1st Security Agent 9.4 serial key or number
1st Security Agent 9.4 serial key or number
disjuispec
Password protect and restrict access to control panel applet functions, including display, network, passwords, printers.download the 1st security agent v9 2 torrent or choose other 1st security agent v9 2 torrent downloads.off.microsoft points avs video converter v.330 kentuckykiid anyone,damaged raid.advanced system care pro v3 80.download the advanced systemcare pro v torrent or.wareseeker do not provide cracks, serial numbers etc for 1st security agent.
We take a personal approach to our work.convert 1st security agent v5.2 trail version to full software.kasauti, kkusum, sarthi,.avast internet.portable studioline web 3. Incl studioline photo classic 3 plus 1st security agent v9.2serial kk 1st.to create more accurate search results for 1st security agent v9.2 try to exclude using commonly used keywords such as: crack, download, serial, keygen, torrent.daily new.
Pro 9.4. Any sharing links from rapidshare, yousendit or megaupload are.the access to our data base is fast and free, enjoy.free download 1st security agent .0password protected security.simplifying your.free download 1st security agent .0password protected security utility to secure windows based computers and offers an administrative support f.kasauti, kkusum, sarthi,.avast internet security serial number serial numbers.avg internet security business edition.similar activation keys.at 1st security bank,.
Movies, tv.to improve search results for 1st security agent v9.2 at4re try to exclude using words such as: serial, code, keygen, hacked, patch, warez, etc.we have the largest serial numbers data base.torrentzfast and convenient torrents search engine.1st security agent v9 2. Hash f2dcedba, download for free.find the right homeowners insurance in floridaget an instant quote for protecting your house, condo or.
Rental.photoshop portable studioline web 3. Incl studioline photo classic 3 plus 1st security agent v9.2serial kk 1st.no registration.convert 1st security agent 9.4 serial trail version to full software.we live in the communities we serve, which is why our branches are uniquely tailored to — and.serial key for ixis research ltd 1st security agent v9.8 can be found and viewed here.
With 1st security agent v9.2serial often seekPopular Downloads:Sony vegas pro 8 0a precracked downloadAdobe flash player 11.9.900.117 final 2017Windows 7 32 bit recovery discNetxp boot iso for netbooksMidnight mysteries 3 devil on the mississippiRelease Notes for the Cisco ASA Series, 9.12(x)
Platform Features
ASA for the Firepower 4115, 4125, and 4145
We introduced the Firepower 4115, 4125, and 4145.
Requires FXOS 2.6.1.
No modified commands.
Support for ASA and FTD on separate modules of the same Firepower 9300
You can now deploy ASA and FTD logical devices on the same Firepower 9300.
Requires FXOS 2.6.1.
No modified commands.
Firepower 9300 SM-40 and SM-48 support
We introduced the following two security modules: SM-40 and SM-48.
Requires FXOS 2.6.1.
No modified commands.
Firewall Features
GTPv1 release 10.12 support.
The system now supports GTPv1 release 10.12. Previously, the system supported release 6.1. The new support includes recognition of 25 additional GTPv1 messages and 66 information elements.
In addition, there is a behavior change. Now, any unknown message IDs are allowed. Previously, unknown messages were dropped and logged.
No modified commands.
Cisco Umbrella Enhancements.
You can now identify local domain names that should bypass Cisco Umbrella. DNS requests for these domains go directly to the DNS servers without Umbrella processing. You can also identify which Umbrella servers to use for resolving DNS requests. Finally, you can define the Umbrella inspection policy to fail open, so that DNS requests are not blocked if the Umbrella server is unavailable.
New/Modified commands: local-domain-bypass, resolver, umbrella fail-open.
The object group search threshold is now disabled by default.
If you enabled object group search, the feature was subject to a threshold to help prevent performance degradation. That threshold is now disabled by default. You can enable it by using the object-group-search threshold command.
New/Modified command: object-group-search threshold.
Interim logging for NAT port block allocation.
When you enable port block allocation for NAT, the system generates syslog messages during port block creation and deletion. If you enable interim logging, the system generates message 305017 at the interval you specify. The messages report all active port blocks allocated at that time, including the protocol (ICMP, TCP, UDP) and source and destination interface and IP address, and the port block.
New/Modified command: xlate block-allocationpba-interim-logging.
VPN Features
New condition option for debug aaa.
The condition option was added to the debug aaa command. You can use this option to filter VPN debugging based on group name, user name, or peer IP address.
New/Modified commands: debug aaa condition
Support for RSA SHA-1 in IKEv2
You can now generate a signature using the RSA SHA-1 hashing algorithm for IKEv2.
New/Modified commands: rsa-sig-sha1
View the default SSL configuration for both DES and 3DES encryption licenses as well as available ciphers
You can now view the default SSL configuration with and without the 3DES encryption license. In addition, you can view all the ciphers supported on the device.
New/Modified commands: show ssl information
Add subdomains to webVPN HSTS
Allows domain owners to submit what domains should be included in the HSTS preload list for web browsers.
New/Modified commands: hostname(config-webvpn) includesubdomains
High Availability and Scalability Features
Per-site gratuitous ARP for clustering
The ASA now generates gratuitous ARP (GARP) packets to keep the switching infrastructure up to date: the highest priority member at each site periodically generates GARP traffic for the global MAC/IP addresses. When using per-site MAC and IP addresses, packets sourced from the cluster use a site-specific MAC address and IP address, while packets received by the cluster use a global MAC address and IP address. If traffic is not generated from the global MAC address periodically, you could experience a MAC address timeout on your switches for the global MAC address. After a timeout, traffic destined for the global MAC address will be flooded across the entire switching infrastructure, which can cause performance and security concerns. GARP is enabled by default when you set the site ID for each unit and the site MAC address for each Spanned EtherChannel.
New/Modified commands: site-periodic-garp interval
Multiple context mode HTTPS resource management
You can now set the maximum number of non-ASDM HTTPS sessions in a resource class. By default, the limit is set to 6 per context, the maximum. You can use up to 100 HTTPS sesssions across all contexts.
New/Modified commands: limit-resource http
Routing Features
OSPF Keychain support for authentication
OSPF authenticates the neighbor and route updates using MD5 keys. In ASA, the keys that are used to generate the MD5 digest had no lifetime associated with it. Thus, user intervention was required to change the keys periodically. To overcome this limitation, OSPFv2 supports MD5 authentication with rotating keys.
Based on the accept and send lifetimes of Keys in KeyChain, OSPF authenticates, accepts or rejects keys and forms adjacency.
New/Modified commands: accept-lifetime, area virtual-link authentication, cryptographic-algorithm, key, key chain, key-string, ospf authentication, send-lifetime
Certificate Features
Local CA configurable FQDN for enrollment URL
To make the FQDN of the enrollment URL configurable instead of using the ASA's configured FQDN, a new CLI option is introduced. This new option is added to the smpt mode of crypto ca server.
New/Modified commands: fqdn
Administrative, Monitoring, and Troubleshooting Features
enable password change now required on a login
The default enable password is blank. When you try to access privileged EXEC mode on the ASA, you are now required to change the password to a value of 3 characters or longer. You cannot keep it blank. The no enable password command is no longer supported.
At the CLI, you can access privileged EXEC mode using the enable command, the login command (with a user at privilege level 2+), or an SSH or Telnet session when you enable aaa authorization exec auto-enable. All of these methods require you to set the enable password.
This password change requirement is not enforced for ASDM logins. In ASDM, by default you can log in without a username and with the enable password.
New/Modified commands: enable password
Configurable limitation of admin sessions
You can configure the maximum number of aggregate, per user, and per-protocol administrative sessions. Formerly, you could configure only the aggregate number of sessions. This feature does not affect console sessions. Note that in multiple context mode, you cannot configure the number of HTTPS sessions, where the maximum is fixed at 5 sessions. The quota management-session command is also no longer accepted in the system configuration, and is instead available in the context configuration. The maximum aggregate sessions is now 15; if you configured 0 (unlimited) or 16+, then when you upgrade, the value is changed to 15.
New/Modified commands: quota management-session, show quota management-session
Notifications for administrative privilege level changes
When you authenticate for enable access (aaa authentication enable console) or allow privileged EXEC access directly (aaa authorization exec auto-enable), then the ASA now notifies users if their assigned access level has changed since their last login.
New/Modified commands: show aaa login-history
NTP support on IPv6
You can now specify an IPv6 address for the NTP server.
New/Modified commands: ntp server
SSH stronger security
See the following SSH security improvements:
Diffie-Hellman Group 14 SHA256 key exchange support. This setting is now the default. The former default was Group 1 SHA1.
HMAC-SHA256 integrity cipher support. The default is now the high security set of ciphers (hmac-sha2-256 only). The former default was the medium set.
New/Modified commands: ssh cipher integrity, ssh key-exchange group dh-group14-sha256
Allow non-browser-based HTTPS clients to access the ASA
You can allow non-browser-based HTTPS clients to access HTTPS services on the ASA. By default, ASDM, CSM, and REST API are allowed.
New/Modified commands: http server basic-auth-client
Capture control plane packets only on the cluster control link
You can now capture control plane packets only on the cluster control link (and no data plane packets). This option is useful in the system in multiple context mode where you cannot match traffic using an ACL.
New/Modified commands: capture interface cluster cp-cluster
debug conn command
The debug conn command was added to provide two history mechanisms that record connection processing. The first history list is a per-thread list that records the operations of the thread. The second history list is a list that records the operations into the conn-group. When a connection is enabled, processing events such as a connection lock, unlock, and delete are recorded into the two history lists. When a problem occurs, these two lists can be used to look back at the processing to determine the incorrect logic.
