an invalid license was assigned to that user

  • PAM - Fixed an issue where Azure AD Users provider secret key could not be updated

  • PAM - Fixed an issue where fetching groups of a scan configuration was failing

  • Web - Several UI fixes

Version 2022.2.5.0 (July 4, 2022)

Database upgrade required

  • RDM and Devolutions Server Console 2022.2 are required to use this version

  • Core - Emergency access to allow an access even if providers are down (Azure or AD)

  • Core - New permission : "Delete Documentation"

  • Core - New permission : "View Sensitive"

  • Core - Notifications : Users can be notified on actions made on entries

  • Core - Security policies available to allow/deny users with different conditions

  • Core - Security policies available to force/skip 2FA with different conditions

  • Gateway - Support for new protocols : VNC, ARD, SCP, SFTP, PowerShell (WinRM, SSH), Embedded Websites

  • PAM - Add link with ticketing system (JIRA) to list tickets during the checkout operation

  • PAM - Support for password reset for MySQL users, Oracle users and Cisco users

  • PAM - Support for standalone privileged accounts

  • Core - .NET 6.0 is now required

  • Gateway - Devolutions Gateway now requires a license (unlicensed usage will be refused except for side-by-side installation that can have up to 5 concurrent sessions without a license)

  • Core - Website entry (previously "Web Browser (HTTP/HTTPS)") now has Devolutions Web Login enabled by default

  • Core - Added "append to the username" and "prepend to the username" modes for OTP usage

  • Core - Added a button to test ticketing system configuration

  • Core - Added more fields in asset dashboard (UPN, custom fields)

  • Core - Allow restoring deleted documentation pages

  • Core - Dashboard page has been removed and integrated on vault dashboard to be like RDM

  • Core - Redesign the login page

  • Core - Redesign the web interface

  • Core - Removed sensitive data from user list

  • Core - Security improvement: use new function (PBKDF2-HMAC-SHA1) to calculate the password hash

  • Core - Show the group name or username in permission table

  • Core - Support exporting/importing the documentation of an entry

  • PAM - Added filters for providers and scan configurations

  • PAM - Improve the reset password confirmation prompt

  • PAM - Renamed Team Folder by PAM Vault

  • Core - Fixed an issue where 2FA was bypassed when connecting with Windows Authentication

  • Core - Fixed an issue where adding images in documentation was raising an error

  • Core - Fixed an issue where Azure AD user can't be imported manually

  • Core - Fixed an issue where Entry Security Analyzer report was not available for user with permission

  • Core - Fixed an issue where microsoft user was not able to login if he had been added manually

  • Core - Fixed an issue where the client IP was not set properly

  • Core - Fixed an issue where user couldn't access the gateway configuration even if he had the permission

  • Core - Fixed an issue where user remains connected after disconnecting him through 'Connected user list'

  • Core - Fixed an issue where wrong RDM versions were saved in Login History report

  • Core - Fixed diagnostic report to be the same as RDM

  • Core - Fixed issue where a new user could have rights if a user with the same name has already existed

  • Core - Fixed security issue by processing "Entry Security Analyzer" permission

  • Core - Improved error message when vault name already exists

  • Core - Removed the vault assignment window when importing users. Vaults from user template are used

  • PAM - Fixed an issue where a folder could not be deleted

  • PAM - Fixed an issue where all accounts were returned for a non admin user

  • PAM - Fixed an issue where view roles definitons couldn't be access from quick scan

  • PAM - Fixed an issue where windows scan failed if no local user exist

  • PAM - Removed redirect URI field in Azure AD provider configuration

  • Web - Fixed an issue where long vault name with hyphen broke the avatar

  • Web - Fixed an issue where multiple or wrong vault icon were shown

  • Web - Fixed an issue where view password button could disappear in the entry overview

  • Web - Several UI fixes

Version 2022.1.13.0 (May 11, 2022)

  • Core - Initial support for Devolutions Workspace

  • Core - Improve Office365 authentication process. The redirect URI in Azure must be changed

  • Core - Added logs during Windows authentication process

  • Core - Support Microsoft Authentication Library (MSAL) for Office365 authentication

