Changelog
Back to All
fixed

ad-bridge-24-1

5 months ago by ReadMe API

February 29, 2024

Requirements:

  • None

ℹ️

Note

For installation requirements, see the following:

  • For the AD Bridge agent, see the [Install Requirements for the AD Bridge Agent](https://www.beyondtrust.com/docs/ad-bridge/getting-started/installation/install-agent/requirements-agent.htm).
  • For the management console, see the [Requirements to Use AD Bridge with Active Directory](https://www.beyondtrust.com/docs/ad-bridge/getting-started/installation/install-console/index.htm).
  • For a list of supported platforms for the latest version of AD Bridge, see the [Supported Platforms Guide](https://www.beyondtrust.com/docs/ad-bridge/getting-started/supported-platforms/index.htm).
  • Supported Platforms Guides for previous versions of AD Bridge can be found in the [AD Bridge Documentation Archive](https://www.beyondtrust.com/docs/archive/ad-bridge/index.htm).

New features and enhancements:

Ability to Disable Shutdown Timers

  • In some scenarios, the shutdown timers have caused issues for customers. A new configuration option has been added to disable the lwsmd service shutdown timers. This option takes affect then next time lwsmd starts up.
  • UseServiceShutdownTimer. New configuration option to disable service shutdown timers.

Database Connections Improvements

In the BeyondTrust AD Bridge Reporting Database Connection window:

  • Two new options have been added to support encrypted connections: Encrypt connection and Trust server certificate.
  • A new Perform Test Read option has been added to perform a query on the users table as part of the Database connection test (Rights required).
  • The Timeout was capped at 10 seconds when switching components in the BeyondTrust Management Console (BMC). This cap has been removed to help in environments that need a longer delay.

⚠️

Important

As the time is now respected, timeouts only occur when the set limit is reached.

  • BMC: Support Encrypted Database connections.
  • BMC: New option to query user table on with Database Connection test.
  • BMC: SQL timeout setting honored across BMC.

Reset Machine Password on Join

  • PwdLastSet was only getting updated after half the MachinePasswordLifespan (defaulted to 30 days) was reached. Now after a domainjoin is successful, it will initiate a machine password reset.

Database Hardening

  • We noticed that two of the recommended groups had been over provisioned. The script to set the permissions has been updated for new setups, but for existing deployments/customers, we recommend updating the permissions manually. We provide a new ReportingPermissionsUpdateV2.sql file in the Resource folder to provide a reference for updating existing permissions.

Issues resolved:

Windows

  • Resolved an issue with the Orphaned Objects Tool: We now mention that additional scans might be required.
  • Resolved an issue where the Configuration Wizard License Import was not locale aware.
  • Resolved an issue where the LicensePage Import was not locale aware.

Agent

  • Resolved an issue with Domainjoin: Added support for restarting network manager with dhcp to resolve ERROR_BAD_COMMAND.
  • Resolved an issue with pbis-support: Added a djconfigfile option for PWS integration.
  • Resolved an issue to not store/read domain trust information with invalid SIDs.
  • Resolved an issue where MachinePassword reset occasionally caused a core dump.
  • Resolved an issue to support ubuntu minimal SERVER installs.
  • Resolved an issue where AD Account lockout on AIX was occuring before threshold.
  • Resolved an issue to update selinux to work with confined users.
  • Resolved an issue where users were unable to create schannel connection after being offline for 4+ hours.
  • Resolved an issue about portscript: the tryall option now searches all domains.
  • Resolved an issue with RHEL9, where one was unable to change password for an AD user.

Others

  • A tenantjoin-cli man page has been added.

Known issues:

None.

ℹ️

Note

Issues discovered after release can be found within our product Knowledge Base.

Notes:

  • AD Bridge 24.1.0 supports upgrades from versions 23.1, 23.2, and 23.3.
  • AD Bridge rpm packages signed with key 7237d0ac.
  • The Windows build number is now split from the Agents build number. Installer build numbers will be different between Windows and the linux/unix installers.