New/Modified commands: debug conn
show tech-support includes additional output
The output of the show tech-support is enhanced to display the output of the following:
show ipv6 interface
show aaa-server
show fragment
New/Modified commands: show tech-support
Password Manager Pro Release (Minor) 11001 (19th September 2020)
Security Fixes & Enhancements
- A Cross-Site Scripting (XSS) issue that occurred in the following places has been fixed: Login screen, AD import page, User group name, Perform password reset page, LDAP and SMART CARD and Configure Remote Password Reset add resource type page, edit account page, configure access control view, Resource types Filter, Change Password Window, Password History, Organization name, Resource Types, Custom Role, Associate resources, Create/Edit schedule view, Copy Resource Attribute, all Discovery Profiles, all Copy Personal Account attributes, Username, Password Policy Name, Copy account name, Trash password, Chat history, SQL connection page, TFA page, and while exporting offline passwords.
- Missing Function Level Access Control (MFLAC) issue in the Import SSH key function and user Delete action has been fixed.
- A SQL injection vulnerability identified in the recorded sessions Dashboard, Reports, and Audit has been fixed.
- Any user having the audit ID of any chat was able to see the chat history. This issue has been fixed.
- Password Manager Pro now comes with a comprehensive Cross-Site Request Forgery (CSRF) protection that restricts attackers from executing any or all of the following operations: Deleting and restoring trashed resource, Deleting and restoring trashed user, Changing the victim's default landing screen, Creating SSH keys, Editing authorize key, and Enabling/Disabling TFA.
Bug Fix
- There was an API related issue which prevented the browser plug-in of the Ticketing system from accepting ticket IDs with white spaces. This issue has been fixed now.
- Renaming of the Comodo products as Sectigo by 'The SSL Store' was causing issues while renewing or reissuing Comodo orders, which has been fixed now.
Password Manager Pro Release (Major) 11000 (11th Aug 2020)
New Features
- Expiry Notifications for SSL Certificates
Now, use Password Manager Pro to discover, import, and configure expiry notifications for SSL certificates hosted in the following Amazon Web Services: AWS Certificate Manager (ACM) and AWS Identity and Access Management (IAM). - Self-signed Certificates Auto Renewal
Password Manager Pro now supports automated renewal of self-signed certificates along with Microsoft CA certificate renewal. - SSL Certificate Deployment and Binding - IIS Server
From now on, you can both deploy a certificate to the IIS server and also bind it to the desired website in the IIS, all from the Password Manager Pro interface itself, without the need to access the IIS server separately. Also, an option has been provided to automatically restart the IIS server for the deployment and binding to take effect, thereby eliminating the need for the manual restart from the IIS end. - Additional Fields
Password Manager Pro now brings you the 'Additional Fields' feature, configured from 'Admin >> SSH/SSL Config', and used to include any additional information about SSH keys and SSL certificates stored in the repository. There are four different categories of Additional Fields: character, numeric, date, and email. Users can choose to add or remove the Additional fields from SSH and SSL views. While creating an Additional field, users can choose whether it is applicable for SSH/SSL/both, and also customize the emails mentioned in it. - Column Chooser
This version of Password Manager Pro comes with the 'Column Chooser' feature that allows users to show or hide columns at runtime, and also rearrange the columns from the current view via drag-and-drop. - Pretty Good Privacy (PGP) Keys
PGP encryption is used to enhance cryptographic privacy and authentication for online communication by encrypting and decrypting texts, emails, files, etc. It uses a combination of data compression, hashing, and public-key cryptography to boost confidentiality. Now, Password Manager Pro brings you this PGP functionality in the form of PGP key generation, where the keys are used to encrypt the data like emails, texts, etc. Create, store and manage PGP keys under 'Admin >> SSH/SSL'. Modify the key description anytime, export private/public keys, export keys to multiple email ids, and generate, view, and schedule reports. You can also send expiry notification emails to admins. This feature allows you to share and collaborate information securely among your trusted groups of users and businesses. - GlobalSign
Password Manager Pro now supports integration with GlobalSign SSL�a trusted Certificate Authority and a leading cloud-based PKI solutions provider. This integration enables users to request, acquire, import, deploy, renew and automate the end-to-end lifecycle management of SSL/TLS certificates issued by GlobalSign, directly from the Password Manager Pro web interface. - Certificate Deployment using Agent
Password Manager Pro can already deploy and bind certificates to IIS servers belonging to the domain, where Password Manager Pro also resides. Now, Password Manager Pro can also deploy certificates to IIS servers in demilitarized zones and also bind them to websites in IIS, all using an agent. This makes Password Manager Pro more scalable, as it can deploy and bind certificates in IIS servers, irrespective of whether they are in the same or different domain. - CSR Signing using Agent
In addition to the already available two sign types, namely, 'MS Certificate Authority' and 'Sign with Root', used to sign certificates from Password Manager Pro, a third sign type 'MS Certificate Authority with Agent' has been introduced. This new sign type is mainly used to sign certificates originating from a distinct domain, i.e., other than the domain to which Password Manager Pro belongs. - Integrating with Ticketing Systems
Password Manager Pro now integrates with enterprise ticketing systems namely ServiceDesk Plus (on-premise) and ServiceNow. This integration ensures that automatic service requests are created in the ticketing environment to notify administrators of SSL certificates that are at the risk of expiring and certificates that are deemed vulnerable after a vulnerability scan in Password Manager Pro. Users can set notification policies to govern the frequency of service request creation for expiring and vulnerable tickets. - New Certificate Format - PEM A new certificate format, Privacy Enhanced Mail (PEM), has been added, in addition to the already available certificate export formats, Keystore and PFX, where the PEM format is used for digital certificates and keys, deployed in web server platforms (e.g., Apache).
- Support for GoDaddy DNS
Password Manager Pro now supports GoDaddy DNS to complete the domain control validation procedure while acquiring certificates from public Certificate Authorities, along with the already available DNS support types, Azure DNS, Cloudflare DNS, Amazon route 53, and RFC2136 Update. Using GoDaddy DNS, users can update the DNS record for GoDaddy domain validation from the Password Manager portal itself.
Enhancements
- Password Manager Pro now provides additional insights on agent activity such as heartbeat interval, latest response time and operation performed.
- For scheduled SSL expiry tasks, users now have the option to choose whether or not, to receive email notifications when no certificates in that particular schedule are nearing expiration.
- Password Manager Pro offers automatic bundling of individual private key (.key) files and certificate files (.cer/.pem) into 'JKS' and 'PKCS' keystore file formats and provides export option for the same.
- Two extra categories have been added to the criteria-based certificate group creation: AWS service and Certificate template.
- Now, it is possible to use the Password Manager Pro service account credentials for authentication while deploying certificates in Windows servers.
- Henceforth, while creating a certificate, users can provide ephemeral access (validity in hours and minutes) to the certificates created, after which the certificate auto-expires. This eliminates the need for compulsory permanent access credentials to access target systems and also explicit access repeal.
- It is now possible to perform SNI-based SSL discovery using the Common Name and IP Address combination.
- The option to filter certificates based on the key length and signature algorithm within specific expiry days has been added to the 'getAllSSLCertificates' Rest API.
- It is now possible to customize notifications and their intervals. Users can now choose not to receive notifications regarding the expired certificates, and send a separate email and customized subject per certificate, from 'Admin >> SSH/SSL >> Notification Settings'. The same actions can be done while creating new schedules under 'SSH/SSL >> Schedules >> Add Schedule', where you have to select the Schedule Type as 'SSL Expiry'.
- Earlier, Password Manager Pro allowed signing and deployment of certificates only from Windows systems. Now, it is possible to perform certificate signing and deployment to Windows systems from Linux installations through agents.
- It is now possible to provide customized subjects in 'Schedules'. Also, users can tailor schedules by adding custom email content and a unique signature.
- In RestAPI, the fetch details format is modified in such a way that the "details" attribute holds all the data. The following is the modified API list; GetCertificateDetails, getallsslcertificates, getAllSSLCertsExpiryDate, sslCertSingleDiscovery, sslCertRangeDiscovery, getallsshkeys, GetSSHKey, GetSSHKeysForUser and GetAllAssociatedUsers.
- This release comes with an exclusive page for 'Windows Agents', accessible from the 'Certifcates' tab, from where users will be able to perform all agent-specific operations such as SSL Discovery using agent, deployment of SSL certificates in certificate groups using agent and CSR Signing with MSCA agent.
- Certificate deployment in multiple servers has now been made simpler by using an agent, provided the agent is running in the server to be deployed, and both the agent name and the server DNS name are the same.
- Now, auto-renewal of certificates is possible for the 'MSCA using agent' sign type as well, from 'Admin >> SSL Certificates >> Certificate Renewal'.
- The 'Certificate Sign Report' comes with the following MSCA/Third party CA signing details; Certificate Authority, Certificate Template, Sign Type column.
- The 'Certificate Renewal report' comes with the 'Renewed By' column relevant to MSCA and 3rdPartyCA renewal details.
- A new option 'Reissue Certificate' has been added under 'Certificates >> GlobalSign' that allows users to request GlobalSign to reissue an SSL certificate.
- The new 'GlobalSign Orders Report' allows the GlobalSign orders to be added as individual reports, which provide a detailed view of certificate orders requested from the GlobalSign CA.
- From now on, users can add a "Key Comment' while importing a new SSH key and editing an existing key from the repository. Also, users can avail the checkbox "Update comment in associated users" to update the Key comment to the associated end servers automatically.
- Now, it is possible to add additional properties to a certificate while creating it, by using the 'Advanced Options' menu. It allows users to choose from a list of Key Usage and Advanced Key Usage properties, and add them to the new certificate. Examples for the Key Usage properties include; Digital Signature, Decipher Only, Encipher Only, and Certificate Sign.
- The DigiCert CA page has been enhanced with a new menu 'Show' that has four options, Expired, Revoked, Rejected, and Others, used to filter the DigiCert CA list view.