  • Core - Use object ID instead of UPN for Office365 users

  • Web - Improve UI of Devolutions Gateway diagnostic

  • Core - Cleanup tokens table

  • Core - Fixed an issue where Devolutions Gateway could not be uploaded

  • Core - Fixed an issue where expiration date didn't show up in password list

  • Core - Fixed an issue where landing page was not applied after a login

  • Core - Fixed an issue where user group type was wrong after import

  • Core - Removed "SessionRequired" errors sent to administrator

  • Recording Server - Fixed an issue where recording server used 100% CPU

  • Web - Several UI fixes

Version 2022.1.12.0 (April 4, 2022)

  • Core - Give more information to user when they can't be logged in

  • Core - Logs can be cleaned up with a timeframe

  • Core - Office365 authentication supports automatic user creation from a specific group

  • Core - Removed some exceptions sent to administrator that were not critical

  • Core - Support multiple vaults export

  • Core - Fixed an issue if a vault template has been created

  • Core - Fixed an issue where DWL can't find the matching sub-connections

  • Core - Fixed issues in the login process

  • PAM - Fixed an issue where importing from a scan didn't work the first time

  • PAM - Fixed an issue where searching a PAM account changed the priviledged account folder

  • PAM - Fixed an issue with SSH scan

  • Web - Several UI fixes

Version 2022.1.10.0 (March 15, 2022)

  • Core - Added a "Move" permission on entries

  • Core - Added a menu item to expand/collapse all in vault tree

  • Core - Administrators can now ask a change password at next logon when they reset user password

  • Core - Allow $REPOSITORY_NAME$ variable in name

  • Core - ARD entry: Add configurable connection timeout

  • Core - Removed Wayk Client entry

  • Core - Support 2FA with Windows Authentication

  • Core - Support export/import multiple vaults with attachments and documents

  • Core - Support password expiration on custom users

  • Gateway - Added a diagnostic tool

  • PAM - Added a search tool to help selecting a privileged account

  • Core - Fixed a few authentication issues

  • Core - Fixed an issue when exporting entries kept folders even if user asked to remove them

  • Core - Fixed an issue where dates what not displayed

  • Core - Fixed an issue where RDM logoff was failing

  • PAM - Fixed an issue where searching in PAM Account didn't search in folders

  • Web - Several UI fixes

Version 2022.1.9.0 (February 18, 2022)

  • Core - RDM 2022.1 is mandatory to use DVLS 2022.1. Connection from old RDM will be refused

  • Core - Entry's name can now be edited directly in the vault tree

  • Core - Move Devolutions Launcher CAL and users CAL licenses to Administration/License section

  • Core - Support gender "Unspecified" for passport entry

  • Core - Fixed an issue where documentation page links didn't work

  • Core - Fixed an issue where Domain Functional Level 2012R2 was not supported

  • Core - Fixed an issue where login was not possible on an HTTP installation where the hostname was used in URL

  • Core - Fixed an issue where SMS 2FA was failing

  • Core - Fixed Windows Authentication

  • Web - Fixed web client to avoid cryptokey exception

  • Web - Several UI fixes

Version 2022.1.7.0 (February 15, 2022)

Database upgrade required

  • RDM and Devolutions Server Console 2022.1 are required to use this version

  • Core - Email notifications for temporary access

  • Core - Support for DVLS PAM entry

  • Gateway - License integration

  • Gateway - SSH connection support

  • PAM - Azure AD Provider

  • PAM - Local Windows Accounts Provider

  • PAM - PAM Dashboard in Remote Desktop Manager

  • Core - .NET Framework 4.8 is now required

  • Core - HTTPS is strongly recommended, application encryption level will be removed

  • Core - Initial OAuth support. Windows authentication is no longer supported with 2FA

  • Gateway - Devolutions Gateway now requires a license (unlicensed usage will show a warning)

  • DWL has to be logged in separately

  • Core - "DNS Name" has been replaced by "Access URI"

  • Core - Added "Privileged Account" on the folder credential option

  • Core - Added a group filter in import AD Users dialog

  • Core - Added server and client IP address in syslog messages

  • Core - Added UserInfoHistory in the cleanup logs feature

  • Core - Don't accept domain with functional level too low

  • Core - Fixed an issue where user can't be imported if a domain was down

  • Core - Improved multi vault search performance

  • Core - Search results in passwords list

  • Core - Sort TAGS in the dashboard and tag selection dialog

  • Core - Support for new RDM file format (v2) to import

  • Gateway - Added option "Force using IP address for RDP connections"

