ADManager Plus Release Notes
7232 (April 16, 2024)
Enhancements:
- Centralized technician management: Technicians' accounts can be managed centrally from the ManageEngine AD360 admin console for all the components.
7231 (March 22, 2024)
Issues fixed:
- Issue in updating ADManager Plus if the default template under Orchestration was deleted.
- Issue in updating ADManager Plus from build 7224 if ManageEngine Log360 integration was disabled.
- Issue of help desk technicians not being able to copy any creation or modification templates.
- Issue of help desk technician group members not being able to login if there is a comma in their full name.
- Issue of Custom Report filters not functioning as expected with Last N days or Before N days conditions.
7230 (March 06, 2024)
Features:
- Microsoft 365 risk assessment: Identify potential risks in your Microsoft 365 environment with comprehensive risk assessment reports and implement the recommended mitigation measures straight from the reports.
- Access certification campaign:
- The following entitlements can now be reviewed and certified through access certification campaigns:
- NTFS permissions
- Microsoft 365 group memberships
- Microsoft 365 roles
- Microsoft 365 application assignments
- You can now track the progress of access certification requests.
- ServiceDesk Plus - ADManager Plus integration: The integration of ServiceDesk Plus with ADManager Plus now offers support to set account expiry for users and create users with an enhanced layout.
- Copy GPOs: The capability to copy GPOs from one domain to another within a forest has been included.
Enhancements:
- ADManager Plus now uses upgraded versions of Apache Tomcat (version 9.0.83), JRE (Zulu JRE 1.8.362) and PostgreSQL (version 15.4).
- Export operations have been optimised to improve performance and enhance user experience.
- Detailed Group Members report now provides options to export the result into a single file, a single file grouped by object type, or files grouped by selected objects.
- ADManager Plus now provides support to email the report directly from the GUI.
- An option to send a consolidated report after the completion of the automated tasks is added while configuring the notification template.
- You can now secure the access to shared paths by configuring the credentials of the custom service account for authentication.
- You can now view the lockout status and time of user accounts in reports.
- Microsoft 365 fields can now be included in creation or modification templates while using Copy User Attributes.
- An option to view the macros list supported in custom script has been added to user modification templates.
- The workflow request page has been redesigned to improve usability and now includes the ability to track the progress of workflows.
- ADManager Plus offers DC sort intelligence option which when enabled sorts domain controllers according to their response time and retrieves data from the domain controller with the fastest response time.
- Support to view the security settings (Account Policies, Local Policies, Event Log, Restricted Groups, System Services, Registry, and File System) along with the administrative template settings that will be applied on the selected user and computer has been added to the Resultant Set Of Policy and GPO Modelling reports.
- It is now possible to specify the duration of group membership while creating workflow requests to add groups, computers, contacts to AD groups, and to add users to Microsoft 365 groups.
- The GPO Delegation report now includes support for viewing invalid security principals and removing GPO permissions.
- Support to automate tasks like deleting Microsoft 365 users, disabling remote mailbox, creating computers, modifying users using CSV, and more has been added.
- The following enhancements have been made to the Orchestration Template:
- Decision block that operates according to the previous result, which could be a webhook response, script result, or AD attribute criteria.
- Inbound orchestration to pull data from external application and perform actions in ADManager Plus using webhook.
- Run orchestration templates directly from the Management, Workflow, Automation, and Automation Policy tabs.
- Support for M365 Auto Reply task has been added.
- Delegate the orchestration templates to Help Desk Technicians.
- While selecting reports like Recently Created Users or Soon-to-expire User Accounts as inputs in automation tasks or scheduled reports, you have the option to filter the data based on a specific time frame.
- ADManager Plus has now enabled the addition of user photos to Microsoft 365 user accounts during user creation or modification.
- You can now share automations, automation policies, and scheduled reports to help desk technicians with View/Edit permissions, and custom reports with View/Edit/Full Access permissions.
- The following enhancements have been added to the Admin Audit Report,
- Audit for creation or modification of Automation, Scheduled Reports, Custom Reports, Event-driven Automation, Webhook Template, and Orchestration Template has been added.
- An option to access the audit history has been included in the Automation and Event-driven Automation pages.
- An option to view the user entitlements has been added to the Modify Single User page.
Security Fix:
- The security vulnerability which exposes NTLM V2 hashes, as reported by Metin kandemir, has been fixed.
Issues Fixed:
- Issue in unlocking help desk technicians even if they do not exceed the total technician count allowed by their license.
- User migration using the ADMT module in ADManager Plus failing when the user display name has a comma.
- A minor issue in forest level duplication of email attribute when root domain is not added to ADManager Plus.
- Email notifications are not getting triggered when a user is enabled or disabled using the Modify Single User management action.
- Inability to view the templates by help desk technicians without the super admin role while delegating creation and modification templates to other technicians.
- Bitlocker Disabled Computers and Bitlocker Enabled Computers reports producing inconsistent data when the Exclude Child OU(s) option is selected.
- The email notification triggered after completion of the Modify User Attributes automation does not include the changes made to the custom attributes.
- Issue in saving the user creation template with changes to the Microsoft 365 license without selecting a value for the Country attribute.
- The time set for Session Expiry Time in the Connection Settings under the Admin tab is not being applied to the product globally.
- Management actions performed directly from the reports are not updated when the Check All users option is selected.
- Delay in creating single or bulk groups when a high number of members are added using CSV.
- Grouping conditions option missing in user creation and modification templates has been added.
- The All Users report displays the manager details even after the manager account is deleted in AD.
- Issue in running backup schedules and performing restoration due to difficulties in establishing connection with elasticsearch.
- Inconsistencies in backup schedules and data restoration due to difficulties in fetching data.
- Issue in performing GPO backup due to intermittent product restarts.
7224 (February 19, 2024)
Features:
- SOAR Workflow: Integrating ManageEngine's SIEM solution, Log360, with ADManager Plus will allow your SOC team to carry out AD management actions from Log360 as part of threat response and security remediation.
7223 (January 22, 2024)
Fixes:
The following issues have been fixed in this release:
- An authenticated RCE security vulnerability (CVE-2024-0252) in the load balancer component has been fixed. This vulnerability was reported by Joe Zhoy.
- An information disclosure security vulnerability reported by Samuel has been fixed.
- The issue of incorrect data in the Inactive Computers and Inactive Users reports under Risk Assessment has been fixed.
- Issue in scrolling the drop-down components under the Modify Single User page has been fixed.
- Issue in modifying the default user creation templates in languages other than English has been fixed.
- Issues faced by Help Desk Technicians while attempting to access the Modify Single User page, as some user accounts were missing in the search results due to specific delegation settings.
7221, 7222 (December 08, 2023)
Enhancements:
- Two new Microsoft 365 reports have been introduced to give insights into last logon time of users and inactive users in your tenant.
- An option to allow or restrict technicians from viewing all other technician's audit data is added to the Help Desk Audit Reports.
- ADManager Plus now supports certificate-based authentication for Microsoft 365 tenant. You can now update the certificate details under Domain/Tenant Settings to authenticate your account against Azure AD.
- ADManager Plus has now enhanced its integration capabilities by extending support for various business application like ServiceDesk Plus Cloud, JIRA, Freshservice, and more. These integrations come with preconfigured settings are designed to enhance identity management, governance, and AD management.
Issues fixed:
- The email ID shown during user creation and in Help Desk Audit Reports has been updated to display the E-mail attribute value.
- The Refine Results configurations in custom reports are not accounted when the report is triggered using an automation task.
- The users deleted using the Modify Single User task are still being displayed in the list.
- Issue in setting the In/Out Policy while creating or modifying a room mailbox.
- The workflow requests created using automation is showing duplicate entries.
- Issue in connecting to Microsoft SQL database to generate reports when there is a space in the database name.
- The country name Macau SAR has been updated to Macao SAR as listed in Active Directory.
- Technicians and workflow requesters were facing difficulty in searching and navigating to choose user creation templates when there are multiple templates available during the user creation process.
- The page range selection was not working as expected under the creation and modification template pages.
- Minor issues while creating Microsoft 365 shared mailbox and modifying Microsoft 365 mail-enabled security and distribution groups.
7220 (November 18, 2023)
Features:
- GPO management and reporting: The following new features have been added under GPO management and reporting,
- View the GPOs linked to OUs that do not have any security principals and perform management actions to disable or remove those GPO links using the GPOs Linked To Empty OUs report.
- Ability to reorder the GPOs linked to a particular OU, domain, or site using the GPO Links Priority task.
- View the GPO preference settings like Environment, Files, Folders, Ini Files for user and computer configurations using the GPO Settings report.
- Select specific security principals to which the GPO application should be denied using the Manage GPOs task.
Enhancements:
- Support to automate Microsoft 365 tasks like Microsoft 365 Mailbox Conversion, Add Users to Microsoft 365 groups, Microsoft 365 Mailbox Delegation, Modify Microsoft 365 Mailbox Permission, Mailbox Auto Reply, and more.
- The automation history popup now displays the input data fetched from the external HCM application and the execution status, with an option to export this data as a report.
- ADManager Plus can be now be integrated with any application that responds to nested API calls.
- You can now group the creation and modification templates. This functionality is helpful in delegating HDTs to perform management actions using a specific group of templates.
- You can now create shared mailboxes in bulk using the CSV and template options.
- The reset password API now supports random password generation.
- The search group API will now display group type and manager data in response.
- The webhook template now supports x-www-form-urlencoded message type.
- It is now possible to migrate the existing bundled or external PostgreSQL database to a different external PostgreSQL databases (AWS and Azure).
- An editable drop-down has been added for the City and State fields in user creation, user modification, contact creation and contact modification templates.
Issues fixed:
- Issue in sharing automation to other technicians due to the access denial alert.
- Issue in adding or removing a user from a unified group using modification template.
- The issue of DC Replication Status report displaying all DCs in the forest instead of the ones from the selected domain.
- Updating the product taking longer than expected when high availability is enabled.
- The exported report attached to the notification email after performing bulk user modification using CSV not including all the attributes.
- The requesters who were added before upgrading to versions above 7200, were not able to select templates while requesting a creation or modification task.
- The manager data not displayed properly in the notification mail triggered from event-driven automation tasks.
7212 (October 30, 2023)
Fixes:
The following issues have been fixed in this release:
- Product crashing when the GPO synchronisation activity is initiated in the backend.
- Issue in creating help desk roles if the role name has special characters in it.
- Single user creation in AD, along with simultaneous provisioning in Microsoft 365, running indefinitely under delayed tasks.
- Inability to create a single shared mailbox in Microsoft 365.
7211 (October 10, 2023)
What's new:
- Public key certificate used during service pack upgrade is up-to-date.
Issues fixed:
- Issues in applying the recent service packs to upgrade from build 7203 to the later builds.
7210 (September 29, 2023)
Features:
- Identity risk assessment: ADManager Plus' Identity Risk Assessment feature helps organizations in detecting potential identity risk indicators in your AD environment. This tool provides a risk score based on NIST SP 800-30 guidelines, and identifies potential vulnerabilities and threats to the system, as well as providing strategies for remediation to help secure the system.
- Access certification: Review and validate entitlements by creating automated access review campaigns. This helps your organization prevent privilege creep, improve security posture, and adhere to compliance regulations by regularly reviewing user entitlements.
- Contact and GPO migration: You can now perform inter-forest and intra-forest Contacts and GPOs migration.
- Improved user and group migration: Flexibility to move users and groups, along with their SID history and membership across forests with additional migration settings.
Enhancements:
- GPO reports: The following enhancements have been made to the GPO reports,
- GPOs with specific settings report now supports searching of major security settings in all or selected GPOs.
- Security Filter and WMI Filter columns added to GPO reports: All GPOs & Linked AD Objects, Recently Created GPOs, Recently Modified GPOs, Disabled GPOs, Computer Settings, and User Settings Disabled GPOs.
- Schedule reports: Standard Scheduler and Advanced Scheduler functionalities are now available together under Schedule Reports page.
- Custom reports: New enhancements added for custom reports as mentioned below,
- New built-in custom report added to retrieve Shared Mailbox Users.
- Refine Results option to filter the data being fetched from the database.
- Filter from Report option to use the filter settings configured in the chosen report.
- Export custom reports to CSVDE format.
- New filter conditions for attributes like Simple Display Name, Street Address and Direct Reports.
- New columns Smart Card, User Account Control, User Account Control Flag added to the result.
- Orchestration: The following new enhancements have been made to the Orchestration feature:
- You can now add conditions based on Object Name and Template Name while creating new orchestration profiles.
- New blocks like Modify users by CSV/Template, Move TS Home folders, Set Mailbox Rights, Move/Delete Profile, and more added for creating new orchestration templates.
- OAuth authorization support added for webhook.
- Macro support for custom attributes added to parameter configuration in webhook.
- Security response headers: You can now add default security headers while configuring HTTPS settings to protect the product from various vulnerabilities.
- Two-factor authentication: The below enhancements are added to the 2FA configuration under Logon Settings,
- RSA authenticator: ADManager Plus now supports REST API-based integration with RSA Secure ID, besides SDK-based integration. It is recommended to use REST API-based integration as RSA Security LLC has deprecated SDK-based integration.
- Duo Security: ADManager Plus now supports Duo Web SDK v4 with universal prompt which provides a simplified and accessible Duo login experience.
- Integration with ManageEngine EventLog Analyzer: You can now integrate ADManager Plus with ManageEngine EventLog Analyzer for log forwarding.
- Backup: The backup add-on now comes with the following enhancements,
- It is now possible to store Active Directory and Azure Active Directory backups in archives, to ensure prolonged data retention.
- Azure AD Policies and Administrative Units can now be backed up and restored.
- AD Explorer: New enhancements added to AD Explorer as mentioned below,
- The top panel now includes the following tabs,
- Entitlements: Lists the group membership and folder permission details of users and groups. A section named M365 Entitlements will be available if the AD user also has an Azure AD account which shows the list of M365 groups the user is a member of, along with assigned licenses, roles, and mailbox permissions.
- Objects: When a container or OU is clicked, it displays the list of users, groups, contacts, and other containers within it.
- History: Displays the list of modifications made to the chosen object using ADManager Plus. It also maintains a record of access updates made during access certification campaigns.
- A refresh button next to the domain name to sync current data instantaneously.
- Search AD objects: The following enhancements have been added to the this functionality,
- Revamped search console with new customizations and advanced search options.
- Search Settings option added to configure the search criteria. Admins can customize and freeze the search criteria for users by using the Set Globally checkbox.
- New management actions like reset user password, add or remove group members and delete contact have been added.
- Support to group filter conditions by specific criteria has been added for all reports including Custom Reports, Schedule Reports and also, Search AD Objects.
- The M365 tenant configuration is moved under Domain Settings. It is no longer available under Admin tab.
- New match criteria Between (for any condition specifying date) and Not Like can be used while adding conditions.
- Prevent Duplication option now checks for duplicates across forests and Azure AD tenants.
- You can now fetch M365 guest users and their manager details while configuring automation using M365 reports as input. This can be used to automate guest users clean-up and get approval from respective managers before blocking or deleting them.
- Exclude Nested MemberOf option added to Groups for Users report to avoid displaying nested group memberships.
- You can now modify the manager of computer through workflow or automation using Modify Managed By Of Computers management action.
- Support for Inactive Azure AD Users report added to Automation.
Issues Fixed:
- Issue in creating users using naming format for Logon Name under user creation templates.
- Issue in duplicate User Principal Names (UPN) leading to intermittent SSO login issues for the technicians.
- Issue in executing few bulk management actions because the page continues to load indefinitely after importing a CSV file and clicking the apply button.
- Issue in re-enabling built-in technicians after they are forced out due to revoked roles.
- Issue in viewing the Account expires value when the attribute is dragged and dropped under General tab of any management template and the value is set to Select.
- Issue in contacting DCs to fetch information while running multiple DC reports.
- Issue in updating sAMAccountName of HDTs under Delegation when they are modified in AD preventing HDTs from logging in.
- Issue in using Prioritize Rules functionality under User Creation Templates due to Prioritize Rules pop-up not getting displayed properly.
- Issue in migrating ADManager Plus' database from the bundled PostgreSQL to an external PostgreSQL.
Other Changes:
- The default timeStamp for the Account Expiry attribute has been changed to 11:59:59 PM instead of 12:00:00 AM when the End of option is selected.
- The Random Password Policy, which previously had a limit of 32 characters, has now been extended to allow passwords up to 256 characters in length.
7203 (July 30, 2023)
Enhancements:
- All non-English language builds (Chinese, Japanese, German, French, Italian, Dutch, Turkish, and Spanish) have now been updated with all the latest features.
Fixes:
- Issue in applying a naming format for user principal name (UPN), when a User Creation Template configured with Creation Rules and Custom Attributes is applied.
- The security vulnerabilities CVE-2023-39912 reported by Son Nguyen from VNG Security and CVE-2023-41904 reported by the vector research team have been fixed.
7202 (July 01, 2023)
Fixes:
The following issues have been fixed in this release.
- A security vulnerability reported by dalt4sec.
- Issue in modifying the manager attribute by technicians with custom help desk roles.
- Unparseable date exception in non-English builds when setting account expiry date to End of in Single User Modification.
- A security vulnerability (CVE-2023-38332) reported by dalt4sec.
7201 (June 20, 2023)
Fixes:
The following issues have been fixed in this release:
- Two security vulnerabilities reported by dalt4sec, including CVE-2023-35785, have been fixed in the release.
7200 (June 13, 2023)
Important update:
- From 7200, updating ADManager Plus using the service pack has been restricted if your ADManager Plus instance is using PostgreSQL version older than 10. You will be forced to update PostgreSQL to 10.18 or migrate to MS SQL during installation.
- You will be shown a warning message while installing the 32-bit version of ADManager Plus. It is advised to install or migrate to 64-bit architecture for better performance.
Features:
- Management:
- While configuring Creation Rules in User Creation Templates you can:
- Import and export them to CSV
- Reorder based on priority
- Preview before importing
- Preview while copying them from an existing template
- You can now remove or enable mailbox accounts for users or groups using Single User Modification task and Single Group Modification task respectively.
- You can now edit the GPO Preference settings like Environment, Files, Folders, Ini Files values for user and computer configurations directly using GPO Management task.
- You can now perform Force GPO Update operation on domain computers instantly.
- Reports:
- You can view the GPOs that are directly linked or inherited in the Direct and Inherited GPO Links report.
- You can see the list of users and groups that have access to the selected GPOs in the GPO Delegation report.
- The GPO Modeling report simulates the possible Administrative Template settings that will be applied on the selected user and/or computer.
- Scheduled reports can be directly shared with users or groups that are added as help desk technicians.
- You can now schedule Google Workspace Reports.
- View the Employee ID of the Google Workspace user accounts in the Google Workspace Users report by adding the column in the result.
- You can now see the Local Administrator Password Solution (LAPS) password and LAPS expiry time in AD Explorer and Workstation Computers report with adequate permissions.
- Delegation:
- Anomaly detection: ADManager Plus now uses machine learning to establish a baseline for help desk technicians' and admins' activities, and detect anomalies by flagging activities that deviate from the baseline.
- Workflow:
- Service Level Agreements (SLA): SLA in Workflow help users to take appropriate actions on pending and time-sensitive requests in the most efficient manner.
- In order to escalate a SLA violation to multiple levels, you can define a set of conditions based on the delay in response.
- At each level of the escalation, actions like changing workflow priority, sending notifications in required frequencies, re-assigning requests to selected technicians and changing the status of the request can be performed.
- You can set priorities among the SLAs for any conflicting SLA conditions.
- Any AD user can now be added as a Workflow Reviewer even if they are not a help desk technician.
- Workflow now supports assigning Approver and Executor roles to Help Desk Technician groups. You can also assign Reviewer role to AD groups.
- You can now add groups while setting Rule Criteria to the Workflow Requesters attribute under Assigning Rules.
- %ManagerOfRequester% macro support added for reviewer and approver under Assigning Rules.
- Automation:
- Automation can be directly shared to users or groups who are added as help desk technicians.
- Google Workspace:
- You can now link multiple Google Workspace accounts to the same domain.
- Sync AD users with their Google Workspace accounts created with the same email ID by refreshing the Google Workspace account in the Admin tab.
- Instantly create independent Google Workspace accounts without the requirement of pre-existing AD user accounts.
- You can now add Employee ID for the Google Workspace user accounts.
- Admin:
- You can now directly add help desk technician groups to Technician Name while configuring profile criteria under Notification Profile.
- Backup add-on:
- Azure Active Directory backup and recovery: Backup and restore your Azure AD environment in addition to the existing AD and Google Workspace backup and recovery feature. Support to backup Azure AD objects including users, groups, devices, applications, directory roles and domains is added.
- Load balancing: ADManager Plus now supports load balancing, which distributes the workload across multiple servers simultaneously. This helps improve performance, eliminate downtime, and provide a better experience for users accessing the product.
Enhancements:
- Management:
- New fields added in the Creation Rules of User Creation and Modification Templates to add or remove Microsoft 365 licenses, Microsoft 365 group memberships, MS Teams and channels, mailbox server and mailbox store, Google Workspace groups, and more.