- Now, while adding or modifying the Certificate Groups, it is possible to set 'additional fields' also as one of the 'By Criteria' filters for certificates.
- New REST APIs 'GET CSR list' and 'Sign CSR' have been added.
- The 'Expiry Notification' has been enhanced with the custom mail content, 'Title' and 'Signature'.
- The 'Certificate Renewal Report' page under 'Reports >> Certificate Reports' now comes with a column chooser.
- Users can now view all the certificates associated with a particular agent by clicking the 'Host Name' of the agent listed under 'Certificates >> Windows Agents'.
- It is now possible to discover certificates issued by a particular 'Microsoft Certificate Authority' just by entering the MSCA name in the text box provided, during discovery. Remember, this additional option will be available for Password Manager installations in Windows server machines only.
- Now, it is possible to add the Wildcard name in the SAN field while creating a CSR or a self-signed certificate. With the Wildcard certificates, one can secure an unlimited number of subdomains for a registered base-domain.
- Earlier, Certificate Expiry Notification emails sent to the email addresses specified in additional fields followed a fixed format. Now, the customization settings configured for notification emails in 'Notifications' and 'Schedules' will be applied to the emails sent via email addresses in the additional fields as well.
Bug Fixes
- Previously, certificate deployment failed if the field "Store Password" contained a space character while creating certificates from 'Certificates ? Create'. This issue has now been fixed.
- Previously, when there was a "space" character present in a certificate group name, attempting to fetch the SSL certificates report pertaining to that group from the Reports tab threw the following error: "Invalid field format". This has now been fixed.
- Previously, even after the certificate private key was imported and attached to a certificate in the Password Manager Pro's certificate repository, the "Export Keystore/PFX" was still disabled. This has now been fixed.
- During AD User certificate discovery and Root certificate signing performed from the Password Manager Pro interface, the 'Connection Mode' got saved as 'No SSL' only, even if the 'SSL' mode was chosen. This issue has been fixed now.
- Earlier, MSCA signing supported 'java keytool' CSR only. Now, from this release, all CSRs will be supported by MSCA signing.
- During certificate creation, all values entered in the SAN field were all together categorized as 'DNS' only. Now, the values are segregated as 'DNS' and 'IP Address' categories.
- Earlier, during Digicert integration, import of code signing and client/personal certificates got failed. This issue has been fixed now.
Security Fix
- Earlier, for SSH and SSL related API calls, the Authentication token was passed as a request parameter. From 11000, all SSH and SSL related API calls require the Authentication token to be passed in the request header only.
Password Manager Pro Release (Minor) 10501 (19th June 2020)
Enhancement
We have upgraded the PostgreSQL server to version 9.5.21.
Bug Fixes
- In the MSP edition, the MSP icon at the top of the console displayed only 25 organizations under it instead of showing all available organizations. This issue has been fixed.
- Password users were unable to click the Resource Group name under the Connections tab. This issue has been fixed now.
Password Manager Pro Release (Major) 10500 (3rd June 2020)
Enhancement
Previously, it was possible to configure access control settings at the resource level only, and the same settings were applicable for all the accounts under the resource. Now, it is possible to set password access control independently for each account under a resource, without affecting the access control configurations of other accounts in the resource. This ability to set unique configurations for each account helps users maintain unparalleled security levels for each account, based on requirements. Remember, the account-level access control configuration takes higher precedence over the resource-level access control configuration.
Security Fix
- A Cross-Site Scripting (XSS) issue that occurred due to the absence of output encoding in the Resource name while masking password, theme type, skin color, Category name of the Personal tab, web app connections, and user sessions of the Audit tab, has been fixed.
- A local File Intrusion issue that occured during the MS store discovery has been fixed.
Password Manager Pro Release (Hotfix) 10406 (15th May 2020)
Security Fix
From the build 10103, an unauthenticated servlet vulnerability found in our internal framework that posed the risk of less-impactful entries getting inserted in the integration system configurations table, remotely, has been fixed.
Password Manager Pro Release (Hotfix) 10405 (29th April 2020)
Security Fixes
- A SQL injection vulnerability identified in "Audit Reports" has been fixed.
- A Cross-Site Scripting (XSS) issue that occurred due to the absence of output encoding in the user input has been fixed.
- Earlier, the Keystore password of the certificate uploaded into the server was appended in the URL, which posed a security risk. From now on, the Keystore password will be sent as the 'RequestBody' to maintain optimal security.
Bug Fix
From the build 10300, when a set of resources is shared with a user(s) with varying access permissions, and when different access permission is granted for one of those resources, the access permission of all the other resources also got changed. This issue has been fixed now.
Password Manager Pro Release 10.4 (10404) (13th April 2020)
Security Enhancement
The internal security framework has been upgraded to improvise the max-occurrence validation of parameters.
Bug Fixes
- From the build 10403, in certain customer environments, resolving the hostname from the request took more time than expected, which caused slowness in the Password Manager web console. This issue has been fixed now.
- From the build 10400, Super Admins could not bulk transfer the ownership of resources and encountered an error "owner alone can transfer the resources". This issue has been fixed.
- In the build 10400, during the remote password reset, an exception was thrown while discovering MS SQL accounts by supplying domain accounts. This issue has been fixed now.
Password Manager Pro Release 10.4 (10403) (2nd March 2020)
Security Enhancement
- The PMP agent had an unquoted service path with spaces as follows: PMP_Agent : c:\Program Files\PMPAgent\PMPAgent.exe, which could pave way for an attacker to gain elevated privileges by inserting an executable file in the path. This issue has been fixed.
- Due to an inadequate CSRF protection to the URL, there was a risk of attackers changing user roles in Password Manager Pro. This issue, reported by Luka Sikic of INFIGO (CVE-2020-9346), has been fixed.
Bug Fixes
- In general, during AD sync, access to Password Manager Pro will be locked only for those AD users, who were removed from user groups or OUs. But, from build 9700, during the AD sync, all AD user accounts in the user group/OU were locked in Password Manager Pro. To handle this, we have provided a new option under 'Admin >> General Settings >> User Management', by enabling which it is possible to lock the deleted user accounts alone during the AD Sync.
- During RDP sessions, it was not possible to copy texts using the keyboard shortcut 'Ctrl+C'. This was due to a breakage in the content security policy header enabled in build 10401. This issue has been fixed.
- From build 9700, while updating LDAP details, LDAP users alone got removed from the user group. This issue is fixed now.
- After password retrieval/ access, particularly in large numbers, the 'Password Activity' module in the dashboard kept continuously loading, which resulted in CPU spike and system lag. This issue has been fixed.
- From build 10001, while choosing the domain account, the Search bar corresponding to the Account Name did not function properly. This issue has been fixed.
- Earlier, when a huge number of resources were loaded into Password Manager Pro, the Mail server settings and Two-Factor Authentication settings wizards did not load properly. This issue has been fixed now.
Password Manager Pro Release (Hotfix) 10.4 (10402) (7th January 2020)
Security Enhancement
Earlier, PostgreSQL data directories in Windows installations were entirely accessible to all locally authenticated users. Now, as a security practice, we have exerted the following measures, applicable for installations under the 'Program Files' directory:
- No inherited permissions are allowed for data and configurations directories.
- "Authenticated Users" permission has been excluded entirely.
- Only the CREATOR OWNER, SYSTEM, Installation User, NT AUTHORITY\Network Service and Administrators groups will have the Full Control over the directories and also can start PostgreSQL.
Kindly see our best practices guide for more information.
Bug Fix
In certain scenarios, an exception was thrown during the backup process and the file 'pg_hba.conf' became empty. This caused trouble in viewing the Password Manager Pro web console. This issue has been fixed now.
Password Manager Pro Release 10.4 (10401) (5th December 2019)
Enhancements
- Remote File Transfer - Linux
Earlier, it was possible to transfer files from remote Windows machines only during Remote Desktop Protocol (RDP) sessions launched via the Password Manager Pro interface. Now, from the build 10401, you will be able to transfer files to remote Linux machines as well, using Secure Copy Protocol (SCP) by launching SSH sessions directly from the console. However, unlike Windows, the remote file transfer is one way in Linux, i.e., to the target machine only. - APIs Added
Two new APIs for "Sharing a resource to a user" and "Sharing a account to a user" have been introduced in this release.
Bug Fixes
- While adding a resource manually, when more than 100 characters were entered in the 'Location' field, which can originally hold up to 250 characters, the 'Edit Resource' page failed to show up. This issue has been fixed now.
- The 'Account Addition API' did not work for MySQL, MS SQL and Postgre SQL database resources alone. This issue has been fixed now.
- From Password Manager Pro build 9100, password reset did not work for the AWS IAM account alone. This issue has been fixed now.
Password Manager Pro Release 10.4 (10400) (18th October 2019)
New Features
- Integration with DigiCert SSL
Password Manager Pro integrates with DigiCert a leading TLS/SSL, IoT and various other PKI solutions provider. Users can request, acquire, create, deploy, renew and automate the end-to-end management of SSL/TLS certificates issued by DigiCert, all directly from the Password Manager Pro portal. - CSR Templates
It is now possible to create and use predefined templates for CSR (Certificate Signing Request) generation. - Option to Exclude Certificates
Users can now choose to ignore certain certificates during the SSL discovery or manual addition of certificates into the Password Manager Pro repository. A new option is added under 'Admin >> SSH/SSL >> Exclude Certificate', which you can utilize to add the certificates to be excluded, by specifying their Common Name and Serial Number. - Support for RFC2136 DNS Updates
Password Manager Pro now supports RFC2136 DNS updates to complete domain control validation while acquiring certificates from public certificate authorities (CAs). Option to modify the email id of the Let's Encrypt account, used by Let's Encrypt to send email alerts of expiring certificates.