  • Gateway - Added support for alternate hosts

  • Gateway - Support inherited Gateway

  • PAM - Added a password template at provider level

  • PAM - Added scan delta summary

  • PAM - Improved error message on synchronization status

  • PAM - Move all PAM Account at root level in a team folder

  • Web - Added 'Assign All Vaults' button in users and user groups dialogs

  • Web - Added a few SSH properties in Edit view

  • Web - Added a search bar in 'Privileged account credential' type selection

  • Web - Added a warning on entry deletion if a shortcut exist

  • Web - Added icon in PAM UI to help color blind people

  • Web - Added shortcut icon in vault tree

  • Web - Only admin user can submit a support ticket

  • Web - Rebranded Devolutions Authenticator to Devolutions Workspace

  • Web - Sort approvers in PAM checkout dialog

  • Web - Support DVLS PAM entry in web interface

  • Core - DVLS Free doesn't support PAM

  • Core - Fixed an issue to display the right number of users in a license

  • Core - Fixed an issue where "Automatic User Creation" parameter was not saved

  • Core - Fixed an issue where "Prompt for comment" was not displayed with "Copy API key"

  • Core - Fixed an issue where a user without the view password permission could view the password

  • Core - Fixed an issue where changing the time for O365 caching was not saved

  • Core - Fixed an issue where custom user groups can not be created without custom authentication activated

  • Core - Fixed an issue where documentation view was wrong

  • Core - Fixed an issue where Duo returns invalid 2FA with a domain user

  • Core - Fixed an issue where entries with temporary access were not sent back to DWL

  • Core - Fixed an issue where export vault was not logged

  • Core - Fixed an issue where password in passwords list could be lost

  • Core - Fixed an issue where passwords in private vault were not available in web interface

  • Core - Fixed an issue where RDM connection to DVLS failed

  • Core - Fixed an issue where RDM was disconnected from DVLS

  • Core - Fixed an issue where some folders in vaults were not available in RDM

  • Core - Fixed an issue where ticket number was not saved in activity logs

  • Core - Fixed an issue where user was not able to login

  • Core - Fixed issue where date format was wrong

  • Core - Fixed Syslog message format to set the hostname with DVLS IP

  • Core - Include Local Account entries in password rotation reports

  • PAM - Fixed an issue where PAM checkouts failed with a non-admin user

  • Web - Fixed an issue where view attachment with pdf extension failed

  • Web - Fixed translation strings

  • Web - Several UI fixes

  • Web - Several UI fixes

Version 2021.2.14.0 (December 13, 2021)

  • Added robots.txt for security purpose

  • Fixed an issue where custom user groups can not be created without custom authentication activated

  • Fixed an issue where passwords were lost after sorting passwords in a password list

Version 2021.2.13.0 (November 18, 2021)

  • Core - Added a new license for the PAM Module (the license is included for those already using the PAM module with a DVLS license bought before September 30th 2021)

  • PAM - Added local Windows account management

  • Web - Added an option to regenerate Devolutions Gateway key pair on demand

  • Web - Added batch edit to grant permissions all at once on an entry

  • Core - Fixed an issue where a user can delete entries without permission

  • Core - Fixed the display of shortcut entries

  • Core - Stack overflow error when migrating the domain user groups with their SID

  • PAM - Fixed an issue where approval workflow didn't work when approved by an "approver"

  • Web - Several UI fixes

Version 2021.2.10.0 (October 25, 2021)

  • Core- Manage OTP option getting OTP from link credentials

  • Web - Added an "apply to all" action when setting the allowed applications

  • Web - Added the option to view the Gateway's logs and opened sessions

  • Web- Added a filter ''Has access'' in security grant permission & Vault assignment

  • Core - Root is empty exception- can't save entry

  • Core - SQL exception when refreshing cache using legacy security

  • Core- Error LockRecursionException

  • Core- Notifications with negative conditions

  • Core- Option - Enable Remote Monitoring SSH

  • PAM- Saving security permission on folder

  • Web - Cannot save a second template

  • Web - Error while trying to check out a PAM account in the vault section

  • Web- System Message formatting

Version 2021.2.8.0 (October 4, 2021)