- You can now specify time along with date to the Account Expiry attributes.
- You can now copy rules while configuring Creation Rules.
- Computer creation templates now support Creation Rules.
- You can perform the following operations while configuring templates,
- Use the Immediate Duplication Check option to instantaneously check duplicates values for the fields which support duplication check.
- Prevent Duplication support added for Alias field in contact creation.
- Provide access to users or groups to add the computer to a domain.
- ADManager Plus now provides cross domain manager support, with which you can choose a manager from any domain while creating or modifying users.
- Performance enhanced for Add to Group and Remove from Group tasks carried out under Management, Workflow or Automation tabs.
- Reports:
- NTFS Reports:
- Option to view all the permissions of a specific folder cumulatively within the results of Shares in the Servers, Folders Accessible by Accounts and Non-Inheritable Folders reports.
- You can now use Refine Results option to filter NTFS permissions in Shares in the Servers and Folder accessible by Accounts reports as per requirement.
- You can now run the Folders Accessible by Accounts and Non-Inheritable Folders reports for multiple folders simultaneously.
- CSV import support has been added for the Accounts field in Folders Accessible by Accounts report.
- Elasticsearch support enabled for NTFS Reports module.
- You can now use the tree view option in Detailed Group Members report to view the list of direct and nested group members exclusively. It also provides the following features:
- Prevents the redundant display of circular groups (a group nested inside its own group).
- Provides the Hide Duplicate Objects option to avoid showing nested group members that are already shown at the parent level.
- Provides the List View option to view details about individual members and their nested group memberships.
- You can view the GPO owner details in GPO reports by adding the Owner column in the result.
- Delegation:
- You can now specify Authtoken Name (required name), Scope (type of action to be performed like create, delete or modify) and Expiration Time (time until which the authtoken can be used) while generating authtokens.
- A new column History has been added under Technician Authtokens tab that provides authtoken's usage history.
- Details of the used authtokens is added in the Help Desk Audit Reports.
- Automation:
- The automation process for the Mailbox Auto Reply task now supports macros for Microsoft 365 attributes.
- REST APIs:
- REST APIs added for the below actions:
- In User Management, move user from one OU to another.
- In OU Management, search OU and delete OU.
- In Computer Management, search, enable, disable, delete, add or remove from groups and move from one OU to another.
- To remove authtokens of help desk technicians.
Issues Fixed:
- Issue in generating Technician Logon Report for inactive technicians.
- Issue in extracting memberOf attribute value (if specified) while using search user REST API.
- Issue in displaying the GPO delegation details for certain users.
- Issue in generating the Real Last Logon report as the User Logon Count column displays zero for certain users.
- Issue in autoscrolling while using Enable Drag-n-Drop option in templates.
- Security vulnerabilities reported by dalt4sec and Trend Micro, have been fixed.
- A security vulnerability (CVE- 2023-38743) reported by an anonymous user in Trend Micro's Zero Day Initiative has been fixed.
- Issue in displaying reports due to inconsistent data in few columns caused by database dumping.
7188 (June 07, 2023)
Fixes:
The following issues have been fixed in this release:
- A security vulnerability reported by dalt4sec, has been fixed in this release.
7186 (April 15, 2023)
Fixes:
The following issues have been fixed in this release:
- An issue which displayed No data available error message while generating or exporting the Group Members scheduled report.
- Inability to add file servers in group-based delegation and issues in delegating Microsoft 365 tasks.
7185 (March 28, 2023)
Enhancements:
- Custom HCM integration :
- You can now provision users who were previously skipped when the automation process is run for any HCM application with Sync Type as Incremental.
- For OAuth, you can now use client credentials as the Grant Type in Authorization.
- You can now customize the Repeat Calling this Endpoint configuration by replacing the field values with EndpointURL or any Header to get consecutive page responses.
- OAuth authorization now supports uploading client certificate.
- Added SOAP API support in addition to REST API. It supports both XML and JSON responses too.
Issues fixed:
- Issue in displaying replication errors in the domain settings.
- Issue in sending scheduled reports via email in UTF-8 format with BOM (Byte Order Mark).
- Issue while using Copy User Attribute to append memberof attribute values in user creation template.
- Issue in loading the page while configuring Server Settings, when Retain database backup files option is empty in the Retention Settings tab.
- Issue with rules not getting populated automatically in the user creation and modification template when the template is set as default.
- Issue in the Custom Report result if both Last Logon Time Stamp and Last Logon Time filters are selected.
7184 (March 18, 2023)
Fixes
The following issues have been fixed in this release:
- An issue which prevented technicians from logging into the product in certain scenarios.
7183 (March 15, 2023)
Important update:
Features:
- Enable remote mailbox: Option to enable and modify remote mailbox for users in bulk.
- Auto-install hotfixes: Option to automatically download and install ADManager Plus' hotfix updates.
Enhancements:
- Reports:
- You can now schedule and store reports without creating sub-folders.
- Exported custom reports will now display users' photos whenever the User Photo column has been added.
- Flexibility to export reports with desired objects.
- Members of a delegated group can now change the default template assigned to a group in group-based delegation.
- Option to filter users who are not members of any group in the Users Not in Groups report in Automation.
- You can now check if your ADManager Plus installation location is secure or not in Security Hardening settings.
- You can now view who created a template in the product.
- Pop-ups that display Microsoft 365 data in Management, Workflow, Automation, and other modules now use REST APIs to relay information.
- In a high availability-enabled environment, applying service packs in the primary server would automatically update your ADManager Plus instance in the secondary server.
- API keys in UltiPro and BambooHR integrations are now masked in the UI.
- Performance enhancements for optimized AD synchronization.
- Third-party JavaScript libraries have been upgraded to these versions:
- jQuery UI 1.13.2
- Bootstrap 3.4.1
- Moment 2.29.1
- JSoup 1.11.3
- ojdbc8-19.15.0.0.1
Issues fixed:
- Issue in displaying the members of groups whose member count exceeds 1000 in the Advanced Filter option of Real Last Logon reports.
- Issue of data mismatch in Mailbox Enabled Users reports' results.
- Inability to configure the retention policies of Microsoft 365 users when special characters were specified in a retention policy's name.
- Issue of help desk technicians not being able to unlock users via the reset password console, when the 'Deny Bulk Modification' option was also enabled in the role delegated to them.
- Issue of service pack application failure when large volumes of temporary tables were retained during backups.
- Issue in sending notifications via SMS using the POST method.
- Issue with the macros specified in webhook templates.
- Issue of technicians not being able to delete non-delegated and unused templates.
- A security vulnerability reported by metin has been fixed.
- A security vulnerability (CVE-2023-35786) reported by metin has been fixed.
7182 (January 24, 2023)
Fixes:
The following issues have been fixed in this release:
- High memory utilization issue across environments having M365 configurations with a huge volume of objects.
7181 (January 16, 2023)
Fixes:
- An issue which prevented users from opening the password-protected reports has been fixed.
- An authenticated RCE vulnerability, reported by Simon Humbert of Trend Micro, has been fixed.
7180 (December 31, 2022)
Features:
- Group Migration: Flexibility to move groups, along with their SID history and membership across domains in a forest with and without using the Active Directory Migration Tool (ADMT).
Enhancements:
- REST APIs:
- You can now create, delete, move, search and list the members of a group using REST APIs.
- Ability to locate users by specifying LDAP attributes like sAMAccountName, employeeID, and more while modifying a user's attributes using REST API.
- You can now secure access to your mail server using OAuth, besides basic authentication.
- Flexibility to create and use naming formats in the Data Source - LDAP Attribute Mapping section while integrating with a custom HCM solution.
- Option to skip 2FA for help desk technicians.
- Customize columns while configuring the member, memberOf and manager attributes of objects during provisioning.
- Duration can now be specified as N days while creating workflow requests to add users to groups, enable users, etc.
- The sAMAccountName of group members will now be displayed when the members view filter is applied to the All Groups report's result.
- Any leading and trailing spaces specified in search options will now be automatically removed.
Fixes:
The following issues have been fixed in this release:
- Automations were not closed or cancelled when the product was stopped or restarted during execution.
- The Service is currently unavailable error message was displayed while modifying groups using CSV, whenever a non-existing AD group was specified in the CSV file.
- Issue in adding cross-forest members to groups.
- Help desk technicians were unable to view NTFS shares after upgrading to build 7163 and above.
- Error in sending workflow notifications via SMS as there was an issue in fetching the value of %UserMobileNumber% and other related macros.
7171 (December 06, 2022)
Fixes:
The following issues have been fixed in this release:
- Office 365 F3 was displayed as Office 365 F1 in the product.
- Help desk technicians were not able to reset passwords via the reset password console, when the 'Deny Bulk Modification' option was enabled in the role delegated to them.
7170 (November 29, 2022)
Features:
- Dynamic distribution groups report: Obtain a list of the dynamic distribution groups in your Active Directory environment using this report.
Enhancements:
- Scheduled reports:
- Ability to schedule and generate reports on your Active Directory objects using CSV files at a desired time and date.
- Logon Hour-Based Reports can now be automatically generated at defined intervals.
- Bulk user creation automations using data from HCM integrations can now be executed successfully even when there's an issue in validating a user's Manager or memberOf attribute in AD.
- Flexibility to import and use custom attributes configured in your AD schema.
- The Server Settings UI has been revamped for effectively managing the retention settings of scheduled reports, audit archive reports, and more from a single place.
- ADManager Plus' Logon Settings has been moved to the Delegation tab for easy access.
- The following reports have been added to ADManager Plus' dashboard for better visibility:
- OS-Based report
- Locked-out Users report
- Custom reports
Fixes:
The following issues have been fixed in this release:
- Issue in searching for an AD object using the AD Search option, whenever there is a leading or trailing space in an entry.
- Issue in locating an AD object using the search option in AD Explorer.
- Help desk technicians were unable to view user accounts and groups while delegating GPO permissions, when more than 1000 OUs were delegated to them.
- Help desk technicians were unable to view the users in an OU delegated to them via group-based delegation, while delegating GPO permissions.
- Issue in adding Microsoft 365 users to channels in Microsoft Teams while creating a Microsoft 365 account for an existing AD user.
- Unable to send notifications to user's manager using macros when a user creation or modification task is executed via automation.
- Workflow requests were not automatically closed when a cross-domain management task was successfully executed as a delayed task.
- Error in fetching the active user account from UltiPro when there is an inactive user account for the given employee ID.
7163 (November 07, 2022)
- Notification Profile/Notification Templates:
- You can now use custom macros in notification messages.
- Option to send reports as part of the email content in notification templates.
- Options to configure user and group-based profile criteria.
- Notifications can now be triggered for the Enable User, Disable User and Reset Password actions.
- You can now manage Distributed File Storage (DFS) Namespaces and their permissions in File Server Management.
- New actions such as Set folder permission, Remove folder permission and Bulk modify folder permissions using CSV have been added to the automation module.
- You can now assign Microsoft 365 licenses via automation and workflow.
- Flexibility to specify filter, select and domainList as parameters in Search user API request.
- Workday attributes such as Job_Profile_Id, Job_Profile_Name and On_Leave, Location_Id can now be mapped to LDAP attributes in ADManager Plus-Workday integration.
Fixes:
- Issue in assigning Microsoft 365 licenses while creating users via user creation templates, when none of its service plans are selected.
- Unable to delete users using the delete icon in Inactive Users report.
- Error in creating shared mailboxes in Microsoft 365 when the Exchange mailbox and remote mailbox attributes were not configured during shared mailbox creation.
- Unable to map LDAP attributes to user records in Oracle database.
- Issue in adding cross-domain members using the Add to Group task in automation.
- Synchronization issue in updating the changes made to the Manager attribute value specified in templates.
7162 (October 28, 2022)
What's new:
- In ADManager Plus builds 7162 and above, NTLMv2 SSO can only be enabled after downloading and adding the Jespa JAR file to the product's lib folder. Click here to learn more.
Fixes:
- A security vulnerability (CVE-2022-47966) which could lead to unauthenticated RCE, when SAML SSO is/was enabled in the product has been fixed. This was reported by Khoadha of Viettel Cyber Security.
7161 (October 10, 2022)
Fixes:
- Issue in displaying license pop-up window in the latest build when updated from builds 7102 and older has been fixed.
- Issue in displaying the search feature in the management tab of the Spanish localized version has been fixed.
7160 (September 26, 2022)
Features:
- Orchestration: Option to automate a series of tasks in succession at defined time intervals whenever a user or group management task is carried out in the product.
- Orchestration Profile: Create a management profile and specify the conditions under which an orchestration has to be executed.
- Templates: Build orchestration templates from scratch and use them to automate tasks.
- Webhook templates: Create webhook templates and pre-fill them with REST API endpoints, messages, etc. and use them while configuring an orchestration template. You can also predefine webhook fields that hardly change and those that hold crucial data with environmental variables while creating a webhook template.
- Integration with Power BI and Rapid7: Integrate ADManager Plus with Power BI and Rapid7 servers, and forward logs seamlessly.
- Google Workspace backup and recovery: Protect user drives, mailboxes, contacts, journals, notes, posts, tasks and calendar items from accidental deletions, insider threats, and ransomware by backing them up.
- DC Replication Status Report: Report on the replication status of domain controllers and trigger replication instantly using this report.
- Lingering objects Report: Fetch the lingering objects in your AD and delete them on the go.
- BitLocker Disabled Computers Report: Obtain a list of the computers that are not encrypted with BitLocker using this report.
Enhancement:
- You can now assign well-known security principals as security filters to a GPO.
- Custom Reports:
- Flexibility to copy a custom report.
- You can now perform management actions from custom reports.
- Reports on all computers, recently created computers and BitLocker enabled computers and custom reports now display BitLocker status and recovery passwords.
- You can now list shared mailboxes and delegate access to them using REST APIs.
Fixes:
The following issues have been fixed in this release:
- Error in authenticating MS SQL server using Windows Authentication while configuring the server for automated AD user management.
- Microsoft 365 licenses were not displayed in the product due to Microsoft Graph API issue.
- When the first N characters option was configured in a naming format, the last N characters were displayed; no name was displayed when the number specified was greater than the length of the name provided.
- Issue in creating requestor roles with just Modify User Attribute enabled for the Choose Template option.
- Issue in deleting the Organization attribute of users in bulk, when more than 125 users were selected.
- Error in fetching a report on inactive computers with the Password Last Set Time filter, via automation.
- The temporary tables created while generating reports were retained in the database, even after displaying the reports' results.
- An authenticated RCE vulnerability, reported by George Koumettou, has been fixed.
7151 (August 01, 2022)
Enhancement:
- ADManager Plus can now be integrated with Jira Service Management Data Center, in addition to Jira Service Management Server.
Fixes:
The following issues have been fixed in this release:
- Issue in updating to the latest build, when large volumes of data are stored in the tables in Management and Workflow modules.
- Issue in removing redundant entries in the database caused by Microsoft 365 module changes while updating to the latest build.
- Issue in updating to the latest build when non-english languages are configured in the machine where ADManager Plus is installed.
7150 (July 20, 2022)
Features:
- GPO management and reporting: Five new reports have been added for enhanced GPO management and reporting. They are:
- Resultant Set of Policy Report
- Linked GPOs Report
- Empty GPOs Report
- GPOs with Inactive Policy Settings
- Comparison of GPOs
- You can now modify the custom attributes of computer objects.
- It is now possible to recover the deleted AD groups.
- Schedule and automate database backups in the product.
- Option to view disk space information of the server where ADManager Plus is installed.
Enhancements:
- Management: Option to enable/disable computers from Single Computer Modification
- Custom HCM authorization: OAuth2.0, Bearer, Basic Authentication and API Key have been added to authorize API requests.
- Help desk delegation: Customize columns while selecting technicians in the delegation tab.
- Workflow:
- Flexibility to add comments in workflow requests.
- Create workflow requests to add users to Microsoft 365 groups, enable and delete Lync accounts of users, enable litigation hold, and more.
- AD search: Option to apply filters and customize columns while searching for users, groups, computers and contacts.
- Naming formats:
- While configuring naming formats, it is now possible to preview the output format.
- You can now choose words, initialize capitals, use Nth character, random numbers, and more in naming formats.
- Option to automatically increase the numbers in the specified alphanumeric name to avoid duplication of attributes like logon name, mail, etc.
- Automation:
- Additional options have been added to the reset password action in user automation.
- Flexibility to copy the configurations of an existing automation policy.
- While configuring successive tasks in automation policy, it is now possible to set time in minutes.
- A larger number of Microsoft 365 reports now use Microsoft Graph API in place of Azure AD module for swift communication.
- Report on security policy settings like account policies, local policies, event log, restricted groups, system services, file system and registry settings using the GPO Settings report.
- Flexibility to sort domains alphabetically for easy identification.
- Option to use SMS verification as a two-factor authentication method.
- You can now configure the department attribute for computer objects.
- Flexibility to customize columns while modifying users, groups, computers, etc.
- Administrators can now disable concurrent logins for technicians, and also have the flexibility to sign technicians out of their active sessions.
- Two new filters, member and memberOf have been added to filter group-based reports' results.
- Option to create a remote shared mailbox using the shared mailbox creation template.
- Ability to delegate compliance reports to help desk technicians.
- You can now search and select OUs while creating AD objects.
- Member-based group reports have been optimized for enhanced performance.
- A Custom Script field has been added to the Shared Mailbox Modification Templates.
- You can now validate the Telephone Number and Mobile attributes with a format of your choice in templates.
Fixes:
The following issues have been fixed in this release:
- Technicians with ServiceDesk Plus configuration privilege were able to obtain authentication tokens of privileged accounts.
- Issue in creating workflow requests using REST APIs.
- Issue in generating reports on active computers and recently created users.
- The client secret key was missing while configuring a new Microsoft 365 tenant in the product.
- External senders were able to send messages to groups despite enabling the Requires that all senders are authenticated option for them.
- Technicians were unable to login to the product due to synchronization issues.
- Error in displaying user data while modifying users' photos using the Manage User Photos option.
- Issue in deleting objects from a bulk user modification request in workflow.
- While creating a new user, technicians other than those with administrator privileges, were unable to configure home folder permissions.
7141 (June 01, 2022), 7142 (June 23, 2022)
Fixes:
- Unable to fetch archived audit reports after migrating ADManager Plus' database from PostgreSQL to MS SQL server.
- Issue in displaying the members of groups whose member count exceeds 1500.
- Technicians not being able to reset passwords via the help desk reset password console, when a role with only the 'Generate password' privilege is delegated to them.
- Users were notified about objects from irrelevant OUs when OU-based filters were specified in notification profiles.
- Issue in generating a scheduled custom report when the specified OU is moved to a different container.
- When group scope conversion fails, the error message displayed in the product is different from the one displayed in Active Directory.
- Issue in modifying the memberOf attribute using user creation rules.
7140 (May 06, 2022)
New Features:
- Flexibility to migrate users across domains in a forest.
- Custom HCM Integration: Option to integrate ADManager Plus with any HRMS/HCM solution with API support to automate user management.
Enhancements:
- Reports: Flexibility to change filename and add serial number and logo for scheduled reports.
- Network-attached storage (NAS) file server support: You can now manage and report on NAS file server using File Server Management and NTFS reports.
- Security enhancements including random database password generation have been added to the new product instance.
- You can now use 'Photo Based Reports' while configuring an automation.
- ADManager Plus' Web Application Firewall has been enhanced for advanced protection.
- New fields including fromDate, terminationDate, ReportsTo (manager), Country, employeeNumber, and more have been added to HRMS integrations.
- The external integration UI has been revamped for enhanced user experience.
Fixes:
The following issues have been fixed in this release:
- Issue in configuring custom attributes when the LDAP name exceeds 50 characters.
- Successive tasks returning an empty report when the option to regenerate reports is enabled.
- Issue in sending notifications on user creation status via automation.
- Technicians are unable to view the groups that a user belongs to, when the 'memberOf' attribute is configured as 'read-only'.
- Error in removing delayed management tasks from previous product versions.
- The 'Trust this browser' option in two factor authentication not working whenever there is a change in IP address.
- Help desk technicians not being able to configure Microsoft 365 tasks in automation policy despite having the required permissions.
- Error in deleting and disabling Google Workspace accounts, using the delete/disable policy.
- Technicians being unable to execute workflow requests when the relevant help desk roles were not assigned to them.
7131 (April 14, 2022)
Fixes:
The following issues have been fixed in this release:
- Error in displaying custom attribute values in reports; unable to display user reports when custom attribute is selected during column customization.
- Issue in generating scheduled 'OS Based Report'.
- Exported reports did not display the values of 'proxyAddress' attribute.
- In User Modification Rules, the OU specified against the 'Select Container' field in Assign Values section was not displayed after upgrading to the latest build.
7130 (March 30, 2022)
New Features:
- Template based Bulk User Modification: Modify users in bulk with the help of User Modification Templates through CSV import.
- Restore Deleted Contacts: Option to recover the deleted AD contacts.