Enhancements
- Earlier, it was possible to associate a SSH key with a user account only when the target system was reachable from the Password Manager Pro server. This was troublesome when the target system was inaccessible. Now, from the Password Manager Pro build 10400, an option is provided for Linux resource types that users can opt to force map SSH keys to user accounts, even if the target systems are not reachable.
- Users can now use Password Manager Pro to sign CSRs (either using your internal Microsoft CA or a root certificate) as and when they are generated.
- Password Manager Pro now supports file-based discovery for scheduled SSH and SSL discovery tasks.
- A new dashboard widget to provide data about SSL configuration vulnerabilities has been added.
- Support is enabled for the discovery of SSH keys with ECDSA and ED25519 signature algorithms.
- A new REST API to view the private key passphrase of SSL certificates has been added.
Bug Fixes
- During OpenLDAP and Novell Directory import, new users' domain names were not updated properly, which caused login exception. This has been fixed now.
- AzureAD did not work when the proxy server was configured in Password Manager Pro. This has been fixed now.
Password Manager Pro Release 10.3 (10302) (23rd September 2019)
Enhancement
Redesigned Password Manager Pro Agent
The Password Manager Pro (PMP) agent is used to connect with and manage remote resources that are not attached to the PMP server. Earlier, the agent was downloaded from the PMP console and straight away deployed in target systems. Now, from build 10302, each time while installing the agent on a remote server, you will have to provide a unique 'Agent Key', generated and copied from the PMP console while downloading the agent. The keys are for single use only and will be automatically revoked after that. If you wish to install a key in multiple servers, you can keep the key active for the number of hours specified.
Password Manager Pro Release 10.3 (10301) (09th September 2019)
New Features
Integration with ManageEngine Analytics Plus
ManageEngine Password Manager Pro integrates with ManageEngine Analytics Plus, an on-premises reporting and business intelligence service. The PMP-Analytics Plus integration brings about out-of-the-box analytics on resources, user accounts and audits. Analytics Plus sources data from PMP via its API using user login credentials. The reports are generated automatically with up-to-date data, and you can gain a complete overview of the reports from the PMP-specific dashboard of Analytics Plus. You can also set timeline filters.
Password Manager Pro Release 10.3 (10300) (22nd August 2019)
New Features
Password Manager Pro Plugins for Chef and Puppet
Introducing new plugins for Chef and Puppet CI/CD platform, in addition to Jenkins and Ansible. Both Chef and Puppet use the Master-Slave architecture, where communication happens via an SSL-based secure encrypted channel. Dedicated external app plugins are provided for both the plugins, so that the code pulls the passwords directly from Password Manager Pro during run time, instead of storing them as plain texts within script files. This combats security threats to resources, enhances the security of passwords and eliminates the need for users to modify the code when passwords are changed. The plugins thereby improve the overall security in organizations' DevOps pipeline and also impose consistent rotation and automatic update of the new passwords in the respective remote devices.
Enhancements
- Bulk Resource/Account/Resource Group Sharing
Previously, it was possible to share only a single resource, or an account, or a resource group, with user(s) or user group(s). Now, users with proper permission can share resources, accounts and resource groups, in bulk, with user(s) or user group(s). - Access Control Enhancements
- Earlier, it was possible to set only two admins as approvers for password request under Resource Actions >> Configure Access Control >> Miscellaneous Settings. From now on, Admins can set 'n' number of admins (5 by default and 10 as maximum) as approvers for password request. The default approver count can be altered under General Settings.
- Admins can now configure auto-approval for different days with different time configurations (Maximum of 3 different time configurations per day), under Resource Actions >> Configure Access Control >> Auto Approval. It is possible to configure the same time for every day and also different time configurations for different days.
- New API Added
A new API to generate passwords using existing policies in Password Manager Pro is added.
Password Manager Pro Release 10.2 (10200) (29th July 2019)
New Features
SSL Discovery
- Agent-based Discovery
Password Manager Pro now supports agent-based SSL discovery that allows administrators to discover and import certificates present across a network by installing one or more instances of agent software on target systems. The agent, which is available as a compressed package with all the necessary configurations in password Manager Pro interface, once installed in the required end servers, performs certificate discovery and updates the certificate database. - Load Balancer Certificate Discovery
Password Manager Pro now allows administrator users to discover and consolidate SSL certificates deployed to Linux based load balancers such as Nginx and F5 through a process tunnelled via SSH. - Option to Login to Certificate Store and Microsoft CA using Service Accounts
A dedicated option is provided for the Administrators to make use of the Password Manager Pro service account credentials to log in to target systems, while performing Certificate Store and Microsoft CA discovery, without having to manually enter them.
- Agent-based Discovery
SSH and SSL Discovery
- Subnet Discovery
Password Manager Pro now provides subnet discovery option for SSL certificates, allowing administrators to discover the certificates from specific subnetworks within an IP range. - Option to Exclude IP addresses
Users can now choose to exclude specific IP addresses when performing bulk discovery from an IP address range.
- Subnet Discovery
- Key-based Authentication for Certificate Deployment
Password Manager Pro now provides an additional key-based authentication functionality (apart from the conventional password authentication), which users can leverage to deploy certificates to password-less Linux end servers. - Support for Amazon Route 53 DNS
In addition to Azure and Cloudflare DNS, Password Manager Pro now supports Amazon Route 53 DNS to complete the domain control validation process when acquiring certificates from public CAs. - New SSH Key Types Added
From now on, two additional SSH key types - ECDSA and ED25519 will be available for selection while creating new SSH keys, out of which, rotation is possible for the key type ED25519. - Option to Use Existing Password Manager Pro Account during Certificate Deployment
While deploying certificates to target web servers, a dedicated option is provided for the users to use an existing Password Manager Pro account, instead of entering the credentials. - New Rest APIs Added
Two new REST APIs are newly added; REST API to add certificates to Password Manager Pro certificate repository and REST API to delete ssh keys.
Bug Fixes
- Earlier, when a certificate was deployed to two servers, and if one of the deployed servers was deleted, the "Multiple Servers" icon was still shown. This has now been fixed.
- Formerly, when multiple certificates were discovered from a single resource, and when the DNS name of one of the certificates was changed, the DNS names of all the other certificates also got changed. This has now been fixed.
- Earlier, when the scheduled discovery operations for SSH and SSL failed, there were a few instances, where the audit records were not updated properly. This has now been fixed.
- Previously, during the following processes Microsoft Certificate Store discovery, server certificate upload, and Radius server configuration (server secret field), if a password, containing special characters, was entered, a "harmful content" error was thrown. This has been fixed.
- Earlier, certificates without an original common name (with the SAN name as the common name, by default) failed to update, after running a scheduled discovery. This issue has now been fixed.
- Previously, the 'Days' filter in the SSL Expiry Report failed to render correct results. This has now been fixed.
Password Manager Pro Release 10.1 (10104) (15th July 2019)
Bug Fix
When PMP configured with MS SQL database was upgraded to the latest version 10103, and an attempt was made using ConfigureReplication.bat/.sh to reconfigure High Availability, replication failed to initialize between the primary and secondary databases, due to failure in publisher creation in the primary server.
Password Manager Pro Release 10.1 (10103) (26th June 2019)
New Features
- Integration with ManageEngine ADSelfService Plus (ADSSP)
Earlier, when the ADSSP's privileged domain account password was reset in PMP, the new password had to be manually updated in ADSSP. If not, ADSSP still retains the old password, thereby restricting the AD users from performing tasks such as password reset, account unlock, etc. With PMP-ADSSP integration, the privileged domain account details of ADSSP will be mapped with the domain account details in PMP. So, whenever the password reset of ADSSP's privileged domain account is performed in PMP, the new password will be automatically updated in ADSSP as well. - Integration with ManageEngine ServiceDesk Plus (SDP)
Technicians using SDP often need to access target machines (or resources) manually to resolve issues, which involves security-related challenges, such as sharing sensitive passwords for authentication, etc., especially while using the privileged accounts. They also had the pain of jumping between machines to perform different tasks. With this integration, accessing the remote systems from the ServiceDesk Plus portal is just a click away for the Technicians. Administrators can now provide the advantage of secure remote access to the target machines (or resources) only to the authorized Technicians, without sharing the credentials. The Technicians can remotely access the target endpoints (or resources) from the ServiceDesk Plus portal without having to log in to PMP each time to fetch the credentials.
Enhancement
- Option to add the recorded RDP session link to the "Change" description in ServiceDesk Plus
From now on, while integrating Password Manager Pro with the ServiceDesk Plus ticketing system, in addition to the option "Use ChangeID for Validation", a new option to allow PMP to add the link to the recorded RDP session to the "Change" Description of ServiceDesk Plus will be available.
Bug Fixes
- In PMP build 10102, the Periodic Password Export could not be scheduled, when either of the options 'Once', or, 'Day(s)' or 'Monthly' was chosen. This issue is fixed now.
- In PMP build 10101, when a custom resource type was created (under Admin >> Resources >> Resource Types >> Add) using the "Existing Resource Type" category and applied to the resources, the password reset failed for the Domain accounts in the resource. This issue is fixed now.
- While handling a security fix in build 10102, the URL of PMP Agent was mistakenly blocked along with a few other URLs. This interrupted the communication between the Agent and the PMP server, which in turn suspended the Agent-related activities in PMP. This issue is fixed now.
- Password Manager Pro provides the option to configure remote password reset through a landing server for Cisco devices such as Cisco Catalyst, Cisco IOS, and Cisco CAT OS. From PMP build 10001 onwards, when an existing landing server was selected to perform the remote password reset for a resource, the settings though appeared to be saved did not get saved actually. This issue is fixed.