Database upgrade required

  • Free version available for 3 users / 100 entries

  • Multi-domain supported with Platinum license type

  • PAM - Password Propagation

  • PAM - Password rotation report

  • PAM - Password rotation Scheduled

  • Web - Added Asset section on entries

  • Web - Support synchronizer entry

  • Web- Can import from Google Password csv file

  • Improved Devolutions Gateway to use key pair from DVLS, older deployments need to be reconfigured

  • 2FA available in all edition

  • Core - New option to sent scheduled report to an email address that is not a user

  • Core - Sends email when a temporary access is granted

  • Deprecated Authanvil and Vasco as 2FA

  • PAM - a message is sent when a request is approved

  • PAM - added OTP on privilege account

  • PAM - CheckOut request are Auto approve when done by approver him self

  • PAM - Report of password rotation

  • RDM- Document in entries available in Offline mode

  • Web - Add indicator when attachment and document are link to the entry

  • Web - Simplify the Documentation tutorial editor

  • Web - Template available in Quick add setting per vault

  • Web- Add OTP source on session entry

  • Web- Better performance loading vault

  • Web- Improve way of granting permission

  • When assigning system permission, the read only user are no longer shown

  • Hide Password Template mode Readable in entry setting

  • Several fixes & adjustments

  • Web - Edit user Administrator , fix the number of vaults

Version 2021.1.20.0 (July 19, 2021)

  • Core - The column is missing from LogingHistory_Archive

  • Web - Error parsing dates when using custom dates on reports

Version 2021.1.19.0 (June 30, 2021)

  • Core - connections/partial endpoint returns private key although it is Sensitive information

  • Issue when adding a documentation on entries

Version 2021.1.17.0 (June 17, 2021)

  • Core - Added VMRC as launchable connection type for the launcher

  • Core - New system setting for Authentication Office365- recurrence on the schedule cache

  • Core - Support Temporary access requests

  • Core - Added daily caching refresh for domain and Office 365 users

  • Core - Added usage of DNS name instead of the IP address for Radius 2FA

  • Core - Updated SMTP options when configuring emails

  • Web - Add Tel protocol to phone numbers on the entries dashboard

  • Web - Added confirmation when moving and entry using drag & drop

  • Web - Updated the background image for 2K display

  • Core - "Invalid data sent" when trying to save the Host Linked(Vault)/Inherited

  • Core - Allow rest api usage by applications

  • Core - Can't download Session recording form Recording Server in RDM

  • Core - Error when generating the expired entries report

  • Core - Fixed required permissions to edit an entry's documentation

  • Web - Cannot access administration if app name is ADMIN

  • Web - Fixed the resolving when the checkout setting is set to root

  • Web - save credentials and content in a message sent

Version 2021.1.10.0 (May 11, 2021)

  • Core - Fix errors on connection with user that has no shared vault available

  • Core - Fix opened connections report conversion error

  • Core - Fix X-Forwarded-For usage

  • Web - Fix vault selector not loading

Version 2021.1.9.0 (April 16, 2021)

  • Web - Added options to export the user vault when migration fails

  • Core - Fix User vault migration with names longer than 200 characters

  • Core - Unable to save both User CAL and Launcher licenses

  • Core - Unable to save the Email settings without Username and Password

  • Core - Unable to save VPN with Wayk bastion

Version 2021.1.7.0 (March 30, 2021)

  • Remote Desktop Manager 2021.X update required

  • Core - Added support for Devolutions Gateway (Jet)

  • Core - Added the "Last login" report

  • Core - Added the entry type: azure service principal

  • Core - Added the field Tenant ID on API Key

  • PAM - Added a system of policies on team folders for easier management

  • PAM - Added the delta between results when scanning a domain

  • Web - Added support for default icon color

  • Web - Added the option when enter a licence or request a trial when the license is expired or when there is no license

  • Web - The interface is available in read-only when the license is expired or when there is no license

  • Web - The scheduled reports now support more reports

  • Core - The user vault has now the same features as a standard vault (i.e.: attachments, history, documentation)

  • Introduced a distinction between sensitive properties and passwords in Information Entries. The view password permissions now only affect passwords specifically

  • Core - Added a timeout setting to Radius configuration

  • Core - Added Devolutions Authentificator as a supported 2FA

  • Core - Added handling of the custom controls on web entries for DWL

  • Core - Added the authentication method on the login history report

  • Core - Added the expression "is not" when setting a filter on a subscription

  • Core - SqlException when starting a connection from a templage

  • Core - Syslog events, only sends the title of the stack trace

  • Core - Updated the library for sending emails

  • Web - Added a download button on document's dashboard

  • Web - Added a message when the license is expired

  • Web - Added custom fields on web entries

  • Web - Added multiple gateways on SCP and SFTP entries

  • Web - Added multiple gateways on SSH Shel, SSH Tunnel and SSH Port Forward entries

  • Web - Added Recents, on the new entry dialog

  • Web - Added recovery codes for OTPs

  • Web - Added the "Disconnect Data Source" option in the administration section

  • Web - Added the OPT on Web entries

  • Web - Added the option to set the "Allow Offline" to a vault

  • Web - Added the options to view and download the Private key

  • Web - changed UI

  • Web - Manage the password setting "Force Default Template"

  • Web - Remove the email being mandatory when creating a user

  • Web - secure message, Added the options to "Delete All" and "Mark all as read"

  • Web - Update the default date range to "today" instead of "Last 7 days" on the activity log report

  • Web - Updated Radius login labels

  • Web - Updated the icons

  • Web - Updated the scrolling when navigating to an entry from the search

  • Core - Access was denied on api call for the documentaion

  • Core - Error SecurityTokenExpiredException received several time a day

  • Core - Error when adding an email to a user that didn't already had one

  • Core - Error when enabling the Windows Event Log

  • Core - Error when importing in the Private Vault

  • Core - Error with RDM on limited mode

  • Core - Fix access denied error on documentation

  • Core - Fix CORS

  • Core - Fix templates showing in the activity logs

  • Core - MaxMind GeoIP block everything

  • Core - Sql Injection

  • Core - Updated date format on reports

  • Core - Updated the default STMP Port

  • Core - Updated the SQL Queries when doing cleanup tasks to avoid timeouts

  • Core - Wrong log in "Connected User" report when connected from the Launcher

  • RDM - Cannot download Session recording form Recording Server in RDM

  • Web - "Prompt for comment" memo is overflow window is not tall enough

  • Web - Bad email format result in JSON error when editing a user

  • Web - Checkout UI issue on Firefox

  • Web - Error when trying to upload an SSH key

  • Web - Fix cannot assign users and user groups when creation a vault

  • Web - Fix error on reports when no vault is selected

  • Web - Fix loading the domain user speed issue

  • Web - Fix secure message color in dark mode

  • Web - Fix should not be able to set status on an entry when a check out is required

  • Web - Fix the vault menu item being available when there are no vault

  • Web - Fix variable not resolved on connections

  • Web - Fix variable not resolved on sub-connections

  • Web - Infinite loading when Azure token expires

  • Web - Missing icons on the web interface

  • Web - notification subscriber edit window is not tall enough

  • Web - On the Login History reports is not showing all entries

  • Web - RDP Template doesn't save "local ressources"

  • Web - Tab title is not updated

  • Web - The licence count is not updated when managing licenses

  • Web - The password reset is not applied when switching users

  • Web - The recurrence is not shown properly on the scheduled report calendar

  • Web - The website does not load properly when the the database is not reachable

  • Web - UI issue in Vault on Firefox

  • Web - UI issue when adding a user

  • Web - Unable to create a Contact Company entry in a folder

  • Web - User loses its license when changing the user type

  • Web -Cannot change Offline Mode for user groups

Version 2020.3.22.0 (June 29, 2021)

  • Core - connections/partial endpoint returns private key although it is Sensitive information

  • Setting Offline mode with User group

Version 2020.3.19.0 (May 11, 2021)

  • Core - Fix X-Forwarded-For usage

Version 2020.3.18.0 (April 13, 2021)

  • Core - Restrict-CORS

  • Core - SQL injection when deleting a user

Version 2020.3.17.0 (January 12, 2021)

  • Added ‘Privileged Access' to the list of available landing pages

  • Improved performance on login with a domain user

  • Fixed domain caching on when using multi-domains

  • Fixed saving items in ‘My Account Settings' using RDM

  • Fixed the vault used when resurrecting an entry

  • The Devolutions Server URL is now case-insensitive

Version 2020.3.14.0 (December 8, 2020)

  • Web - Added a setting to use or not the x-forwarded-for for the IpAddress

  • Web - Added an option to keep the template name or not when creating an entry

  • Web - Added the option to import roles from a domain with using the cache

  • Web - Secure message, added expiry date

  • Web - Updated the color on the error messages

  • Core - Fix end point for the CLI

  • Core - Fix error on notification when auto-creating a user

  • Core - Fix error on notification when creating an entry

  • Core - Fix the domain cache issue when setting the user's domain

  • Web - Fix 404 on the admin page

  • Web - Fix Incomplete Export File

  • Web - Fix loss of data on iDrac

  • Web - Fix loss of data on Ilo

  • Web - Fix loss of data on SSH Shell X11 forwarding

  • Web - Fix scheduled report - Error when using only 1 vault

  • Web - Fix the alternate 2FA

  • Web - Fix unable to see the log details on a deleted entry

  • Web - Vault assignment, show the list in alphabetical order

Version 2020.3.12.0 (November 17, 2020)

  • Core : Fix server restriction for users allowed to manage users

Version 2020.3.11.0 (November 16, 2020)

  • Web - Send files as attachments in a Secure Message

  • Web - Add export to Activity Logs

  • Web - New filters for Users and Groups administration sections

  • Web - Possible to import Active Directory users even with cache disabled

  • Web - Refresh information on an Active Directory user from the domain in Users section

  • Fix Active Directory auto create user issue when a group is specified

  • Fix error in SQL query to get Opened Connections

  • Fix query to get all expired and expiring entries in Report and Dashboard

  • View Password from the entry should behave the same way as the action view password

  • Web - Do not allow Duplicate action on root

Version 2020.3.8.0 (October 28, 2020)

  • Core : Security setting to block Tor clients from accessing the server

  • PAM - New built-in roles with specific rights for easy assignment

  • PAM - New onboarding wizard to facilitate initial import of Privileged Accounts

  • Web - Added "Duplicate entry" command

  • Web - Each Vault has a Dashboard & option to disable

  • Web - Possible to configure custom icons for server login page and toolbar

  • Web - Support for License administration section

  • Web : Added capability of exporting the User Vault ( Private Vault)

  • Web : New Security dashboard in Administration menu

  • Core : Active Directory integration supports multiple root containers

  • Core : Back up can be Encrypted with a password

  • Core : DataSource Logs and Administration Logs can be sent by emails Notification - new category

  • Core : DNS name server setting now used in notifications

  • Core : Improved Email template for Notifications

  • Core : System Settings - New RDM Version Management section

  • PAM - Add option to filter out system users on SSH scans

  • PAM - Add OU browser for Active Directory scans

  • PAM - Different options available to define Approver + a pre-define Role

  • PAM - Include account SID for Active Directory scans

  • PAM - Possible to Approve or Deny and Check in from RDM Dashboard

  • PAM - Possible to Approve or Deny checkouts from the secure message received

  • PAM - Possible to force Check in from the Checkout Manager Active

  • Web - Add input boxes for Comment on open and Comment on close

  • Web - Add new dashboard when selecting Vault root in tree view

  • Web - Add option to resurrect deleted attachments

  • Web - Add possibility to insert Ticket number on Insert comment and Close comment

  • Web - Add support for Duplicate action on entries

  • Web - Add support for Passportal My Account Settings

  • Web - Added flag for Favorite Vaults, greatly improves the search and the Vault Selector

  • Web - Favorites can now contain links to entries of User Vault (Private Vault)

  • Web - Improved data contained in the Server Diagnostics report

  • Web - Option to disable the new Vault Dashboard

  • Web - Removed number of character limit from Secure Messages

  • Web - Searching for entries now possible to include description & Url or equivalent URL in search fields

  • Web - User Vault (private vault) entries can now select Credentials repository from other vaults

  • Web : Choose Theme - Light, Dark or Default will default to your browser theme

  • Web : Database Diagnostics report now available from Reports section

  • Web : Deleted Attachments can be viewed and be restored

  • Web : Entry from User vault (Private Vault) can be added in your Favorites

  • Core - Active Directory cache now includes embedded groups for Universal Groups