- Microsoft 365 Management and Reporting:
- New bulk management operations including Modify Naming Attributes, Delete Groups, Create Security Group and more have been added to efficiently manage your Microsoft 365 environment.
- Over 25 new Security Reports, including reports on account status and mailbox features, have been added to the Microsoft 365 module.
- Report from CSV: Generate a comprehensive report on the desired Microsoft 365 users via CSV import.
Enhancements:
- You can now modify Exchange 2010/2013/2016 mailbox policies for on-premise mailboxes using the Single User Modification feature.
- User management templates:
- Flexibility to copy all the settings/configurations and values between User Creation and Modification Templates.
- Option to validate the Telephone Number attribute by specifying a format in user management templates.
- A new, dedicated Microsoft 365 tab for configuring Microsoft 365 features in Single User Modification Template.
- New fields including Storage limits, Exchange Online Policies, and more have been added to the Microsoft 365 tab in Single User Creation Template.
- User Modification and Creation Rules in templates:
- Last Name, Full Name, sAMAccountName, Display name, Logon name, Account Status, E-mail and Description fields have been added to the Conditions section and can be used to configure User Modification Rules.
- sAMAccountName, Display name, Logon name, Account Status and E-mail fields have been added to the Conditions section and can be used to configure User Creation Rules.
- An E-mail and a Notes field have been added to the Assign Values section of User Modification and Creation Rules, respectively.
- A Follow_Template_Format value has been added to the E-mail and Logon Name fields under the Assign Values section to standardize the prefix value while leaving only the suffix value (domain name) open to modification.
- New conditions have been added to Organization, Country and other single-valued attributes for more flexibility in configuring User Creation and Modification Rules in templates.
- It is now possible to include/exclude child OUs when 'Select Container' is specified in the conditions field.
- You can now copy the rules between User Creation and Modification Templates.
- You can now customize the number of rules displayed per page.
- Reports: Options to change filename, include/exclude logo and serial number while exporting reports.
- Workflow:
- While creating a request, it is now possible to select users by importing a CSV file.
- You can now create requests to enable users for a specific time period, after which the users will be disabled automatically.
- Automation:
- Data from external databases can be used as input for automating group management operations as well.
- Disabling automation will now disable the configured successive tasks as well.
- Integrations:
- Option to enable/disable and remove/delete Integrations.
- Option to enable/disable REST APIs.
- Support for adding multiple MS SQL and Oracle database servers.
- Integration with Zoho People can only be configured by technicians with super admin privileges.
- MS Authenticator: It is now possible to use MS Authenticator as a Two Factor Authentication service to secure access to ADManager Plus.
- You can now configure a proxy server in Server Settings.
- Option to hide alerts irrespective of whether the recommended security hardening settings are configured or not.
- Notification Templates:
- You can now include inline images while curating mail content.
- Ability to control notifications on Automation execution status.
Fixes:
The following issues have been fixed in this release:
- Issue in differentiating users from groups in the 'Accept messages from' column while generating Exchange Reports.
- Help desk technicians not being able to access the dashboard when multiple domains are delegated.
- Issues in adding users to groups via Automation.
- Error in adding users to Microsoft 365 groups when executed as a delayed task.
- Microsoft 365 password reset notifications via email display blank passwords.
- Issues related to Mouse Wheel plugin from cdnjs.cloudflare.com.
- Issue in redirecting to a workflow request via notifications when SAML SSO authentication is configured.
- Issues with group membership modification that causes removal of members have been fixed.
7126 (March 02, 2022)
Fixes:
- In some cases, the Bulk User Modification's search result page displays "No data available."
- When ADSelfService Plus integration is enabled, the Reset Password request raised from ADSelfService Plus does not reflect as a Workflow request in ADManager Plus.
- Issues in using the Employee Quick Search feature.
- In some cases, duplicate rows appear in Bulk User Modification search result.
7125 (February 22, 2022)
Enhancement:
- For enhanced security, the default product installation location is now changed to C:\Program Files.
7124 (January 20, 2022)
Enhancement:
- Incremental Sync: The product will now synchronize only the changes happening in Active Directory, instead of refreshing the entire database again, for improved performance and enhanced user experience.
Fixes:
- Issue in updating userPrincipalName and sAMAccountName formats using User Modification Templates, via Automation.
- Help desk technicians not being able to modify groups using the Modify Single Group option.
- Issue in accessing the product via single sign-on.
7123 (January 13, 2022)
Fixes:
- Help desk technicians not being able to perform group management actions if they have a group is added in Exclude groups option and the Append group option is not selected.
- Issue in upgrading to latest build if Elasticsearch is not shutdown properly.
7122 (December 17, 2021)
Fix:
- This release includes precautionary measures to protect against the Apache Log4j library vulnerability.
7120, 7121 (December 06, 2021)
Enhancements:
- Flexibility to pause, resume, retry and delete actions configured in the delayed management tasks section.
- Custom Reports:
- Option to retrieve user accounts that will be expiring in the next N days in custom reports.
- proxyAddress can be added as a filter while creating custom reports
- HRMS Integration: Automatically detect the user accounts removed from the HRMS application and delete their corresponding AD accounts.
- All the latest features have been updated in all non-English language builds viz., Chinese, Japanese, German, French, Italian, Dutch, Turkish, and Spanish.
- Third-party Javascript libraries have been upgraded to the following versions for enhanced security: Bootstrap 3.4.1, jQuery UI 1.12.1, and Moment 2.29.
- Java Runtime Environment (JRE) package has been upgraded to ZULU JRE version 8.
Fixes:
The following issues have been fixed in this release:
- Issues in enabling Mobile Services/Protocols option in Exchange while modifying single user using templates.
- Employee's manager not receiving email/SMS alerts from Workflow when the manager is assigned as a Workflow technician
- Wrong password expiry value shown for users with fine grained password policy configured in custom reports
- Logs are not forwarded to the Syslog server after it has been restarted
- Error in generating random numbers while defining naming format for user principle name (UPN), sAMAccountName and full name.
- Mismatch in displaying Microsoft 365 licenses in ADManager Plus
7118 (November 03, 2021)
Enhancements:
- Cluster Shared Volume support: Manage and report on Cluster Shared Volumes (CSV) access permissions using File Server Management and NTFS reports respectively.
7117 (October 13, 2021)
Enhancements:
- Added cross domain support for configuring memberOf attribute for supported objects in Management, Workflow and Automation.
Fixes:
- Multiple cross-site scripting issues have been fixed in this release.
7116 (October 09, 2021)
Enhancements:
- In-product and email alerts to change the default password of the built-in help desk technician accounts.
- Product security score calculated based on the configuration/enabling of various security-related settings such as HTTPS, TFA and LDAP SSL. The security score will be displayed in the product after login and also in the license pop-up.
Fixes:
The following issues have been fixed in this release:
- Issue in delivering SMS notifications when a proxy is configured.
- Remove users from all groups' option in Disable Policy does not execute correctly for some users. For these users, there are also issues in performing the 'Clear all Group Memberships' operation from Management, Workflow, and Automation.
- Automation tasks were executed even in cases where there is a mismatch between the supervisorName fetched from UltiPro and the corresponding display name in AD.
- User accounts not being removed from a group after the specified duration, when they are added to a group using the 'Create Request' option in Workflow.
- Copy help desk technicians option, in Delegation, not working properly.
- Issue in exporting the NTFS report in XLSX format in standard mode.
- Administrators can now search for users involved in a particular task in a request ID, using the AD search option.
- The requests created in Workflow not sending the password notifications to Executor and Requester.
- The FirstName attribute has been added in User Creation Rules and the FirstName and LastName attributes have been added in User Modification Rules.
- Issue in Syslog forwarder due to socket exception.
- Issue in generating the Microsoft 365 Inactive Users report.
- Issue in deleting the user mailboxes after exporting them, using the Delete/Disable Policy.
7115 (October 05, 2021)
Fixes:
The following issues have been fixed in this release:
- Filter bypass leading to file-upload remote code execution vulnerability (CVE-2021-42002), reported by moon.
- Issue in performing SAML-based login to the product when a custom SAML URL is configured.
7114 (September 28, 2021)
Fix:
- Issue in generating the Microsoft 365 License Details report, due to a change in an MS API has been fixed.
7113 (September 21, 2021)
Fixes:
This release includes fixes for the following issues:
- Multiple unrestricted file uploads leading to RCE vulnerabilities reported by Jimi Sebree from Tenable.
- Countries list not being displayed in the Country field while creating a Request Demo, Get Quote or Extend Trial request from the feedback icon in the product.
7112 (September 09, 2021)
Enhancements:
- GPO management
- Manage GPO scope with Security filtering and WMI filtering options.
- Options to configure the GPO permissions (edit, modify security, read or delete) for desired users, groups and computers.
- Microsoft 365 reporting: Two new reports, Last User Activity by Service and Last User Activity by date, have been added for enhanced Microsoft 365 reporting.
- User Modification templates: Rules can now be set up to check for 'is not' condition, besides the existing 'is' condition.
- Workflow: Option to resolve workflow requests in bulk irrespective of the ticket status.
- AD Explorer will now display Object GUID attribute values for all objects.
- IP restrictions for enhanced security: Options to restrict the inbound and outbound connections based on IPs or IP ranges.
- Custom SMS notification options
- Enhanced customization options for HTTP parameters and HTTP request headers configuration.
- Options to choose the type of message encoding (URL or Base64) and the parameters to be encoded.
Fixes:
The following issues have been fixed in this release.
- Scheduled reports emailing failing randomly.
- 'Choose member' popup window of the Modify Single group window having a longer loading time.
- Issue in configuring the scheduled custom report to be sent only if data is available.
- Issue in setting the allowed logon hours to 'All allow' via user modification templates.
- Values of multi-line attributes like 'Street' being displayed as multiple lines in the product and as a single line in AD.
- Issue in updating Microsoft 365 licenses in non OU-based delegation setups.
- When a manager is assigned as an approver to a workflow task, only the specific approver will be notified in case of any helpdesk requests assigned for approval. The other approvers will not be notified.
- Cross site scripting and Remote code execution vulnerabilities reported by bmtd from ECQ.
- Cross site scripting and Path traversal vulnerabilities reported by 'nothing'
- Authentication bypass vulnerability affecting REST API URLs.
7111 (July 29, 2021)
Issue Fixes::
This release fixes the following vulnerabilities:
- Multiple pre-authentication (CVE-2021-37539, CVE-2021-37762, CVE-2021-37741) and post-authentication (CVE-2021-37761) unrestricted file upload vulnerabilities leading to RCE, reported by bmtd from ECQ.
- Post-Auth OS command injection in the saveBackupScheduler method vulnerability (CVE-2021-37925) reported by Thai Nguyen of ECQ.
- Multiple post-authentication unrestricted file uploads in PasswordExpiryNotification, (CVE-2021-37919), Personalize (CVE-2021-37920), Reports (CVE-2021-37921), Task (CVE-2021-37923), and ADMPSmartCardConfig (CVE-2021-37924) calls, leading to RCE vulnerabilities reported by Nam kn Nguyen from ECQ.
- Unrestricted file upload in the cachePhotosBeforeImport method leading to RCE vulnerability (CVE-2021-37918) and path traversal in the cachePhotosForLayoutExecution method allowing copying of files from one directory to another (CVE-2021-37922) reported by qbao from ECQ.
- Account take over via SSO with Signature Stripping vulnerability (CVE-2021-37927) reported by HaYiCle from ECQ.
- Multiple unrestricted file uploads in addSmartCardConfig method, cacheSinglePhoto method, ManageLicense, and attachFiles calls leading to RCE vulnerabilities (CVE-2021-37931, CVE-2021-37930, CVE-2021-37929, and CVE-2021-37928) reported by Duc Nguyen from ECQ.
- Unrestricted file upload vulnerability in a License call, leading to RCE (CVE-2021-37926) reported by no3g from ECQ.
7110 (July 13, 2021)
New Features:
- OU-based delegation: Delegate a different set of roles for each OU within a domain to help desk technicians.
- Bulk NTFS permissions management: Modify file server permissions in bulk through CSV.
Enhancements:
- Mailbox export and delayed Microsoft 365 management tasks will be executed as background tasks.
- Zoho People Integration: Support for configuring Zoho People account with Zoho OAuth 2.0 authentication.
- Upgraded the Ember version, used in the product, to 2.18 for enhanced performance and user experience.
- Scheduled reports: Based on the mail attachment settings configured, the scheduled reports can either be stored as a single file or as a zip file in the directory.
- Option to generate a password by applying a Naming Format, while provisioning user accounts.
- User templates: Microsoft 365 group membership attribute can be configured using rules in user creation templates. The Display name attribute can be used in the rules in both user creation and modification templates.
Issue Fixes:
The following issues have been fixed in this release:
- Issues in 'Recreate the request' option in Workflow not showing up for help desk technicians who use a shared Automation.
- Issues in adding a new user as a member of Microsoft 365 mail enabled security group using the single user creation option.
- Issues in removing a member from a group belonging to a different forest.
- HTML tags appearing in SMS notifications sent through SMTP.
- "Recently Expired Users" report fetching incorrect data when the 'Before N days' filter is enabled.
- Issues in sending SMS notifications with multiple lines.
- The UI has been updated to reflect G Suite being renamed as Google Workspace.
- Blind XML external entity (XXE) vulnerability (CVE-2021-38298) reported by Carl Neuhaus; Remote code execution (RCE)(CVE-2021-33911), reflected and stored cross-site scripting (XSS) vulnerabilities reported by Alexander Barakazian.
7102 (June 01, 2021)
Fixes:
The following issues have been fixed in this release:
- Issues in applying the recent service packs to upgrade from build 6656 to the later builds.
- WebService startup speed issue in the most recent builds, 7100 and 7101.
7101 (April 13, 2021)
Fixes:
The following issues have been fixed in this release:
- Error in triggering Workflow notifications via SMS.
- Issues in Ultipro integration.
- Modify Single User feature displaying a blank page, if HTTPS is enabled by applying a certificate generated using the product.
7100 (March 2021)
New Features:
- Microsoft 365 management templates: Create Microsoft 365 groups, Distribution/Security Mail enabled groups and Dynamic distribution groups in single and bulk, with all entitlements easily and quickly, using the new group creation templates.
- New GPO reports: Enhanced reporting on GPOs with the addition of four new reports - GPOs with specific settings, GPO settings, GPOs with Script, and Compare GPO Versions report.
- Netapp and Isilon support: Manage and report on access permissions in NetApp and Isilon storage.
- Integration with ServiceDesk Plus Cloud, Jira and Freshservice: In addition to ServiceNow, Zendesk and ServiceDesk Plus, ADManager Plus now offers out-of-the-box integration with ServiceDesk Plus Cloud, Jira and Freshservice to perform IAM actions like user onboarding and offboarding, enabling, disabling, unlocking and deleting user accounts, and resetting passwords from within the helpdesk console.
- TLS Support: Option to configure TLS protocol with cipher suites, for greater security.
- User logon security: Option to block users or technicians from logging onto ADManager Plus after the specified number of failed logon attempts.
- Support for MSSQL database in the Azure for product database.
Enhancements:
- Microsoft 365 management: Microsoft 365 accounts can be configured using Microsoft 365 modern authentication.
- GPO management: Enhanced GPO management with options to configure security settings like Account Policies, Local Policies, Event Log, Restricted Groups, System Services, Registry, and File System for computer objects.
- Option to enable LDAP SSL for only the desired domains.
- Notification profile:
- Spruced up UI, which displays the technicians names in a pop-up, making it easier to select the desired technicians.
- Options to add additional attributes like alternate email ID, proxy mail ID, and fax, etc. for email and mobile notification.
- Organization attributes The organization attributes can be imported in bulk from csv files.
-
Automation:
- Integration with external databases will also support configuration of Auto Reply, Disable Lync, Delete Home Folder, Move Home Folder, Manage User Photos, Hide From EAL and Disable/Delete Mailbox actions.
- Option to use 'modify users by templates' in Automation Policy as the last task, or any of the instant tasks, other than the first one.
- For all HRMS based automation tasks, all the records in the database can be processed fully or incrementally depending on the task, every time the automation is executed.
- Workflow: While configuring requestor roles, Choose Template option can be enabled or disabled for help desk technicians.
-
Scheduled reports:
- Search for report schedules from column based search, besides the schedule name search option.
- Execute the advanced scheduled reports instantly from the Run Now column options.
- Delegation: When configuring help desk roles, customize the Schedule Report, View Archives, and Archive Settings options to be enabled or disabled for the technicians.
- ADManager Plus now uses an updated version of JRE (jre_1_8_0_162) for enhanced security.
- Unique encryption key for each instance of the product.
- Mobile app authorization - Options to customize logon settings to allow or disallow logon from the ADManager Plus Android or iOS applications.
- ADManager Plus now uses an upgraded version of Apache Tomcat (version 8.5.51) for enhanced reliability and security.
Fixes:
The following issues have been fixed in this release:
- Vulnerability issues in JSON .jar files and login password encryption.
- Issues in delegated OUs and group memberships in the Workflow module.
- Issues in scheduled reports listing nested group member values despite checking the 'Exclude nested groups' option while configuring scheduled reports.
- Issues in configuring Microsoft 365 settings for AzureUSGovernment and the Chinese environments.
- Product crashing during the generation of scheduled 'Group for users' report.
- The groups selected and the commands added in the custom scripts section in the 'Add to Groups' task in Automation were not getting saved.
- Issues in disabling the Hide from Exchange address list when modifying a single user.
- Error in accessing Computer modification templates.
- The OUs list for choosing group members during single group modification takes a long time to load.
- Issues in setting a photo for an AD user account through the user modification template.
- Time taken for modifying groups with more than 4000 users had been optimized.
- Unable to get shares from the server when there is a mismatch between the machine name and the DNS name.
- When a helpdesk technician has been delegated two domains, one with only a few OUs and the other being fully delegated, and a group is modified to remove a few group members, all the members of the group are removed.
- Multiple Cross site scripting vulnerabilities reported by Alexander.
7066 (December 2020)
Fixes:
This release includes fixes for the following issues:
- Not being able to update to the latest version of the product using the service pack.
- The version of JQuery used is upgraded to 3.5.1 for enhanced security.
- Cross site scripting vulnerabilities reported by Sean and Hendrik Noben.
7065 (December 2020)
Fixes:
This release includes fixes for the following issues:
- Not being able to navigate to other tabs in a user creation template, after clicking on its Office 365 tab.
- Password never expires users report fetching incorrect data when generated through the report scheduler.
- Recently deleted users report displaying the 'no data available' message when generated through the scheduler.
7064 (October 2020)
Fixes:
This release includes fixes for the following issues:
- Issue in updating to build 7063 using the service pack.
- Error in displaying user details while modifying users using the Single User Modification feature.
- Issue in locating a user account using the AD search if all domains configured in the product are selected in the search scope.
- Reports on inactive objects will now be generated based on only the lastLogon value, for accuracy. lastLogonTimestamp will not be considered as it can be updated even without logon activity, because of Service-for-User-to-Self operations.
7063 (October 2020)
Enhancements:
- Automation: Options to enable, disable and delete the automations as required.
- User management templates: You can now configure rules to remove users from groups with user management templates.
- Microsoft 365 management: Employee ID is automatically assigned to Microsoft 365 (formerly Office 365) users being created through user provisioning templates if Azure AD is configured in ADManager Plus
- ElasticSearch for backup module is now available by default with the product.
- Options to manage—add or remove, the users' auth tokens.
- Traditional Chinese and Korean language support: Besides English, ADManager Plus is available in ten other languages, viz., French, German, Spanish, Italian, Chinese, Dutch, Turkish, Arabic, Hebrew and Japanese languages.
Fixes:
The following issues have been fixed in this release,
- Issues with displaying thumbnails for photo based reports.
- Permissions details were not displayed in exported Folders Accessible by Accounts report, when used with SQL DB.
- Issues in utilizing the CPU memory efficiently.
- Issues in starting the product in compatibility mode with Internet Explorer versions 11 or older.
- The issue of one record missing for every 500 records added in the CSV file, when the Report from CSV option is used for report generation.
- An error message being displayed when the new attribute values added during GPO modification were in the long decimal format.
7062 (September 2020)
Fixes:
- Password change alert to change the default password of ADManager Plus' admin account.
- Employee Search will be disabled automatically, as a precautionary measure. However, you can enable the Employee Search, and customize it to display the required fields at any time.
7061 (August 2020)
Fixes:
This release includes fixes for the following issue:
Installation of service pack failing for users who:
- Have customized the columns to be displayed in the List View, to view the configured Help Desk Technicians, in the Delegation tab.
- Are upgrading from version older than 6010 and have open Workflow requests.
7060 (August 2020)
New Features:
- Site Based Delegation: This allows you to specify the Domain Controllers (DC) that ADManager Plus must contact, along with the order of preference when help desk technicians perform Active Directory (AD) management operations. In case a DC is not reachable, this will enable the product to contact the next one in the configured order to perform the required operation.