- In addition to using account credentials to launch a remote SSH connection, Password Manager Pro also allows the remote connections to be tunnelled through private keys. From PMP build 10001 onwards, when the private key option is enabled or disabled for a Linux-based resource type (Linux, Cisco IOS, Cisco CatOS, Cisco PIX, Juniper NetScreen OS, HP Procurve and VMware ESXi), the auto-logon helper option for that resource got disabled, thereby entirely removing the option to launch a remote connection. This issue is fixed.
Password Manager Pro Release 10.1 (10102) (4th June 2019)
Enhancements
- Support for ECDSA key in the new OpenSSH private key file format
In Password Manager Pro, SSH connections can be initiated using both passwords and keys. And the product already supports key-based authentication using RSA and DSA keys. Now that OpenSSH has introduced the new ECDSA key format, Password Manager Pro will also support the ECDSA key format for SSH connections with this upgrade. - Support for the latest versions of Sybase ASE for Remote Password Reset
Earlier, we had support only for the older version of Sybase ASE database, version 12.5, to carry out the Remote Password Reset. Now, we have enhanced our support to the newer versions of Sybase ASE database, from version 15 & above.
Security Fixes
- Earlier, the common unique Authentication token (generated during installation) was used for all the mobile and extension logins. Hereafter, each login to the mobile and extension will have a unique Authentication token.
- Earlier, during API calls, the Authentication token was passed as a request parameter. Hereafter, each API call made to the application requires the Authentication token to be passed in the request header.
Bug Fix
- PMP - MSP Edition is designed to create a Resource group named "Default Group" when an MSP Admin is assigned to manage any client ORG. In our earlier versions, if an MSP Admin is removed from managing a client ORG and then re-added, another "Default Group" was created under their ownership, causing duplication. This issue has now been addressed. When an MSP admin is removed and readded to manage a Client ORG, PMP will match the existing "Default Group" of this admin and continue to retain the same without creating a duplicate group.
Password Manager Pro Release 10.1 (10101) (10th May 2019)
Security Fix
It's been long since we started using "C:/ManageEngine" as the default installation directory. But, this gave rise to the vulnerability that any locally authenticated user was able to view/add/delete/modify files under "C:/ManageEngine". Hence, as a security practice, we have switched to "C:\Program Files\ManageEngine\PMP" as the default installation directory. We recommend all our customers to have their installations under "C:\Program Files\ManageEngine\PMP" only. Instead, if you wish to install Password Manager Pro under any other folder, please go through our best practices guide for the necessary precautions to be taken.
Password Manager Pro Release 10.1 (10100) (6th May 2019)
New Feature
- Integration with public Certificate Authorities (CAs)
Password Manager Pro facilitates end-to-end life cycle management of certificates obtained from trusted certificate authorities (CAs), enabling users to request, consolidate, deploy, renew and track certificates issued by multiple commercial CAs, all from a single interface. This functionality, powered through a seamless API integration with The SSL Store one of the largest platinum partners of world's leading CAs, provides the users with the option to acquire the certificates from the following third-party CAs and manage them directly from Password Manager Pro's web interface: Sectigo (formerly Comodo), Symantec, Thawte, Geotrust, and RapidSSL.
Enhancement
- Unlike the earlier versions of Password Manager Pro, the "Search" field under the "Users" tab has now been enhanced to search for usernames using both the First and the Last Names.
Bug Fixes
- Earlier, when accounts were added through API, the "Password" field did not support the special characters; < > [ ]. Henceforth, the users will be able to create passwords using the above mentioned special characters, while adding accounts through API.
- Previously, the DNS-based domain control validation procedure was unsuccessful for Let's Encrypt sub-domain certificate requests. This issue is fixed now.
- Earlier, CSR/Certificate creation was failing, if comma separated values were provided for the Organization or the Organization Unit. This issue is fixed now.
Password Manager Pro Release 10.0 (10001) (11th April 2019)
Enhancements
- High Availability Monitoring for PostgreSQL Database Server
Password Manager Pro now comes with more advanced HA management and monitoring capabilities for PostgreSQL database server with various notification options under "Admin >> High Availability". The all-in-one, dashboard-style GUI enables monitoring the availability of your Primary and Seconday servers and the associated databases. You can switch the view from the Primary to Secondary server, and vice-versa, anytime, which allows an effective tracking of your servers and their performance. You will be able to view the following in the HA GUI; the HA summary, the status of the servers and the associated databases, the replication pending count, and the connection lost and connection resumed times. You can also modify the Secondary server details. - Support for SAML-based SSO Configuration for Azure AD Users with Multi-Factor Authentication (MFA)
In earlier versions, though it was possible to use SAML-based Single-Sign-On (SSO) from the Microsoft Azure portal for Azure AD users, the authentication did not happen when Multi-Factor Authentication (MFA) was enabled in Azure AD. Now, it is possible to use the SAML-based authentication with Azure AD as the Identity provider coupled with Azure MFA.
Bug Fixes
- Password Manager Pro supports Active Directory-based Single-Sign-On that works via NTLMv2. While this was working fine in older versions, the NLTMv2 authentication against the Computer Object was failing in version 10.0. This issue is now addressed and the AD SSO feature works fine now.
- In Password Manager Pro version 10.0, the "Advanced Search" field did not return the intended results for the keyword entered using the AND/OR-based search criteria. This issue is fixed and the "Advanced Search" is fully functional now.
- From Password Manager Pro version 9.7, when a user was deleted from AD / LDAP / Azure, instead of a single notification email, there was a continuous triggering of emails from Password Manager Pro, during every sync. This issue is fixed.
- From Password Manager Pro version 9.8, in specific cases, while viewing the resources under a Dynamic Group, other resources out of the group (belonging to the logged-in user) were also displayed along with the resources belonging to the selected group. This issue is fixed.
- From Password Manager Pro version 9.9, when the local authentication for AD users was disabled (under "Admin >> Settings >> General Settings >> User Management"), the local authentication got disabled for "all users". This restricted the users from accessing Password Manager Pro using their local admin credentials and an 'Incorrect Username/Password' error was thrown. This issue is fixed.
- In Password Manager Pro version 10.0, the "Download" button did not work while transferring a file from a remote machine to a local machine via RDP connection. This issue is fixed.
Password Manager Pro Release 10.0 (10000) (26th March 2019)
New Features
- Linux Resource Discovery using SSH
Earlier, Password Manager Pro supported Telnet-based discovery alone for Linux endpoints. Now it supports SSH protocol as well for resource discovery. By providing SSH login credentials, the Admins will be able to discover the Linux endpoints using an IP Address / IP Range.
Note: Telnet-based discovery will eventually be deprecated as it is not a secured protocol. - "Let's Encrypt" Wildcard SSL Certificate Management Support
Password Manager Pro already supports SSL certificates signing by "Let's Encrypt" Certificate Authority. Recently, they have upgraded their protocols to enable support for wild card certificate signing as well. Hence, from now on, the PMP users will be able to get their wildcard SSL certificates signed by "Let's Encrypt" CA and manage the same. - SSL Certificate Discovery from SMTP servers
Password Manager Pro already allows discovery of SSL certificates from Certificate Stores, Microsoft CA and Active Directory. In addition to this, the SSL certificates can now be discovered from SMTP servers as well. - SSL Certificate Discovery as a Scheduled Operation
Earlier, importing of SSL certificates from the Microsoft Certificate Store was an on-demand operation. Now, it is possible for Admins to create scheduled tasks (under Admin >> SSH/SSL >> Schedule >> Add Schedule) to automatically discover and import the certificates from Microsoft Certificate Store and certificates issued by Microsoft Certificate Authority. - Import Certificate Signing Requests (CSRs)
Though it was earlier possible to import a key or a certificate inside Password Manager Pro, the Certificate Signing Requests (CSRs) had to be generated inside the application only. Now, PMP allows importing (under "Certificates >> Create CSR >> Import") and managing of CSR files, generated externally, by forwarding them to trusted certificate authorities and tracking their status.
Enhancements
- Crumbling of SSH Session Recordings
Formerly, the SSH session recordings were stored as encoded, individual files. This might cause performance issues when the SSH session time is stretched, as the file gets constantly updated in real-time. From now on, the recordings out of extended SSH sessions will be stored as multiple files and rolled over. This should provide a smooth SSH session experience and also a zero buffer time during the session playback. - Remote Password Reset for Weblogic Server
Apart from the endpoints listed here, Password Manager Pro can now reset, verify and manage the passwords of Weblogic application servers as well. It is possible to manage the passwords of all the Weblogic server versions, as the password reset is performed with the help of JMX service. - RDP Gateway Enhancements
Password Manager Pro employs "SparkGateway" from Remote Spark for establishing RDP Gateway sessions. The bundled version of SparkGateway, updated in this version, comes with enhanced file transfer functionalities. This allows users to leverage file transfer improvements while opening RDP connections using PMP. - Option to Retain SSH Keys in Target End-points while Deleting the same from Password Manager Pro vault
Heretofore, when an SSH key was deleted from the Password Manager Pro vault, the same was removed from the associated Unix/Linux endpoints as well. From this version, Admins have the option (in the SSH key delete confirmation window) to choose whether to remove a key from the endpoint, while deleting it from inside the vault.
Bug Fixes
- While using Internet Explorer, the RDP sessions had intermittent freezing issues and lag, especially when the sessions were idle for 10-15 mins.
- Due to an encoding issue, the SSH sessions did not work, when the users whose AD username begins with the character 'u' logged into the Password Manager Pro.
- When the option "Generate unique password for every account(Recommended)" was selected under "Groups >> Actions >> Periodic Password Reset", new passwords generated were based on the resource group password policy, instead of account password policy. This has been fixed now.
- From version 9000, the "User Authentication Failed" report under "Dashboard >> User Dashboard >> User Activity" displayed 'No audits found' message due to a filter issue. This has been fixed now to show the valid data.