  • Core - Application Users should not be included in the user count

  • Core - Fixed memory leaks in Scheduler service

  • Core - Windows Authentication user binding when UPN is empty

  • PAM - Fix error when creating a Provider and a Scan at the same time

  • PAM - Fixed Reset Password Schedule recurrence

  • Web - Add validation for Password Template name on creation

  • Web - Contact type entries lose custom icon when editing

  • Web - Corrupted Secure Message would prevent loading all the Secure Messages of the user

  • Web - Entry custom icon is now saved when also renaming or moving the entry

  • Web - Fix 2FA configure later feature by giving anti forgery token when 2FA configuration is required

  • Web - Fix alarm entry type creation in private vault

  • Web - Fix CyberArk validations to support saving entry

  • Web - Fix Email Settings save button when changes other fields than Password

  • Web - Fix export from private vault to contain entries in sub-folders

  • Web - Save changes to Active Directory Domain Authentication without entering administrator credentials

  • Web - User with Manage Users permission could not import Active Directory or Office 365 users

  • Web -Test email setting without a username or password should not send error email to administrator

Version 2020.2.10.0 (September 3, 2020)

  • Radius shared secret lost following upgrade

  • The user accounts name that end with letter u deletion when set permissions

  • User could be logged on as different user with Windows Authentication

Version 2020.2.9.0 (August 6, 2020)

  • Can now select Pam Credential in User specific Setting: with RDM need version 2020.2.18.0

  • For RDM, fix connection state for sub-connections viewed by users

  • For RDM, fix CyberArk AAM type to be save

  • Web - Fix passwords being lost when moving a Password List entry with drag and drop

Version 2020.2.8.0 (July 23, 2020)

  • Add option to activate the Auto-notification for Duo 2FA

  • Improve performance when querying Activity Logs for a non-admin user

  • Web- Improve UI of the Cleanup logs feature

  • Console - fix default setting at installation

  • Fix error when domain cache update process ( AD & Azure)

  • Fix the Add entry using the Prompt Add with the browser extension (chrome and firefox)

  • Web - Password Templates is now showing in the Password generator

  • Web import - added warning if the Master key of file is missing

  • Web- Fix the Import roles from LDAP or Azure if done with non-admin user

  • Web- wont see the Shortcut entry from a folder that to don't have the right for

  • When refreshing the tree it now keeps the same tree view (keeps open folder that was open)

Version 2020.2.7.0 (June 25, 2020)

  • Added Master password on Vault

  • Added Syslog type Notifications, giving the ability to send Notifications to multiple Syslog servers

  • Added the user Language setting in User Template

  • Last Usage log report

  • Logs Cleanup feature to archive and purge. See In Administration/ Logs to enable

  • New Time-based access for Users

  • PAM - Ability to export Privileged Accounts

  • New setting to Enable internet access. False by default, disables Gravatars & Have I been Pwned

  • Add Private Vault Search as Credential Type

  • Add the value ''None'' when selecting Vault for automatic user creation

  • Attachment will now resurrect with their entry after deletion

  • Console: Step added to create a default administrator account on first install

  • Link automatic user creation to User Template settings

  • Manage custom images for Vaults

  • PAM - Improve message for denied checkout email message

  • Support entry type API Key

  • Support splitting Wallet entry into: Membership, Driver License and Social Security Number

  • Web - Add a search option in the entry Search to support Username & URL

  • Web - Add support for Gateway Credentials for RDP entries

  • Web Entry Website: added the compare type options to support Equivalent URL with DWL

  • Fix external link in a Secure note entry

  • Fix possible date conversion error when getting entries for Expired Entries Report

  • Fix right-click on item when in Vault view is in List type

  • Fix saving Checkout Comment in the logs

  • Fix Vault selection for Domain Automatic User Creation

  • PAM - Deleted folder account should still show in the Logs

  • Password Template maximum length increased to 1024

  • Pwned Password ‘Always Ignore' not working in Private Vault

  • Remove download link for Certificate entry when user does not have permission

  • Unable to save Passportal entry if option ‘Always prompt for password' is activated

  • Web - Can't edit permissions in the Security tab for an already created template

  • Web - Cannot choose a credential from a Password List in an Entry

  • Web - Cannot choose a credential from a Password List in User Specific Setting

  • Web - Entry search. Fix the entry selected during a search now Focus in the tree view

  • Web - Exporting entries by selecting the Vault root returns an invalid file

  • Web - Fix Documentation history

  • Web - Fix Expiring Report option for All Vaults

  • Web - Fix OTP entry of Private Vault

Version 2020.1.13.0 (May 13, 2020)

  • Possible performance issue in RDM managing Roles

Version 2020.1.12.0 (May 7, 2020)

  • Change Secure Message - Use the full name of user first instead of the username showed on the user list to sent the message

  • User that has Manage Roles can now see and manage all roles , except administrator roles

  • User that has right to grant permission on entries can now see all roles

  • Web error cause by a missing permission on entry in the Web interface

Version 2020.1.10.0 (April 14, 2020)

  • PAM -Accounts section,can drag and drop folder in other folder

  • Syslog improvements - Added heartbeat and a few administrative events

  • Web - Add Vault filter in the Expired Entry Scheduled Report

  • Web - Admin-Email settings added validation

  • Web - Can move entries by drag and drop in Vault tree view

  • Web - Can now Export entries

  • Web - Visual improvements to user Dashboard page

  • Check In/Out On close comment not saved

  • Console - Fix upgrade instructions not showing up

  • Console - When changing user password

  • Console -Fix possible database error when regenerating encryption keys

  • Error XML on new vault properties

  • PAM - Add missing information in Notifications for new SQL Provider

  • PAM - Fix language inconsistencies in log messages

  • RDP entry link to a file cannot be edited

  • Web - Add a visual indication when you try to edit a role/user and the server does not let you

  • Web - Deprecate entry type Login Account

  • Web - Fix error when forcing user to change password at next login

  • Web - Fix Google Authentication two factor registration key which was in wrong format

  • Web - Fix resolved permissions text in entry security

  • Web - PassPortal Always prompt for organization passphrase checkbox can't be checked

  • Web - Password List Copy Domain/Password does not log the action

  • Web - Sending Private Entry in Secure Message should not include folders

  • Web - Two Factor login window not showing in IE and Safari

  • Web - Vault - Add in root - setting cannot be changed

Version 2020.1.7.0 (March 12, 2020)

  • New Encryption Keys was added. We strongly recommend to export a new Encryption backup file

  • Web: Added a new report: Non default permission entries

  • Web: Added a new Section in entry dashboard : Permissions . Overview of rights for the entry

  • DPS Web - Add option to clear activity logs

  • DPS Web - Import users and roles from LDAP and Azure has now a filter

  • PAM - Cards in dashboard can now be clicked to got to section

  • PAM - Reset Password Schedule now syncs the credentials afterward

  • DPS Console - IIS application pool not properly stopped when upgrading DPS server

  • DPS Web - Cannot see the passwords in a Password List in the Private Vault

  • DPS Web - Credential Repository in Private Vault now show the credentials from the Shared Vault

  • DPS Web - Fix issue with Firefox and Safari browsers doubling all API requests

  • DPS Web - Remove Security Groups notion in all sections when not using Legacy Security

  • DPS Web - You can now set the Token Valid Time up to 7 days (10 080 minutes)

  • PAM - Privileged Account used for Brokering with Launcher cannot automatically check-in on connection closed

Version 2020.1.3.0 (February 24, 2020)

  • New Recording Server module available to centralise the sessions recording

  • You can now manage SQL accounts in the PAM component

  • Drag and drop support for file selection for attachments

  • Licensing - automatically assign to new users

  • Remove Local machine and database authentication type

  • View Password on OTP is now logged

  • Web - System Setting save changes notifications

  • Bug - DPS Console potential crashed after upgrading it to version 2019.2.12

  • Bug - Duo hardware token is not displayed as a 2FA device on the web UI

  • Bug - Duo setup on first login doesn't work from RDM

  • DPS - No 2FA prompt in Edge, Explorer and Safari

  • DPS Web - Can't reset 2FA from Office365 users

  • DPS Web - Permission Tab should not display in Private Vault

  • DPS Web - Remove PAM credentials type from Web browser entries