Enhancements:
- Microsoft Teams - Add Office 365 users to Microsoft Teams and channels while provisioning Office 365 users. Policy package details can also be added.
- Office 365 Management - More than 10 new Office 365 management tasks like blocking or unblocking Office 365 users, enabling or disabling MFA, mailboxes, etc. have been included in automation and workflow.
- Option to export file server management action results.
- Workflow
- Requests will not be assigned to the requesters themselves for approval, review or execution.
- Has been fine-tuned for enhanced performance.
- Ability to delegate management of specific shares of file servers to help desk technicians and workflow requesters.
- Disable policy: Automatically execute critical tasks like removing a user from Skype for Business and MS Teams, enabling litigation hold, blocking Office 365 users, hiding or unhiding a user from mailbox address list in Office 365, via the Disable policy, whenever a user is disabled using the product. You can also kill all the active Office 365 sessions when a user account is disabled, through the disable policy.
- Option to apply SSL certificates from ADManager Plus' GUI window.
- The failed logon attempts are also recorded in the technician logon reports.
- In automation you can exclude objects from certain tasks if you want those tasks to be performed on the objects only once and not repeatedly.
- Additional UltiPro attributes like employeeStatusCode, SupervisorEmployeeNumber, OriginalHireDate, etc. are now supported with ADManager Plus-UltiPro integration.
Fixes:
The following issues have been fixed in this release.
- The 'report from CSV' shows incorrect results for the password expiry date column.
- Unable to raise requests in automation after workflow archival.
- In Workflow, if the requester and the requested action were in the same OU with default 'Exclude child OUs' disabled, the requested task was not executed.
- Error message was shown when auto reply messages were set in Exchange for PowerShell version 2 and older ones.
- Add OU option was unavailable in Automation if Modify User By template action was configured in the Automation Policy.
- Product crashing after upgrade, due to standby status not being updated, and also when 32 bit version of the product is run on 64 bit machine with Office 365 configured.
- When two simultaneous delete tasks were performed in the same container, the details column was empty in the audit report for the objects.
- CVE-2017-17552 (URL redirection and CSRF) vulnerability.
- A group could be allowed to be added as a member of itself.
- Unable to create Office 365 accounts with DirSync enabled for existing AD users.
7056 (June 2020)
Fixes:
- This release fixes the issue in copying files while upgrading to the latest build.
7055 (May 2020)
Fixes:
- This release include the fix for the CVE-2020-24786 vulnerability, which allowed unauthenticated changes to integration system configuration, reported by Florian Hauser.
7054 (April 2020)
- Report Scheduler: The creation and modification time of each report schedule is available. The modification time gets updated everytime the schedule is edited, enabled, shared, etc.
- Help desk audit reports:
- The technician logon report will have the full name of technician in addition to the sAMAccount name.
- In bulk management operations using CSV, the manager name can be populated by providing just the employee ID.
- The ms-DS-ConsistencyGuid attribute has been added to the existing list of Source Anchor attributes configured during Office 365 configuration.
Fixes:
The folowing issues have been fixed in this release,
- The exported audit report did not include name of template used for user creation tickets.
- Technicians not being able to modify NTFS permissions for folders, if Visible Groups is configured for them.
- Cross site scripting vulnerability in employee search. (Reported by Loop Secure - https://loopsec.com.au)
- The members column does not get updated when the Permissions for Folders report is generated.
- When creating a schedule for Permission for folders report, the custom level value entered for the Check for folder permissions upto option did not get saved.
- Error message was not displayed when a technician tries to delete an automation policy, at the same time as when another technician links that automation policy to an automation.
- User's Remote Access Permission attribute remains unchanged when modified using a User Modification template with Remote Access Permission set to Control Access through Remote Access Policy.
7053 (March 2020)
Fix:
- This release includes fixes to ensure ADManager Plus is immune to unauthenticated remote code execution vulnerability.
7052 (March 2020)
Enhancements:
- If the OU name provided during creation of bulk AD objects using CSV does not exist, then a new OU of the specified name will be created and the desired AD objects will be created under it.
Fixes:
The following issues have been fixed in this release:
- The selected report window was blank for some customers.
- While modifying users, with CSV, when the value for removeMemberOf attribute is empty, the user modification action failed.
- During computer modification, even if the sAMAccountName was only 15 characters long followed by $ symbol, an error message for exceeding character limit was shown.
- While scheduling custom reports, if the OUs selected during custom report configuration and creation of automation schedule are different, the scheduled custom report will contain results from the OUs chosen during custom report configuration.
- When configuring additional email address during single group modification for mail enabled group, when the additional email address added is already in use for a different mail enabled group, error message failed to show up.
7051 (February 2020)
Enhancements:
- Support for Microsoft's upcoming security update for fixing LDAP channel binding and LDAP signing settings.
- Any LDAP attribute can be used to locate the desired AD users using the search user Rest API.
- Request ID macro has been added to the list of macros supported in the notification template in workflow.
- In automation, while using custom scripts to perform any user management action, it is now possible to use data from external databases like Oracle and MS SQL as the input.
- Office phone number can be added while creating Office 365 contacts.
Issue Fixes:
The following issues have been fixed:
- The unlock Locked-out users option on the dashboard was not visible for help desk technician after upgrades to recent builds.
- Some Office 365 reports were not available for help desk technicians even with Super Administrator privileges, after update to recent builds.
- Permissions for folders report displayed SAMAccount name in the Display name column.
- The user accounts modified with custom modification templates showed incorrect values for year in the Account expiry attribute.
- SQL server did not support column encryption for versions 2014 and older.
- The Office 365 Inactive users report generated in the automation module showed incorrect results.
- In automation, the successive tasks had to be manually triggered in certain instances.
7050 (January 2020)
New Features:
- Option to modify the computer objects using templates.
- Integration with HR applications Ultipro and BambooHR to automatically:
- Create user accounts in AD, Office 365, Exchange, Skype for Business, and Google Workspace whenever a new employee record is added in the HR application.
- Modify users' AD accounts whenever their records are modified in the HR application.
- Delete users' AD accounts whenever their records are deleted in the HR application.
- Global search option offers the capability to search for any action in the tool
Enhancements:
- Custom reports can be auto-generated and emailed via report scheduler.
- Closed workflow requests will be added to the archived audit report.
- Ability to view multiple archived audit reports.
- Capability to view the Distinguished Name of the deleted OUs in the audit report.
- Ability to modify contact's container attribute using contact modification template.
- Option to select custom report as input while configuring an automation.
- Option to view the Employee Number in the Employee Search option.
- Capability to hide or display Office 365 groups from address lists.
Fixes:
The following issues have been fixed in this release:
- While integrating with external databases, if the primary key is not added to the Data Source - LDAP Attribute Mapping section in the configuration, the tool was not be able to uniquely identify the user records stored in the database.
- Unable to use remote Windows Authentication to integrate with external SQL database server with JDBC driver version 7.0.0.
- Error in performing the delete user operation initiated from ServiceDesk Plus if the export user mailbox to a PST file was configured in the delete policy in ADManager Plus.
- Email notifications are triggered multiple times every time a workflow request is raised.
7041 (December 2019)
Fixes:
The following issues have been fixed in this release:
- When the AccountExpires attribute is modified using the Single User Modification feature, the change is not updated.
- Not being able to modify an existing automation if automation policy is used in it.
- Help desk technicians not being able to locate users through the AD Search option, even if the users' OUs are delegated to the technicians.
7040 (November 2019)
Enhancements:
- The existing GUI has been replaced by the much-awaited flat and sleek one, for all active users.
- Office 365 Management and reporting:
- Group-based user license management: Bulk assign, modify, replace or revoke the licenses of users who are members of specific groups.
- 45 new reports on Office 365 Users, passwords, and Exchange mailboxes.
- REST APIs to modify AD user accounts, add/remove users from groups, and create workflow requests.
- The Users with Change Password at Next Logon and Users Not in Groups reports have been added to the list of reports supported in Automation; Offers greater flexibility in selecting the user accounts to be managed via Automation.
- Integration with PAM360, ManageEngine's privileged access security solution, to dynamically manage PAM360 technicians' privileges.
- Active Directory users' logon hours will also be included in the Help desk Audit report data when it is exported.
Fixes:
The following issues have been fixed in this release:
- Custom script not being executed after user creation, if the Office 365 user creation option alone is selected while creating users.
- When Password Expired Users report is generated with the Exclude Disabled Users filter enabled, the data includes disabled AD users also.
- All Computers report not being generated when used in Computer Automation tasks if Member Of filter is used.
- When modifying an OU using the Modify Single OU feature, Protect from Accidental Deletion option is not enabled in the product, even when it is enabled in AD.
- Unable to add additional domains in the logon name field of user creation templates, while creating a new template or modifying an existing one.
- Not being able to move to other tabs after clicking the Office 365 tab in user creation templates.
- Users Not in Groups report data not being displayed when the Show Users Not in Any of the Groups filter is selected.
7030 (October 2019)
New Feature:
- Over 10 new management operations including Add or Remove Office 365 Group Owners, Modify Calendar Permissions, and more.
- Over 4 new Office 365 mailbox-based reports.
- A flat, sleek and intuitive UI for enhanced performance and user experience.
Enhancements:
- Option to select templates during bulk group and computer creation.
- Ability to display the number of available licenses during Office 365 license management.
- Option to view which technician has imported which CSV file or exported which report using the Data Administration option in the Audit Reports if Data Privacy is enabled.
- Option to add Custom Reports as quick links to the custom dashboard.
- Option to add an image URL to the logo displayed in the product.
- Option to fine-tune AD search according to the domain or object type.
- Option to exclude child OUs and view custom attributes of users in the Employee Search option in the product login page.
- Ability to notify administrators whenever the product is down.
- Option to perform Search and Export As operations in AD Explorer.
- Ability to display the details of all the groups specified in a CSV file, whenever the Reports from CSV report is generated.
- Option to view all the permissions of a specific folder within the Permissions for Folders report.
- Option to encode the data to be sent via SMS by configuring the SMS gateway settings.
Fixes:
The following issues have been fixed:
- Unable to update the msExchPoliciesIncluded attribute while modifying groups using a CSV.
- Audit Report does not display information about the Office 365 license management operations performed during single user creation.
- Not being able to generate the Unlicensed Users report again, after adding columns to the previously generated report.
- Not being able to select OUs while automating the Modify Users by Template operation using an automation policy.
- Unable to automatically update the names of renamed OUs in the delegated OUs lists of help desk technicians.
7020 (September 2019)
New Feature:
Technician Logon Report:
View logon related information such as login time, logoff time, session duration, authentication method used, and more for all help desk technicians.
Enhancements:
- Option to delegate shared folders management to technicians by configuring the product database.
- Capability to enable administrators and technicians to directly land on the SAML identity provider via the product URL, by configuring the product database.
- Ability to migrate ADManager Plus database to an existing Microsoft SQL or PostgreSQL database.
- Option to specify the database server instance while migrating the product from one database to another.
- Option to update the modified password of Microsoft SQL database, in the product, by executing a batch file.
- Ability to specify sAMAccountName, UserPrincipalName, distinguishedName, or email attributes as search criteria for user objects in REST API requests.
- Supports integration with SSL-enabled Microsoft SQL Server.
Fixes:
The following issues have been fixed:
- Identification of ADMX files while editing GPO settings using the Manage GPOs option.
- If a technician attempts to logon to ADManager Plus via SSO, and the logon attempt is unsuccessful due to the technician account being disabled or not configured as a technician in ADManager Plus, the technician account is not logged out of the IdP.
- A technician will be able to view all the OUs in the Select Domain/OU/Site drop-down of the Manage GPO Links operation, even if those OUs are not delegated.
- Unable to logon to ADManager Plus via NTLM Single Sign-On using machines that do not exist within the domain.
- Not being able to execute the other instant tasks specified in the automation policy, if one of the instant tasks is Remove Office 365 License.
- The Successfully modified message is displayed to technicians trying to deselect the Protect object from accidental deletion during single or bulk OU modification, despite the change not being reflected in AD.
- Issue in adding or removing Office 365 licenses.
- Scheduled reports sent via emails can be accessed by users who do not have the necessary privileges.
- The Backup Settings option in the Backup tab does not display the domains configured in the product.
7011 (July 2019)
Enhancements:
- Exchange Server 2019 support: ADManager Plus extends the scope of its Exchange management and reporting capabilities to Exchange Server 2019.
- SAML-specific additions:
- Force SAML-based authentication: Allow access to ADManager Plus only through SAML single sign-on (SSO).
- Custom ACS URL: Option to use a customized ACS URL to process SAML-based SSO requests.
- SAML Logout support: Logging out from ADManager Plus will also logout the users from the SAML SSO provider. This option can be enabled from the product database.
- Captcha Support: Option to enable Captcha, for enhanced security during ADManager Plus logons, from the product database.
- Custom script wait time: Specify the time for which the product must wait, before proceeding with the appropriate operations, whenever custom scripts are triggered from the product.
- Granularity in configuring permissions on the product's installation folder: Configure access to ADManager Plus' installation folder only to the desired users, along with the relevant permissions or level of access.
Fixes:
- Issues in backing up AD objects have been fixed.
7010 (June 2019)
New Features:
Active Directory backup and recovery:
- Incremental or full backup of Active Directory objects.
- Granular or complete restoration of AD objects.
- View the current and previous values of modified object attributes and compare them.
Enhancements:
- Capability to exclusively delegate the Clear All Group Memberships rights to technicians for bulk user management.
- REST API for single OU creation.
- Increase in the number of AD users that can be created by technicians using the REST API.
- Office 365 support for users for whom proxy server settings are enabled.
- Capability to automatically revoke group memberships of users after a specific duration using the Business Workflow.
- Option to use automation in Microsoft SQL Servers, Oracle databases, Zoho People and Workday integrations for routines such as enabling/disabling a user, adding/removing users from groups, and modifying users using a template.
- Option to export users' mailbox content as a PST file automatically, through the disable policy, whenever user accounts are disabled.
Fixes:
The following issues have been fixed in this release:
- Not being able to export user mailboxes if the Exchange Server and the mailbox users are located in different domains of the same forest.
- Unable to display the names of users who belong to other domains but are members of a global/universal group.
- Issue in updating a user's profile image using the Manage User Photos option.
- Unable to export a user's mailbox to a PST file, if the home folders are also selected for deletion in the delete policy.
- Issue in fetching all the users while performing Office 365 management actions even when all relevant permissions are assigned to that technician.
- Issue in disabling users' mailboxes.
- Issue in sending email notifications to new mailboxes.
- Issue in creating Skype for Business server accounts while creating AD user accounts.
7000 (April 2019)
New Features:
- Office 365 contact creation.
- Over 20 new reports under different categories like Contact reports, Exchange Online Mailbox reports, OWA reports and more.
Enhancements:
Fixes:
The following issues have been fixed in this release:
- Help desk technicians not being able to access the help desk password reset console despite having the required role.
- Issue in adding or removing columns in custom reports.
- The status message of CSV-based bulk user modification operation displays only the final error and not all the errors.
- When a specific file server is delegated to a user via group delegation, while assigning the help desk technician role to that user, all the file servers get assigned to that technician automatically.
- Issue in differentiating between the OUs with the same display names while delegating them to a technician.
- Issue in copying the memberOf attributes of users while using the Copy User Attributes option in templates.
- Issue in exporting the Inactive Users report.
- Not being able to generate Shares in the Servers report if shared folder names contain special characters.
6660 (March 2019)
Enhancements:
- Capability to edit all administrative template settings of a GPO, including the custom template settings.
- Capability to add an AD object's manager as an approver and/or reviewer in the business workflow. This will enable managers to have complete control over the creation, modification, and deletion of objects they manage.
6659 (February 2019)
New Features:
- ADManager Plus supports Arabic and Hebrew languages.
- ADManager Plus now supports Windows Server 2019.
Fix:
- This release includes the fix for CVE-2018-19374 vulnerability (The issue of all authenticated users getting write permission for all files in the bin folder is fixed).
6658 (February 2019)
Enhancements:
- Option to hide users from Global Address List (GAL) and enable mailbox auditing for Office 365 users during user creation.
- The disable policy allows you to disable litigation hold, convert a user mailbox to a shared mailbox and remove users from all Office 365 groups.
- Realtime email notifications for all management actions performed, including the ones executed through automation and workflow, with details such as title, department, and sAMAccountName.
Fixes:
The following issues have been fixed in this release:
- Issue in deleting a Google Workspace user account, when the associated AD user account is deleted, even if Delete Google Workspace user account is configured in the delete policy.
- Issue in moving the archived technicians audit reports stored in MS SQL database, after upgrading to the latest build.
- Issue in displaying Office 365 sub-license (tenant type) in templates, if the license base subscription includes only one sub-license.
- Issue in the execution of user creation rules in templates while creating a user despite not modifying the rules or the template after upgrading to the latest build.
- If multiple domains have been configured in the product, the existing members are not selected in the Select Members pop-up during single group modification.
- Issue in removing users from groups using the modify user by template option in the workflow.
- Performance issues in the dashboard.
6655, 6657 (December 2018)
New Features:
- Customizable Dashboard: The ADManager Plus dashboard gets a makeover with an intuitive flat UI. It also offers the following customizations :
- Add widgets to group together the necessary reports based on the needs of the organization.
- View OU specific data in the dashboard.
- Option to have reports of each domain in a separate tab.
- Have reports of each domain in a separate tab.
- Add the most frequently used management actions and reports as the quick links section.
It is also possible to track the status of the workflow requests right from the dashboard, and if needed, administrators and technicians can drill-down to the actual ticket to perform the required action.
Enhancements:
- Option to add alternate naming formats to avoid duplication: During user creation, avoiding duplicates becomes easier with the option to use another naming format, if the username already exists.
- Enforce two factor authentication (TFA) for SAML-based SSO: Two-factor authentication can be enforced for users logging in to ADManager Plus through SAML-based SSO.
- Option to override the Prevent from accidental deletion restriction for user objects is added to the delete/disable policy.
- Set the account expiration date of users also using the enable user REST API.
- The audit report will also display the name of the template used, when a user is modified using a template
- When deleting a template, the list of all automated tasks as well as policies, and workflow requests in which the particular template is used will be displayed.
- Performance enhancements:
- The refresh option in the Accept messages from and Reject messages from popup while setting the Exchange delivery options is now 30 times faster.
- The Report from CSV is now 9 times faster, for up to 130,000 records in a CSV file.
- Member selection popup in user management and other object management actions is 6 times faster.
Fixes:
The following fixes have been fixed in this release:
- Issue in connecting to the product database from the standby server.
- Issue in setting primary SMTP addresses as additional email addresses if Automatically update email addresses based on policy option is selected.
- When user accounts are created via automation, SMS notifications were display blank passwords.
- Reviewer name is not mentioned in the workflow notifications sent to the reviewers.
- Error message not being displayed properly in the Smart Card Authentication page.
- Technicians not being able to automate user creation/modification despite having the required rights and permissions
- Issue in updating the Office 365 User Prinicipal Name during single and bulk user creation.
- Not being able to unlock accounts from the Reset password console of help desk technicians.
- Product crashes while generating the Folders accessible by accounts report when there are more than 5000 objects.
- Product crashes while generating the Detailed group members report.
- Issue in modifying mailboxes that have special characters in their names.
- Issue in removing photos of users.
- Issue in displaying the error message when incorrect CSV format is used for single group modification.
- Technicians being able to perform the Remove from group action, if they have only the Add to group permission.
6653 (October 2018)
Fix:
- This release fixes the database connectivity issue which affected the performance of product.
6652 (September 2018)
Enhancements:
- This release includes enhancements to meet the GDPR requirements, and also fixes installation issues.
6651 (September 2018)
Fix:
- This release includes the fix for Self-XSS and HTML injection vulnerability (CVE-2018-15740).
6650 (September 2018)
New Features:
Integration with Zoho People and Workday:
This integration offers the capability to automatically:
- Create user accounts in AD, Office 365, Exchange, Skype for Business, and Google Workspace whenever a new employee record is added in the HR application.
- Modify users' AD accounts whenever their records are modified from the HR application.
- Delete users' AD accounts whenever their records are deleted from the HR application.
ServiceDesk Plus integration:
You can now perform the following user management actions from within the ServiceDesk Plus console:
- Modify Department
- Modify Manager
- Add users to group
- Remove users from group
- Set folder permissions
- Remove folder permissions
For enhanced user management, you can perform the following actions using user modification templates:
- Enable users
- Disable Users
- Reset Password
- Unlock Users
- Modify Department
- Modify Manager
- Add users to group
- Remove users from group
Enhancements:
- Enhanced integration with MS SQL and Oracle databases: This allows automated modification or deletion of users' AD accounts whenever their corresponding user records are modified or deleted from Oracle or MS SQL database.
- Technicians will be able to view and edit GPOs that are linked to delegated OUs only.
- Automated ADManager Plus license expiry notifications to administrators via email. These emails will be sent everyday starting from 10 days before license expiration.
- Option to enable email notifications about webinars, seminars, workshops, product release and promotions.
Fixes:
The following issues have been fixed in this release:
- While generating Permission for Folders report, there is a slight delay in processing the Stop Generation request.
- If workflow is enabled for automated tasks, the successive task configured in the automation policy gets executed even before the instant tasks are approved.
- Issue in database backup if temporary tables are present.
- Unable to generate NTFS reports if the domain name starts with a number.
- Exported files are not available in specified file format in the storage path.
- Unable to migrate from MySQL to pgSQL database.
- XXE vulnerability that occurred while applying the license.
- While generating detailed group members report, the report does not display the common users of the selected groups.
- Two factor authentication vulnerability issue.
- Self-XSS and HTML injection vulnerability (CVE-2018-15609)
6644 (September 2018)
Fixes:
This release includes fixes for multiple Self-XSS and HTML injection vulnerabilities (CVE-2018-15608 and CVE-2018-15609).
6641 (July 2018)
Fixes:
The following issues have been fixed in this release:
- Unable to export detailed group members and Office 365 reports in XLSX format.
- Unable to perform advanced search for objects using the AD search functionality.
- Issue in assigning Email alias value while creating an Office 365 user account.
6640 (July 2018)
New Features:
Integration with Splunk server: Forward Active Directory log data to Splunk server for detailed auditing.
Delegation of Office 365 tenants and Google Workspace accounts:
- Delegate Office 365 management and reporting to help desk technicians with the option to assign only specific Office 365 domains and licenses.
- Delegate Google Workspace management and reporting to help desk technicians.
New Office 365 group reports to list groups with owner, groups without owner, and size of groups in Office 365.
Enhancements:
- GPO enhancements:
- Option to rename the GPOs.
- Option to copy existing GPO links of domains or sites while creating new GPO links.
- When the distinguished name of an OU, group, or user attribute is changed in AD, it will be updated in ADManager Plus templates and workflow requests automatically in the appropriate fields (container, memberOf, and manager).
- Automate the execution of approved workflow requests using scheduler.
- View NetApp server permissions also using NTFS reports.
Fixes:
The following issues have been fixed in this release:
- Unable to update correct legacyExchangeDN value if umlaut characters are present in the full name attribute.
- Unable to search the help desk audit report using action name, action category, or module used fields.
- Issue in generating reports through scheduler.
- Issue in showing or hiding the option to trust the browser for 180 days while configuring OTP via email in two factor authentication.
- Requesters having OU restriction will be unable to create requests to modify user using template in workflow if the container is not specified in the template.
- Issue in setting logon restrictions for accessing computers in Modify User by Template request in workflow.
6633 (June 2018)
Enhancements:
This build includes the following enhancements to comply with the General Data Protection Regulation (GDPR).
Settings to help ADManager Plus users comply with the GDPR
- User will be prompted for consent while integrating with third party applications.
- While adding custom LDAP attributes, administrators can specify if the LDAP attribute belongs to PII (Personally Identifiable information) category.
- During deletion of techncians, you can enable the option to anonymize the technician's name displayed in the audit report.
- Password protection for exported reports, database backup, and archived audit report files.
Enhancements for ADManager Plus to be compliant with the GDPR
- Technicians' passwords stored in the database are encrypted using bcrypt algorithm.
- Database access via command prompt or client tool is secured with a password.
- Privacy settings for the GDPR are enabled by default for customers in the European Union.
- Report export and CSV file import actions are audited.
- Sensitive information such as email server and email addresses are masked in the UI of connection settings.
6632 (May 2018)
Enhancements:
Single sign-on to ADManager Plus using SAML authentication: You can set up single sign on to access ADManager Plus through any of these popular identity providers.
- Okta
- OneLogin
- Ping Identity
Besides these, you can also use a custom identity management solution.
6631 (April 2018)
Highlights of Build 6631
New Features:
Zendesk integration: Help desk technicians can create users in Active Directory, Office 365, Exchange Server, Skype for Business, Lync, and Google Workspace from the Zendesk console.
They can also perform the following user management actions from within the Zendesk console:
- Reset passwords
- Enable or disable user accounts
- Unlock user accounts
- Delete user accounts
Enhancements:
- Active Directory management add-on license: ServiceDesk Plus customers can avail the AD management add-on license which allows help desk technicians to execute important AD user management actions from within the ServiceDesk Plus console.
Fixes:
The following issue has been fixed in this release:
- While processing a single user creation request, the approver is unable to view the email address entered by the requester.
6630 (March 2018)
Highlights of Build 6630
New Features:
- Office 365 group creation: Create distribution groups, mail enabled security groups and regular Office 365 groups in bulk using CSV files.
Enhancements:
- After generating Office 365 group members report, you can filter the data to view only members of specific groups.
- Option to execute custom script on successful creation and modification of room and equipment mailboxes.
- Supports management of Office 365 tenants configured in independent Azure cloud deployments, including Azure Germany and Azure China.
- While removing NTFS permissions for folders, you can now preview permissions before updating the changes in Active Directory.
- Remove Send As and Send on Behalf permissions in Exchange Online for multiple mailboxes.
Help desk role:
- Delegation of NTFS and share permissions modification rights to technicians is now granular and includes options such as include inheritable permissions from this object's parent and more.
- While assigning permissions to generate reports to the technicians, you can allow or deny the permission to use report scheduler.
Workflow:
- Option to resend a failed user or contact creation request or rejected request by the requester for processing it again.
- Super admin can assign unassigned requests to any specific technician.
Fixes:
The following issues have been fixed in this release:
- Path traversal and DoS attack vulnerabilities.
- Unable to view archived audit reports.
- Unable to update primary email address for mail enabled users and contacts.
- Email notifications are not sent after performing bulk management actions using CSV file.
- Unable to set mailbox delegation properties such as full access rights, send as and send on behalf for Office 365 shared mailboxes.
- Unable to save HTTP Request Headers while configuring custom SMS provider settings.
- Unable to enable hide from Exchange address list in group modification.
Build 6622, 6623 (March 2018)
Fixes:
The following issues have been fixed in this release:
- Error in exporting reports if the attribute values begin with +, -, =, or @.
- SIP URI field in Skype for Business/Lync Server settings is set as a mandatory field in system template even though it is not mandatory.
- Error while modifying previously configured delete/disable policy.
Build 6621 (February 2018)
Fixes:
The following issue have been fixed in this release:
- For greater security, logging of audit data to a flat file will be disabled by default.
Build 6620 (February 2018)
New Feature:
- RSA SecurID-based authentication:
You can now use RSA SecurID as an option for Two Factor Authentication (TFA) for secure access to ADManager Plus.
- Single Sign-On to logon to ADManager Plus:
Users can access ADManager Plus by just logging on to their Windows machines, by enabling Single Sign On.
- Configure Auto reply in Office 365:
Enable, disable, or schedule auto reply for the Exchange Online mailboxes of multiple users. You can also set separate messages for internal and external users.
Enhancements:
- Remove group memberships while modifying users, computers, groups and contacts and remove proxyAddresses for users, groups and contacts in bulk using CSV file.
- Update the manager field for users, computers, groups and OUs using sAMAccountName in CSV file while modifying them in bulk.
- Auto reply can be configured for users using modification templates in single user modification.
Notification:
- You can create notification profiles exclusively for OUs.
- While viewing scheduled automation, reports, and advanced reports, you can now use filters to view only the ones created by you, shared by you, and shared to you.
Export user mailbox: You can use delete policy to automatically export user mailboxes as a PST file to the specified location before deleting the Active Directory user accounts. You can also track the status of the export mailbox operations with Mailbox Export History option.
Skype for Business/Lync:
- Modify users' Skype for Business/Lync properties using the single user modification feature.
- Assign mobility policy for users in Skype for Business/Lync Server 2013 and above using templates during single user creation and modification.
- Modify users' Skype for Business/Lync policies such as Location, Client version, Client, PIN, Mobility, External access in bulk user modification.
Fixes:
The following issues have been fixed in this release:
- Unable to update user photos to exchangePhoto attribute in bulk user modification.
- Unable to edit, create or delete GPO if LDAPS feature is enabled in connection settings in ADManager Plus.
- Users not listed while configuring auto reply settings using bulk user management feature.
- Error in configuring multiple email addresses for administrator in Email server settings.
- Unable to configure HTTP Request Headers in SMS gateway settings in Admin settings.
- Error in displaying the owner name in Shares in the servers report.
- Unable to change templates while processing workflow requests.
- Technician's name displayed as ADManager Plus Admin even if actions were performed by other help desk technicians through workflow module in help desk audit report.
- CVE-2017-17552 (URL redirection and CSRF) vulnerability.
Build 6613 (January 2018)
Highlights of Build 6613
New Feature:
Enhancements:
- Manage O365 users' licenses and Exchange Mailbox settings from inactive users report:
Right from the inactive Office 365 users report, it is now possible to assign, remove or revoke Office 365 licenses and also manage Exchange Mailbox settings, such as Mailbox delegation, Hide from address lists, Add additional Email addresses and more, of Office 365 users.
Build 6612 (December 2017)
Highlights of Build 6612
Enhancements:
- Option to execute a custom script on successful contact creation and modification, and group modification also.
- You can now enable the Protect object from accidental deletion option while creating and modifying objects (user, computer, group, contact) individually or in bulk.
- While creating dynamic distribution groups, you can use Telephone number and Other telephone also in the conditions to decide the recipients.
- While creating and modifying objects, you can now import a CSV file to specify values for memberOf field.
- Modify the credentials of the Office 365 account specified in ADManager Plus Office 365 settings.
- When a help desk technician is created, the selected user's email address and description in AD are auto-updated in the technician's profile. They can be changed whenever needed.
- Select the desired DAG while creating users Exchange mailboxes via bulk user modification, workflow, and automation features
- In account creation and modification templates, you can now:
- Edit the rules already configured in account creation and modification templates.
- Append new groups to the values already configured in the memberOf field in existing creation and modification templates.
- Rule-based value assignment can now be performed for logon name, custom attributes, terminal user settings, and more.
Fixes
The following issues have been fixed in this release:
- Unable to update the value for mAPIRecipient custom attribute configured in ADManager Plus while creating mail-enabled contacts using CSV file.
- Unable to update manager field using sAMAccountName in CSV file import.
- Incorrect time displayed for execution of successive tasks configured in automation policy in the workflow requests section.
- Unable to delete or disable mailbox(s) from mailbox-enabled users report.
- Executors unable to edit or view some of the workflow requests.
- Requests not displayed in the All requests page in workflow while using the MS SQL as the product database.
Build 6611 (December 2017)
Highlights of Build 6611
New features:
ADManager Plus strengthens its Office 365 management and reporting with these new capabilities:
- User management: Reset passwords, block and unblock Office 365 users in bulk.
- Exchange Online mailbox management:
- Manage the mailbox features, permissions, and retention policies of users' mailboxes
- Delegate shared mailboxes and manage retention policies.
Office 365 reports: Adds exclusive reports on dynamic distribution groups and their members.
You can also delegate the new Office 365 management and reporting capabilities to help desk technicians. Also, for enhanced user experience, all Office 365 related capabilities are now placed under an exclusive Office 365 tab.
Fixes
The following issues have been fixed in this release:
- Unable to export reports if the logo file is not found.
- Selected group(s) not being displayed while viewing or editing schedule settings for advanced reports.
- Unable to reject workflow request if the user is added as an executor and not an approver.
- Unable to access the calendar for setting the execution time while configuring a new automation.
Build 6610 (November 2017)
New feature:
The solution also offers the ability to modify or delete the custom reports and delegate the reports to relevant help desk technicians.
Enhancements:
- Help Desk - Reset Password Console option in the home page has an additional option to generate Random Password in the Reset Password actions
Automation:
- Notifications: Email and SMS alerts to notify users about the execution of any automated task.
- Group management: Automated group membership management just got better with new actions such as Add groups and Remove groups.
- User management: Option to automate user management via Office 365 reports.
- Office 365 license management: You can now automatically remove the Office 365 license assigned to users, at the desired time.
Business Workflow:
- Multiple business workflows: Create and use as many workflows as needed, for monitoring the execution of different types of AD tasks.
- Integrated request assignment and notification rules: Set the assignment and notification rules, easily and quickly, in a single operation.
- While setting rule criteria, you can now set a rule based on the domain name in Assigning Rules in Workflow
Fixes
The following issues have been fixed in this release:
- While running a custom script configured in Delete policy while deleting users, you can now retrieve the department name of the deleted user(s) apart from the samAccountName of the user(s).
- Error in Exchange mailbox database quota values if the mailbox has "Use the default database quota".
- Unable to enter case-sensitive values in Titles & Departments and Offices & Companies in Admin settings.
- Error in naming the licenses in Assign Licenses field in user creation
- When the country code is entered, the product populates the wrong country in user and contact creation
- Unable to receive SMS notification on account unlock
- In syslog integration, the technician's name was missing in the help desk audit report.
- ADMP-SDP integration has an authorization error in SDP if the technician is deleted and recreated in ADMP with the same set of credentials.
Build 6602 (November 2017)
Fixes
- Issue in delegating linked mailbox creation templates to groups.
- Issue in enabling auto-mapping option for users' Exchange mailboxes using the Set Mailbox Rights feature.
Build 6601 (October 2017)
New feature:
Office 365 Management:
- Standalone Office 365 user provisioning: You can now create user accounts in Office 365 without having to provision AD accounts.
- Separate UPN for Office 365 users: You can set a separate User Principal Name for Office 365. If not mentioned, the default UPN will be the logon name.
- Support for new Exchange Online attributes: You can configure new attributes such as E-mail Alias, Litigation Hold and In-Place Archive in Office 365 properties in single and bulk user creation and Office 365 account creation for AD users.
Linked Mailbox Management:
- You can configure Single Linked Mailbox supported by Linked Mailbox Creation Template in mailbox management.
Contact Management:
- You can modify the group attributes of the contacts by adding or removing them from groups.
ADManager Plus adds Turkish language to the list of non-English languages it supports.
Enhancements:
Office 365 Management and Reporting:
- You can now filter the Office 365 users based on licenses in Office 365 reports and management actions such as Assign/Remove Licenses.
- OU filter can be applied while performing Exchange Online management actions such as Mailbox Delegation, Hide from address list and Email forwarding in Office 365 management.
- Exclude active AD users from inactive Office 365 users report: You can now generate Office 365 inactive users report with some AD data. Option to exclude active AD users from inactive Office 365 Users report if the configured Office 365 tenant/domain is directory sync enabled is available.
Automation:
- User Automation:
- In Reset Password action, you have an option to generate 'Random Password'.
- You can perform new tasks such as Delete Home folder and Disable Lync.
- The Auto Reply feature can be enabled or disabled and you can configure automatic replies to be sent inside or outside the organization within customizable timelines.
- The Contact Automation category supports new tasks such as Move Contact, Add To Group and Remove from Group.
- You can now automate the task of running custom scripts in Computer Automation category.
- While setting time period for successive tasks execution in the Automation policy, you can set time period in terms of hours.
User Management:
- While implementing Delete/Disable User Mailbox in Exchange, you have the option to display users list for multiple mail servers so you can perform management actions on multiple mailbox users.
- While modifying users with CSV, you can now locate the user with samAccountName attribute for the manager in addition to the Distinguished Name.
- While setting rules in User Creation and Modification template you can now use the new field 'Description' while setting conditions for creating users and a new attribute of 'Logon Script' has been added to the Assign Values section.
- The user photos for AD and Exchange can be managed in User Creation and User Modification template with support of high resolution photos of Exchange users. The photo will be resized automatically if the uploaded photo is greater than the size limit of the corresponding attribute in AD.
Reports:
- The All Users report can now display the attribute 'Home Drive' of the users.
- The Permissions for Folders report can now display the attribute 'Display name'.
- Now you can send passwords to other stakeholders such as user's manager, any technician and the admin apart from the user for any password related management actions in the notification profile.
Shared mailbox creation:
- You have an optional feature to auto map the Shared Mailbox to any mailbox to which a user has full access permissions.
- You can now set a custom script to be executed on mailbox creation.
Fixes:
The following issues have been fixed in this release:
- When disabling a user, there was an error in moving Macintosh folders with lengthy path configured in the disable policy.
- Even after the automation task was disabled, the configured successive tasks were executed.
- Unable to select contact creation templates while assigning templates for requesters for non-English languages.
- Include/Exclude groups feature in modifying help desk technician in AD delegation was not working in Modify Single Group list.
- If the update user was done before memberOf completes loading, the group membership was deleted in AD
- Error in generating Permissions for folder report when more than 100 folders are selected.
- Unable to see the mail contacts while trying to configure 'Forward to' for a user mailbox in user creation through ADManager plus.
- While mailing Office 365 License details report, the attachment containing the report was not sent.
- While modifying users using CSV in Automation, the product will locate the user(s) with the help of unique attributes such as userPrincipalName, Distinguished Name or samAccountName and make the desired changes.
- Similar to AD, users without Delete SubTree permission can now delete users using ADManager Plus.
- The Office 365 users created using ADManager Plus not displayed while performing the Office 365 management actions.
Build 6591 (September 2017)
New feature:
- Reads the configured tables of Oracle and MS SQL database and creates
automatic schedules for user creation to synchronize the user details across the
databases and AD environment. Read more
- Sends its log data in Syslog format for analysis to a Syslog server, thus facilitating
comprehensive auditing to ensure network security. Read more
Enhancements:
ServiceNow integration:
- Capability to alter users' group membership.
- For enhanced security and to block unauthorized access, ADManager Plus can
now be accessed from your ServiceNow if and only if your ServiceNow instance is
configured on ADManager Plus web-console. Read more
ServiceDesk Plus integration:
- Configure your ServiceDesk Plus integration with ADManager Plus from the new
'Integrations' tab. Read more
Fixes:
The following issues have been fixed in this release:
- Domain synchronization failure in ADManager Plus when settings are updated on
to the AD360 installation that encapsulates the former's setup.
- Unintended overwriting of default domain name with value from user
modification template.
Build 6590 (August 2017)
New feature:
GPO management:
- Create GPOs: Now you can create GPOs and link them to OUs, sites, or a domain (either at the time of its creation or later) without using GPMC.
- Edit GPOs: Options to search and modify the administrative template settings, for both computer and user configurations, have been provided now.
- Delete GPOs: You can now delete single or multiple GPOs, in one go.
Click here to know more
Archive audit report: The new feature helps archive help desk audit reports as well as customize the archive interval and the retention period.
Enhancements:
- Report driven GPO management: You can now delete a GPO, enable the user configuration settings, computer configuration settings, or enable/disable all the settings from 'GPO Reports' itself.
- GPO management:
- 'Link GPO' option helps to link existing GPOs to multiple containers, at once.
- A revamped UI which lists GPOs, and also has a toggle button to easily enable or disable the configuration settings.
- Scheduled audit reports: You can now generate reports automatically at a specific time or at regular intervals.
- Custom LDAP attributes: ADManager Plus now supports LDAP attributes with Generalized-Time syntax (UTC coded time).
- JRE upgrade: ADManager Plus now uses updated version of JRE for enhanced security.
- UPN/email suffix selection:
- Using ADManager Plus, you can now select the UPN suffixes and email suffixes which are already configured in your domain.
- Remote routing address suffixes can be selected from the addresses configured in your Office 365.
- New suffixes can be added to users' UPN, email address or remote routing address, without actually creating a new suffix in AD or Office 365 domain.
Fixes:
The following issues have been fixed in this release:
- Child OUs being displayed multiple times while editing 'User Creation Templates'.
- Danish characters æ, å, and ø not accepted during user creation ('Simple display name' field).
- Shared folder creation error when the home directory ends with '$'.
- Issue while connecting to Office 365, if the machine where ADManager Plus is installed has .NET framework (version 3.* and 4.*) and Exchange server (2007 or 2010).
- Prompting for OU name during bulk OU creation, though the CSV file already contains the name of OU in which new OUs are to be created.
Build 6583 (August 2017)
New feature:
REST APIs: ADManager Plus offers REST Application Programming Interfaces (API) to enable users of other applications such as help desk tools, to access ADManager Plus, and carry out the necessary AD user management tasks from their applications. Using these APIs, you can perform the following AD management operations without logging into ADManager Plus:
- Create user
- Reset user password
- Enable or disable user
- Unlock user account
- Delete user
- Search user
Click here for more details.
Watch Video
Build 6582 (July 2017)
File Server Management capability has been enhanced with option to
- Create workflow requests for granting or modifying shared folder permissions.
It is also possible, while creating the request, to select a specific time duration, such as 30 minutes, one hour, two hours, one day, or permanently, for which the permissions being assigned must be valid. After the specified time period, users' permissions will be automatically reverted.
- Modify or remove the NTFS or share permissions of multiple users and groups at once.
- Restrict the file server management permissions of help desk technicians to only specific file servers.
Fixes:
The following issues have been fixed in this release:
- Country codes not being displayed in reports.
- When audit reports are generated and emailed via scheduler, reports are not attached with the email if CSV is selected as the report format.
- Exchange Servers of specific DAGs not being listed during mailbox creation.
- While modifying groups in bulk via CSV, product screen becomes blank if sAMAccountName is edited after importing the data from the CSV file.
Build 6581 (July 2017)
Enhancements:
- Sharing report schedules and automations: It is now possible for the administrator or any help desk technician to share the report schedules and the automations configured by them, with fellow technicians. The technicians with whom the schedules or automations are shared will be able to view their details and also execute them.
- While exporting the reports, it is now possible to exclude the description and export only the report data.
Fixes:
The following issues have been fixed in this release:
- Not being able to fetch the permissions assigned on Oracle ZFS servers using permissions for folders report.
- Product hangs while specifying password during user creation or resetting passwords of users, if smart card authentication is enabled.
- 'Exclude child OU' option not working properly while generating users' real last logon report via report scheduler.
- Product stops responding while removing the last SMTP address when it is configured as a custom attribute in a user modification template.
Build 6580 (June 2017)
New Features:
- Active Directory management notifications: This feature notifies all the relevant
stakeholders via email and/or SMS, whenever an AD, Office 365 or Exchange
management action is executed. Further, the notification messages can be customized
based on the management action performed, the domain in which it is performed or the
technician who performs the action.
- Litigation hold enabled Exchange Online mailboxes report: View all the Office 365
users for whose Exchange Online mailboxes the litigation hold option is enabled.
- Recently created, modified, and deleted contacts reports: Fetch the complete list of
recently created, modified and deleted Active Directory contacts.
- Exchange Online (Office 365) mailbox management: Enable litigation hold and
in-place archive, and also add proxy addresses for the mailboxes of Office 365 users in
bulk, using the new features added to the Exchange Online management module.
- ServiceNow integration: IT help desk technicians can now create Active Directory
users, and also manage them - reset passwords, enable or disable, unlock and
delete user accounts - easily and instantly, right from within the ServiceNow console.
- Product update notification: This option keeps you informed about the new features
and enhancements added to ADManager Plus so that you can update your installation to
the latest version.
Enhancements:
- Office 365 management:
- Flexibility to choose any attribute other than the default 'objectGUID' as the
'sourceAnchor' to replicate changes made in the on-premises AD in Office 365
environment.
- Option to automatically install MSOnline PowerShell module for Azure Active
Directory, prerequisite for managing Office 365 accounts via ADManager Plus.
- While creating shared mailbox in Office 365, it is now possible to specify an email
address also, along with the other settings.
- Organizational unit (OU) modification:
- Single OU modification: Allows you to make the desired changes to any specific OU.
- OU modification templates: Allows you to modify multiple attributes of an OU, all at once.
- 'Protect OU from accidental deletion' option in CSV-based bulk modification of OUs.
- Custom script option in computer, OU and group creation templates, to execute the
desired action after the completion of computer, OU and group creation tasks.
- Contact creation: Option to use templates while creating contacts in bulk.
- Delegation:
- Option to set a default template for each domain in which the technician has
been allowed to carry out the assigned management actions.
- Audit reports now also display the module that was used by the help desk
technicians while performing the assigned actions.
- All users report will now display users' profile photos also, if available, along with all the
other details about the users.
- While creating Exchange mailbox for users via the single user creation feature, it is now
possible to select the desired DAG too.
Fixes:
The following issues have been fixed in this release:
- XSS issue in help desk roles, assignment rules in workflow and detailed group
membership report.
- Issue in migrating from MySQL to MSSQL database.
- The 'Exclude Child OUs' option not functioning properly while generating the 'users with
empty attributes' report through scheduler.
- Office 365 license not being removed properly using the disable policy.
- Error in generating the 'computers not in group' report.
- They keystore password not being encrypted when the 'Encrypt Keystore Password'
option is enabled.
Build 6570 (April 2017)
New Features:
- Group-based help desk delegation: Besides delegating help desk roles to individual AD users, you can now delegate them to AD groups as well. Delegating a role to an AD group would result in all the group members having permissions to perform the tasks defined in that role.
- Exchange Online (Office 365) management: The following Exchange Online management features have been added:
- Disable/delete remote mailboxes: This feature lets you disable or delete remote mailboxes. You can also choose to disable only the archive of a remote mailbox.
- Mailbox delegation: You can grant full access, send on behalf, and send as permissions for Office 365 mailboxes to specific users and groups.
- Hide from address lists: You can hide or unhide specific users from address lists.
- Email forwarding: You can enable or disable email forwarding, configure the forwarding address, and more.
- Storage limits: This feature lets you update various storage limits such as the maximum storage limit before a warning is issued, and more.
- Office 365 reports: The following new Office 365 reports have been added:
- Never logged on users report: Generates the details of all those Office 365 users who have never logged on.
- ActiveSync enabled users report: Displays all ActiveSync enabled users in your Office 365 environment.
- Shared mailboxes report: Lists the details of all Exchange Online shared mailboxes.
Enhancements:
Fixes:
The following issues have been fixed in this release:
- Error in exporting and scheduling Office 365 user reports when user count exceeds 13000.
- Issue in configuring multiple proxy addresses of a user account.
- EmailAddress not being accepted as CSV file header while assigning or revoking Office 365 licenses via the CSV import option.
- The properties of desired dynamic distribution groups not being displayed via the search AD objects option.
- In single group creation, inability to assign a user from the child domain as manager.
- Automation not getting executed when an automation policy with user creation as instant task and any other activities as successive tasks is implemented in it.
Build 6560 (March 2017)
New Feature:
- Exchange Online (Office 365) distribution group and mail-enabled security group modification: This new capability allows you to modify distribution groups or mail-enabled security groups present in Office 365 environment.
- Enabled computers report: View all the enabled computers in your organization using this report. Based on your need, you can generate this report for the entire organization or only specific OUs, and also export it in multiple formats (HTML, CSV, PDF, EXCEL, etc.). Right from this report you can also manage (disable, move, delete, reset, etc.) the desired computers from the ones displayed in the report result.
- User creation capability in iOS mobile app: Now, you can also create user accounts in AD right from your mobile devices using the iOS app. Further, while creating users, you can even select the desired user provisioning template to create user accounts exactly as you need them, as per your requirements.
Enhancements:
Fixes:
The following issues have been fixed in this release:
- Help desk audit report returning multiple objects in the search result, even if only a specific object name is mentioned in the search.
- 'Copy user attributes' option not being visible to the requesters.
- Issues affecting the performance of Office 365 inactive users report.
- While modifying objects using CSV, the existing values of attributes in AD are not cleared, even if the CSV file contains empty values for those attributes, and 'clear the attribute's value in AD if its value in CSV is empty' option is also selected.
Build 6550, 6551 (March 2017)
New Feature:
- Two-factor authentication support for an additional layer of security; you can choose Google authenticator, DUO, or one time password (OTP) via email, for the two factor authentication.
- Spanish language support: Besides Chinese, Dutch, French, German, Italian and Japanese ADManager is now available in Spanish too.
Enhancements:
- Now setting group membership ('memberOf' attribute) of AD objects is easier than ever before, thanks to the new and improved UI, enhanced with
- the predictive search option for optimized loading time.
- built in search to navigate through the selected groups for better usability.
- Custom attributes support for Contact objects: The existing custom attributes can now be mapped to Contact reports. Also, you can now manage custom attributes while creating new Contact objects using ADManager Plus.
- Enhancements in Reports
- Export AD reports with your brand logo, and also get a quick overview on the scope of report being generated, with the Reports' summary page.
- The contents of the exported AD reports are now prefixed with serial numbers for easy sorting and better information organization.
- Report scheduler has been enhanced with the option to set
- a custom file name for the report being generated
- custom inline email content along with the body of the mail while exporting as html.
- The 'OUName' of Group/Computer/Contact objects can now be modified while performing a CSV import action.
-
Enhancements in AD Delegation
-
Delegation now becomes simpler.
- Append groups under the 'Included groups' column to the existing groups from OUs or domains that have already been delegated.
- Higher precedence is given for removal of the groups listed under 'Excluded groups' upon an overlap.
- Fine grained delegation
- with provisions for setting attribute level authorization for 'computer and group modification tasks' while delegating them to the help desk.
- with provision to restrict group type-specific access under group management.
- with scope for single group modification, added additionally with the release.
- The 'support tab' has been enhanced to offer a better user experience with an all new GUI that includes, provision for viewing schedules of the upcoming webinars, seminars, workshops and events.
Fixes:
The following issues have been fixed in this release:
- Error in applying the user creation rules while provisioning new user accounts using templates.
- In Rule based Bulk User Creation, the value for the 'OUName' attribute doesn't get set, even if the required conditions/criteria are met.
- Email notifications sent out to the help desk technicians as a part of the review based Workflow management are misaligned.
- Unable to set 'customized naming formats' in the email field when creating a new Office 365 user account.
- Absence of 'Advanced link' under the Permissions column in the Permissions for Folders Report.
- While creating a new user using the Copy User Attributes action, the home folder location(path) doesn't dynamically change in accordance with the respective logon name of the new user being created.
Build 6541 (January 2017)
Fixes:
The following issues have been fixed in this release:
- Reinforced security: This release hardens the existing protection mechanism with fixes that can counter an SQL injection and offer guard against XSS vulnerabilities.
- 'Unprovisioned Office 365/Google Workspace accounts' while using User Creation Templates with Random password setting, for 360° provisioning.
Build 6540 (December 2016)
New Feature:
- Support for Windows Server 2016: ADManager Plus now extends support for Windows Server 2016.
- Office 365 group members report: You can now generate a list of all users who are members of a selected group/groups in your Office 365 environment.
Enhancements:
- Office 365 Management
- Shared Mailbox can now be created only for Office365 environment. To do so, deselect the Active Directory option under Mailbox Management section.
- Office 365 license management is now enhanced with provision to apply OU filters.
- Office 365 'Unlicensed users' report can now be refined by excluding the Shared, Room, and Equipment Mailboxes.
- The 'User Creation Template' has been enhanced to let you create an 'Archive Mailbox' for your Remote Mailbox. Provision for adding additional email addresses has also been included.
- Now manage and report on Active Directory objects with 'Multi-valued' custom attributes.
- Option to set the Keystore password, which will be encrypted for heightened security, directly using the product UI.
- Automation
- While automating the computer objects, refine the criteria results based on the 'memberOf' or 'distinguishedName' attributes.
- Managing the photo attribute of a user object can now be automated.
- Workflow has been enriched with the provision for 'Mailbox Creation' and 'Move Home Folder' options.
- User creation rules now include the provision to set a value for the office field ('physicalDeliveryOfficeName' attribute).
Fixes:
The following issues have been fixed in this release:
- XSS vulnerability in Employee Search.
- Lack of support for adding multiple admin email addresses in the Server settings of the Admin tab.
- The delegated helpdesk technician who has access only to view specific OU is shown the count of all users of Active Directory on the dashboard, erroneously.
- Erroneous change of default domain to an another domain both in the AD Explorer and the Home tab when it's been selected just for viewing.
Build 6530 (October 2016)
New Feature:
- Computer management and reporting capabilities in mobile apps: If you are on the latest version of ADManager Plus iOS or Android app, you will be able to manage and report on AD computer objects from your mobile devices.
Enhancements:
- 'Permissions for folders' report now allows you to:
- Generate results for multiple folders, shares, or servers at once.
- Fetch permissions for multiple home folders.
- View details of the 'members' attribute.
- 'Folders accessible by accounts' report can now be generated for an entire server.
- Office 365 reports can now be auto-generated and emailed via the report scheduler.
- Automation policy includes an option to regenerate the associated report before executing each successive task. That is, in an automation policy where the list of objects to be managed is fetched from a report, you can now regenerate the report right before executing each successive task. Only those objects that are available in both the reports - the one generated at the time of creating the policy, and the new one - will be affected by the automation.
- 'Send as' permissions can now be set for multiple Exchange users at once, using the 'delivery options' feature under bulk user modification.
- Help desk technicians can now be prevented from copying a user's attributes or changing the modification template during the user modification process.
Fixes:
The following issues have been fixed in this release:
- Error occurs during single group creation if the members belonging to an OU with special characters in its name are imported from a CSV file.
- After creating a mailbox in Exchange 2003, if 'migrate mailbox' is selected in the 'more actions' link, it does not redirect to the requested page.
- If 'subnets accessible by accounts' report containing details of more than one user with the same common name (cn) is exported, the exported report contains the details of only one user.
- Audit report lists the action as 'create bulk users' even when only a single user is created via workflow.
Build 6520 (September 2016)
New Feature:
- Office 365 account creation for AD users: You can now provision Office 365 accounts, individually as well as in bulk, for the users already present in your Active Directory. As per your need, you can:
- Create user accounts in Office 365 without assigning licenses.
- Create user accounts in Office 365 and also assign appropriate licenses.
Enhancements:
- The user creation templates will also list the new Office 365 licenses added after the template was created.
- Naming formats now have enhanced customization options.
- Option to check for duplicates of attributes such as logon name, mail, etc. during user creation can be enabled from the database.
- Option to hide or show the 'logon to' option in the login page.
- Organizational units (OUs) can now be renamed in bulk using the CSV import option.
Fixes:
The following issues have been fixed in this release:
- The order of execution of tasks defined in automation policies getting changed.
- Legacy mailbox being created during user creation when 'automatic' is specified in the mail server field in a template.
- Synchronization issue in generating members list in the 'all groups' report.
- Issues in specifying email addresses using user creation rules.
- If date value is specified as 'end of a specific date'; in the reports, it is displayed as one day later than the specified date.
- 'Copy user attributes' option enables a help desk technician to copy all values in the memberOf attribute of a user, including the groups to which the technician doesn't have access permissions.
Build 6510 (August 2016)
New Feature:
- Exchange auto-reply settings: ADManager Plus provides a GUI-based capability to configure automatic replies for the emails sent to your users' Exchange mailboxes, which offers options to:
- Enable/ disable automatic replies to senders from your organization.
- Enable/ disable automatic replies to senders from other organizations.
- Send different replies to senders from your organization and to those from other organizations.
- Specify the time period during which automatic replies must be sent.
- Support for custom attributes in computer creation: The existing custom attributes can now be mapped to computer creation as well. Also, new custom attributes can be added while creating computer objects, in single or bulk, using ADManager Plus.
Enhancements:
- Workflow has been enriched with the following enhancements:
- Requesters now get an option to cancel the requests that they create.
- Email notifications sent to workflow technicians now include a link to access the relevant request instantly.
- Notification settings now include three new macros using which you can add the reviewer, approver, and executor details in the notification message.
- All changes made to the objects in a workflow request will now be audited.
- For the users that will be disabled/ deleted using ADManager Plus, the 'disable/ delete policy' includes the following actions as well:
When an AD user account is disabled, you can also:
- Disable the user's Google Workspace account.
- Revoke the user's Office 365 license.
When an AD user account is deleted, you can also:
- Delete the user's Google Workspace account.
- Delete the user's Office 365 license.
- Option to configure the 'reset password policy' in ADManager Plus database for automatically resetting users? Office 365 and Google Workspace passwords, whenever their AD passwords are reset.
Fixes:
The following issues have been fixed in this release:
- Error in setting proxy addresses if givenName contains space(s).
- Inability to assign values for the custom attributes: msExchExtensionCustomAttribute (1-5) and msExchAddressBookPolicyLink.
- During user modification, the changes made to a user's mail alias not being reflected in the email address, when the recipient policy specifies alias as the local part of email address and the option 'automatically update e-mail addresses based on recipient policy' is selected.
- Error in user creation with Exchange properties if the user account gets created in one DC and Exchange connects to another DC to configure the Exchange properties, due to a replication issue between the DCs.
Build 6500 (July 2016)
New Feature:
- Smart card authentication: The use of smart cards/ PKI/ certificates has been enabled as additional options for ADManager Plus login. If you have such an authentication system configured in your organization, ADManager Plus can be configured to authenticate users through it, bypassing other first factor methods.
- Support for Exchange 2016: With this release, ADManager Plus supports management and reporting on Exchange Server 2016 environment as well.
- Google Workspace reports: These new reports provide detailed information such as, all users, active users, and suspended users in your Google Workspace environment.
- Copy automation: It simplifies the creation of new automations by allowing you to copy the settings of an existing one and eliminating the need to create a new one from scratch. The newly created automation can then be modified, as per requirement.
Enhancements:
- Automation now includes the following:
New tasks:
- Modify users using templates
- Disable, disconnect, or delete user mailboxes.
- Hide from Exchange address lists.
- Create groups using templates.
- Create contacts using templates.
New options:
- Exclude child OUs from the selected OUs, while specifying the scope of a task that should be executed automatically.
- 'Run now' to instantaneously run any automation from the list of scheduled automations.
- 'User can't change the password' and 'set password never expires', while automating the 'reset password' task.
- While creating a user account in Google Workspace, its group membership and the organizational unit where it must be located can also be specified.
- While managing a workflow request that was created via automation policy, an option to remove objects either from that particular request, or from all the requests generated by that automation policy, is provided.
- Bulk modify templates option allows modification of more fields such as, Google Workspace, Office 365, and Lync attributes.
- Report scheduler now includes an option to exclude the child OUs while specifying the OUs for which the reports have to be generated.
- Using ADManager Plus' iOS mobile app, you can now:
- View all the workflow requests that you have created.
- View all open requests, among the requests assigned to you.
Fixes:
The following issues have been fixed in this release:
- Inability to generate 'NTFS permissions for folders' report of a domain when authenticated with its child domain's credentials.
- In help desk audit reports, SID being displayed in place of distinguished name for a cross-forest group member, when listing group management actions performed by technicians.
- inetOrgPerson object class not being supported in 'group members' report.
- Issue in starting the product after service pack installation if database has been migrated to MS SQL.
- Error in report generation if only multi-valued attributes are selected (in add/ remove columns) to be displayed.
- In user modification templates, issue in applying a modification rule when 'select container' is specified in the conditions field.
Build 6380 (June 2016)
New Feature:
- Move contacts: You can now move contact objects from one container (organizational unit) to another. As per your need, you can:
- Move a single contact.
- Move multiple contacts at a time.
- Use CSV import to move contacts in bulk.
- Copy schedule: This feature simplifies the creation of new report schedules by allowing you to copy the settings of an existing schedule. The settings can then be modified, as per requirement.
- ADManager Plus mobile apps (v2.0) now support workflow and important user reports: Using the latest version of ADManager Plus iOS and Android apps, you can view and manage workflow requests, and also execute the tasks requested. Furthermore, you can generate the user reports - 'locked out', 'disabled', 'password expired', and 'inactive' - as well as perform the required management actions right from these reports.
Enhancements:
- Automation now provides the flexibility to either overwrite or append the values of user attributes while modifying user accounts.
- Report Scheduler now allows you to:
- Select multiple inputs while scheduling 'group members', 'users with empty attributes', and 'OS-based computers' reports.
- Schedule 'shares in the servers' and 'permissions for folders' reports as well.
- User creation templates now offer a new option - Creation Rules. It can be used to specify the attributes that should automatically be updated with predefined values whenever a user account is created. It also offers an option to set up conditions, which on being satisfied, shall auto-populate the specified fields in the user account being created.
- Single user modification also includes Copy User Attributes option.
- 'Shares in the servers' report also displays NTFS and share permissions in the file when it is exported to the desired format.
- Custom attributes can now be used as a filter:
- In Report Scheduler, to refine the report results.
- In Automation, while specifying the objects to be managed.
- Enhanced UI for selecting values in department, title, company, and office attributes:
- Navigation arrows to view the next thirty entries in the list.
- Predictive Search option to easily locate the desired entry. The search settings can be enabled/disabled from the Admin tab.
- 'Detailed group members' report now also lists cross-forest members.
Fixes:
The following issues have been fixed in this release:
- While modifying an automated task or policy, inability to remove the selected report (that lists the objects on which the automated task or policy has been applied).
- Inability to enable or disable display of well-known security principals while creating a File Server Management help desk role.
- Inability to copy any of the user attributes when memberOf is included in the list of attributes to be copied.
- Issues in the email delivery of 'inactive users' report.
- 'Lync Online' being displayed in place of 'Skype for Business Online' while assigning Office 365 licenses.
Build 6371 (May 2016)
New Feature:
- Dynamic distribution group creation feature allows you to create query-based distribution groups in Active Directory. This feature also includes customizable dynamic distribution list creation template for standardizing and streamlining the group creation process.
- Room mailbox management: You can now create new room mailboxes in both on-premises Exchange Server as well as cloud-based Office 365, from a single window. This feature also offers the capability to modify room mailboxes in Exchange Server.
- Equipment mailbox management: This feature enables you to create new equipment mailboxes in Exchange Server and also Office 365. You can also modify an existing equipment mailbox in Exchange Server using this feature.
This feature also includes configurable equipment mailbox creation and modification templates, to help you fine tune the process of creating and modifying equipment mailboxes exactly as per your needs.
- Disable policy allows you to define a set of tasks (deleting home folders, profiles, disabling mailboxes, execute a script, etc.) that must be executed when any user account is disabled. Further, this feature also allows you to create domain-specific disable policies.