- Earlier, a new web app connection always replaces an existing connection (when launched through the "Connections" tab). This is fixed now, and each connection launches in new tabs.
- Password Manager Pro uses SCP protocol for deploying SSH keys in target end-points. Previously, only the "To" file information was sent along the SCP request which worked fine. But in the recent SCP versions, the "From" file information has also been made mandatory. So now, Password Manager Pro sends both "To" and "From" information of the SSH key files, thus ensuring proper completion of file deployment.
- In earlier versions of Password Manager Pro, while deploying SSL certificates in Microsoft Internet Information Services (IIS) server, the private keys exported along with the certificates were corrupted. This is fixed now.
- Previously, while signing a certificate using custom Root CA, a security error was thrown when the "SAN" field was blank. This is now fixed, and the certificates can be signed, even when the SAN field is left empty.
Security Fix
We have renovated the security framework of Password Manager Pro. The following are some of the major changes and enhancements:
- In earlier versions, Password Manager Pro primarily relied on "Blacklisting" for securing the product URLs from Injection and other script attacks. With this release, the security framework has been updated to use "Whitelisting" of the necessary URLs, which maximizes product security.
- The validation of JSON array parameters has been intensified for optimal security.
- A few checks with respect to file uploads (e.g., limit and size) are included to keep load attacks at bay.
Password Manager Pro Release 9.9 (9901) (13th February 2019)
Bug Fixes
- In v9900, PDF generation did not work for reports that contained graphs based on resource details. This has been fixed.
- From v9700 till v9900, application login did not work for users if their username or password contained non-ASCII characters. This encoding issue has been fixed.
Password Manager Pro Release 9.9 (9900) (23rd January 2019)
This release introduces DevOps support in Password Manager Pro with new plugins for Jenkins and Ansible pipelines. Additionally, provisions to perform password resets for SSH-based resources through custom command inputs have also been added amid other new features and enhancements.
New Features & Enhancements
- Plugins for DevOps Containers - Jenkins and Ansible
The Password Manager Pro plugins developed for credential management in Jenkins and Ansible help improve security in organizations' DevOps pipeline. The plugins ensure that required credentials are retrieved securely from Password Manager Pro's vault every time when an automation schedule is run through the tools, instead of being embedded in plain text within script files. Moreover, with the credentials stored in Password Manager Pro, you can also enforce regular rotation and automatic update of the new password in the respective remote device. - Build Password Reset Workflows with SSH Commands
Now extend Password Manager Pro's reset provisions to support remote password changes for SSH-based resources in your environment without the need for a CLI terminal. Quickly build command workflows using built-in or customized SSH sets and map them to respective SSH device accounts to execute password resets in a simple and effective manner. This new addition to Password Manager Pro's reset capabilities enables you to enforce automatic password updates for resource types that are not supported out-of-the-box by the application. - Two-factor Authentication Support
From v9900 onwards, Password Manager Pro readily integrates with the following services to provide two-factor authentication support for application login.- Microsoft Authenticator
- Okta Verify
- RESTful API Updates
- New API to get audit details.
- Resource and account creation APIs enhanced to include password policy association.
- Resource and account edit APIs enhanced to include password policy association.
Bug Fixes
- From v9200 till v9803, passwords checked out under a time-sensitive access request did not get checked back in automatically upon access expiration if a Password Manager Pro server restart took place in between. This has been fixed.
- From v9802 till v9803, users could not raise password access requests when they and the environment in which Password Manager Pro server was installed were in different time zones. This has been fixed.
- [MSP Edition] From v9802 till v9803, while configuring access control for a resource in a particular client organization, the user groups list in the configuration window also displayed the user groups that belonged to other client organizations. This has been fixed.
Password Manager Pro Release 9.8 (9803) (14th December 2018)
Bug Fixes
- Earlier, while configuring remote password reset and auto logon actions for Windows, Windows Domain, and Linux resources, administrators could view the accounts of resources that they had no access to. However, only the account names were visible in this case and there was no password exposure involved. This was applicable for bulk configurations as well. This has been fixed.
- From v9700, the PDF file for user activity, user access and password inventory reports that were scheduled had file corruption error when delivered as an email attachment. This has been fixed.
- From v9700, during service startup, a server-side action resulted in Password Manage Pro's system properties getting printed in the log files. The keystore password of the certificate that was used for HTTPS connections from the web server was also printed in plain text in the captured logs. This has been fixed.
Security Fix
- From v9700, for customers who had enabled the SSL certificate management add-on and invoked the certificate discovery from the GUI, it resulted in the credentials used for discovery getting printed in the logs. This has been fixed.
Note:
The potential for exposure was limited only to customers matching specific conditions and a detailed advisory was sent to customers to check for those conditions and in the unlikely case of the exposure happening, the advisory included instructions to sanitise the exposure and fix the conditions.
Password Manager Pro Release 9.8 (9802) (4th December 2018)
This release strengthens SSL certificate management in Password Manager Pro by introducing GoDaddy integration and certificate sharing. Other enhancements include support for Traditional Chinese in multi-language editions as well as the provision to auto logon to Cisco resources using Windows domain accounts.
New Features & Enhancements
- GoDaddy integration for SSL certificate lifecycle management: Password Manager Pro now supports management of SSL certificates issued by GoDaddy certificate authority. This enhancement, powered through a seamless integration with GoDaddy's API, allows administrators request, consolidate, deploy, renew, revoke and manage life cycles of certificates issued by GoDaddy certificate authority from a single interface.
- SSL certificate sharing among users: Password Manager Pro now allows sharing of SSL certificates or certificate groups with users and user groups. This will enable administrators to share required SSL certificates with technicians and allow them to track the validity and expiration dates for their server certificates. The feature further allows the technicians to also raise a request with the administrator to provision access to the private key of the shared certificate whenever required.
- Localization Support for Traditional Chinese: Introducing localization support for Traditional Chinese in Password Manager Pro's multi-language editions, besides Chinese, Japanese, Spanish, German, French, Turkish, and Polish languages.
- RESTful API:
- New REST API to add dynamic resource groups.
- REST API to create resources enhanced with the option to enable key-based authentication for Linux resources.
- From v9802 onwards, Password Manager Pro's auto logon feature will list the Windows domain accounts that the user has access to, besides the local user accounts in Cisco resources. If the Cisco resource is already set up to accept Windows domain account credentials for authentication, users can launch SSH sessions to that resource using the domain accounts as well.
- From v9802 onwards, XLS exports of password inventory reports (both canned and custom) will include a new column that displays resource owner information.
- A new option has been added under Admin >> General Settings >> User Management to restrict users from adding privileged accounts to Password Manager Pro via browser extensions.
- Earlier, when two-factor authentication (TFA) was enabled, the login screen of Password Manager Pro's mobile applications and browser extensions asked for the username first and the primary password and TFA credential were then requested together in a fresh second screen. Henceforth, the user has to input the username and password (first-factor) in the login screen and then the TFA credentials in a new screen upon successful primary authentication.
Bug fixes
- From v8604, when an administrator edited resources in bulk from the Resources or Groups tab and saved the changes, the action also reset the password reset configurations to default for the selected resources. This has been fixed.
- From v9702, while copy-pasting values stored as custom text fields (non-password) in the Personal tab, special characters were converted to their hexadecimal values during the action due to decoding issues. This has been fixed.
- From v9600, API user accounts with 'Full Access' permission over a resource were unable to add a new account under that resource using 'Create Resource' REST API. This has been fixed.
- [IE browser only] From v9400, users were unable to view an account's password in clear text from that account's 'Passcard' link as well as in the 'Account Details' window. This has been fixed.
- Earlier, the symbol 'exclamation mark' ( ! ) was not included in the set of special characters available for password policies. Due to this, associating resources/accounts with a password policy that enforced the usage of only the symbol 'exclamation mark' ( ! ) under special characters resulted in passwords being set as 'unknown' during auto-generation. This has been fixed.
- Earlier, if the Password Manager Pro administrator had disabled the local authentication option for all users, users could still bypass the restriction provided that they used a valid local account username and password. This has been fixed.
Password Manager Pro Release 9.8 (9801) (2nd November 2018)
Bug fixes
- From build 9700, Password Manager Pro moved to Apache Tomcat v8.5.27 which required the URLs to be encoded in all the incoming requests, but, the Password Manager Pro agent kept sending plain URLs. When the URLs had special characters such as backslash ('\'), the requests kept dropping continually, causing the agent to repeat the process again and again. The same process occurred for thousands of agents and ended up in a DOS attack on the Password Manager Pro server, thereby resulting in a busy CPU. This issue is now fixed by encoding the URLs used by the agent in all its requests. Hence, it is mandatory to re-deploy the agents while upgrading to any build after 9800.
- From v9700, when the Password Manager Pro server starts and is not able to access the encryption key, it resulted in the passwords of the built-in 'admin' and 'guest' accounts being reset to their default values. This condition existed only for installations running with PostgreSQL as the back-end database and is now fixed. It is always recommended to remove both these built-in accounts in production installations of Password Manager Pro.
Password Manager Pro Release 9.8 (9800) (10th September 2018)
This release brings forth integration support for HSM data encryption and YubiKey two-factor authentication as well as the provision to extend remote password capabilities beyond supported platforms via custom plugins.
New Features & Enhancements
Data encryption and protection with SafeNet HSM
Password Manager Pro (PMP) now provides out-of-the-box support for SafeNet Luna PCIe HSM which gives administrators the option to enable hardware-based data encryption for the application. This update helps administrators ensure increased data security levels by leveraging the integration to securely store PMP's encryption key in the SafeNet HSM appliance available in their environment.Password Reset Plugin: Provision to add custom plugins to remotely reset passwords for unsupported resource types
Password Manager Pro (PMP) now allows manual addition of custom reset plugins (created in the form of an implementation class) that can be invoked from PMP server to carry out remote password resets for platforms that are not supported out-of-the-box, such as legacy resource types, in-house applications, etc. Administrators can leverage this update to also configure access control for unsupported resources and enforce automatic reset of their passwords instantly upon usage.Integration support for YubiKey two-factor authentication
From v9800 onwards, Password Manager Pro readily integrates with YubiKey a physical key made by Yubico, which ensures secure and strong user authentication, to provide two-factor authentication support for application login.Root-based certificate signing
Password Manager Pro now enables administrators to sign and issue SSL certificates to end-servers within the network environment, based on a root certificate that is trusted within the network.Website domain expiry notification:
Administrators can now track upcoming public domain expirations in Password Manager Pro, facilitated via 'Whois Lookup'. They can also opt to receive periodic email notifications regarding the same.New RESTful APIS
- To delete users with their usernames
- To add users to user groups
- To lock/unlock users
- To import SSH keys
- To associate/dissociate SSH keys
- The REST API to create a new resource now additionally supports inclusion of "Domain Name" for the resource being created. Also, the REST API to get a user's ID now supports special characters in the passed username.
- Henceforth, REST API calls to the PMP server will have a threshold policy. When a specific 'API' call reaches the threshold number of 150 calls/IP address within a span of one minute, that API will be locked for a minute. However, this policy is not applicable to the 'GET' calls.
- Users imported from Active Directory (AD) to Password Manager Pro will hereafter be provided the option to launch an RDP connection to Windows resources using their AD credentials even during cases when other authentication methods (such as SAML SSO, local authentication) are used by the user in addition to AD authentication.
- Password Manager Pro now expedites domain validation for Let's Encrypt certificate renewal through automated verification of DNS-01 challenges (for Azure and Cloudflare DNS).
- Password Manager Pro now includes provisions to import certificate files to keystore by automatically pinning its corresponding private key with the acquired certificate.
- Audit logs for bulk password resets triggered at resource group level and modification of dynamic resource groups have been revised to include more information. The bulk password reset log now also captures the name of the resource group for which the reset action has been triggered, either on-demand or scheduled. The second log now thoroughly captures the criteria value changes carried out for the selected dynamic resource group.
- The "Transfer Ownership" option under the Users tab now lists the available PMP users in an alphabetical order to help expedite the operation.
Bug Fixes
- From v9600 till v9702, both on-demand and scheduled remote password resets for Oracle resources failed due to server-side issues. This has been fixed.
- From v9700 till v9701, when the MSP administrator imported an organization from a CSV file that also included information for Account Manager, the detail was not added to PMP during the import. As a result, operations like manage organization, edit, and delete organizations could not be performed for the imported organization. This has been fixed.
- From v9500 till v9702, if the user conducted a custom search in the Resource Audit section, cleared the results, and then tried to carry out a PDF export of all the audit logs in that section, the action did not work and instead a new tab with a blank white screen opened. This has been fixed.
- From v9600 till v9702, the search options in both User and Resource trash did not work. This has been fixed.
- Earlier, if a user had checked out the password of an access controlled resource for a specified duration and the PMP server is restarted within that duration, the condition was automatically revoked and the user was able to continue using the password beyond the given time. This has been fixed.
- Earlier, when an administrator created a new API user and saved the details in Password Manager Pro, the saved host name was automatically changed to that user's IP address which led to connection issues during API calls. This has been fixed.
- Earlier, Linux resources added to PMP via REST API were not displayed in the list of available resources for "Public Key Association" in the SSH Keys tab. This has been fixed.
- Earlier, while trying to fetch the IDs of a resource and its account via REST API by providing the resource and account names, resource names containing special characters were not allowed. This has been fixed.
Security Fix
- Earlier, a Remote File Inclusion (RFI) vulnerability in Password Manager Pro's landing server configuration tab allowed the administrator to upload any file to any location in PMP server via the image file upload field. This has now been restricted to only image files, which can be saved only in the predestined location.
Password Manager Pro Release 9.7 (9702) (27th July 2018)
Bug Fixes
- From v9500 till v9701, while trying to export to PDF only the results obtained from a custom search in the Recorded Connections audit, the action did not work and instead all audit records in that section were exported. This has been fixed.
- In v9700 and v9701, while performing password reset for selected resource group(s), the "Generate Password" option did not work when the user tried to specify a password to be used for all accounts. This has been fixed.
- [IE browser only] From v9400 till v9701, the option to enable/disable a schedule under Admin >> Scheduled Tasks >> Schedule Actions did not work if the global language choice for Password Manager Pro was not English. This has been fixed.
- Earlier, periodic password export could not be scheduled for a resource group when the username of the logged in user contained one or more special characters. This has been fixed.
- Earlier, the "Forgot Password" option available in the Password Manager Pro login screen did not work for users accessing the site via Firefox and IE browsers. This has been fixed.
- Earlier, when an auto logon helper was edited and the approval request was sent to a chosen administrator, the corresponding notification email was not triggered to the administrator's inbox. This has been fixed.
Security Fix
- From v9702 onwards, Password Manager Pro master encryption key's cryptographic strength has been enhanced by increasing the randomness of the character strings used.
Password Manager Pro Release 9.7 (9701) (29th June 2018)
Features & Enhancements
New system role with privacy administration privileges
From 9701 onwards, a new system role named "Privileged Administrators" will be available in Password Manager Pro. A privileged administrator will have the same capabilities as an administrator. Besides, they'll also have the privilege to configure privacy and security controls available under Privacy Settings, IP Restrictions, and Emergency Measures in the Admin tab.
Night mode theme for Password Manager Pro
Password Manager Pro now allows its users to switch to a night-friendly mode which changes the application's primary background color to black. The "Night Mode" option can be enabled by navigating to the user profile icon at the top right corner and selecting Personalize.
Major Bug Fixes
- In versions 9601 and 9700, SSH connections to remote systems (includes remote password reset operations) failed if Password Manager Pro was running on an Ubuntu server. This has been fixed.
- In v9700, if RSA SecurID and Duo Security were configured as the second authentication factor in Password Manager Pro, users were unable to log into the application due to authentication error. This has been fixed.
- In v9700, when the administrator changed the default "Server Port" under Admin >> Password Manager Pro (PMP) Server and saved the settings without providing a certificate, the PMP service did not run after server restart. This has been fixed.
- In v9700, if AD user import was configured via LDAP integration with synchronization enabled, the Password Manager Pro accounts of a specific set of users in that AD domain were accidentally locked by the application when the sync schedule was run. This has been fixed.
- In v9700, while trying to transfer ownership of resources from one user to another under the "Users" tab, the action was unresponsive if the username of the current owner contained the slash symbol ( / ). This has been fixed.
Minor Bug Fixes
- In v9700, when ownership of a resource group was transferred from one administrator to another, the subsequent notification email sent to configured recipients did not display the name of the new owner. This has been fixed.
- In v9700, while configuring notifications for a specific resource group, administrators were unable to select one or more user groups as notification recipients for the following password actions Password Expired, Password Policy Violated, Password Out Of Sync. This has been fixed.
- In v9700, users were unable to view a retrieved password if they had earlier included a percent sign ( % ) in the "Reason for Retrieval" field while raising an access request for that password. This has been fixed.
- From v9200 till v9700, when a user specified that they wanted to access the password "later" while raising an access request for a resource for which auto-approval of requests was configured, the corresponding email notification was not sent to the specified recipients. This has been fixed.
- From v9200 till v9700, if a user requested access to a resource more than once with different timeframes specified for each request's password checkout period, only the timeframe of the first logged request was recognized for that user. As a result, all subsequent access requests raised by the user for the same resource were approved only with the already logged timeframe for password checkout. This has been fixed.
Password Manager Pro Release 9.7 (9700) (29th May 2018)
This release introduces strong controls in Password Manager Pro for protecting personal data stored and processed in the product, in compliance with privacy regulations.
New Features & Enhancements
Additional protection in web GUI while displaying personal data
Form fields that contain personal data such as Username, DNS Name, Email ID, Server Name and more will henceforth be masked at all times to enhance protection. Additionally, when a specific user unmasks and views any of the masked data fields, the action captured in the audit trails with a timestamp and the IP address of the machine from which the user viewed the data.
Canned report to demonstrate GDPR compliance stature
Password Manager Pro now comes with a canned report that tells you the stature of your compliance with specific requirements listed in Chapter 3 of the General Data Protection Regulation (GDPR), in terms of how users' personal data is handled within the product. This report, apart from providing a holistic view of how personal data is handled, will also prove useful while preparing for privacy audits.
Provision to authorize selective administrators with privacy administration privileges
From v9700 onwards, a new "Authorized Administrators" option will appear under Admin >> Settings. This option can be used to authorize only the desired administrators with the privilege to view, access, and modify the following Password Manager Pro settings:
- Privacy Settings
- IP Restrictions
- Emergency Measures
Note:
When you upgrade to v9700 from earlier versions, users with the following roles will be automatically assigned as authorized administrators:
- Default "Administrator" role
- Custom role with permission to access and modify "PMP Server Settings" under PMP Settings category.
Password protected exports
Administrators can now include an additional layer of password protection for export operations across Password Manager Pro. This applies to,
- Resource and resource group exports (XLS file)
- Audit exports (PDF and CSV files)
- Report exports (XLS and PDF files)
The authorized administrator can either set a global passphrase which will be uniformly used for the aforementioned export operations or allow the users to define their own passphrase for their exported files.
Mandating administrator acknowledgement of data transfer while setting up integration with third party applications
Henceforth, when the Password Manager Pro administrator sets up integration with the services mentioned below, the administrator will be required to acknowledge the data transfer from Password Manager Pro server for each respective integration.