- BitLocker enabled computers report to identify all the computers for which BitLocker is turned on. You can view this list for multiple domains using one report.
Enhancements:
- Delete Policy now includes new options which allow you to move remote home folders, and also execute a custom script, to perform any specific action, while deleting a user account from Active Directory.
- The 'Manager can update members list' option can now be enabled during bulk or CSV-based creation and also modification of groups.
- The 'protect from accidental deletion' option is now included in both the single and bulk OU creation features.
- Automation feature now includes an option to run custom scripts for managing users, and also modify the group membership of computers.
- The scheduler for detailed group members report now features more options to offer more flexibility in specifying the report generation time and frequency.
- The 'BitLocker recovery keys' report now displays the computer name as well.
- Shared mailbox management now includes customizable templates for creating and modifying shared mailboxes.
Fixes:
- Issue in disabling users via automation is now fixed.
- Issue in removing the objects to be managed from a request that is yet to be executed is fixed.
- While creating an account provisioning template or editing an existing one, the read-only fields will now be displayed distinctly, to easily distinguish them from the editable ones.
Build 6361 (Mar 2016)
New Feature:
Remote mailbox creation: You can now configure remote mailboxes while creating new accounts for users, individually, as well as, in bulk.
Build 6360 (Mar 2016)
New Features:
Delete users' remote home folders and roaming profiles: You can now easily delete the users' remote home folders or roaming profiles, or both, in bulk.
Move or delete users' Terminal Services home folders and profile paths: This feature allows you to delete or move the Terminal Services home folders or profile paths for multiple users at once. Also, while moving the terminal services home folders or profile paths, you can choose to retain a copy of them in the original location.
Help desk technicians report: This report lists all available help desk technicians, along with details like, their delegated domains and OUs, roles, management and reporting tasks, etc. It also offers filters to view:
- the settings of any specific help desk technician. Or,
- all technicians matching a specific criterion (like delegated domains, delegated tasks, etc.).
The report can also be exported to CSV, PDF, XLSX, and HTML formats.
GUI-based configuration of high availability setup: You can now enable high availability of ADManager Plus server and also configure the settings of various components (primary server, backup server, and virtual IP to access the server) required to ensure high availability.
Enhancements:
- Scheduled generation and email delivery of reports is now available for Password Policy, Account Lockout Policy, and Printer Reports also.
- Help desk technician audit report can now be exported to CSV, PDF, XLSX, and HTML formats.
- AD objects (users, groups, etc.) in the member and memberOf attributes will now be displayed in alphabetical order, during management operations.
Fixes:
- In modification templates, issues while applying modification rules when OU is specified in the conditions field.
- Inability to assign templates to workflow requesters by help desk technicians.
- OU selection pop-up taking a long time to load child OUs.
- In help desk technician audit report, passwords of the user accounts created by the technician not being displayed in the 'details' of the action performed.
- Inability to add proxyAddresses as custom attribute during group creation.
- In help desk reset password console, need of an 'all domains' option in the domain search field to list users from all the domains configured.
- In help desk password reset console, the option 'user must change password at next logon' not being a default selection.
- In bulk user modification, error while importing a CSV file with employeeID attribute.
Build 6351 (Jan 2016)
New Features:
Support for Windows 10: With this release, ADManager Plus extends support for Windows 10.
Enhancements:
- Exclude nested groups from Group Members reports: You can now choose to generate Group Members reports of specific groups with only the members belonging to that particular group appearing in the reports (i.e. without nested group members).
- New time-based filters for reports: While generating time-bound reports including recently created groups, recently expired user accounts, and more, you can now easily specify the precise period for which you need the reports using options such as: today, yesterday, on a date, before a date, after a date, last "N" days, this week, this month
and custom period
Fixes:
- Issues fetching NTFS permissions for folders located in DFS environment.
- Error while modifying a user's Exchange mailbox server and store settings.
- Error while applying retention policy during user creation.
- While creating titles, departments, offices, and companies, duplicate values were being created if spaces were left after an entry.
- Inability to export "memberOf" attribute from a report to CSVDE format.
- Issues provisioning users in Office 365 while creating mail or mailbox enabled users in Active Directory.
- Issues applying email address policy while creating mail enabled groups.
Build 6341 (Dec 2015)
New Features:
Skype for Business (Lync 2015) Management & Reporting: Besides Lync 2010 and 2013, you can now manage and report on user accounts in Lync 2015 / Skype for Business (SfB) as well. That is, right from ADManager Plus' console, you can now:
- Create SfB/Lync user accounts, along with all relevant settings / policies (Telephony, Conferencing policy, External access policy, etc.)
- Enable/Disable/Delete SfB or Lync user accounts
- Modify the SfB/Lync policies (Conferencing, Archiving, and Telephony) of specific users
- Identify all SfB/Lync enabled or disabled users via pre-defined reports
Manage AD User Photos: This feature enables you to manage the profile pictures of Active Directory users individually, as well as, in bulk, by allowing you to:
- upload new pictures
- crop existing pictures
- replace existing photos with different ones
- delete pictures
Enhancements:
- Displaying users' AD attributes in Office 365 reports: Besides users' O365-specific attributes, the Office 365 reports now also display their important AD attributes such as SID, SAM Account Name, OU Name, Object GUID, etc.
- ADManager Plus now uses an upgraded version of Tomcat for enhanced reliability and security.
Fixes:
The following issues have been fixed in this release:
- Issues in adding cross-forest members while creating and modifying groups, in single and in bulk.
- Exporting 'users in groups' report to xlsx results in the downloaded file's name being cluttered with special characters.
- Product crashes while modifying the 'memberOf' attribute of users, if the DN of the group exceeds 260 characters.
- While trying to create Exchange mailbox, legacy mailbox gets created instead, if there are issues in establishing remote PowerShell session.
- Recovery mailbox database appears in Mailbox Store drop down list.
Build 6330 (Nov 2015)
New Features:
- Shared Mailbox Creation and Modification features enable you to create and modify shared mailboxes in both, on-premises Exchange Server, as well as cloud-based Office 365, from a single console.
- Copy Technician feature allows you to copy all the settings (delegated roles, assigned templates, and the domains/OUs/groups that can be managed) of any help desk technician, and use those copied values to create a new technician; eliminates the need for creating a new one from scratch.
- Admin Audit Reports help in auditing all the changes made to a help desk technician or a help desk role's configuration, by listing all actions (creation, modification, and deletion) performed on it, along with details such as, who made the changes, the date and time at which they were performed, etc.
Enhancements:
- Bulk Management of Help Desk Technicians: The Active Directory (AD) delegation feature now allows you to create and modify help desk technicians in bulk.
- Create new Help Desk Technicians in bulk, by delegating the required roles and OUs to all the relevant AD users, at once.
- Bulk Edit Technicians allows you to modify multiple help desk technicians (add/remove roles, templates, and OUs assigned to them) in one go, making management of help desk technicians easier and quicker.
- Export technicians and roles option allows you to export the details of all existing help desk roles and technicians to html, pdf, and excel formats.
Fixes:
- The issue of Office 365 license count not being shown correctly has been fixed.
- CSV import now supports the creation of computers and contacts in different OUs, as required, using 'ouName' as CSV header. (In previous versions, bulk creation of computers or contacts could only be done in one OU at a time.)
- Issues in bulk deletion of titles, departments, offices, and companies have been sorted.
- In Automation, custom attributes can also be imported via CSV files.
Build 6322 (Oct 2015)
New Feature:
Computers not in groups report helps you identify all the computers that do not belong to (not members of) any of the specified Active Directory groups.
Enhancements:
- View common members of the specified groups - The 'detailed group members' report now features an option to list the members who are common (part of) to all the specified Active Directory groups. In other words, this option fetches all the users, groups, computers and contacts which are members of all the specified AD groups.
- Deleting AD users becomes more flexible - you can now locate and delete the desired AD user account using the 'single user modification' and 'AD Explorer' features too.
- New values appended to the Title, Department, Office and Company fields in AD will be automatically updated in ADManager Plus ( at 1:00 hrs everyday), and available for selection in the relevant user management features.
(If you wish to immediately update and use a new value for any of these fields immediately, you
can add the desired value manually in ADManager Plus's Admin tab.)
- While reviewing, approving or executing the user creation requests, in the workflow, the corresponding technicians can now change the template specified in the request to a ?different one, as needed.
- While assigning managers for AD objects, besides users it is now possible to select a group or a foreign security principal as well as managers.
- During bulk creation of new contacts, groups and computers, you can now set the values for their custom attributes as well.
- Option to personalize and rebrand ADManager Plus by replacing its logo with your organization's logo.
Fixes:
This release includes fixes for the following issues:
- Unable to delete users via the delete option in the 'disabled users report'.
- Domain name not being displayed in the 'permission for folder' report while selecting the required shared resource's path.
- Product crashes whenever a management action is performed on users with a lengthy DN (>250 characters).
- Proxy addresses and extension (custom) attributes of users and groups not being displayed in Exchange reports.
- The 'check all' option not working as desired in the 'inactive users report'.
- Issues in 'permissions for folders report': not being able to type the shared folder path, and unable to generate this report for a custom level (number of folder levels).
- Error in adding proxy address in formats other than SMTP, such a X.400, X.500, etc., during creation or modification of AD users, groups and contacts.
- Help desk technicians not being able to configure the delegated fields while creating new contacts via bulk contact creation.
- The necessity to use the same password format for all the users while creating new users via the bulk user creation feature (you can now specify different password formats for different users).
- Error in configuring Google Workspace accounts.
Build 6310 (Jul 2015)
Enhancements:
- Grant 'Send As' permission to Active Directory (AD) users during user creation and modification: You can now set the 'Send As' permission for users right during their onboarding process, in single or in bulk, using the new option added to the single and bulk user creation features; you can configure the 'Send As' permission for existing users too using the single user modification feature.
- Flexible CSV-based modification of AD objects:The CSV import feature has been enhanced by adding the following options to offer more flexibility for modifying AD objects:
- For multi-valued attributes: you can choose to either append the values specified in the CSV file to the attributes' existing values in AD, or overwrite their existing AD values with the values specified in the CSV file.
- If the value of an attribute in the CSV file is empty, you can now choose to either clear the attribute's existing value in AD, or retain its current value in AD, as per your need.
- Bulk modification of user creation templates: This option allows you to make the desired changes to multiple user creation templates at once. For example, consider the case where you wish to standardize the naming format for the logon name in a specific set of templates. Instead of modifying the relevant templates one after the other, you can set the desired naming format in all the relevant templates in a single action, using this option.
Fixes:
The following issues have been fixed in this release:
- Issue in configuring the 'Enhanced Presence' setting for users in LCS/OCS
- Error in exporting report data to XLSX format if the report contains date-related fields
- 'User Forum' link in the Support tab not being visible after enabling SSL
- Error when a help desk technician tries to add AD users/computers to groups
Build 6300 (May 2015)
New Feature:
OU (organizational unit) Management provides the ability to perform the following tasks via ADManager Plus:
- Create OUs
- Modify OUs
- Move OUs
- Delete OUs
OU management also offers:
- Bulk creation and management of OUs via CSV import
- Customizable OU creation templates which allow you to fine tune the OU creation process to exactly meet your organizational demands
- The ability to create a new parent OU, and then create the required OUs inside it.
Report from CSV: This report helps in viewing the Active Directory information of existing user and computer accounts. You can import the list of desired users and computers from a CSV file into ADManager Plus, which then extracts and displays the Active Directory details of those accounts.
This report also features an option to refine its result based on specific attributes mentioned in the CSV file; you can also customize the report by choosing the specific fields (columns) that you wish to view in the result.
Exchange ActiveSync Policy Management allows you to assign the appropriate ActiveSync policies for users, right while creating new accounts for them in Active Directory and MS Exchange Server. You can apply the ActiveSync policies while creating new user accounts in single and also in bulk.
Exchange Archive (online and on-premises) Management offers the flexibility to create archive mailboxes for users either on the cloud or on premises. Using this feature you can create archive mailboxes for users simultaneously while creating their Active Directory accounts and Exchange mailboxes; you can also enable archiving for those users who already have Exchange mailboxes.
Enhancements:
ADManager Plus now automatically synchronizes itself with the details of OUs and contact objects that are created or modified in Active Directory. This synchronization happens periodically throughout the day. Whenever needed, you can also manually synchronize the details of:
- All new and modified OUs and contact objects in Active Directory using the update dashboard (in Dashboard) and update domain objects (in Domain Settings) options.
- Only the modified/updated OUs and contact objects in Active Directory using the refresh option (in Select Container popup window while selecting the OUs for management and reporting).
Active Directory reporting has been enhanced with:
- Addition of: add to group, remove from group and move objects, to the list of management tasks that can be performed from reports, via the 'More Actions' option present in them.
- A revamped UI (layout) in reports for viewing the report results (objects fetched by the report)
- Performance improvements for faster report generation
The report scheduler features a 'Run Now' option to allow ad-hoc execution of any existing report schedule.
Fixes:
- HttpOnly setting has been enabled to fix security vulnerabilities.
- Database cleanup issue is now fixed.
- Issue in applying Exchange mailbox retention policy has been corrected.
- SSL v3 has been disabled to guard against security vulnerabilities.
- Issue in displaying entries under Titles and Departments (located in Admin Tab) in sorted order while adding new entries to the list is now fixed.
- Reports will now be adjusted (resized) to printable format while exporting them.
- Group members report's group selection popup window now allows removal of all the selected groups at once.
Build 6290, 6291, 6292 (Apr 2015)
New Feature:
Filters in Report Scheduler: ADManager Plus now offers filters using which you can customize the Active Directory reports exactly as per your needs, while scheduling them.
Enhancements:
- Intensifies security with fixes for security vulnerabilities by updating its JRE (Java Runtime Environment) to v1.7
- Offers greater flexibility in selecting the objects to be managed via Automation by adding more attributes/fields to the filters in its report library
Fixes:
This release includes fixes for the following issues:
- Headers are repeated for every 5000 rows while exporting the reports to CSV format
- The first sheet has 5000 rows and the subsequent sheets have only 150 rows each when reports are exporte to XLS format
- While a request is created through Workflow/Automation for bulk user creation via CSV, user details are not displayed in the 'view objects' link in the request if template name is mentioned in the CSV file
- Helpdesk technicians are not able to unlock user accounts that are locked out
- ADManager Plus mobile app displays locked out user accounts also as not locked (lockout status: false)
Build 6281 (Feb 2015)
New Feature:
Office 365 License Management helps you assign, replace or remove the licenses of multiple AD users who are enrolled in Office 365, in one single action. Further, to make it easy for you to specify the users whose licenses have to be modified, this feature provides an option to import the list of users from a CSV file.
Copy AD Group feature allows you to copy the attributes/settings of any group in your Active Directory and use the copied values to create a new:
- Distribution or Security group in AD, or
- Group creation template
This feature also gives you the option of copying either all the attributes or only specific attributes such as the container, group type/scope, memberOf, members, etc., from the desired group.
LDAPS Support which allows you to communicate securely with the Active Directory.
Enhancements:
- Reinforced security: This release fortifies the protective mechanism with a fix to guard against the CSRF vulnerability.
- Additional input field types for Custom Attributes: To simplify the specification of values for custom attributes, you can now pick the most appropriate input field type from the new options such as combo box, editable combo box and date picker.
Fixes:
This release includes fixes for the following issues:
- Not being able to logon using the password obtained through random password generation.
- Helpdesk technicians' description getting replaced with the description mentioned in AD.
- Error in generating the Licensed O365 users report.
- Not being able to view all the configured File Servers in File Server management.
- Error when using %sAMAccountName% as SIP URI format for Lync enabled users.
Build 6270 (Dec 2014)
New Feature:
'Reactive' Group Modification Template: These templates help you standardize the process of modifying AD groups and also automatically populate specific attributes during the single group modification process via:
- Customizable Layout: With simple 'drag-n-drop' actions, you can place only the desired attributes in the templates; you can also make any attribute editable, read-only or hidden during the modification process. With customized templates, you can provide role-based access to helpdesk technicians for modifying AD groups
- Reactive modification rules: You can configure conditions to be checked whenever an AD group is modified and auto-update specific attributes, if the conditions are satisfied. These rules are triggered in the background whenever a group is modified and the specified fields are automatically populated with appropriate values.
Enhancements:
- Cross-domain support in single group creation and modification - you can now add users and also contacts from different domains as members of a group; also, you can now add contacts to groups via single group creation and modification.
- Reset computer accounts feature - to help you reset the passwords of computers that cannot connect to the domain as they cannot be authenticated by the domain controller
- Multiple group selection in 'Users not in groups' report - you can now select multiple groups while specifying the ones based on which this report has to be generated; fetches all the users who are not members of any of the specified groups
- Enhanced random password generator - the password policy now offers advanced options like exclude characters, dictionary words, etc. for more efficient and secure password policy generation, in compliance with the organization's password policy
- Users with empty attributes report now brings custom user attributes also under is scope; will now fetch users even if their custom attribute is empty
- Enhanced error indicators for failed CSV-import operations now offer detailed error messages for greater understanding about the reason for the error.
- While performing single user modification, you can now sort the list of users displayed alphabetically, to locate the desired user without much effort.
- The AD objects search, located inside the product, now lists the objects in the search result in alphabetical order.
Fixes:
This release has fixes for the following issues:
- Not being able to disable and move user accounts via automation.
- Issues in helpdesk technicians not being able to unlock user accounts via the reset password console.
- Not displaying the names of requesters (users) who are not helpdesk technicians, while configuring the assigning rules
- Issues in updating the 'Country' attribute of users in AD via bulk user modification
- Product does not start when Java crashes due to 'out of memory'
- 'No Lync server found' message being displayed in the user creation templates randomly
Highlights of Previous Releases
Build 6260 (Nov 2014)
New Features:
Inactive Office 365 users report: This report lists all the Office 365 users who have not accessed their Exchange Online mailboxes during the specified time period.
CSV-based computer modification: This feature helps you modify the attributes of Active Directory computers, in bulk, by importing a CSV file which has the list of computers and their attributes to be modified.
Computers with duplicate attributes report: This report displays all the computers which have duplicate values for the specified attribute.
Enhancement:
OS filter in OS-based computers report: While selecting the operating systems to generate the OS-based computers report, you can use this filter to view the list of only the server operating systems or all the operating systems (server as well as client versions) used in the organization.
Fixes:
The following issues have been fixed in this release:
- Issue in setting the Dial-in attribute's value for AD users via single user modification
- Names of objects modified via bulk user modification feature (using a CSV file) not being displayed in helpdesk audit reports
- Issue in selecting the required domains for generating the photo-based users report
Build 6250 (Oct 2014)
New Features:
Exclude Child OUs filter: For AD management/reporting tasks, this filter allows you to precisely select the particular OUs only in which the specified management/reporting tasks have to be executed, by allowing you to exclude their child OUs from being modified/affected by the task.
'Remove users/computers from all groups' option: While pruning the group membership of user and computer objects, you don't have to go through each group that they are members of, to remove them from the irrelevant groups. Using this option, you can simply remove the desired users/computers from all the groups that they are currently members of, and then add them only to the relevant groups.
Copy Help Desk Role: You can use this feature to create a new helpdesk role by just copying the settings of an existing helpdesk role. Instead of creating a new role from the scratch, this feature allows you to use any existing role as a building block for creating a new role.
Enhancement:
Delegation of File Server management tasks: The delegation module brings file server management also under its scope. You can now delegate to helpdesk technicians, the task of modifying or removing the share/NTFS permissions that AD users and groups have on the file servers located in your Active Directory.
Fixes:
- In automation, issue in removing a filter criterion when the value contains special characters has been fixed.
- Helpdesk technicians not being able to change admin passwords which contain special characters has been fixed.
- When applying custom templates, issue in providing a longer user logon name, like a logon name consisting of 20 characters, is now fixed.
- Issue of helpdesk technicians, with super-admin privilege, not being able to access the support tab is now rectified.
- Custom attributes now support multi-value proxyAddresses in single and bulk user creation as well as single user modification.
- Issues in exporting scheduled report to Excel is now fixed
- Issue in denying the 'set as primary group' option during single user creation and single user modification is now fixed.
- Issue in automatic selection of mailbox servers is fixed; this option is now available for Exchange Server versions 2010 and later.
- Changes to domain name not reflecting in the Exchange tab during single user creation is now fixed
- Performance issues in single user modification have been rectified
Build 6241 (Aug 2014)
New Features:
Google Workspace User Provisioning: You can now provision Google Workspace user accounts, automatically, via ADManager Plus. Along with the existing Office 365 user creation ability, this feature makes it easy to manage the users' identities in the cloud.
BitLocker Recovery Keys Report: This report helps in unlocking or recovering data from the drives, which are protected by BitLocker encryption, by fetching their corresponding volume and recovery GUIDs, recovery passwords and also their Key Packages in downloadable format.
Photo-based User Report: This report helps you identify the Active Directory users who have a profile photo. This report also helps you zero in on the users who don't have a profile photo.
Fixes:
- Issue in displaying the default domain during group management operations has been fixed.
- Issue in execution of automation when new files are added to a shared location, which is already being used is fixed now.
- Empty reports issue in scheduled generation of audit reports is now fixed.
- Issue in generating computer reports from MSSQL database has been fixed.
- Issue in removing a distribution group during contact modification is fixed now.
Build 6230 (Jul 2014)
New Features:
Office 365 Reports:You can now obtain vital details about all the users, groups and licenses of your Office 365 environment using the following new reports:
- All Users: This report gives you the list of all the users in your Office 365 setup.
- License Details: License-specific information such as the list of all licenses, the corresponding number of active units, number of units used, number of units in warning state, suspended units, locked out units, etc. can be obtained via this report.
- Licensed Users: This report lists all the users for whom Office 365 licenses have been assigned, along with the respective list of services assigned to them.
- Unlicensed Users: Using this report you can identify the list of all users who do not have any license assigned to them.
- All Groups: You can fetch the list of all the groups in your Office 365 environment.
- Security Groups: This report helps you identify all the security groups in Office 365 setup along with their last DirSyn time.
- Distribution Groups: This report lists all the distribution groups in your Office 365 setup along with their last DirSync time.
Fixes:
- Issue in opening an exported CSV file, which has Japanese characters, using Japanese version of Excel is fixed.
- Office 365 user attributes have been updated to include the latest changes introduced by Microsoft.
- Issues in applying multiple rules in user modification templates have been fixed.
- Issue in creating a user with more than one proxy address, when Office 365 settings are configured, has been fixed.
- HTML injection vulnerability has been fixed.
- When ADManager Plus is started as a service, the issue of browser process not stopping even after ADManager Plus service is stopped, has been fixed.
- Incorrect account expiry date issue in bulk user modification is corrected.
- Issue in displaying the 'date' field in Excel format has been fixed.
- Issue of 'Reject Message from' value getting changed, when the members attribute of a group is modified, via single group modification, is fixed now.
- Error in saving the user template after deleting the Exchange tab, if Office 365 is enabled in ADManager Plus, has been corrected.
- Issue in selecting OU in 'Real Last Logon' report is now fixed.
Build 6220 (Jun 2014)
New Features:
Copy User: This feature allows you to copy the attributes/settings of any user account in your Active Directory and use the copied values to create a new:
- User account
- User creation template
The advantage of this feature is, instead of copying a user account entirely, this feature allows you to pick and choose only specific attributes like User Account Control (UAC) attributes, Terminal Services attributes, Custom attributes, etc., that you wish to copy from a user account.
New group-based reports: Active Directory group reporting gets more detailed with the addition of these new reports:
- Recently created groups: fetches all the groups that were created during the specified time frame.
- Recently modified groups: lists all the groups whose attributes were modified within a particular time period.
- Recently deleted groups: identifies all the groups that were deleted from your Active Directory within a specific time span.
Fixes:
- The 'license details' window will now display the product architecture (64/32 bit) information also.
- In bulk user management, if the 'export as' option is used after performing a task/action, the report will also display the type of action performed, in addition to other details like the domain and the objects modified.
- he 'export as' option in Employee Search page can now be hidden by configuring the product database accordingly.
- The naming attributes (Logon name, Pre-windows logon name and Full name) can also be made silently active.
Build 6210 (May 2014)
Enhancements:
- Option to customize columns at the time of report scheduling and sort the reports using specific columns included
- Support added for using Microsoft SQL server as a back end database server for ADManager Plus
- NTFS report enhanced to handle large volume of data at the time of exporting
Fixes:
- Issue in deleting memberOf attribute from Group Modification fixed
- Issue in revoking a role under Security Management handled
- Issue in listing C Drive in terminal services home directory resolved
- Issue in increase in db size at the time of report generation fixed
- Issue with change in Logon name at the time of creating an Office 365 user account resolved
Build 6201 (May 2014)
Fixes:
- Issue in appearance of list of week days, at the time of report scheduling handled
- Issue in full name containing special character, at the time of creating a home folder in single user creation, corrected.
- Issue in duplication of row at the time of exporting a report fixed.
Build 6200 (April 2014)
New Features:
MS Office 365 Support
- Support added for provisioning of user accounts in Microsoft Office 365.
Lync Management and Reporting
- You can now modify policies such as conferencing, archiving and telephony, associated with a specific Lync User.
- Option to enable, disable or delete a user from the Lync Server control panel included.
- Reports for Lync Enabled as well as LCS or OCS enabled users included.
- Reporting capabilities added for Lync disabled users.
Exchange Policy Settings
- You can now apply Exchange 2010/2013 policy settings such as sharing, role assignment, retention, UM Policy and policies on ActiveSync to appropriate mailboxes.
Others
- Option to enable mailbox archiving.
- Enhanced support for localization and internationalization.
Enhancements:
- Exchange features enhanced to support enabling and disabling of ActiveSync (2010,2013) / User Initiated Synchronization(2003) and MAPI Protocol.
- Multiple 'OS selection' enabled under OS based reports.
- Reset Password option under Bulk User Modification enhanced. Separate delegation included for actions under the same.
- Delegated actions under 'Bulk User Modification' will hence be displayed based on the domain selection.
- Single User Modification templates enhanced to include 'Home Folder' Permissions
- Option to set custom attributes included under modification rules for 'Single user' and 'Single Contact' modification
- Language settings for the product can now be configured in 'Personalize' Page.
Fixes:
- Issue in setting custom period at the time of scheduling audit reports fixed.
- Issue in handling special characters at the time of displaying object properties in AD Explorer corrected.
- Issue in clearing 'memberOf' attribute, post unchecking it in Bulk User Modification resolved.
- Issue in user identification at the time of modifying 'Deliver' options in Bulk User Modification handled.
- In 'Permission for folders' report, issue in selecting a computer object under an OU name containing special characters corrected.
- Issue at the time of creating a department fixed. Leading white space trimmed.
- Issue in using 'Random Password' type in custom script resolved.
- Issue in creating groups with pre windows 2000 name greater than 20 characters fixed.
- Issue in naming reports, exported in XLS format corrected.
- Issue in displaying groups at the time of domain change resolved.
Build 6180 (March 2014)
New Features:
- Logon Hours Configuration: This new option in single user creation feature enables you to specify the appropriate time period for a user to login. You can configure the 'logon hours' attribute at the time of creating a new user account.
- Enhanced data selection popups: You can now select the number of accounts to be showed in the pop-ups & display the matching objects even as you type the name in the search box. With this new feature, selecting required accounts for any management or reporting operation will be easier and more convenient.
- Improved delivery restriction feature, in bulk user modification, now allows you to set the desired size limit for sending or receiving emails either in KB or MB, as required.
Issue Fixes:
- Issue in viewing the 'users in groups' report in Excel 2013 format, has been addressed
- Issue with Help desk technicians enabling/disabling users via 'single user modification' in specific scenarios resolved
- Issue in creating mail enabled users in non-English Exchange environment handled.
- Naming format fields sometimes not being displayed as per the specified naming-format at the time of new user creation has been corrected
Build 6170 (January 2014)
New Features:
- Logon Hours Configuration: Set/modify the desired logon hours for your users, in bulk, by just pointing and clicking on the required time slots in the user-interface. You can even specify unique logon hours for each day of the week or set the same logon hours for all days, instantly.
- Enriched HDT Audit Reports: The HDT audit reports now also provide in-depth information about all the attributes that are modified by the helpdesk technicians, in two different views: the standard view and the summary view. While the standard view offers complete details about each and every attribute modified, the summary view provides a high level view of the actions performed.
- Manage Users' Group Membership via iPhone App: This new feature empowers you to manage the group memberships of your users from anywhere, anytime. Using the enhanced iPhone app, you can now add users to group, remove them from a group and even set primary groups for multiple users, at one go, even when you are on the move, right from your mobile phones.
Enhancements
- Manager Can Update Group members Option included in Group Modification with that Option.
- Hide / Display Password option included in Admin server settings.
- 'Move home folder' feature significantly enhanced to include an option to either delete or retain the existing home folder.
Issue Fixes:
- Issue in Real last logon and Inactive Users report generation due to high number of DCs addressed.
- Issue in Modifying the Account Expiry Time resolved.
- Problems with selection of child OUs with special characters in IE handled.
- Issue in removing the description of computer object handled.
- Issue in modifying a user's primary group using mobile app has been fixed.
- Issue of difference in time at the time of exporting 'Inactive users' report corrected.
- Fixed issues in copying User Modification Templates with modification rules.
- Issue in Email validation at the time of saving scheduled reports cleared.
- Creating Groups with more than 20 characters made possible.
- Lync Server display issue fixed.
- employeeID attribute can now be used to disable users through Automation.
- Issue in Server Permission Report generation resolved.
Build 6151 (October 2013) & Service Pack 6.1 SP 6.2 (January 2014)
New Features:
- Lync 2010/2013 support: With this new component of ADManager Plus's user creation templates, you can configure all the appropriate Lync server settings for your users even as you create new accounts for them. While Lync makes intra-organizational communication swift, the new user creation templates make even the process of configuring / enabling intra-organizational communication equally swift.
- Exchange Server 2013 support: You can now configure user mailboxes in Exchange Server 2013 and apply the appropriate mailbox policies required to govern them as well; use all the latest features and advantages innate to Exchange 2013 and make your Exchange mailbox management efficient and top of the line.
- 'Drag-n-Drop' Customization in user creation templates to fine tune the process of creating new user accounts to fit your organizational policies and requirements to a T; make any attribute mandatory, read-only or even hidden as per your needs or based on the technician to whom you will be assigning the user creation template.
Enhancements
- LCS/OCS/Lync configuration in user creation template: The user creation console will now have a separate tab exclusively to configure all the appropriate settings to enable instant communication in your organization. This feature will enable you to specify the appropriate value for LCS/OCS and even Lync Server settings from the same screen.
- Exchange 2010 Policies Support: You can now configure Exchange mailboxes for the new user accounts that you are provisioning and also apply the appropriate policies at the same time using this feature.
- Revamped 'Avoid Duplication' feature to check for duplication of critical/specific attributes at the desired level (OU / Domain /Forest) and perform the appropriate operation to avoid duplicate values.
- Enhancements in 'User Modification Templates':
- Updates to organization attributes (Title, Department, Offices and Companies) in 'Admin' tab will reflect in user modification templates that have been already created.
- 'Member Of' attribute has been added to 'Modification Rules' component in user modification templates.
- Delete users' existing group membership information during the modification process.
- Unlock user accounts via templates during user modification process.
- Recursive naming formats will now be supported in users' description and custom attributes.
- Execute a custom script on successful modification of a user account.
- Move users' to a different container during user modification process.
Issue Fixes:
- Polish characters not exported in PDF format.
- Additional email address attribute in 'group creation template'.
- Hiding the new password generated during single user modification.
- Issues in Cleanup scheduler.
- Issues in authorizing HDTs for 'Move Home Folder' action.
Highlights of Previous Releases
ADManager Plus announces iPhone app for Active Directory User Management.
The App enables on the move management of Active Directory user accounts. The iPhone App provides some of the crucial & important functionalities offered by the product itself, such as :
- Password resets
- Unlocking user accounts
- Disabling accounts
- Enabling accounts
- Deleting accounts
You can download the App using this link: https://itunes.apple.com/in/app/manageengine-admanager-plus/id717152869?mt=8.
Build 6140 (September 2013)
Enhancements
Automation:
- The scheduler has been enhanced to accommodate more accurate time frequencies.
- 'Select only the appended objects from the file’ option has been added to help choose only the appended data while importing records through iterations from a CSV.
- Filters in AD reports have been enhanced to drill down to the specifics of reported data; Reports can now be filtered based on attributes such as Primary Group, WhenChanged, whenCreated, DisplayName, Account Expires, Bad Password Time, Lockout Time, Last Logon Time, Last Logon Timestamp, Bad Pwd count, and Pwd status.
Issue Fixes:
- Issue in setting “Deny” permissions over a mailbox during Bulk User Modification has been fixed.
- Issue in creating Mailbox on Exchange Server 2007 when installed on Windows server 2012 has been fixed.
- Issue in modifying primary SMTP address has been fixed; the primary mail address in the additional mail address list will now be replaced with the newly modified address.
- Issue in using configured custom attribute in CSV while creating or modifying users via automation has been fixed.
Build 6131 (August 2013)
New Features:
- ADManager Plus Android App enables your Active Directory Administrators and Helpdesk Technicians to Access/Manage the user accounts in your Active Directory environment right from their mobile devices. Some of the major features are,
- Reset Password
- Unlock User Accounts
- Enable User Accounts
- Disable User Accounts
- Delete User Accounts
- ADManager Plus Group Templates standardize the group creation process. These templates store values and formats that are applied automatically across all the group objects that are created using these templates.
- The drag-and-drop option in Group Creation Templates helps customize templates as per organizational needs to display or hide the specific tabs or attributes as required.
Enhancement:
- The UI for Single group creation is now more flexible and user friendly with the fields categorized under General, Group and Exchange tabs.
- 'Managed by' field added to single group creation can be used to designate managers for the groups.
Issue Fixes:
- Issues in configuring HDT, when many templates, OUs and roles are assigned to him, have been fixed.
- Issue in importing 'UTF-8' format files in Automation and Workflow during user creation/modification (using CSVs) has been fixed.
- Browser issue (IE) that occurs when the number of objects chosen in 'delegate security role-step 1' is huge, has been fixed.
- The resultant page that occurs after 'user creation using CSV' will no longer have export option issues in Firefox.
- Local groups will no longer be displayed in the 'add members' options under Universal distribution group creation/modification.
Build 6120 (July 2013)
Enhancements:
Automation
- The actions list has been enhanced. Modify Users by CSV, Add To Group, Remove From Group actions have now been added.
- Option to enforce "user must change password at next logon" in reset Password action has been provided.
- Filters have been introduced in library of reports for accurate results.
Reset password console
- A Quick visibility into User's account lock out status while trying to reset password from the reset password console.
Naming formats
- Option in Naming Formats to define replacement characters for 'umlaut accent' has been provided.
Employee Search
- Configuration for multiple domains in employee search.
- Export as PDF, excel, html and CSV options for results from 'employee search'.
- Options for attribute-based user/contact search have been improved.
Issue fixes:
- 'A HDT without permissions to generate a report can do so from the dashboard when report count is zero' issue has been fixed.
- Special characters issue in HDT role name has been fixed.
- Issue in restoring users when parent OU has been deleted is now fixed. Users will be restored in the 'users container'.
- Issue in clearing 'show in Address book attribute', when you uncheck hide from address lists option in single group modification has been fixed.
- UAC value issue while creating normal accounts through bulk user creation has been fixed.
Build 6110 (July 2013)
Enhancements:
- The value selected by the technicians for 'Show Rows' option, in all the features that it
is available, will now be saved.
- Delete groups option is now available in 'Groups without Members' report also.
Fixes:
- 'OS Based Report' will now have the operating system of the customer environment
also in the OS list.
- Deleted computers showing up in computer selection pop-up windows issue is fixed.
- Distribution Groups created with '#' in their name throwing up 'Properties on this
object have invalid data' error when opened in Exchange Management Console is
fixed.
- Mismatch in 'password expiry date' in Real Last Logon report for those users for
whom PSO has been applied is fixed.
- Reset Password feature will now display the new passwords generated as '**********'
instead of the actual passwords in the result.
- 'OU' option not working in the 'Advance Filter' of Real Last Logon report in IE
Compatibility mode is fixed now.
Build 6100 (June 2013)
New Features:
- File Server Management: Manage the permissions on multiple File Servers and workstations across your organization in just one operation. This feature facilitates bulk modification and removal of NTFS or Share permissions on Shared Folders and their subfolders.
- Now you can also manage Active Directory 2012 (in Windows Server 2012) using ADManager Plus.
- This build also included support for Windows 8 platform.
Enhancements:
- Remote PowerShell Support for Exchange 2010: Even from a 32-bit machine and with just PowerShell 2.0 you can now create mailboxes in Exchange 2010. You can accomplish this even if you do not have Exchange Management Console (EMC) installed on your 32-bit machine.
- Performance tuning for Exchange Management.
Fixes:
- Windows 8 and 2012 have been included in OS based Computer reports.
- Issue in using 'Hide from Exchange Address Lists’ option for Groups has been fixed.
- Issue in fetching information about cross-domain members in 'Detailed Group Members report’ has been fixed.
- Issue in setting/updating email address of users through a CSV file, if it is mentioned as empty in the template being used has been fixed.
- Error in exporting filtered (partial) results from reports has been fixed.
|
Build 6012 (February 2013)
New Features:
Enhancements:
- Mailbox Storage Limits specified using single user modification will be validated based on the version of mailbox Exchange Server.
- 'Automatically update e-mail addresses based on e-mail address policy' attribute will also be available in reports now.
- Instead of only the OUs from primary domain, OU's of all the selected domains will be displayed for 'Move Computers' option in computer reports.
- In Single Group Modification while adding new members, HDTs can now select Users, Computers as well as Contacts instead of only Groups.
- The complete value of Office attribute will be displayed as the tool-tip text in User Creation Template.
Fixes:
- Unable to select AD Objects issue to Delegate Security Role while using Internet Explorer 9 in Compatibility mode has been fixed.
- Select Country option not being saved issue in user creation template has been fixed.
Build 6010(February 2013)
Enhancements:
- Date type columns will be exported as date fields while exporting to excel.
- Migration support for 6001 ,6002, 6003
Fixes:
- Issue in setting dial-in properties during user creation and modification has been fixed
- Active sync support issues post 6000 build have been fixed
- Exporting issues in group members report has been fixed
- Auditing issues for remove members operation is fixed
Builds 6003, 6002, 6001
Enhancements:
This release refines 'Report Scheduler' to make it more efficient with the following enhancements:
- Flexible Schedule Execution Frequency: The enhanced scheduler provides more options to configure the execution time and frequency of scheduled reports with flexible time intervals such as yearly, quarterly, fortnightly, multiple days in a week, every 15 minutes, etc.
- You can now Disable Email Notifications for scheduled reports if the reports do not have any data in them.
- Filters are now available in scheduled reports as well (for Inactive and Password Expired Users reports) to make sure you get the specific and relevant data that you need.
Fixes:
- Blank attachments issue in email notification of scheduled reports with no data has been fixed.
- Product Installation issues on non-English Operating systems is fixed
Builds 6000
New Features:
- Active Directory Automation Policies: Automate any important Active Directory task and also its supplementary tasks, if any, in the required sequence and time intervals, as per your organizational requirement.
- 'Drag-n-Drop' User Modification Templates make user attributes modification a quick and instant process. These templates enable administrators in ensuring role based access for help desk technicians to user attributes, with just point-n-click activities.
- Rule based User Modification Templates can be used to specify 'auto-fill' conditions. When these templates are used for modifying user accounts, the specified attributes will be automatically populated based on the 'auto-fill' conditions in the templates.
- GPO Quick View & Manager: Web-based quick view of all available GPOs. Easy UI based GPO Manager for basic Group Policy management activities like Enable / Disable GPOs, GPO links and GPO Inheritance.
Enhancements:
The 'Workflow' feature has been revamped with new capabilities like:
- Automatic Task Assigner: Define your own rules, as per your requirement, to automatically assign tasks to the most appropriate technicians.
- Product-specific Requester: You can now create a new requester out of any AD user, Group or OU or define a customized role (with permissions to create requests for a specific set of tasks) for the requester, as required, using ADManager Plus.
- Quick-link to create requests: Requesters can create requests for all the tasks that they have permissions for, from just one location.
Fixes:
- The 'IMAP4 setting not reflecting when modified through single user modification feature' issue has been fixed.
- 'streetAddress' attribute of user objects can store multiline values
- Reinforced security for ADManager Plus' database password by storing it in encrypted format.
- 'Recently Modified Users' report can now retrieve more than 1000 objects.
- Windows 7 Enterprise SP1 has been added to the options in the 'OS Based Report'.
- Approval notification email will be sent to executors, even if they are not specified in the workflow.
How to Upgrade?
Need Features? Tell Us
If you want to see additional features implemented in ADManager Plus, we would love to hear. Click here to continue
ADManager Plus Features
Make your everyday Active Directory management tasks easy and light with ADManager Plus's AD Management features. Create, modify and delete users in a few clicks!
Reset password and set password propertied from a single web-based console, without compromising on the security of your AD! Delegate your password-reset powers to the helpdesk technicians too!
A catalog of almost every report that you will need from your Active Directory! Comprehensive and Reliable reporting. Schedule reports to run periodically. Manage your AD right from within the reports.
A mini Active Directory ticket-management and compliance toolkit right within ADManager Plus! Define a rigid yet flexible constitution for every task in your AD. Tighten the reins of your AD Security.
Get rid of the inactive, obsolete and unwanted objects in your Active Directory to make it more secure and efficient...assisted by ADManager Plus's AD Cleanup capabilities.
A complete automation of AD critical tasks such as user provisioning, inactive-user clean up etc. Also lets you sequence and execute follow-up tasks and blends with workflow to offer a brilliant controlled-automation.