- Cloud Storage - Dropbox, Box, and Amazon S3
- Two-factor Authentication - PhoneFactor, RSA SecurID, RADIUS Authenticator, and Duo Security.
Support for Encryption at Rest (EAR) while using MS SQL server as the backend database
For Password Manager Pro installations that function with a MS SQL server as the backend database, Transparent Data Encryption (TDE) is supported henceforth to achieve EAR. TDE encrypts all the data and log files stored in the SQL server and the key used to encrypt the database is also secured further with a certificate to enhance protection.
Backup file encryption
Database backup (.zip) files in Password Manager Pro-both on-demand and scheduled, will hereafter be encrypted with the Password Manager Pro master encryption key and stored in the destination directory securely. In case of Password Manager Pro installation running a remote MS SQL server database, the backup file will be encrypted only if the specified backup destination is within the server in which Password Manager Pro is installed and not the remote machine.
Privacy controls for canned reports
Password Manager Pro now allows authorized administrators to configure privacy settings for canned reports. Administrators can choose from an exhaustive list of personal data, deciding whether each input in the list should be completely omitted from the reports or included as masked information.
IP restrictions
IP-based restrictions are now supported to limit inbound connections and minimize unwanted traffic to Password Manager Pro server. Restrictions can be configured for web access, API calls, communication from native mobile applications, browser extensions, and Password Manager Pro agents deployed on target machines. The IP restrictions can be set at various levels and combinations, such as defined IP ranges or individual IP addresses. The authorized administrator can either whitelist or blacklist the set of desired IP addresses.
Trash can for delete operations
Users and resources in Password Manager Pro can now also be moved to trash alternatively instead of permanent deletion, along with the option to restore from trash when needed. The trashed users and resources will be retained by Password Manager Pro only until the next rotation schedule is carried out for the master encryption key.
Purging selective session recordings
Earlier, session recordings and chat logs could only be purged in bulk by configuring to delete recordings that are older than a specified number of days. From v9700 onwards, session recordings can also be individually selected under Audit >> Recorded Sessions and purged. Additionally, chat logs for a specific session recording can also be deleted while retaining the recording itself and vice versa.
Managing unidentified email addresses in Password Manager Pro
A new provision has been added to enable administrators to track and remove unidentified email addresses in Password Manager Pro which do not belong to any of the users in the application. This provision currently allows management of unidentified email addresses which are captured in "User Sessions" audit as well as those that are configured as notification email recipients for scheduled tasks' completion statuses and license expiry alerts.
Emergency Measures
In the rare scenario that a suspicious activity is sensed within Password Manager Pro but has not yet been identified, a set of recommended best practices that can be carried out have been added under Admin >> Manage >> Emergency Measures. The illustrative list of incident response actions give the administrator a head start on stopping all inward and outward communication to and from Password Manager Pro server respectively, such as stopping API calls, blocking agent communication, and stopping the SSHD server.
- Under rebranding, Password Manager Pro now provides an additional option to configure and display a customizable privacy policy banner in the login page.
- Earlier, the "Total Passwords" count displayed in the dashboard did not include resources of the type File Store, Key Store, and License Store. From v9700 onwards, the count will include the aforementioned resources as well.
- While setting up user import from LDAP directories, Password Manager Pro administrators now have the choice to also define the corresponding attribute labels for department and location as used in the LDAP directories.
- A new option has been added to Password Manager Pro MSP version under Admin >> General Settings >> User Management, which can be used to display the organization names of the client orgs in the organization drop down list (at the top right corner) instead of the orgs' display names.
- The option to delete client organizations has been added to Password Manager Pro MSP version. When a client organization is deleted, all the resources and users added under it will also be deleted.
Bug Fixes
- In v9600 and v9601, due to an issue in Windows resource discovery, when the administrator tried to import OU A, OU B was wrongly imported. This has been fixed.
- From v9000 till v9601, the password expiry date for accounts in the Passwords section was wrongly displayed in the quick info beside each account. For instance, if the expiry date for account's password was May 25, it was shown as June 25 even though it did not affect the password from expiring on May 25. This has been fixed.
- From v9000 till v9601, the owner of a criteria resource group was sometimes unable to view the password of an account associated with a member resource in that resource group. This happened when the specific resource is owned by another user who's a member of a user group with which the criteria resource group has been shared and the former owner is not a member of that user group. This has been fixed.
- From v8700 till v9601, if the administrator had disabled the default roles, Password Administrator and Password User using Role Filter in their instance, the disabled roles were automatically enabled when their Password Manager Pro server was restarted.
- Earlier, user import from Active Directory groups did not work if Password Manager Pro secondary server was up instead of primary server. This has been fixed.
- Earlier, when an additional password field was added and used as an account attribute, the option to copy the password to clipboard for that additional field was not available in the resource and account details windows as well as in the Passcard screen. This has been fixed.
- Earlier, "Change Password" option was shown in the My Profile drop down menu for AD, Azure AD, and LDAP users even though it was not applicable to them. The option has now been removed.
Security Fix
- Earlier, PostgreSQL database password as well as the keystore password for HTTPS connections from the web server were stored in the configuration files as plain text. They have now been encrypted with AES-256 algorithm for enhanced security.
Password Manager Pro release (9601) (08th May 2018)
Bug Fixes
- Earlier, while creating a custom password policy, even if the administrator had set 'No' for the requirement 'Enforce Numerals', numerals were still used in the newly generated passwords for resources. This has been fixed.
- In v9600, the Password Manager Pro web server did not start for users who were connected over HTTP and had to be redirected to a HTTPS connection. This has been fixed.
Note:
All data transmission between the Password Manager Pro user interface and the server are configured to take place through HTTPS. Thus, as a security best practice, Password Manager Pro recommends and supports only HTTPS connections by default.
Security Fix
- SparkGateway, which comes bundled with Password Manager Pro to enable RDP connections to target systems, has been upgraded from v5.0 to v5.6 to support CredSSP protocol v6. This latest version released by Microsoft contains security updates to address a remote code execution vulnerability (CVE-2018-0886) that existed in the protocol.
Password Manager Pro release (9600) (04th April 2018)
New Features & Enhancements
SQL and SSH Remote Terminal Sessions with Windows Domain accounts
- From v9600 onwards, users can launch SSH connections to Linux resources using Windows Domain accounts stored in Password Manager Pro's database. Remote password reset actions for Linux resources can also be configured by using a Windows Domain account for remote login to the Linux resources.
- Provision to remotely connect to a MS SQL server using a Windows Domain account has also been added.
Secure Cloud Storage Options for Anytime, Anywhere Access to Passwords
- Provision to export and automatically synchronize the password-protected, encrypted HTML files to authorized users' Amazon S3 and Box accounts.
- Administrators can configure automatic deletion of the exported files in the users' Amazon S3 or Box accounts after a set time period and also trigger password resets for all the resources contained in the file.
Active Directory - Synchronization Enhancements
Version 9600 introduces a revamp to the 'Synchronization Schedules' screen under Active Directory (AD) configuration. The screen now includes a sidebar navigation tab that lists the AD domains that have synchronization schedules configured and also offers a separate view of synchronization schedules configured for users and resources respectively. The enhancements include:
- Provision to schedule separate synchronization intervals for import of users and resources respectively, for any given domain.
- Provision to schedule separate synchronization intervals for multiple groups in a domain, for import of users and resources.
- Provision to schedule separate synchronization intervals for multiple organizational units (OUs) in a domain, for import of users and resources.
- Provision to set a custom display name for groups/OUs imported from AD domains. The original AD names of the groups/OUs will also be retained.
Microsoft CA Certificate Signing
Password Manager Pro now allows users to get certificate requests signed from Microsoft Certificate Authority, thereby facilitating complete life cycle management for certificates issued by Microsoft Certificate Authority.
CMDB Integration for SSL Certificates Synchronization
Administrators can now sync SSL certificates stored in Password Manager Pro's repository with ManageEngine ServiceDesk Plus CMDB and map certificates to specific servers / applications in the CMDB. This allows them to monitor their usage and expiration from ServiceDesk Plus' CMDB.
SSL Certificate Groups
This enhancement allows users to organize SSL certificates into logical groups based on various criteria and execute actions in bulk for the groups.
Localization Support for Turkish
Introducing localization support for Turkish in Password Manager Pro's multi-language editions, in addition to Chinese, Japanese, Spanish, German, French, and Polish languages.
Disable Password Resets for Privileged Accounts
This enhancement to account creation and edit actions under Resources tab allows administrators to disable both local and remote password resets for all or a specific set of accounts associated with a resource.
- Administrators can now set a non-administrative role-either system-owned or custom made, as the default user role in their Password Manager Pro installation. The default role will also be assigned automatically to users imported from CSV files/AD/Azure AD/LDAP, unless manually specified otherwise by the administrator.
- Earlier, when the Password Manager Pro server (PMP) had a firewall or load balancing configuration, the PMP audit trails showed the IP address of the firewall/load balancer instead of the IP address of the user's machine. From v9600 onwards, PMP will log the IP address of the machine, from which it was accessed, in the audit trails instead of the firewall/load balancer IP address.
- For Password Manager Pro's MSP editions, the audit trails under Resource, User, and Task Audit tabs now also display the name of the respective MSP or client organization associated with the related operation.
- Date based discovery filter for Microsoft Certificate Authority certificate discovery introduced.
- Option to separately track and manage various versions of the same SSL certificate (with the same common name).
- Option to import and map a private key to certificate.
Bug Fixes
What’s New in the 1st Security Agent 9.4 serial key or number?
Screen Shot
System Requirements for 1st Security Agent 9.4 serial key or number
- First, download the 1st Security Agent 9.4 serial key or number
-
You can download its setup from given links: