ManageEngine ADManager Plus Release Notes
ManageEngine ADManager Plus 7.2.0
Highlights of Build 7252
Issues fixed:
- Issue where exported files in XLSX format became corrupted due to a limitation in cell style count.
- CPU utilization has been enhanced when ADManager Plus is integrated with ManageEngine AD360 or Log360.
Highlights of Build 7250, 7251 (Released on October 04, 2024)
Enhancements:
- All Managers as reviewers and approvers: ADManager Plus now allows you to automatically set managers as reviewers and approvers, streamlining the process with a one-step configuration that directly assigns workflow requests to the requester's manager.
- The Security Reports comes with built-in options to group data by objects or permissions.
- AD Explorer:
- The Delegated Permissions tab now shows a selected user's direct, inherited, and delegated AD security permissions on AD objects.
- DFS permissions can now be viewed in the File System Permissions tab.
- Workflow module in the notification template:
- You can now add a user's manager as a macro in the Send Notification to field.
- An Attachment Type option has been added.
- The Orchestration Template now provides an option to add a time delay in seconds, minutes, hours, or days between two consecutive actions.
- ADManager Plus now supports additional fields for Google Workspace user creation, including Mobile, Title, Department, Employee Type, Recovery Email, and Recovery Phone.
- An Empty option has been added to the email field in User Creation Templates, allowing the email to remain blank if a duplication is detected.
- User Logon Reports in the Microsoft 365 tab:
- Option to exclude active AD users from the Inactive Users report.
- Ability to include AD attribute columns in the Users Last Logon and Inactive Users reports.
Issues fixed:
- Date fields in XLSX exports were formatted as text strings instead of dates.
- Issue with resolving the accountExpires macro in the Automation task's send notification action.
- Issue in Workflow, Automation, and Event-driven Automation where Mailbox Auto Reply actions failed to resolve Microsoft 365 attribute macros in the message body.
- An issue where the manager's name appeared multiple times, separated by commas, when sending notifications to all users via Automation.
- An issue where Microsoft 365 actions triggered by Event-driven Automation were failing due to exceeding the Exchange Online PowerShell session availability limit.
- An issue where using the %ManagerOfRequester% macro in the Workflow's assigning rule fails to assign the request to the manager due to improper sync
Highlights of Build 7241 (Released on August 03, 2024)
Issues fixed:
- The startup issue faced by select customers with the latest JRE version after updating to ADManager Plus build 7240 has been fixed.
- Issue faced by customers when adding custom attributes in management templates has been fixed.
Highlights of Build 7240 (Released on July 19, 2024)
Enhancements:
- The scheduled reports now supportgroup-based view, including group name and member details.
- Audit report export operations have been optimized to improve performance and enhance user experience.
- Options to reset and delete a computer have been added to the Single ComputerModification task.
- Help desk technicians in a business workflow can nowbe allowed to edit and resend failed workflow requests.
- ADManager Plus offers the following enhancements for database migration,
- Supports MS SQL Always On Availability Groups
- Supports MS SQL failover cluster
- Existing database can be migrated to Azure and AWS SQL server.
- You can now view Windows LAPS in AD Explorer.
- The Creation and Modification Rules now include the following enhancements:
- Bulk deletion of rules.
- A option to overwrite existing rules during import.
- Custom reports can now be added to existing widgets on the dashboard.
- ADManager Plus now uses upgraded JRE versions1.8.0_412 (Zulu 8.78.0.19-CA-win64)
Issues Fixed:
- In the Automation module, if an OU name is specified in the CSV file and the technician lacks super admin privileges, the successive task only executes for certain users listed in the CSV.
- Event-driven Automation failed to remove users from groups when Move Users or Modify Users are the trigger actions.
- Modifying a custom attribute caused it to disappear from the filter condition drop-down of Custom Reports.
- Delay in creating user modification requests from automation module while using CSV file or HCM application as data source.
- Inability to view the Microsoft 365 security groups when all M365 domains are not delegated.
- Scheduled automations encountered a report generation failed error when Microsoft 365 tasks used data from an AD report.
- Issue in email notifications where the manager macro fetched the distinguished name for cross-domain managers.
- Inability to view the table border and logo when exporting scheduled reports in HTML format via mail.
- Issue in exporting reports that led to excessively large file sizes and exhaustion of disk space.
- Issue with editing GPOs that have only disabled values in the policy.
- An issue where the email notification triggered by selecting the Send Consolidated Report option would override the conditions set in the Send Notification About field.
- Issue in showing Database Information when migrated from PGSQL to MSSQL.
Highlights of Build 7232 (Released on April 16, 2024)
Enhancements:
- Centralized technician management: Technicians' accounts can be managed centrally from the ManageEngine AD360 admin console for all the components.
Highlights of Build 7231 (Released on March 22, 2024)
Issues Fixed:
- Issue in updating ADManager Plus if the default template under Orchestration was deleted.
- Issue in updating ADManager Plus from build 7224 if ManageEngine Log360 integration was disabled.
- Issue of help desk technicians not being able to copy any creation or modification templates.
- Issue of help desk technician group members not being able to login if there is a comma in their full name.
- Issue of Custom Report filters not functioning as expected with Last N days or Before N days conditions.
Highlights of Build 7230 (Released on March 06, 2024)
Features:
- Microsoft 365 risk assessment: Identify potential risks in your Microsoft 365 environment with comprehensive risk assessment reports and implement the recommended mitigation measures straight from the reports.
- Access certification campaign:
- The following entitlements can now be reviewed and certified through access certification campaigns:
- NTFS permissions
- Microsoft 365 group memberships
- Microsoft 365 roles
- Microsoft 365 application assignments
- You can now track the progress of access certification requests.
- ServiceDesk Plus - ADManager Plus integration: The integration of ServiceDesk Plus with ADManager Plus now offers support to set account expiry for users and create users with an enhanced layout.
- Copy GPOs: The capability to copy GPOs from one domain to another within a forest has been included.
Enhancements:
- ADManager Plus now uses upgraded versions of Apache Tomcat (version 9.0.83), JRE (Zulu JRE 1.8.362) and PostgreSQL (version 15.4).
- Export operations have been optimised to improve performance and enhance user experience.
- Detailed Group Members report now provides options to export the result into a single file, a single file grouped by object type, or files grouped by selected objects.
- ADManager Plus now provides support to email the report directly from the GUI.
- An option to send a consolidated report after the completion of the automated tasks is added while configuring the notification template.
- You can now secure the access to shared paths by configuring the credentials of the custom service account for authentication.
- You can now view the lockout status and time of user accounts in reports.
- Microsoft 365 fields can now be included in creation or modification templates while using Copy User Attributes.
- An option to view the macros list supported in custom script has been added to user modification templates.
- The workflow request page has been redesigned to improve usability and now includes the ability to track the progress of workflows.
- ADManager Plus offers DC sort intelligence option which when enabled sorts domain controllers according to their response time and retrieves data from the domain controller with the fastest response time.
- Support to view the security settings (Account Policies, Local Policies, Event Log, Restricted Groups, System Services, Registry, and File System) along with the administrative template settings that will be applied on the selected user and computer has been added to the Resultant Set Of Policy and GPO Modelling reports.
- It is now possible to specify the duration of group membership while creating workflow requests to add groups, computers, contacts to AD groups, and to add users to Microsoft 365 groups.
- The GPO Delegation report now includes support for viewing invalid security principals and removing GPO permissions.
- Support to automate tasks like deleting Microsoft 365 users, disabling remote mailbox, creating computers, modifying users using CSV, and more has been added.
- The following enhancements have been made to the Orchestration Template:
- Decision block that operates according to the previous result, which could be a webhook response, script result, or AD attribute criteria.
- Inbound orchestration to pull data from external application and perform actions in ADManager Plus using webhook.
- Run orchestration templates directly from the Management, Workflow, Automation, and Automation Policy tabs.
- Support for M365 Auto Reply task has been added.
- Delegate the orchestration templates to Help Desk Technicians.
- While selecting reports like Recently Created Users or Soon-to-expire User Accounts as inputs in automation tasks or scheduled reports, you have the option to filter the data based on a specific time frame.
- ADManager Plus has now enabled the addition of user photos to Microsoft 365 user accounts during user creation or modification.
- You can now share automations, automation policies, and scheduled reports to help desk technicians with View/Edit permissions, and custom reports with View/Edit/Full Access permissions.
- The following enhancements have been added to the Admin Audit Report,
- Audit for creation or modification of Automation, Scheduled Reports, Custom Reports, Event-driven Automation, Webhook Template, and Orchestration Template has been added.
- An option to access the audit history has been included in the Automation and Event-driven Automation pages.
- An option to view the user entitlements has been added to the Modify Single User page.
Security Fix:
- The security vulnerability which exposes NTLM V2 hashes, as reported by Metin kandemir, has been fixed.
Issues Fixed:
- Issue in unlocking help desk technicians even if they do not exceed the total technician count allowed by their license.
- User migration using the ADMT module in ADManager Plus failing when the user display name has a comma.
- A minor issue in forest level duplication of email attribute when root domain is not added to ADManager Plus.
- Email notifications are not getting triggered when a user is enabled or disabled using the Modify Single User management action.
- Inability to view the templates by help desk technicians without the super admin role while delegating creation and modification templates to other technicians.
- Bitlocker Disabled Computers and Bitlocker Enabled Computers reports producing inconsistent data when the Exclude Child OU(s) option is selected.
- The email notification triggered after completion of the Modify User Attributes automation does not include the changes made to the custom attributes.
- Issue in saving the user creation template with changes to the Microsoft 365 license without selecting a value for the Country attribute.
- The time set for Session Expiry Time in the Connection Settings under the Admin tab is not being applied to the product globally.
- Management actions performed directly from the reports are not updated when the Check All users option is selected.
- Delay in creating single or bulk groups when a high number of members are added using CSV.
- Grouping conditions option missing in user creation and modification templates has been added.
- The All Users report displays the manager details even after the manager account is deleted in AD.
- Issue in running backup schedules and performing restoration due to difficulties in establishing connection with elasticsearch.
- Inconsistencies in backup schedules and data restoration due to difficulties in fetching data.
- Issue in performing GPO backup due to intermittent product restarts.
Highlights of Build 7224 (Released on February 19, 2024)
New Feature:
- The integration of ManageEngine Eventlog Analyzer with ADManager Plus now enables them to perform AD management actions while addressing threats.
Highlights of Build 7223 (Released on January 22, 2024)
Issues Fixed:
- An authenticated RCE security vulnerability (CVE-2024-0252) in the load balancer component has been fixed. This vulnerability was reported by Joe Zhoy.
- An information disclosure security vulnerability reported by Samuel has been fixed.
Highlights of Build 7221, 7222 (Released on December 08, 2023)
Enhancements:
- Two new Microsoft 365 reports have been introduced to give insights into last logon time of users and inactive users in your tenant.
- An option to allow or restrict technicians from viewing all other technician's audit data is added to the Help Desk Audit Reports.
- ADManager Plus now supports certificate-based authentication for Microsoft 365 tenant. You can now update the certificate details under Domain/Tenant Settings to authenticate your account against Azure AD.
- ADManager Plus has now enhanced its integration capabilities by extending support for various business application like ServiceDesk Plus Cloud, JIRA, Freshservice, and more. These integrations come with preconfigured settings are designed to enhance identity management, governance, and AD management.
Issues fixed:
- The email ID shown during user creation and in Help Desk Audit Reports has been updated to display the E-mail attribute value.
- The Refine Results configurations in custom reports are not accounted when the report is triggered using an automation task.
- The users deleted using the Modify Single User task are still being displayed in the list.
- Issue in setting the In/Out Policy while creating or modifying a room mailbox.
- The workflow requests created using automation is showing duplicate entries.
- Issue in connecting to Microsoft SQL database to generate reports when there is a space in the database name.
- The country name Macau SAR has been updated to Macao SAR as listed in Active Directory.
- Technicians and workflow requesters were facing difficulty in searching and navigating to choose user creation templates when there are multiple templates available during the user creation process.
- The page range selection was not working as expected under the creation and modification template pages.
- Minor issues while creating Microsoft 365 shared mailbox and modifying Microsoft 365 mail-enabled security and distribution groups.
Highlights of Build 7220 (Released on November 18, 2023)
Features:
- GPO management and reporting: The following enhancements have been made to the GPO management and reporting features,
- View the GPOs linked to OUs that do not have any security principals and perform management actions to disable or remove those GPO links using the GPOs Linked To Empty OUs report.
- Ability to reorder the GPOs linked to a particular OU, domain, or site using the GPO Links Priority task.
- View the GPO preference settings like Environment, Files, Folders, Ini Files for user and computer configurations using the GPO Settings report.
- Select specific security principals to which the GPO application should be denied using the Manage GPOs task.
Enhancements:
- Support to automate M365 tasks like M365 Mailbox Conversion, Add Users to Microsoft 365 groups, Microsoft 365 Mailbox Delegation, Modify Microsoft 365 Mailbox Permission, Mailbox Auto Reply, and more.
- The automation history popup now displays the input data fetched from the external HCM application and the execution status, with an option to export this data as a report.
- ADManager Plus can be now be integrated with any application that responds to nested API calls.
- You can now group the creation and modification templates. This functionality is helpful in delegating help desk technicians to perform management actions using a specific group of templates.
- You can now create shared mailbox in bulk using CSV and template.
- The reset password API now supports random password generation.
- The search group API will now display group type and manager data in response.
- The webhook template now supports x-www-form-urlencoded message type.
- It is now possible to migrate the existing bundled or external PostgreSQL database to a different external PostgreSQL databases (AWS and Azure).
- An editable drop-down has been added for the City and State fields in user creation, user modification, contact creation and contact modification templates.
Issues fixed:
- Issue in sharing automation to other technicians due to the access denial alert.
- Issue in adding or removing a user from a unified group using modification template.
- The issue of DC Replication Status report displaying all DCs in the forest instead of the ones from the selected domain.
- Upgradation of product with high availability enabled taking longer than expected.
- The exported report attached to the notification email after performing bulk user modification using CSV not including all the attributes.
- The requesters who were added before upgrading to versions above 7200, were not able to select templates while requesting a creation or modification task.
- The Add to Group task when performed across domains, running indefinitely under delayed tasks.
- The manager data not displayed properly in the notification mail triggered from event-driven automation tasks.
Highlights of Build 7212 (Released on October 30, 2023)
Issues Fixed:
- Product crashing when the GPO synchronisation activity is initiated in the backend.
- Issue in creating help desk roles if the role name has special characters in it.
Highlights of Build 7211 (Released on October 10, 2023)
What's new:
- Public key certificate used during service pack upgrade is up-to-date.
Issues Fixed:
- Issues in applying the recent service packs to upgrade from build 7203 to the later builds.
Highlights of Build 7210 (Released on September 29, 2023)
Features:
- Identity risk assessment: ADManager Plus' Identity Risk Assessment feature helps organizations in detecting potential identity risk indicators in your AD environment. This tool provides a risk score based on NIST SP 800-30 guidelines, and identifies potential vulnerabilities and threats to the system, as well as providing strategies for remediation to help secure the system.
- Access certification: Review and validate uses' by creating automated access review campaigns. This helps your organization prevent privilege creep, improve security posture, and adhere to compliance regulations by regularly reviewing user entitlements.
- Contact and GPO migration: You can now perform inter-forest and intra-forest Contacts and GPOs migration.
- Improved user and group migration: Flexibility to move users and groups, along with their SID history and membership across forests with additional migration settings.
Enhancements:
- GPO reports: The following enhancements have been made to the GPO reports,
- GPOs with specific settings report now supports searching of major security settings in all or selected GPOs.
- Security Filter and WMI Filter columns added to GPO reports: All GPOs & Linked AD Objects, Recently Created GPOs, Recently Modified GPOs, Disabled GPOs, Computer Settings, and User Settings Disabled GPOs.
- Schedule reports: Standard Scheduler and Advanced Scheduler functionalities are now available together under Schedule Reports page.
- Custom reports: New enhancements added for custom reports as mentioned below,
- New built-in custom report added to retrieve Shared Mailbox Users.
- Refine Results option to filter the data being fetched from the database.
- Filter from Report option to use the filter settings configured in the chosen report.
- Export custom reports to CSVDE format.
- New filter conditions for attributes like Simple Display Name, Street Address and Direct Reports.
- New columns Smart Card, User Account Control, User Account Control Flag added to the result.
- Orchestration: The following new enhancements have been made to the Orchestration feature:
- You can now add conditions based on Object Name and Template Name while creating new orchestration profiles.
- New blocks like Modify users by CSV/Template, Move TS Home folders, Set Mailbox Rights, Move/Delete Profile, and more added for creating new orchestration templates.
- OAuth authorization support added for webhook.
- Macro support for custom attributes added to parameter configuration in webhook.
- Security response headers: You can now add default security headers while configuring HTTPS settings to protect the product from various vulnerabilities.
- Two-factor authentication: The below enhancements are added to the 2FA configuration under Logon Settings,
- RSA authenticator: ADManager Plus now supports REST API-based integration with RSA Secure ID, besides SDK-based integration. It is recommended to use REST API-based integration as RSA Security LLC has deprecated SDK-based integration.
- Duo Security: ADManager Plus now supports Duo Web SDK v4 with universal prompt which provides a simplified and accessible Duo login experience.
- Integration with ManageEngine EventLog Analyzer: You can now integrate ADManager Plus with ManageEngine EventLog Analyzer for log forwarding.
- Backup: The backup add-on now comes with the following enhancements,
- It is now possible to store Active Directory and Azure Active Directory backups in archives, to ensure prolonged data retention.
- Azure AD Policies and Administrative Units can now be backed up and restored.
- AD Explorer: New enhancements added to AD Explorer as mentioned below,
- The top panel now includes the following tabs,
- Entitlements: Lists the group membership and folder permission details of users and groups. A section named M365 Entitlements will be available if the AD user also has an Azure AD account which shows the list of M365 groups the user is a member of, along with assigned licenses, roles, and mailbox permissions.
- Objects: When a container or OU is clicked, it displays the list of users, groups, contacts, and other containers within it.
- History: Displays the list of modifications made to the chosen object using ADManager Plus. It also maintains a record of access updates made during access certification campaigns.
- A refresh button next to the domain name to sync current data instantaneously.
- Search AD objects: The following enhancements have been added to the this functionality,
- Revamped search console with new customizations and advanced search options.
- Search Settings option added to configure the search criteria. Admins can customize and freeze the search criteria for users by using the Set Globally checkbox.
- New management actions like reset user password, add or remove group members and delete contact have been added.
- Support to group filter conditions by specific criteria has been added for all reports including Custom Reports, Schedule Reports and also, Search AD Objects.
- The M365 tenant configuration is moved under Domain Settings. It is no longer available under Admin tab.
- New match criteria Between (for any condition specifying date) and Not Like can be used while adding conditions.
- Prevent Duplication option now checks for duplicates across forests and Azure AD tenants.
- You can now fetch M365 guest users and their manager details while configuring automation using M365 reports as input. This can be used to automate guest users clean-up and get approval from respective managers before blocking or deleting them.
- Exclude Nested MemberOf option added to Groups for Users report to avoid displaying nested group memberships.
- You can now modify the manager of computer through workflow or automation using Modify Managed By Of Computers management action.
- Support for Inactive Azure AD Users report added to Automation.
Issues Fixed:
- Issue in creating users using naming format for Logon Name under user creation templates.
- Issue in duplicate User Principal Names (UPN) leading to intermittent SSO login issues for the technicians.
- Issue in executing few bulk management actions because the page continues to load indefinitely after importing a CSV file and clicking the apply button.
- Issue in re-enabling built-in technicians after they are forced out due to revoked roles.
- Issue in viewing the Account expires value when the attribute is dragged and dropped under General tab of any management template and the value is set to Select.
- Issue in contacting DCs to fetch information while running multiple DC reports.
- Issue in updating sAMAccountName of HDTs under Delegation when they are modified in AD preventing HDTs from logging in.
- Issue in using Prioritize Rules functionality under User Creation Templates due to Prioritize Rules pop-up not getting displayed properly.
- Issue in migrating ADManager Plus' database from the bundled PostgreSQL to an external PostgreSQL.
Other Changes:
- The default timeStamp for the Account Expiry attribute has been changed to 11:59:59 PM instead of 12:00:00 AM when the End of option is selected.
- The Random Password Policy, which previously had a limit of 32 characters, has now been extended to allow passwords up to 256 characters in length.
Highlights of Build 7203 (Released on July 30, 2023)
Enhancements:
- All non-English language builds (Chinese, Japanese, German, French, Italian, Dutch, Turkish, and Spanish) have now been updated with all the latest features.
Fix:
- Issue in applying a naming format for user principal name (UPN), when a User Creation Template configured with Creation Rules and Custom Attributes is applied.
- The security vulnerabilities CVE-2023-39912 reported by Son Nguyen from VNG Security and CVE-2023-41904 reported by the vector research team have been fixed.
Highlights of Build 7202 (Released on July 01, 2023)
Fixes:
The following issues have been fixed in this release.
- A security vulnerability reported by dalt4sec.
- Issue in modifying the manager attribute by technicians with custom help desk roles.
- Unparseable date exception in non-English builds when setting account expiry date to End of in Single User Modification.
- A security vulnerability (CVE-2023-38332) reported by dalt4sec.
Highlights of Build 7201 (Released on June 20, 2023)
Issue fixed:
- Two security vulnerabilities reported by dalt4sec, including CVE-2023-35785, have been fixed in the release.
Highlights of Build 7200 (Released on June 13, 2023)
Important update:
- From 7200, updating ADManager Plus using the service pack has been restricted if your ADManager Plus instance is using PostgreSQL version older than 10. You will be forced to update PostgreSQL to 10.18 or migrate to MS SQL during installation.
- You will be shown a warning message while installing the 32-bit version of ADManager Plus. It is advised to use 64-bit architecture for better performance.
Features:
- Management:
- While configuring Creation Rules in User Creation Templates you can:
- Import and export them to CSV
- Reorder based on priority
- Preview before importing
- Preview while copying them from an existing template
- You can now remove or enable mailbox accounts for users or groups using Single User Modification task and Single Group Modification task respectively.
- You can now edit the GPO Preference settings like Environment, Files, Folders, Ini Files values for user and computer configurations directly using GPO Management task.
- You can now perform Force GPO Update operation on domain computers instantly.
- Reports:
- You can view the GPOs that are directly linked or inherited in the Direct and Inherited GPO Links report.
- You can see the list of users and groups that have access to the selected GPOs in the GPO Delegation report.
- The GPO Modeling report simulates the possible Administrative Template settings that will be applied on the selected user and/or computer.
- Scheduled reports can be directly shared with users or groups that are added as help desk technicians.
- You can now schedule Google Workspace Reports.
- View the Employee ID of the Google Workspace user accounts in the Google Workspace Users report by adding the column in the result.
- You can now see the Local Administrator Password Solution (LAPS) password and LAPS expiry time in AD Explorer and Workstation Computers report with adequate permissions.
- Delegation:
- Anomaly detection: ADManager Plus now uses machine learning to establish a baseline for help desk technicians' and admins' activities, and detect anomalies by flagging activities that deviate from the baseline.
- Workflow:
- Service Level Agreements (SLA): SLA in Workflow help users to take appropriate actions on pending and time-sensitive requests in the most efficient manner.
- In order to escalate a SLA violation to multiple levels, you can define a set of conditions based on the delay in response.
- At each level of the escalation, actions like changing workflow priority, sending notifications in required frequencies, re-assigning requests to selected technicians and changing the status of the request can be performed.
- You can set priorities among the SLAs for any conflicting SLA conditions.
- Any AD user can now be added as a Workflow Reviewer even if they are not a help desk technician.
- Workflow now supports assigning Approver and Executor roles to Help Desk Technician groups. You can also assign Reviewer role to AD groups.
- You can now add groups while setting Rule Criteria to the Workflow Requesters attribute under Assigning Rules.
- %ManagerOfRequester% macro support added for reviewer and approver under Assigning Rules.
- Automation:
- Automation can be directly shared to users or groups who are added as help desk technicians.
- Google Workspace:
- You can now link multiple Google Workspace accounts to the same domain.
- Sync AD users with their Google Workspace accounts created with the same email ID by refreshing the Google Workspace account in the Admin tab.
- Instantly create independent Google Workspace accounts without the requirement of pre-existing AD user accounts.
- You can now add Employee ID for the Google Workspace user accounts.
- Admin:
- You can now directly add help desk technician groups to Technician Name while configuring profile criteria under Notification Profile.
- Backup:
- Azure Active Directory Backup and Recovery: Backup and restore all objects in your Azure Active Directory environment. You can restore entire objects or just specific attributes to their backed up state.
- Load balancing: ADManager Plus now supports load balancing, which distributes the workload across multiple servers simultaneously. This helps improve performance, eliminate downtime, and provide a better experience for users accessing the product.
Enhancements:
- Management:
- New fields added in the Creation Rules of User Creation and Modification Templates to add or remove Microsoft 365 licenses, Microsoft 365 group memberships, MS Teams and channels, mailbox server and mailbox store, Google Workspace groups, and more.
- You can now specify time along with date to the Account Expiry attributes.
- You can now copy rules while configuring Creation Rules.
- Computer creation templates now support Creation Rules.
- You can perform the following operations while configuring templates,
- Use the Immediate Duplication Check option to instantaneously check duplicates values for the fields which support duplication check.
- Prevent Duplication support added for Alias field in contact creation.
- Provide access to users or groups to add the computer to a domain.
- ADManager Plus now provides cross domain manager support, with which you can choose a manager from any domain while creating or modifying users.
- Performance enhanced for Add to Group and Remove from Group tasks carried out under Management, Workflow or Automation tabs.
- Reports:
- NTFS Reports:
- Option to view all the permissions of a specific folder cumulatively within the results of Shares in the Servers, Folders Accessible by Accounts and Non-Inheritable Folders reports.
- You can now use Refine Results option to filter NTFS permissions in Shares in the Servers and Folder accessible by Accounts reports as per requirement.
- You can now run the Folders Accessible by Accounts and Non-Inheritable Folders reports for multiple folders simultaneously.
- CSV import support has been added for the Accounts field in Folders Accessible by Accounts report.
- Elasticsearch support enabled for NTFS Reports module.
- You can now use the tree view option in Detailed Group Members report to view the list of direct and nested group members exclusively. It also provides the following features:
- Prevents the redundant display of circular groups (a group nested inside its own group).
- Provides the Hide Duplicate Objects option to avoid showing nested group members that are already shown at the parent level.
- Provides the List View option to view details about individual members and their nested group memberships.
- You can view the GPO owner details in GPO reports by adding the Owner column in the result.
- Delegation:
- You can now specify Authtoken Name (required name), Scope (type of action to be performed like create, delete or modify) and Expiration Time (time until which the authtoken can be used) while generating authtokens.
- A new column History has been added under Technician Authtokens tab that provides authtoken's usage history.
- Details of the used authtokens is added in the Help Desk Audit Reports.
- Automation:
- The automation process for the Mailbox Auto Reply task now supports macros for Microsoft 365 attributes.
- REST APIs:
- REST APIs added for the below actions:
- In User Management, move user from one OU to another.
- In OU Management, search OU and delete OU.
- In Computer Management, search, enable, disable, delete, add or remove from groups and move from one OU to another.
- To remove authtokens of help desk technicians.
Issues fixed:
- Issue in generating Technician Logon Report for inactive technicians.
- Issue in extracting memberOf attribute value (if specified) while using search user REST API.
- Issue in displaying the GPO delegation details for certain users.
- Issue in generating the Real Last Logon report as the User Logon Count column displays zero for certain users.
- Issue in autoscrolling while using Enable Drag-n-Drop option in templates.
- Security vulnerabilities reported by Thang Nguyen and Trend Micro, have been fixed.
- A security vulnerability (CVE- 2023-38743) reported by an anonymous user in Trend Micro's Zero Day Initiative has been fixed.
- Issue in displaying reports due to inconsistent data in few columns caused by database dumping.
ManageEngine ADManager Plus 7.1.0
Highlights of Build 7188 (Released on June 07, 2023)
Issue fixed:
- A security vulnerability, reported by dalt4sec, has been fixed in this release.
Highlights of Build 7186 (Released on April 15, 2023)
Fixes:
The following issues have been fixed in this release:
- An issue which displayed No data available error message while generating or exporting the Group Members scheduled report.
- Inability to add file servers in group-based delegation and issues in delegating Microsoft 365 tasks.
Highlights of Build 7185 (Released on March 28, 2023)
Enhancements:
- Custom HCM integration:
- You can now provision users who were previously skipped when the automation process is run for
any HCM application with Sync Type as Incremental.
- For OAuth, you can now use client credentials as the Grant Type in Authorization.
- You can now customize the Repeat Calling this Endpoint configuration by replacing the
field values with EndpointURL or any Header to get consecutive page responses.
- OAuth authorization now supports uploading client certificate.
- Added SOAP API support in addition to REST API. It supports both XML and JSON responses too.
Issues fixed:
- Issue in displaying replication errors in the domain settings.
- Issue in sending scheduled reports via email in UTF-8 format with BOM (Byte Order Marketing).
- Issue while using Copy User Attribute to append memberof attribute values in user
creation template.
- Issue in loading the page while configuring Server Settings, when Retain database
backup files option is empty in the Retention Settings tab.
- Issue with rules not getting populated automatically in the user creation and modification template
when the template is set as default.
- Issue in the Custom Report result if both Last Logon Time Stamp and Last Logon Time filters are
selected.
Highlights of Build 7184 (Released on March 18, 2023)
Fixes:
The following issues have been fixed in this release:
- An issue which prevented technicians from logging into the product in certain scenarios.
Highlights of Build 7183 (Released on March 15, 2023)
Important update:
Features:
- Enable remote mailbox: Option to enable and modify remote mailbox for users in
bulk.
- Auto-install hotfixes: Option to automatically download and install ADManager Plus'
hotfix updates.
Enhancements:
- Reports:
- You can now schedule and store reports without creating sub-folders.
- Exported custom reports will now display users' photos whenever the User Photo column has been
added.
- Flexibility to export reports with desired objects.
- Members of a delegated group can now change the default template assigned to a group in group-based
delegation.
- Option to filter users who are not members of any group in the Users Not in Groups report in
Automation.
- You can now check if your ADManager Plus installation location is secure or not in Security
Hardening settings.
- You can now view who created a template in the product.
- Pop-ups that display Microsoft 365 data in Management, Workflow, Automation, and other modules now
use REST APIs to relay information.
- In a high availability-enabled environment, applying service packs in the primary server would
automatically update your ADManager Plus instance in the secondary server.
- API keys in UKG Pro and BambooHR integrations are now masked in the UI.
- Performance enhancements for optimized AD synchronization.
- Third-party JavaScript libraries have been upgraded to these versions:
- jQuery UI 1.13.2
- Bootstrap 3.4.1
- Moment 2.29.1
- JSoup 1.11.3
- ojdbc8-19.15.0.0.1
Issues fixed:
- Issue in displaying the members of groups whose member count exceeds 1000 in the Advanced Filter
option of Real Last Logon reports.
- Issue of data mismatch in Mailbox Enabled Users reports' results.
- Inability to configure the retention policies of Microsoft 365 users when special characters were
specified in a retention policy's name.
- Issue of help desk technicians not being able to unlock users via the reset password console, when
the 'Deny Bulk Modification' option was also enabled in the role delegated to them.
- Issue of service pack application failure when large volumes of temporary tables were retained
during backups.
- Issue in sending notifications via SMS using the POST method.
- Issue with the macros specified in webhook templates.
- Issue of technicians not being able to delete non-delegated and unused templates.
- A security vulnerability reported by metin has been fixed.
- A security vulnerability (CVE-2023-35786) reported by metin has been fixed.
Highlights of Build 7182 (Released on January 24, 2023)
Fixes:
The following issues have been fixed in this release:
- High memory utilization issue across environments having M365 configurations with a huge volume of
objects.
Highlights of Build 7181 (Released on January 16, 2023)
Fixes:
- An issue which prevented users from opening the password-protected reports has been fixed.
- An authenticated RCE vulnerability, reported by Simon Humbert of Trend Micro, has been fixed.
Highlights of Build 7180 (Released on December 31, 2022)
Features:
- Group Migration: Flexibility to move groups, along with their SID history and
membership across domains in a forest with and without using the Active Directory Migration Tool
(ADMT).
Enhancements:
- REST APIs:
- You can now create, delete, move, search and list the members of a group using REST APIs.
- Ability to locate users by specifying LDAP attributes like sAMAccountName, employeeID, and more
while modifying a user's attributes using REST API.
- You can now secure access to your mail server using OAuth, besides basic authentication.
- Flexibility to create and use naming formats in the Data Source - LDAP Attribute Mapping section
while integrating with a custom HCM solution.
- Option to skip 2FA for help desk technicians.
- Customize columns while configuring the member, memberOf and manager attributes of objects during
provisioning.
- Duration can now be specified as N days while creating workflow requests to add users to groups,
enable users, etc.
- The sAMAccountName of group members will now be displayed when the members view filter is applied to
the All Groups report's result.
- Any leading and trailing spaces specified in search options will now be automatically removed.
Fixes:
The following issues have been fixed in this release:
- Automations were not closed or cancelled when the product was stopped or restarted during execution.
- The Service is currently unavailable error message was displayed while modifying groups
using CSV, whenever a non-existing AD group was specified in the CSV file.
- Issue in adding cross-forest members to groups.
- Help desk technicians were unable to view NTFS shares after upgrading to build 7163 and above.
- Error in sending workflow notifications via SMS as there was an issue in fetching the value of
%UserMobileNumber% and other related macros.
Highlights of Build 7171 (Released on December 06, 2022)
Fixes:
The following issues have been fixed in this release:
- Office 365 F3 was displayed as Office 365 F1 in the product.
- Help desk technicians were not able to reset passwords via the reset password console, when the
'Deny Bulk Modification' option was enabled in the role delegated to them.
Highlights of Build 7170 (Released on November 29, 2022)
Features:
- Dynamic distribution groups report: Obtain a list of the dynamic distribution
groups in your Active Directory environment using this report.
Enhancements:
- Scheduled reports:
- Ability to schedule and generate reports on your Active Directory objects using CSV files at a
desired time and date.
- Logon Hour-Based Reports can now be automatically generated at defined intervals.
- Bulk user creation automations using data from HCM integrations can now be executed successfully
even when there's an issue in validating a user's Manager or memberOf attribute in AD.
- Flexibility to import and use custom attributes configured in your AD schema.
- The Server Settings UI has been revamped for effectively managing the retention settings of
scheduled reports, audit archive reports, and more from a single place.
- ADManager Plus' Logon Settings has been moved to the Delegation tab for easy access.
- The following reports have been added to ADManager Plus' dashboard for better visibility:
- OS-Based report
- Locked-out Users report
- Custom reports
Fixes:
The following issues have been fixed in this release:
- Issue in searching for an AD object using the AD Search option, whenever there is a leading or
trailing space in an entry.
- Issue in locating an AD object using the search option in AD Explorer.
- Help desk technicians were unable to view user accounts and groups while delegating GPO permissions,
when more than 1000 OUs were delegated to them.
- Help desk technicians were unable to view the users in an OU delegated to them via group-based
delegation, while delegating GPO permissions.
- Issue in adding Microsoft 365 users to channels in Microsoft Teams while creating a Microsoft 365
account for an existing AD user.
- Unable to send notifications to user's manager using macros when a user creation or modification
task is executed via automation.
- Workflow requests were not automatically closed when a cross-domain management task was successfully
executed as a delayed task.
- Error in fetching the active user account from UKG Pro when there is an inactive user account for
the given employee ID.
Highlights of Build 7163 (Released on November 07, 2022)
Enhancements:
- Notification Profile/Notification Templates:
- You can now use custom macros in notification messages.
- Option to send reports as part of the email content in notification templates.
- Options to configure user and group-based profile criteria.
- Notifications can now be triggered for the Enable User, Disable User and Reset Password actions.
- You can now manage Distributed File Storage (DFS) Namespaces and their permissions in File Server
Management.
- New actions such as Set folder permission, Remove folder permission and Bulk modify folder
permissions using CSV have been added to the automation module.
- You can now assign Microsoft 365 licenses via automation and workflow.
- Flexibility to specify filter, select and domainList as parameters in Search user API request.
- Workday attributes such as Job_Profile_Id, Job_Profile_Name and On_Leave, Location_Id can now be
mapped to LDAP attributes in ADManager Plus-Workday integration.
Fixes:
- Issue in assigning Microsoft 365 licenses while creating users via user creation templates, when
none of its service plans are selected.
- Unable to delete users using the delete icon in Inactive Users report.
- Error in creating shared mailboxes in Microsoft 365 when the Exchange mailbox and remote mailbox
attributes were not configured during shared mailbox creation.
- Unable to map LDAP attributes to user records in Oracle database.
- Issue in adding cross-domain members using the Add to Group task in automation.
- Synchronization issue in updating the changes made to the Manager attribute value specified in
templates.
Highlights of Build 7162 (Released on October 28, 2022)
What's new:
- In ADManager Plus builds 7162 and above, NTLMv2 SSO can only be enabled after downloading and adding
the Jespa JAR file to the product's lib folder. Click here to learn more.
Fixes:
- A security vulnerability (CVE-2022-47966) which could lead to unauthenticated RCE, when SAML SSO
is/was enabled in the product has been fixed. This was reported by Khoadha of Viettel Cyber Security.
Highlights of Build 7161 (Released on October 10, 2022)
Fix:
- Issue in displaying license pop-up window in the latest build when updated from builds 7102 and
older has been fixed.
- Issue in displaying the search feature in the management tab of the Spanish localized version has
been fixed.
Highlights of Build 7160 (Released on September 26, 2022)
Features:
- Orchestration: Option to automate a series of tasks in succession at defined time
intervals whenever a user or group management task is carried out in the product.
- Orchestration Profile: Create a management profile and specify the conditions
under which an orchestration has to be executed.
- Templates: Build orchestration templates from scratch and use them to automate
tasks.
- Webhook templates: Create webhook templates and pre-fill them with REST API
endpoints, messages, etc. and use them while configuring an orchestration template. You can also
predefine webhook fields that hardly change and those that hold crucial data with environmental
variables while creating a webhook template.
- Integration with Power BI and Rapid7: Integrate ADManager Plus with Power BI and
Rapid7 servers, and forward logs seamlessly.
- Google Workspace backup and recovery: Protect user drives, mailboxes, contacts,
journals, notes, posts, tasks and calendar items from accidental deletions, insider threats, and
ransomware by backing them up.
- DC Replication Status Report: Report on the replication status of domain
controllers and trigger replication instantly using this report.
- Lingering objects Report: Fetch the lingering objects in your AD and delete them on
the go.
- BitLocker Disabled Computers Report: Obtain a list of the computers that are not
encrypted with BitLocker using this report.
Enhancements:
- You can now assign well-known security principals as security filters to a GPO.
- Custom Reports:
- Flexibility to copy a custom report.
- You can now perform management actions from custom reports.
- Reports on all computers, recently created computers and BitLocker enabled computers and custom
reports now display BitLocker status and recovery passwords.
- You can now list shared mailboxes and delegate access to them using REST APIs.
Fixes:
- Error in authenticating MS SQL server using Windows Authentication while configuring the server for
automated AD user management.
- Microsoft 365 licenses were not displayed in the product due to Microsoft Graph API issue.
- When the first N characters option was configured in a naming format, the last N characters were
displayed; no name was displayed when the number specified was greater than the length of the name
provided.
- Issue in creating requestor roles with just Modify User Attribute enabled for the
Choose Template option.
- Issue in deleting the Organization attribute of users in bulk, when more than 125 users
were selected.
- Error in fetching a report on inactive computers with the Password Last Set Time filter,
via automation.
- The temporary tables created while generating reports were retained in the database, even after
displaying the reports' results.
- An authenticated RCE vulnerability, reported by George Koumettou, has been fixed.
Highlights of Build 7151 (Released on August 01, 2022)
Enhancement:
- ADManager Plus can now be integrated with Jira Service Management Data Center, in addition to Jira
Service Management Server.
Fixes:
The following issues have been fixed in this release:
- Issue in updating to the latest build, when large volumes of data are stored in the tables in
Management and Workflow modules.
- Issue in removing redundant entries in the database caused by Microsoft 365 module changes while
updating to the latest build.
- Issue in updating to the latest build when non-english languages are configured in the machine where
ADManager Plus is installed.
Highlights of Build 7150 (Released on July 20, 2022)
Features:
- GPO management and reporting: Five new reports have been added for enhanced GPO
management and reporting. They are:
- Resultant Set of Policy Report
- Linked GPOs Report
- Empty GPOs Report
- GPOs with Inactive Policy Settings
- Comparison of GPOs
- You can now modify the custom attributes of computer objects.
- It is now possible to recover the deleted AD groups.
- Schedule and automate database backups in the product.
- Option to view disk space information of the server where ADManager Plus is installed.
Enhancements:
- Management: Option to enable/disable computers from Single Computer Modification
- Custom HCM authorization: OAuth2.0, Bearer, Basic Authentication and API Key have
been added to authorize API requests.
- Help desk delegation: Customize columns while selecting technicians in the
delegation tab.
- Workflow:
- Flexibility to add comments in workflow requests.
- Create workflow requests to add users to Microsoft 365 groups, enable and delete Lync accounts
of users, enable litigation hold, and more.
- AD search: Option to apply filters and customize columns while searching for users,
groups, computers and contacts.
- Naming formats:
- While configuring naming formats, it is now possible to preview the output format.
- You can now choose words, initialize capitals, use Nth character, random numbers, and more in
naming formats.
- Option to automatically increase the numbers in the specified alphanumeric name to avoid
duplication of attributes like logon name, mail, etc.
- Automation:
- Additional options have been added to the reset password action in user automation.
- Flexibility to copy the configurations of an existing automation policy.
- While configuring successive tasks in automation policy, it is now possible to set time in
minutes.
- A larger number of Microsoft 365 reports now use Microsoft Graph API in place of Azure AD module for
swift communication.
- Report on security policy settings like account policies, local policies, event log, restricted
groups, system services, file system and registry settings using the GPO Settings report.
- Flexibility to sort domains alphabetically for easy identification.
- Option to use SMS verification as a two-factor authentication method.
- You can now configure the department attribute for computer objects.
- Flexibility to customize columns while modifying users, groups, computers, etc.
- Administrators can now disable concurrent logins for technicians, and also have the flexibility to
sign technicians out of their active sessions.
- Two new filters, member and memberOf have been added to filter group-based
reports' results.
- Option to create a remote shared mailbox using the shared mailbox creation template.
- Ability to delegate compliance reports to help desk technicians.
- You can now search and select OUs while creating AD objects.
- Member-based group reports have been optimized for enhanced performance.
- A Custom Script field has been added to the Shared Mailbox Modification Templates.
- You can now validate the Telephone Number and Mobile attributes with a format of
your choice in templates.
Fixes:
The following issues have been fixed in this release:
- Technicians with ServiceDesk Plus configuration privilege were able to obtain authentication tokens
of privileged accounts.
- Issue in creating workflow requests using REST APIs.
- Issue in generating reports on active computers and recently created users.
- The client secret key was missing while configuring a new Microsoft 365 tenant in the product.
- External senders were able to send messages to groups despite enabling the Requires that all
senders are authenticated option for them.
- Technicians were unable to login to the product due to synchronization issues.
- Error in displaying user data while modifying users' photos using the Manage User Photos
option.
- Issue in deleting objects from a bulk user modification request in workflow.
- While creating a new user, technicians other than those with administrator privileges, were unable
to configure home folder permissions.
Highlights of Build 7141, 7142 (Released on June 23, 2022)
Fixes:
- Unable to fetch archived audit reports after migrating ADManager Plus' database from PostgreSQL to
MS SQL server.
- Issue in displaying the members of groups whose member count exceeds 1500.
- Technicians not being able to reset passwords via the help desk reset password console, when a role
with only the 'Generate password' privilege is delegated to them.
- Users were notified about objects from irrelevant OUs when OU-based filters were specified in
notification profiles.
- Issue in generating a scheduled custom report when the specified OU is moved to a different
container.
- When group scope conversion fails, the error message displayed in the product is different from the
one displayed in Active Directory.
- Issue in modifying the memberOf attribute using user creation rules.
Highlights of Build 7140 (Released on May 06, 2022)
New Features:
- Flexibility to migrate users across domains in a forest.
- Custom HCM Integration: Option to integrate ADManager Plus with any HRMS/HCM
solution with API support to automate user management.
Enhancements:
- Reports: Flexibility to change filename and add serial number and logo for
scheduled reports.
- Network-attached storage (NAS) file server support: You can now manage and report
on NAS file server using File Server Management and NTFS reports.
- Security enhancements including random database password generation have been added to the new
product instance.
- You can now use 'Photo Based Reports' while configuring an automation.
- ADManager Plus' Web Application Firewall has been enhanced for advanced protection.
- New fields including fromDate, terminationDate, ReportsTo (manager), Country, employeeNumber, and
more have been added to HRMS integrations.
- The external integration UI has been revamped for enhanced user experience.
Fixes:
The following issues have been fixed in this release:
- Issue in configuring custom attributes when the LDAP name exceeds 50 characters.
- Successive tasks returning an empty report when the option to regenerate reports is enabled.
- Issue in sending notifications on user creation status via automation.
- Technicians are unable to view the groups that a user belongs to, when the 'memberOf' attribute is
configured as 'read-only'.
- Error in removing delayed management tasks from previous product versions.
- The 'Trust this browser' option in two factor authentication not working whenever there is a change
in IP address.
- Help desk technicians not being able to configure Microsoft 365 tasks in automation policy despite
having the required permissions.
- Error in deleting and disabling Google Workspace accounts, using the delete/disable policy.
- Technicians being unable to execute workflow requests when the relevant help desk roles were not
assigned to them.
Highlights of Build 7131 (Released on April 14, 2022)
Fixes:
The following issues have been fixed in this release:
- Error in displaying custom attribute values in reports; unable to display user reports when custom
attribute is selected during column customization.
- Issue in generating scheduled 'OS Based Report'.
- Exported reports did not display the values of 'proxyAddress' attribute.
- In User Modification Rules, the OU specified against the 'Select Container' field in Assign Values
section was not displayed after upgrading to the latest build.
Highlights of Build 7130 (Released on March 30, 2022)
New Features:
- Template based Bulk User Modification: Modify users in bulk with the help of User
Modification Templates through CSV import.
- Restore Deleted Contacts: Option to recover the deleted AD contacts.
- Microsoft 365 Management and Reporting:
- New bulk management operations including Modify Naming Attributes, Delete Groups, Create
Security Group and more have been added to efficiently manage your Microsoft 365
environment.
- Over 25 new Security Reports, including reports on account status and mailbox features, have
been added to the Microsoft 365 module.
- Report from CSV: Generate a comprehensive report on the desired Microsoft 365
users via CSV import.
Enhancements:
- You can now modify Exchange 2010/2013/2016 mailbox policies for on-premise mailboxes using the
Single User Modification feature.
- User management templates:
- Flexibility to copy all the settings/configurations and values between User
Creation and Modification Templates.
- Option to validate the Telephone Number attribute by specifying a format in user management
templates.
- A new, dedicated Microsoft 365 tab for configuring Microsoft 365 features in Single User
Modification Template.
- New fields including Storage limits, Exchange Online Policies, and more have
been added to the Microsoft 365 tab in Single User Creation Template.
- User Modification and Creation Rules in templates:
- Last Name, Full Name, sAMAccountName, Display name, Logon name, Account Status, E-mail and
Description fields have been added to the Conditions section and can be used to configure User
Modification Rules.
- sAMAccountName, Display name, Logon name, Account Status and E-mail fields have been added to
the Conditions section and can be used to configure User Creation Rules.
- An E-mail and a Notes field have been added to the Assign Values section of User Modification
and Creation Rules, respectively.
- A Follow_Template_Format value has been added to the E-mail and Logon Name
fields under the Assign Values section to standardize the prefix value while leaving only the
suffix value (domain name) open to modification.
- New conditions have been added to Organization, Country and other single-valued attributes for
more flexibility in configuring User Creation and Modification Rules in templates.
- It is now possible to include/exclude child OUs when 'Select Container' is specified in the
conditions field.
- You can now copy the rules between User Creation and Modification Templates.
- You can now customize the number of rules displayed per page.
- Reports: Options to change filename, include/exclude logo and serial number while
exporting reports.
- Workflow:
- While creating a request, it is now possible to select users by importing a CSV file.
- You can now create requests to enable users for a specific time period, after which the users
will be disabled automatically.
- Automation:
- Data from external databases can be used as input for automating group management operations as
well.
- Disabling automation will now disable the configured successive tasks as well.
- Integrations
- Option to enable/disable and remove/delete Integrations.
- Option to enable/disable REST APIs.
- Support for adding multiple MS SQL and Oracle database servers.
- Integration with Zoho People can only be configured by technicians with super admin privileges.
- MS Authenticator: It is now possible to use MS Authenticator as a Two Factor
Authentication service to secure access to ADManager Plus.
- You can now configure a proxy server in Server Settings.
- Option to hide alerts irrespective of whether the recommended security hardening settings are
configured or not.
- Notification Templates:
- You can now include inline images while curating mail content.
- Ability to control notifications on Automation execution status.
Fixes:
The following issues have been fixed in this release:
- Issue in differentiating users from groups in the 'Accept messages from' column while generating
Exchange Reports.
- Help desk technicians not being able to access the dashboard when multiple domains are delegated.
- Issues in adding users to groups via Automation.
- Error in adding users to Microsoft 365 groups when executed as a delayed task.
- Microsoft 365 password reset notifications via email display blank passwords.
- Issues related to Mouse Wheel plugin from cdnjs.cloudflare.com.
- Issue in redirecting to a workflow request via notifications when SAML SSO authentication is
configured.
- Issues with group membership modification that causes removal of members have been fixed.
Highlights of Build 7126 (Released on March 02, 2022)
Fixes:
The following issues have been fixed in this release:
- In some cases, the Bulk User Modification's search result page displays "No data available."/li>
- When ADSelfService Plus integration is enabled, the Reset Password request raised from ADSelfService
Plus does not reflect as a Workflow request in ADManager Plus.
- Issues in using the Employee Quick Search feature.
- In some cases, duplicate rows appear in Bulk User Modification search result.
Highlights of Build 7125 (Released on February 22, 2022)
Enhancement:
- For enhanced security, the default product installation location is now changed to C:\Program Files.
Highlights of Build 7124 (Released on January 20, 2022)
Enhancement:
- Incremental Sync: The product will now synchronize only the changes happening in
Active Directory, instead of refreshing the entire database again, for improved performance and
enhanced user experience.
Fixes:
The following issues are fixed in this release:
- Issue in updating userPrincipalName and sAMAccountName formats using User Modification Templates,
via Automation.
- Help desk technicians not being able to modify groups using the Modify Single Group option.
- Issue in accessing the product via single sign-on.
Highlights of Build 7123 (Released on January 13, 2022)
Fixes:
- Help desk technicians not being able to perform group management actions if they have a group is
added in Exclude groups option and the Append group option is not selected.
- Issue in upgrading to latest build if Elasticsearch is not shutdown properly.
Highlights of Build 7122 (Released on December 17, 2021)
Fix:
- This release includes precautionary measures to protect against the Apache Log4j library
vulnerability.
Highlights of Build 7120, 7121 (Released on December 06, 2021)
Enhancements:
- Flexibility to pause, resume, retry and delete actions configured in the delayed management tasks
section.
- Custom Reports:
- Option to retrieve user accounts that will be expiring in the next N days in custom reports.
- proxyAddress can be added as a filter while creating custom reports
- HRMS Integration: Automatically detect the user accounts removed from the HRMS application and
delete their corresponding AD accounts.
- All the latest features have been updated in all non-English language builds viz., Chinese,
Japanese, German, French, Italian, Dutch, Turkish, and Spanish.
- Third-party Javascript libraries have been upgraded to the following versions for enhanced security:
Bootstrap 3.4.1, jQuery UI 1.12.1, and Moment 2.29.
- Java Runtime Environment (JRE) package has been upgraded to ZULU JRE version 8.
Fixes:
The following issues have been fixed in this release:
- Issues in enabling Mobile Services/Protocols option in Exchange while modifying single user using
templates.
- Employee's manager not receiving email/SMS alerts from Workflow when the manager is assigned as a
Workflow technician
- Wrong password expiry value shown for users with fine grained password policy configured in custom
reports
- Logs are not forwarded to the Syslog server after it has been restarted
- Error in generating random numbers while defining naming format for user principle name (UPN),
sAMAccountName and full name.
- Mismatch in displaying Microsoft 365 licenses in ADManager Plus
Highlights of Build 7118 (Released on November 03, 2021)
Enhancement:
- Cluster Shared Volume support: Manage and report on Cluster Shared Volumes (CSV)
access permissions using File Server Management and NTFS reports respectively.
Highlights of Build 7117 (Released on October 13, 2021)
Enhancements:
- Added cross domain support for configuring memberOf attribute for supported objects in Management,
Workflow and Automation.
Fixes:
The following issues have been fixed in this release:
- Multiple cross-site scripting issues have been fixed in this release.
Highlights of Build 7116 (Released on October 09, 2021)
Enhancements:
- In-product and email alerts to change the default password of the built-in help desk technician
accounts.
- Product security score calculated based on the configuration/enabling of various
security-related settings such as HTTPS, TFA and LDAP SSL. The security score will be displayed in the
product after login and also in the license pop-up.
Fixes:
The following issues have been fixed in this release:
- Issue in delivering SMS notifications when a proxy is configured.
- 'Remove users from all groups' option in Disable Policy does not execute correctly for some users.
For these users, there are also issues in performing the 'Clear all Group Memberships' operation from
Management, Workflow, and Automation.
- Automation tasks were executed even in cases where there is a mismatch between the supervisorName
fetched from UKG Pro and the corresponding display name in AD.
- User accounts not being removed from a group after the specified duration, when they are added to a
group using the 'Create Request' option in Workflow.
- Copy help desk technicians option, in Delegation, not working properly.
- Issue in exporting the NTFS report in XLSX format in standard mode.
- Administrators can now search for users involved in a particular task in a request ID, using the AD
search option.
- Issue in logging in to ADManager Plus using SSO.
- The requests created in Workflow not sending the password notifications to Executor and Requester.
- The FirstName attribute has been added in User Creation Rules and the FirstName and LastName
attributes have been added in User Modification Rules.
- Issue in Syslog forwarder due to socket exception.
- Issue in generating the Microsoft 365 Inactive Users report.
- Issue in deleting the user mailboxes after exporting them, using the Delete/Disable Policy.
Highlights of Build 7115 (Released on October 05, 2021)
Fixes:
The following issues have been fixed in this release:
- Filter bypass leading to file-upload remote code execution vulnerability (CVE-2021-42002), reported
by moon.
- Issue in performing SAML-based login to the product when a custom SAML URL is configured.
Highlights of Build 7114 (Released on September 28, 2021)
Fix:
- Issue in generating the Microsoft 365 License Details report, due to a change in an MS API has been
fixed.
Highlights of Build 7113 (Released on September 21, 2021)
Fixes:
This release includes fixes for the following issues:
- Multiple unrestricted file uploads leading to RCE vulnerabilities reported by Jimi Sebree from
Tenable.
- Countries list not being displayed in the Country field while creating a Request Demo, Get Quote or
Extend Trial request from the feedback icon in the product.
Highlights of Build 7112 (Released on September 09, 2021)
Enhancements:
- GPO management
- Manage GPO scope with Security filtering and WMI filtering options.
- Options to configure the GPO permissions (edit, modify security, read or delete) for desired
users, groups and computers.
- Microsoft 365 Reports: Two new reports, Last User Activity by Service and Last User
Activity by date, have been added for enhanced Microsoft 365 reporting.
- User Modification templates: Rules can now be set up to check for 'is not'
condition, besides the existing 'is' condition.
- Workflow: Option to resolve workflow requests in bulk irrespective of the ticket
status.
- AD Explorer will now display Object GUID attribute values for all objects.
- IP restrictions for enhanced security: Options to restrict the inbound and outbound
connections based on IPs or IP ranges.
- Custom SMS notification options
- Enhanced customization options for HTTP parameters and HTTP request headers configuration.
- Options to choose the type of message encoding (URL or Base64) and the parameters to be encoded.
Fixes:
The following issues have been fixed in this release.
- Scheduled reports emailing failing randomly.
- 'Choose member' popup window of the Modify Single group window
having a longer loading time.
- Issue in configuring the scheduled custom report to be sent only if data is available.
- Issue in setting the allowed logon hours to 'All allow' via user modification templates.
- Values of multi-line attributes like 'Street' being displayed as multiple lines in the product and
as a single line in AD.
- Issue in updating Microsoft 365 licenses in non OU-based delegation setups.
- When a manager is assigned as an approver to a workflow task, only the specific approver will be
notified in case of any helpdesk requests assigned for approval. The other approvers will not be
notified.
- Cross site scripting and Remote code execution vulnerabilities reported by bmtd from ECQ.
- Cross site scripting and Path traversal vulnerabilities reported by 'nothing'.
- Authentication bypass vulnerability affecting REST API URLs.
Highlights of Build 7111 (Released on July 29, 2021)
Issue Fixes:
This release fixes the following vulnerabilities:
- Multiple pre-authentication (CVE-2021-37539, CVE-2021-37762, CVE-2021-37741) and post-authentication
(CVE-2021-37761) unrestricted file upload vulnerabilities leading to RCE, reported by bmtd from ECQ.
- Post-Auth OS command injection in the saveBackupScheduler method vulnerability (CVE-2021-37925)
reported by Thai Nguyen of ECQ.
- Multiple post-authentication unrestricted file uploads in PasswordExpiryNotification,
(CVE-2021-37919), Personalize (CVE-2021-37920), Reports (CVE-2021-37921), Task (CVE-2021-37923), and
ADMPSmartCardConfig (CVE-2021-37924) calls, leading to RCE vulnerabilities reported by Nam kn Nguyen
from ECQ.
- Unrestricted file upload in the cachePhotosBeforeImport method leading to RCE vulnerability
(CVE-2021-37918) and path traversal in the cachePhotosForLayoutExecution method allowing copying of
files from one directory to another (CVE-2021-37922) reported by qbao from ECQ.
- Account take over via SSO with Signature Stripping vulnerability (CVE-2021-37927) reported by
HaYiCle from ECQ.
- Multiple unrestricted file uploads in addSmartCardConfig method, cacheSinglePhoto method,
ManageLicense, and attachFiles calls leading to RCE vulnerabilities (CVE-2021-37931, CVE-2021-37930,
CVE-2021-37929, and CVE-2021-37928) reported by Duc Nguyen from ECQ.
- Unrestricted file upload vulnerability in a License call, leading to RCE (CVE-2021-37926) reported
by no3g from ECQ.
Highlights of Build 7110 (Released on July 13, 2021)
New Features:
- OU-based delegation: Delegate a different set of roles for each OU within a domain
to help desk technicians.
- Bulk NTFS permissions management: Modify file server permissions in bulk through
CSV.
Enhancements:
- Mailbox export and delayed Microsoft 365 management tasks will also be executed as background tasks.
- Zoho People Integration: Support for configuring Zoho People account with Zoho
OAuth 2.0 authentication.
- Upgraded the Ember version, used in the product, to 2.18 for enhanced performance and user
experience.
- Scheduled reports: Based on the mail attachment settings configured, the scheduled
reports can either be stored as a single file or as a zip file in the directory.
- Option to generate a password by applying a Naming Format, while provisioning user accounts.
- User templates: Microsoft 365 group membership attribute can be used as condition
while configuring rules in user creation templates. The Display name attribute can be used in the
rules in both user creation and modification templates.
Issue Fixes:
The following issues have been fixed in this release:
- Issues in 'Recreate the request' option in Workflow not showing up for help desk technicians who use
a shared Automation.
- Issues in adding a new user as a member of Microsoft 365 mail enabled security group using the
single user creation option.
- Issues in removing a member from a group belonging to a different forest.
- HTML tags appearing in SMS notifications sent through SMTP.
- "Recently Expired Users" report fetching incorrect data when the 'Before N days' filter is enabled.
- Issues in sending SMS notifications with multiple lines.
- The UI has been updated to reflect G Suite being renamed as Google Workspace.
- Blind XML external entity (XXE) vulnerability (CVE-2021-38298) reported by Carl Neuhaus; Remote code
execution (RCE), reflected and stored cross-site scripting (XSS) vulnerabilities reported by Alexander
Barakazian.
Highlights of Build 7102 (Released on June 01, 2021)
Fixes:
The following issues have been fixed in this release:
- Issues in applying the recent service packs to upgrade from build 6656 to the later builds.
- WebService startup speed issue in the most recent builds, 7100 and 7101.
Highlights of Build 7101 (Released on April 13, 2021)
Fixes:
The following issues have been fixed in this release:
- Error in triggering Workflow notifications via SMS.
- Issues in UKG Pro integration.
- Modify Single User feature displaying a blank page, if HTTPS is enabled by applying a certificate
generated using the product.
Highlights of Build 7100 (Released on March 2021)
New Features:
- Microsoft 365 management templates: Create Microsoft 365 groups,
Distribution/Security Mail enabled groups and Dynamic distribution groups in single and bulk, with all
entitlements easily and quickly, using the new group creation templates.
- New GPO reports: Enhanced reporting on GPOs with the addition of four new reports -
GPOs with specific settings, GPO settings, GPOs with Script, and Compare GPO Versions report.
- Netapp and Isilion support: Manage and report on access permissions in NetApp and
Isilion storage.
- Integration with ServiceDesk Plus Cloud, Jira and Freshservice: In addition to
ServiceNow, Zendesk and ServiceDesk Plus, ADManager Plus now offers out-of-the-box integration with
ServiceDesk Plus Cloud, Jira and Freshservice to perform IAM actions like user onboarding and
offboarding, enabling, disabling, unlocking and deleting user accounts, and resetting passwords from
within the helpdesk console.
- TLS Support: Option to configure TLS protocol with cipher suites, for greater
security.
- User logon security: Option to block users or technicians from logging onto
ADManager Plus after the specified number of failed logon attempts.
Enhancements:
- Microsoft 365 management: Microsoft 365 accounts can be configured using Microsoft
365 modern authentication.
- GPO management: Enhanced GPO management with options to configure security settings
like Account Policies, Local Policies, Event Log, Restricted Groups, System Services, Registry, and
File System for computer objects.
- Option to enable LDAP SSL for only the desired domains.
- Notification profile:
- Spruced up UI, which displays the technicians names in a pop-up, making it easier to select the
desired technicians.
- Options to add additional attributes like alternate email ID, proxy mail ID, and fax, etc. for
email and mobile notification.
- Organization attributes - The organization attributes can be imported in bulk from
csv files.
- Automation:
- Integration with external databases will also support configuration of Auto Reply, Disable Lync,
Delete Home Folder, Move Home Folder, Manage User Photos and Disable/Delete Mailbox actions.
- Option to use 'modify users by templates' in Automation Policy as the last task, or any of the
instant tasks, other than the first one.
- For all HRMS based automation tasks, all the records in the database can be processed fully or
incrementally depending on the task, every time the automation is executed.
- Workflow - While configuring requestor roles, Choose Template option can be enabled
or disabled for help desk technicians.
- Scheduled reports:
- Search for report schedules from column based search, besides the schedule name search option.
- Execute the advanced scheduled reports instantly from the Run Now column options.
- Delegation:
- When configuring help desk roles, customize the Schedule Report, View Archives, and Archive
Settings options to be enabled or disabled for the technicians.
- ADManager Plus now uses an updated version of JRE (jre_1_8_0_162) for enhanced security.
- Unique encryption key for each instance of the product.
- Mobile app authorization - Options to customize logon settings to allow or disallow
logon from the ADManager Plus Android or iOS applications.
- ADManager Plus now uses an upgraded version of Apache Tomcat (version 8.5.51) for enhanced
reliability and security.
Fixes:
The following issues have been fixed in this release.
- Vulnerability issues in JSON .jar files and login password encryption.
- Issues in delegated OUs and group memberships in the Workflow module.
- Issues in scheduled reports listing nested group member values despite checking the 'Exclude nested
groups' option while configuring scheduled reports.
- Issues in configuring Microsoft 365 settings for AzureUSGovernment and the Chinese environments.
- Product crashing during the generation of scheduled 'Group for users' report.
- The groups selected and the commands added in the custom scripts section in the 'Add to Groups' task
in Automation were not getting saved.
- Issues in disabling the Hide from Exchange address list when modifying a single user.
- Error in accessing Computer modification templates.
- The OUs list for choosing group members during single group modification takes a long time to load.
- Issues in setting a photo for an AD user account through the user modification template.
- Time taken for modifying groups with more than 4000 users had been optimized.
- Unable to get shares from the server when there is a mismatch between the machine name and the DNS
name.
- When a helpdesk technician has been delegated two domains, one with only a few OUs and the other
being fully delegated, and a group is modified to remove a few group members, all the members of the
group are removed.
- Multiple Cross site scripting vulnerabilities reported by Alexander.
Highlights of Build 7066 (Released on December 2020)
Fixes:
This release includes fixes for the following issues:
- Not being able to update to the latest version of the product using the service pack.
- The version of JQuery used is upgraded to 3.5.1 for enhanced security.
- Cross site scripting vulnerabilities reported by Sean and Hendrik Noben.
Highlights of Build 7065 (Released on December 2020)
Fixes:
This release includes fixes for the following issues:
- Not being able to navigate to other tabs in a user creation template, after clicking on its Office
365 tab.
- Password never expires users report fetching incorrect data when generated through the report
scheduler.
- Recently deleted users report displaying the 'no data available' message when generated through the
scheduler.
Highlights of Build 7064 (Released on October 2020)
Fixes:
This release includes fixes for the following issues:
- Issue in updating to build 7063 using the service pack.
- Error in displaying user details while modifying users using the Single User Modification feature.
- Issue in locating a user account using the AD search if all domains configured in the product are
selected in the search scope.
- Reports on inactive objects will now be generated based on only the lastLogon value, for accuracy.
lastLogonTimestamp will not be considered as it can be updated even without logon activity, because of
Service-for-User-to-Self operations.
Highlights of Build 7063 (Released on October 2020)
Enhancements:
- Automation - Options to enable, disable and delete the
automations as required.
- User management templates - You can now configure rules to
remove users from groups with user management templates.
- Microsoft 365 management - Employee ID is automatically
assigned to Microsoft 365 (formerly Office 365) users being created through user provisioning
templates if Azure AD is configured in ADManager Plus
- ElasticSearch - for backup module is now available by
default with the product. Options to manage add or remove, the users' auth tokens.
- Traditional Chinese and Korean language support - Besides
English, ADManager Plus is available in ten other languages, viz., French, German, Spanish, Italian,
Chinese, Dutch, Turkish, Arabic, Hebrew and Japanese languages.
Fixes:
The following issues have been fixed in this release:
- Issues with displaying thumbnails for photo based reports.
- Permissions details were not displayed in exported Folders Accessible by Accounts report, when used
with SQL DB.
- Issues in utilizing the CPU memory efficiently.
- Issues in starting the product in compatibility mode with Internet Explorer versions 11 or older.
- The issue of one record missing for every 500 records added in the CSV file, when the Report from
CSV option is used for report generation.
- An error message being displayed when the new attribute values added during GPO modification were in
the long decimal format.
Highlights of Build 7062 (Released on September 2020)
Fixes:
- Password change alert to change the default password of ADManager Plus' admin account.
Highlights of Build 7061 (Released on August 2020)
Fixes:
This release includes fixes for the following issue:
Installation of service pack failing for users who:
- Have customized the columns to be displayed in the List View, to view the configured Help Desk
Technicians, in the Delegation tab.
- Are upgrading from version older than 6010 and have open Workflow requests.
Highlights of Build 7060 (Released on August 2020)
New Features:
- Site Based Delegation: This allows you to specify the
Domain Controllers (DC) that ADManager Plus must contact, along with the order of preference when help
desk technicians perform Active Directory (AD) management operations. In case a DC is not reachable,
this will enable the product to contact the next one in the defined/configured order to perform the
required operation.
Enhancements:
- Microsoft Teams - Add Office 365 users to Microsoft Teams
and channels while provisioning Office 365 users. Policy package details can also be added.
- Office 365 Management - More than 10 new Office 365
management tasks like blocking or unblocking Office 365 users, enabling or disabling MFA, mailboxes,
etc. have been included in automation and workflow.
- Option to export file server management action results.
- Workflow
- Requests will not be assigned to the requesters themselves for approval, review or execution.
- Has been fine-tuned for enhanced performance.
- Ability to delegate management of specific shares of file servers to help
desk technicians and workflow requesters.
- Disable policy: Automatically execute critical tasks like
removing a user from Skype for Business and MS Teams, enabling litigation hold, blocking Office 365
users, hiding or unhiding a user from mailbox address list in Office 365, via the Disable policy,
whenever a user is disabled using the product. You can also kill all the active Office 365 sessions
when a user account is disabled, through the disable policy.
- Option to apply SSL certificates from ADManager Plus' GUI window.
- The failed logon attempts are also recorded in the technician logon
reports.
- In automation you can exclude objects from certain tasks if you want those
tasks to be performed on the objects only once and not repeatedly.
- Additional UKG Pro attributes like employeeStatusCode,
SupervisorEmployeeNumber, OriginalHireDate, etc. are now supported with ADManager Plus-UKG Pro
integration.
Fixes:
The following issues have been fixed in this release:
- The 'report from CSV' shows incorrect results for the password expiry date column.
- Unable to raise requests in automation after workflow archival.
- In Workflow, if the requester and the requested action were in the same OU with default 'Exclude
child OUs' disabled, the requested task was not executed.
- Error message was shown when auto reply messages were set in Exchange for PowerShell version 2 and
older ones.
- Add OU option was unavailable in Automation if Modify User By template action was configured in the
Automation Policy.
- Product crashing after upgrade, due to standby status not being updated, and also when 32 bit
version of the product is run on 64 bit machine with Office 365 configured.
- When two simultaneous delete tasks were performed in the same container, the details column was
empty in the audit report for the objects.
- CVE-2017-17552 (URL redirection and CSRF) vulnerability.
- A group could be allowed to be added as a member of itself.
- Unable to create Office 365 accounts with DirSync enabled for existing AD users.
Highlights of Build 7056 (Released on June 2020)
Fixes:
- This release fixes the issue in copying files while upgrading to the latest build.
Highlights of Build 7055 (Released on May 2020)
Fixes:
- This release include the fix for the CVE-2020-24786 vulnerability, which allowed unauthenticated
changes to integration system configuration, reported by Florian Hauser.
Highlights of Build 7054 (Released on April 2020)
Enhancements:
- Report Scheduler: The creation and modification time of each report schedule is
available. The modification time gets updated everytime the schedule is edited, enabled, shared, etc.
- Help desk audit reports:
- The technician logon report will have the full name of technician in addition to the sAMAccount
name.
- In bulk management operations using CSV, the manager name can be populated by providing just the
empoyee ID.
- The ms-DS-ConsistencyGuid attribute has been added to the existing list of
Source Anchor attributes configured during Office 365 configuration.
Fixes:
- The exported audit report did not include name of template used for user creation tickets.
- Technicians not being able to modify NTFS permissions for folders, if Visible
Groups is configured for them.
- Cross site scripting vulnerability in employee search.
- The members column does not get updated when the Permissions for Folders report is
generated.
- When creating a schedule for Permission for folders report, the custom level value
entered for the Check for folder permissions upto option did not get saved.
- Error message was not displayed when a technician tries to delete an automation policy, at the same
time as when another technician links that automation policy to an automation.
- User's Remote Access Permission attribute remains unchanged when modifed using a
User Modification template with Remote Access Permission set to Control
Access through Remote Access Policy.
Highlights of Build 7053 (Released on March 2020)
Fix:
- This release includes fixes to ensure ADManager Plus is immune to unauthenticated remote code
execution vulnerability.
Highlights of Build 7052 (Released on March 2020)
Enhancements:
- If the OU name provided during creation of bulk AD objects using CSV does not exist, then a new OU
of the specified name will be created and the desired AD objects will be created under it.
- Option to display the Description field in advanced AD search results by
configuring it in the product database.
Fixes:
The following issues have been fixed in this release:
- The selected report window was blank for some customers.
- While modifying users, with CSV, when the value for removeMemberOf attribute is
empty, the user modification action failed.
- During computer modification, even if the sAMAccountName was only 15 characters long followed by $
symbol, an error message for exceeding character limit was shown.
- While scheduling custom reports, if the OUs selected during custom report configuration and creation
of automation schedule are different, the scheduled custom report will contain results from the OUs
chosen during custom report configuration.
- When configuring additional email address during single group modification for mail enabled group,
when the additional email address added is already in use for a different mail enabled group, error
message failed to show up.
- Error message failed to show up when an additional email address added during mail enabled single
group modification is already in use for a different mail enabled group.
Highlights of Build 7051 (Released on February 2020)
Enhancements:
- Support for Microsoft's upcoming security update for fixing LDAP channel binding and LDAP signing
settings.
- Any LDAP attribute can be used to locate the desired AD users using the search user Rest API.
- Request ID macro has been added to the list of macros supported in the notification
template in workflow.
- In automation, while using custom scripts to perform any user management action, it is now possible
to use data from external databases like Oracle and MS SQL as the input.
- Office phone number can be added while creating Office 365 contacts.
Issue Fixes:
The following issues have been fixed:
- The unlock Locked-out users option on the dashboard was not visible for help desk
technician after upgrades to recent builds.
- Some Office 365 reports were not available for help desk technicians even with Super Administrator
privileges, after update to recent builds.
- Permissions for folders report displayed SAMAccount name in the Display name
column.
- The user accounts modified with custom modification templates showed incorrect values for year in
the Account expiry attribute.
- SQL server did not support column encryption for versions 2014 and older.
- The Office 365 Inactive users report generated in the automation module showed
incorrect results.
- In automation, the successive tasks had to be manually triggered in certain instances.
Highlights of Build 7050 (Released on January 2020)
New Features:
- Option to modify the computer objects using templates.
- Integration with HR applications UKG Pro and BambooHR to automatically:
- Create user accounts in AD, Office 365, Exchange, Skype for Business, and Google Workspace
whenever a new employee record is added in the HR application.
- Modify users' AD accounts whenever their records are modified in the HR application.
- Delete users' AD accounts whenever their records are deleted in the HR application.
- Global search option offers the capability to search for any action in the
tool
Enhancements:
- Custom reports can be auto-generated and emailed via report scheduler.
- Closed workflow requests will be added to the archived audit report.
- Ability to view multiple archived audit reports.
- Capability to view the Distinguished Name of the deleted OUs in the audit
report.
- Ability to modify contact's container attribute using contact modification
template.
- Option to select custom report as input while configuring an automation.
- Option to view the Employee Number in the Employee Search option.
- Capability to hide or display Office 365 groups from address lists.
Fixes:
The following issues have been fixed in this release:
- While integrating with external databases, if the primary key is not added
to the Data Source - LDAP Attribute Mapping section in the configuration, the tool was not be able to
uniquely identify the user records stored in the database.
- Unable to use remote Windows Authentication to integrate with external SQL
database server with JDBC driver version 7.0.0.
- Error in performing the delete user operation initiated from ServiceDesk
Plus if the export user mailbox to a PST file was configured in the delete policy in ADManager Plus.
- Email notifications are triggered multiple times every time a workflow
request is raised.
Highlights of Build 7041 (Released on December 2019)
Fixes:
The following issues have been fixed in this release:
- When the AccountExpires attribute is modified using the Single User
Modification feature, the change is not updated.
- Not being able to modify an existing automation if automation policy is
used in it.
- Help desk technicians not being able to locate users through the AD Search
option, even if the users' OUs are delegated to the technicians.
Highlights of Build 7040 (Released on November 2019)
Enhancements:
- The existing GUI has been replaced by the much-awaited flat and sleek one,
for all active users.
- Office 365 Management and reporting:
- Group-based user license management: Bulk assign, modify, replace or revoke the licenses of
users who are members of specific groups.
- 45 new reports on Office 365 Users, passwords, and Exchange mailboxes.
- REST APIs to modify AD user accounts, add/remove users from groups, and
create workflow requests.
- The Users with Change Password at Next Logon and Users Not in Groups
reports have been added to the list of reports supported in Automation; Offers greater flexibility in
selecting the user accounts to be managed via Automation.
- Integration with PAM360, ManageEngine's privileged access
security solution, to dynamically manage PAM360 technicians' privileges.
- Active Directory users' logon hours will also be included in the Help desk
Audit report data when it is exported.
Fixes:
The following issues have been fixed in this release:
- Custom script not being executed after user creation, if the Office 365
user creation option alone is selected while creating users.
- When Password Expired Users report is generated with the Exclude Disabled
Users filter enabled, the data includes disabled AD users also.
- All Computers report not being generated when used in Computer Automation
tasks if Member Of filter is used.
- When modifying an OU using the Modify Single OU feature, Protect from
Accidental Deletion option is not enabled in the product, even when it is enabled
in AD.
- Unable to add additional domains in the logon name field of user creation
templates, while creating a new template or modifying an existing one.
- Not being able to move to other tabs after clicking the Office 365 tab in
user creation templates.
- Users Not in Groups report data not being displayed when the Show Users Not
in Any of the Groups filter is selected.
Highlights of Build 7030 (Released on October 2019)
New Features:
- Over 10 new management operations including Add or Remove Office
365 Group Owners, Modify Calendar Permissions, and more.
- Over 4 new Office 365 mailbox-based reports.
- A flat, sleek and intuitive UI for enhanced performance and user
experience.
Enhancements:
- Option to select templates during bulk group and computer creation.
- Ability to display the number of available licenses during Office 365
license management.
- Option to view which technician has imported which CSV file or exported
which report using the Data Administration option in the Audit
Reports if Data Privacy is enabled.
- Option to add Custom Reports as quick links to the custom
dashboard.
- Option to add an image URL to the logo displayed in the product.
- Option to fine-tune AD search according to the domain or object type.
- Option to exclude child OUs and view custom attributes of users in the
Employee Search option in the product login page.
- Ability to notify administrators whenever the product is down.
- Option to perform Search and Export As
operations in AD Explorer.
- Ability to display the details of all the groups specified in a CSV file,
whenever the Reports from CSV report is generated.
- Option to view all the permissions of a specific folder within the
Permissions for Folders report.
- Option to encode the data to be sent via SMS by configuring the SMS gateway
settings.
Fixes:
The following issues have been fixed:
- Unable to update the msExchPoliciesIncluded attribute while modifying
groups using a CSV.
- Audit Report does not display information about the Office
365 license management operations performed during single user creation.
- Not being able to generate the Unlicensed Users report
again, after adding columns to the previously generated report.
- Not being able to select OUs while automating the Modify Users by
Template operation using an automation policy.
- Unable to automatically update the names of renamed OUs in the delegated
OUs lists of help desk technicians.
Highlights of Build 7020 (Released on September 2019)
New Feature:
Technician Logon Report:
View logon related information such as login time, logoff time, session duration, authentication method
used, and more for all help desk technicians.
Enhancements:
- Option to delegate shared folders management to technicians by configuring
the product database.
- Capability to enable administrators and technicians to directly land on the
SAML identity provider via the product URL, by configuring the product database.
- Ability to migrate ADManager Plus database to an existing Microsoft SQL or
PostgreSQL database.
- Option to specify the database server instance while migrating the product
from one database to another.
- Option to update the modified password of Microsoft SQL database, in the
product, by executing a batch file.
- Ability to specify sAMAccountName, UserPrincipalName, distinguishedName, or
email attributes as search criteria for user objects in REST API requests.
- Supports integration with SSL-enabled Microsoft SQL Server.
Fixes:
The following issues have been fixed:
- Identification of ADMX files while editing GPO settings using
the Manage GPOs option.
- If a technician attempts to logon to ADManager Plus via SSO, and the logon
attempt is unsuccessful due to the technician account being disabled or not configured as a technician
in ADManager Plus, the technician account is not logged out of the IdP.
- A technician will be able to view all the OUs in the Select
Domain/OU/Site drop-down of the Manage GPO Links operation, even if those
OUs are not delegated.
- Unable to logon to ADManager Plus via NTLM Single Sign-On using machines
that do not exist within the domain.
- Not being able to execute the other instant tasks specified in the
automation policy, if one of the instant tasks is Remove Office 365 License.
- The Successfully modified message is displayed to
technicians trying to deselect the Protect object from accidental deletion during
single or bulk OU modification, despite the change not being reflected in AD.
- Issue in adding or removing Office 365 licenses.
- Scheduled reports sent via emails can be accessed by users who do not have
the necessary privileges.
- The Backup Settings option in the Backup tab does not
display the domains configured in the product.
Highlights of Build 7012 (Released on July 2019)
Enhancement:
- Custom attributes support in OU creation, modification and reporting.
Fix:
- Unable to list the permissions in the Folders accessible by accounts
report, if the database bundled with the product is Microsoft SQL.
Highlights of Build 7011 (Released on July 2019)
Enhancements:
- Exchange Server 2019 support: ADManager Plus extends the scope of its
Exchange management and reporting capabilities to Exchange Server 2019.
- SAML-specific additions:
- Force SAML-based authentication: Allow access to ADManager Plus only through SAML single sign-on
(SSO).
- Custom ACS URL: Option to use a customized ACS URL to process SAML-based SSO requests.
- SAML Logout support: Logging out from ADManager Plus will also logout the users from the SAML
SSO provider. This option can be enabled from the product database.
- Captcha Support: Option to enable Captcha, for enhanced security during
ADManager Plus logons, from the product database.
- Custom script wait time: Specify the time for which the product must wait,
before proceeding with the appropriate operations, whenever custom scripts are triggered from the
product.
- Granularity in configuring permissions on the product's installation
folder: Configure access to
ADManager Plus' installation folder only to the desired users, along with the relevant permissions or
level of access.
Fixes
- Issues in backing up AD objects have been fixed.
Highlights of Build 7010 (Released on July 2019)
New Feature:
Active Directory backup and recovery:
- Incremental or full backup of Active Directory objects.
- Granular or complete restoration of AD objects.
- View the current and previous values of modified object attributes and
compare them.
Enhancements:
- Capability to exclusively delegate the Clear All Group
Memberships rights to technicians for bulk user management.
- REST API for single OU creation.
- Increase in the number of AD users that can be created by technicians using
the REST API.
- Office 365 support for users for whom proxy server settings are enabled.
- Capability to automatically revoke group memberships of users after a
specific duration using the Business Workflow.
- Option to use automation in Microsoft SQL Servers, Oracle databases, Zoho
People and Workday integrations for routines such as enabling/disabling a user, adding/removing users
from groups, and modifying users using a template.
- Option to export users' mailbox content as a PST file automatically,
through the disable policy, whenever user accounts are disabled.
Fixes
The following issues have been fixed in this release:
- Not being able to export user mailboxes if the Exchange Server and the
mailbox users are located in different domains of the same forest.
- Unable to display the names of users who belong to other domains but are
members of a global/universal group.
- Issue in updating a user's profile image using the Manage User
Photos option.
- Unable to export a user's mailbox to a PST file, if the home folders are
also selected for deletion in the delete policy.
- Issue in fetching all the users while performing Office 365 management
actions even when all relevant permissions are assigned to that technician.
- Issue in disabling users' mailboxes.
- Issue in sending email notifications to new mailboxes.
- Issue in creating Skype for Business server accounts while creating AD user
accounts.
ManageEngine ADManager Plus 7.0.0
Highlights of Build 7000 (Released on July 2019)
New Features:
- Office 365 contact creation.
- Over 20 new reports under different categories like Contact reports,
Exchange Online Mailbox reports, OWA reports and more.
Enhancements:
- Option to apply OU-based filters while generating reports and performing
management actions on dir sync-enabled O365 users.
- Create room mailboxes exclusively in Office 365.
- Office 365 reports now display an object's AD attributes.
- The permissions filter in the Folders accessible by accounts report
offers granular options to view the data
- For specific permissions
- For any specific level of access
When this report is exported, all the selected permissions and their level of access will also be
displayed in detail.
- All Office 365 management actions and reports have been moved to the Office
365 tab for easy access.
- Option to backup and restore MS SQL database configured in ADManager Plus.
- Option to export users' mailbox content as a PST file automatically,
through the disable policy, whenever user accounts are disabled.
- Support for Skype for Business 2019.
- Option to enable/disable the MAPI protocol for Exchange mailboxes during
user creation or modification.
- Option to view workflow and management notifications in the ADManager Plus
mobile app.
Fixes
The following issues have been fixed in this release:
- Help desk technicians not being able to access the help desk password reset
console despite having the required role.
- Issue in adding or removing columns in custom reports.
- The status message of CSV-based bulk user modification operation displays
only the final error and not all the errors.
- When a specific file server is delegated to a user via group delegation,
while assigning the help desk technician role to that user, all the file servers get assigned to that
technician automatically.
- Issue in differentiating between the OUs with the same display names while
delegating them to a technician.
- Issue in copying the memberOf attributes of users while using the
Copy User Attributes option in templates.
- Issue in exporting the Inactive Users report.
- Not being able to generate Shares in the Servers report if
shared folder names contain special characters.
ManageEngine ADManager Plus 6.6.6
Highlights of Build 6660 (Released on March 2019)
Enhancements:
- Capability to edit all administrative template settings of a GPO, including
the custom template settings.
- Capability to add an AD object's manager as an approver and/or reviewer in
the business workflow. This will enable managers to have complete control over the creation,
modification, and deletion of objects they manage.
ManageEngine ADManager Plus 6.6.5
Highlights of Build 6659 (Released on February 2019)
New features:
- ADManager Plus supports Arabic and Hebrew languages.
- ADManager Plus now supports Windows Server 2019.
Fix:
- This release includes the fix for CVE-2018-19374 vulnerability (The issue
of all authenticated users getting write permission for all files in the bin folder is fixed).>
Highlights of Build 6658 (Released on February 2019)
Enhancements:
- Option to hide users from Global Address List (GAL) and enable
mailbox auditing for Office 365 users during user creation.
- The disable policy allows you to disable litigation hold, convert a user
mailbox to a shared mailbox and remove users from all Office 365 groups.
- Realtime email notifications for all management actions performed,
including the ones executed through automation and workflow, with details such as title, department,
and sAMAccountName.
Fixes:
The following issues have been fixed in this release:
- Issue in deleting a Google Workspace user account, when the associated AD
user account is deleted, even if Delete Google Workspace user account is configured in the
delete policy.
- Issue in moving the archived technicians audit reports stored in MS SQL
database, after upgrading to the latest build.
- Issue in displaying Office 365 sub-license (tenant type) in templates, if
the license base subscription includes only one sub-license.
- Issue in the execution of user creation rules in templates while creating a
user despite not modifying the rules or the template after upgrading to the latest build.
- If multiple domains have been configured in the product, the existing
members are not selected in the Select Members pop-up during single group modification.
- Issue in removing users from groups using the modify user by
template option in the workflow.
- Performance issues in the dashboard.
Highlights of Build 6655, 6657 (Released on December 2018)
New Features:
- Customizable Dashboard: The ADManager Plus dashboard gets a makeover with an
intuitive flat UI. It also offers the following customizations :
- Add widgets to group together the necessary reports based on the needs of the organization.
- View OU specific data in the dashboard.
- Have reports of each domain in a separate tab.
- Add the most frequently used management actions and reports as the quick links section.
It is also possible to track the status of the workflow requests right from the dashboard, and if
needed, administrators and technicians can drill-down to the actual ticket to perform the required
action.
Enhancements:
- Option to add alternate naming formats to avoid duplication: During user creation,
avoiding duplicates becomes easier with the option to use another naming format, if the username
already exists.
- Enforce two factor authentication (TFA) for SAML-based SSO: Two-factor
authentication can be enforced for users logging in to ADManager Plus through SAML-based SSO.
- Option to override the Prevent from accidental deletion restriction for user objects is added to the
delete/disable policy.
- Set the account expiration date of users also using the enable user REST API.
- The audit report will also display the name of the template used, when a user is modified using a
template
- When deleting a template, the list of all automated tasks as well as policies, and workflow requests
in which the particular template is used will be displayed.
- Performance enhancements:
- The refresh option in the Accept messages from and Reject messages from popup while setting the
Exchange delivery options is now 30 times faster.
- The Report from CSV is now 9 times faster, for up to 130,000 records in a CSV file.
- Member selection popup in user management and other object management actions is 6 times faster.
Fixes:
The following issues have been fixed in this release
- Issue in connecting to the product database from the standby server.
- Issue in setting primary SMTP addresses as additional email addresses if Automatically update email
addresses based on policy option is selected.
- When user accounts are created via automation, SMS notifications were display blank passwords.
- Reviewer name is not mentioned in the workflow notifications sent to the reviewers.
- Error message not being displayed properly in the Smart Card Authentication page.
- Technicians not being able to automate user creation/modification despite having the required rights
and permissions
- Issue in updating the Office 365 User Prinicipal Name during single and bulk user creation.
- Not being able to unlock accounts from the Reset password console of help desk technicians.
- Product crashes while generating the Folders accessible by accounts report when there are more than
5000 objects.
- Product crashes while generating the Detailed group members report.
- Issue in modifying mailboxes that have special characters in their names.
- Issue in removing photos of users.
- Issue in displaying the error message when incorrect CSV format is used for single group
modification.
- Technicians being able to perform the Remove from group action, if they have only the Add to group
permission.
Highlights of Build 6653 (Released on October 2018)
Fix:
- This release fixes the database connectivity issue which affected the performance of product.
Highlights of Build 6652 (Released on September 2018)
Enhancements:
- This release includes enhancements to meet the GDPR requirements, and also
fixes installations issues.
Highlights of Build 6651 (Released on September 2018)
New Features:
Integration with Zoho People and Workday:
This integration offers the capability to automatically:
- Create user accounts in AD, Office 365, Exchange, Skype for Business, and
Google Workspace whenever a new employee record is added in the HR application.
- Modify users' AD accounts whenever their records are modified from the HR
application.
- Delete users' AD accounts whenever their records are deleted from the HR
application.
ServiceDesk Plus integration:
You can now perform the following user management actions from within the
ServiceDesk Plus console:
- Modify Department
- Modify Manager
- Add users to group
- Remove users from group
- Set folder permissions
- Remove folder permissions
For enhanced user management, you can perform the following actions using user
modification templates:
- Enable users
- Disable Users
- Reset Password
- Unlock Users
- Modify Department
- Modify Manager
- Add users to group
- Remove users from group
Enhancements:
- Enhanced integration with MS SQL and Oracle databases: This allows
automated modification or deletion of users' AD accounts whenever their corresponding user records are
modified or deleted from Oracle or MS SQL database.
- Technicians will be able to view and edit GPOs that are linked to delegated
OUs only.
- Automated ADManager Plus license expiry notifications to administrators via
email. These emails will be sent everyday starting from 10 days before license expiration.
- Option to enable email notifications about webinars, seminars, workshops,
product release and promotions.
Fixes:
The following issues have been fixed in this release:
- While generating Permission for Folders report, there is a slight delay in processing the Stop
Generation request.
- If workflow is enabled for automated tasks, the successive task configured in the automation policy
gets executed even before the instant tasks are approved.
- Issue in database backup if temporary tables are present.
- Unable to generate NTFS reports if the domain name starts with a number.
- Exported files are not available in specified file format in the storage path.
- Unable to migrate from MySQL to pgSQL database.
- XXE vulnerability that occurred while applying the license.
- While generating detailed group members report, the report does not display the common users of the
selected groups.
- Two factor authentication vulnerability issue.
Highlights of Build 6642 (Released on September 2018)
Fixes:
The following issues have been fixed in this release:
- EBD-ID: 45256 (XSS) vulnerability.
Highlights of Build 6641 (Released on July 2018)
Fixes:
The following issues have been fixed in this release:
- Unable to export detailed group members and Office 365 reports in XLSX format.
- Unable to perform advanced search for objects using the AD search functionality.
- Issue in assigning Email alias value while creating an Office 365 user account.
Highlights of Build 6640 (Released on July 2018)
New Features:
Integration with Splunk server: Forward Active Directory log data
to Splunk server for detailed auditing.
Delegation of Office 365 tenants and Google Workspace accounts:
- Delegate Office 365 management and reporting to help desk technicians with
the option to assign only specific Office 365 domains and licenses.
- Delegate Google Workspace management and reporting to help desk
technicians.
New Office 365 group reports to list groups with owner,
groups without owner, and size of groups in Office 365.
Enhancements:
- GPO enhancements:
- Option to rename the GPOs.
- Option to copy existing GPO links of domains or sites while creating new
GPO links.
- When the distinguished name of an OU, group, or user attribute is
changed in AD, it will be updated in ADManager Plus templates and workflow requests
automatically in the appropriate fields (container, memberOf, and manager).
- Automate the execution of approved workflow requests using scheduler.
- View NetApp server permissions also using NTFS reports.
Fixes:
- Unable to update correct legacyExchangeDN value if umlaut characters are present in the
full name attribute.
- Unable to search the help desk audit report using action name, action category, or module used
fields.
- Issue in generating reports through scheduler.
- Issue in showing or hiding the option to trust the browser for 180 days while configuring OTP via
email in two factor authentication.
- Requesters having OU restriction will be unable to create requests to modify user using template in
workflow if the container is not specified in the template.
- Issue in setting logon restrictions for accessing computers in Modify User by Template request in
workflow.
Highlights of Build 6633 (Released on June 2018)
Enhancements:
This build includes the following enhancements to comply with the General Data Protection Regulation
(GDPR).
Settings to help ADManager Plus users comply with the GDPR
- User will be prompted for consent while integrating with third party applications.
- While adding custom LDAP attributes, administrators can specify if the LDAP attribute belongs to PII
(Personally Identifiable information) category.
- During deletion of techncians, you can enable the option to anonymize the technician's name
displayed in the audit report.
- Password protection for exported reports, database backup, and archived audit report files.
Enhancements for ADManager Plus to be compliant with the GDPR
- Technicians' passwords stored in the database are encrypted using bcrypt algorithm.
- Database access via command prompt or client tool is secured with a password.
- Privacy settings for the GDPR are enabled by default for customers in the European Union.
- Report export and CSV file import actions are audited.
- Sensitive information such as email server and email addresses are masked in the UI of connection
settings.
Highlights of Build 6632 (Released on May 2018)
Enhancements:
Single sign-on to ADManager Plus using SAML authentication: You can set up single sign
on to access ADManager Plus through any of these popular identity providers.
- Okta
- OneLogin
- Ping Identity
Highlights of Build 6631 (Released on April 2018)
New Features:
Zendesk integration: Help desk technicians can create users in Active
Directory, Office 365, Exchange Server, Skype for Business, Lync, and Google Workspace from the Zendesk
console.
They can also perform the following user management actions from within the Zendesk console:
- Reset passwords
- Enable or disable user accounts
- Unlock user accounts
- Delete user accounts
Enhancements:
- Active Directory management add-on license: ServiceDesk Plus
customers can avail the AD management add-on license which allows help desk technicians to execute
important AD user management actions from within the ServiceDesk Plus console.
Fixes:
The following issue has been fixed in this release:
- While processing a single user creation request, the approver is unable to view the email address
entered by the requester.
Highlights of Build 6630 (Released on March 2018)
New Features:
- Office 365 group creation: Create distribution groups, mail enabled
security groups and regular Office 365 groups in bulk using CSV files.
Enhancements:
- After generating Office 365 group members report, you can filter the data
to view only members of specific groups.
- Option to execute custom script on successful creation and
modification of room and equipment mailboxes.
- Supports management of Office 365 tenants configured in independent Azure
cloud deployments, including Azure Germany and Azure China.
- While removing NTFS permissions for folders, you can now preview
permissions before updating the changes in Active Directory.
- Remove Send As and Send on Behalf permissions in Exchange Online for
multiple mailboxes.
Help desk role:
- Delegation of NTFS and share permissions modification rights to
technicians is now granular and includes options such as include inheritable permissions from this
object's parent and more.
- While assigning permissions to generate reports to the technicians, you
can allow or deny the permission to use report scheduler.
Workflow:
- Option to resend a failed user or contact creation request
or rejected request by the requester for processing it again.
- Super admin can assign unassigned requests to any specific
technician.
Fixes:
The following issues have been fixed in this release:
- Path traversal and DoS attack vulnerabilities.
- Unable to view archived audit reports.
- Unable to update primary email address for mail enabled users and contacts.
- Email notifications are not sent after performing bulk management actions using CSV file.
- Unable to set mailbox delegation properties such as full access rights, send as and send on behalf
for Office 365 shared mailboxes.
- Unable to save HTTP Request Headers while configuring custom SMS provider settings.
- Unable to enable hide from Exchange address list in group modification.
Highlights of Build 6622 (Released on March 2018)
Fixes:
The following issues have been fixed in this release:
- Error in exporting reports in any chosen format if the attribute values begins with +,-,= or @.
- SIP URI field in Skype for Business/Lync Server settings is set as a mandatory field in system
template even though it is not mandatory.
- Error while modifying previously configured delete/disable policy.
Highlights of Build 6621 (Released on February 2018)
Fixes:
The following issue has been fixed in this release:
- For greater security, logging of audit data to a flat file will be disabled by default.
Highlights of Build 6620 (Released on February 2018)
New Features:
- RSA SecurID-based authentication:
You can now use RSA SecurID as an option for Two Factor Authentication (TFA)
for secure access to ADManager Plus.
- Single Sign-On to logon to ADManager Plus:
Users can access ADManager Plus by just logging on to their Windows
machines, by enabling Single Sign On.
- Configure Auto reply in Office 365:
Enable, disable, or schedule auto reply for the Exchange Online mailboxes of
multiple users. You can also set separate messages for internal and external users.
Enhancements:
- Remove group memberships while modifying users, computers, groups
and contacts and remove proxyAddresses for users, groups and contacts in bulk using CSV file.
- Update the manager field for users, computers, groups and OUs using
sAMAccountName in CSV file while modifying them in bulk.
- Auto reply can be configured for users using modification templates
in single user modification.
Notification:
- You can create notification profiles exclusively for OUs.
- While viewing scheduled automation, reports, and advanced reports, you can
now use filters to view only the ones created by you, shared by you, and shared to you.
Export user mailbox:You can use delete policy to automatically export user mailboxes to
the specified location before deleting the Active Directory user accounts. You can also track the
status of the export mailbox operations with Mailbox Export History option.
Skype for Business/Lync:
- Modify users' Skype for Business/Lync properties using the single
user modification feature.
- Assignmobility policy for users in Skype for Business/Lync Server
2013 and above using templates during single user creation and modification.
- Modify users' Skype for Business/Lync policies such asLocation, Client
version, Client, PIN, Mobility, External accessin bulk user modification.
Fixes:
The following issues have been fixed in this release:
- Unable to update user photos to exchangePhoto attribute in bulk user modification.
- Unable to edit, create or delete GPO if LDAPS feature is enabled in connection settings in ADManager
Plus.
- Users not listed while configuring auto reply settings using bulk user management feature.
- Error in configuring multiple email addresses for administrator in Email server settings.
- Unable to configure HTTP Request Headers in SMS gateway settings in Admin settings.
- Error in displaying the owner name in Shares in the servers report.
- Unable to change templates while processing workflow requests.
- Technician's name displayed as ADManager Plus Admin even if actions were performed by other help
desk technicians through workflow module in help desk audit report.
- CVE-2017-17552 (URL redirection and CSRF) vulnerability.
Highlights of Build 6613 (Released on January 2018)
New Feature:
Enhancement:
- Manage O365 users' licenses and Exchange Mailbox settings from inactive users report:
Right from the inactive Office 365 users report, it is now possible to
assign, remove or revoke Office 365 licenses and also manage Exchange Mailbox settings, such as
Mailbox delegation, Hide from address lists, Add additional Email addresses and more, of Office 365
users.
Highlights of Build 6612 (Released on December 2017)
Enhancements:
- Option to execute a custom script on successful contact creation and modification, and group
modification also.
- You can now enable the Protect object from accidental deletion option
while creating and modifying objects (user, computer, group, contact) individually or in bulk.
- While creating dynamic distribution groups, you can use Telephone
number and Other telephone also in the conditions to decide the recipients.
- While creating and modifying objects, you can now import a CSV file
to specify values for memberOf field.
- Modify the credentials of the Office 365 account specified in
ADManager Plus Office 365 settings.
- When a help desk technician is created, the selected user s email
address and description in AD are auto-updated in the technician s profile. They can be changed
whenever needed.
- Select the desired DAG while creating users Exchange mailboxes
via bulk user modification, workflow, and automation features
- In account creation and modification templates, you can now:
Edit the rules already configured in account creation and
modification templates.
Append new groups to the values already configured in the memberOf
field in existing creation and modification templates.
Rule-based value assignment can now be performed for logon name, custom
attributes, terminal user settings, and more.
Fixes:
The following issues have been fixed in this release:
- Unable to update the value for mAPIRecipient custom attribute configured in ADManager Plus while
creating mail-enabled contacts using CSV file.
- Unable to update manager field using sAMAccountName in CSV file import.
- Incorrect time displayed for execution of successive tasks configured in automation policy in the
workflow requests section.
- Unable to delete or disable mailbox(s) from mailbox-enabled users report.
- Executors unable to edit or view some of the workflow requests.
- Requests not displayed in the All requests page in workflow while using the MS SQL as the product
database.
Highlights of Build 6611 (Released on December 2017)
New Features:
ADManager Plus strengthens its Office 365 management and
reporting with these new capabilities:
- User management: Reset passwords, block and unblock Office 365 users in bulk.
- Exchange Online mailbox management:
Manage the mailbox features, permissions, and retention policies of users'
mailboxes
Delegate shared mailboxes and manage retention policies.
Office 365 reports: Adds exclusive reports on dynamic distribution groups and their
members.
You can also delegate the new Office 365 management and reporting capabilities to help desk
technicians. Also, for enhanced user experience, all Office 365 related capabilities are now placed
under an exclusive Office 365 tab.
Fixes:
The following issues have been fixed in this release:
- Unable to export reports if the logo file is not found.
- Selected group(s) not being displayed while viewing or editing schedule settings for advanced
reports.
- Unable to reject workflow request if the user is added as an executor and not an approver.
- Unable to access the calendar for setting the execution time while configuring a new automation.
Highlights of Build 6610 (Released on November 2017)
New Features:
- Custom Report builder:
The new version of ADManager Plus allows you to create Active Directory reports specific to your needs.
While creating custom reports, you can
- Choose specific domains, and OUs for which the report has to be generated.
- Create reports for any of the objects such as users, groups, computers, and contacts
- Group the custom reports into different categories.
The solution also offers the ability to modify or delete the custom reports and delegate the reports to
relevant help desk technicians.
Enhancements:
- Help Desk - Reset Password Console option in the home page has an additional option
to generate Random Password in the Reset Password actions
Automation:
- Notifications: Email and SMS alerts to notify users about the execution of any
automated task.
- Group management: Automated group membership management just got better with new
actions such as Add groups and Remove groups.
- User management: Option to automate user management via Office 365 reports.
- Office 365 license management: You can now automatically remove the Office 365
license assigned to users, at the desired time.
Business Workflow:
- Multiple business workflows: Create and use as many workflows as needed, for
monitoring the execution of different types of AD tasks.
- Integrated request assignment and notification rules: Set the assignment and
notification rules, easily and quickly, in a single operation.
- While setting rule criteria, you can now set a rule based on the domain name in Assigning Rules in
Workflow
Fixes:
The following issues have been fixed in this release:
- While running a custom script configured in Delete policy while deleting users, you can now retrieve
the department name of the deleted user(s) apart from the samAccountName of the user(s).
- Error in Exchange mailbox database quota values if the mailbox has "Use the default database quota".
- Unable to enter case-sensitive values in Titles & Departments and Offices & Companies in Admin
settings.
- Error in naming the licenses in Assign Licenses field in user creation
- When the country code is entered, the product populates the wrong country in user and contact
creation
- Unable to receive SMS notification on account unlock
- In syslog integration, the technician's name was missing in the help desk audit report.
- ADMP-SDP integration has an authorization error in SDP if the technician is deleted and recreated in
ADMP with the same set of credentials.
Highlights of Build 6601 (Released on October 2017)
New Features:
- Office 365 Management:
- Standalone Office 365 user provisioning: You can now create user accounts in Office
365 without having to provision AD accounts.
- Separate UPN for Office 365 users: You can set a separate User Principal Name for
Office 365.
If not mentioned, the default UPN will be the logon name.
- Support for new Exchange Online attributes: You can configure new attributes such
as E-mail Alias,
Litigation Hold and In-Place Archive in Office 365 properties in single and bulk user creation and
Office 365 account creation for AD users.
- Linked Mailbox Management:
- You can configure Single Linked Mailbox supported by Linked Mailbox Creation Template in mailbox
management.
- Contact Management:
- You can modify the group attributes of the contacts by adding or removing them from groups.
- ADManager Plus adds Turkish language to the list of non-English
languages it supports.
Enhancements:
Office 365 Management and Reporting:
- You can now filter the Office 365 users based on licenses in Office 365 reports and management
actions such as Assign/Remove Licenses.
- OU filter can be applied while performing Exchange Online management actions such as Mailbox
Delegation, Hide from address list and Email forwarding in Office 365 management.
- Exclude active AD users from inactive Office 365 users report: You can now generate Office 365
inactive users report with some AD data.
Option to exclude active AD users from inactive Office 365 Users report if the configured Office 365
tenant/domain is directory sync enabled is available.
Automation:
- User Automation:
- In Reset Password action, you have an option to generate 'Random Password'.
- You can perform new tasks such as Delete Home folder and Disable Lync.
- The Auto Reply feature can be enabled or disabled and you can configure automatic replies to be
sent inside or outside the organization within customizable timelines.
- The Contact Automation category supports new tasks such as Move Contact, Add To Group and Remove
from Group.
- You can now automate the task of running custom scripts in Computer Automation category.
- While setting time period for successive tasks execution in the Automation policy, you can set time
period in terms of hours.
User Management:
- While implementing Delete/Disable User Mailbox in Exchange, you have the option to display users
list for multiple mail servers so you can perform management actions on multiple mailbox users.
- While modifying users with CSV, you can now locate the user with samAccountName attribute for the
manager in addition to the Distinguished Name.
- While setting rules in User Creation and Modification template you can now use the new field
'Description' while setting conditions for creating users and a new attribute of 'Logon Script' has
been added to the Assign Values section.
- The user photos for AD and Exchange can be managed in User Creation and User Modification template
with support of high resolution photos of Exchange users. The photo will be resized automatically if
the uploaded photo is greater than the size limit of the corresponding attribute in AD.
Reports:
- The All Users report can now display the attribute 'Home Drive' of the users.
- The Permissions for Folders report can now display the attribute 'Display name'.
- Now you can send passwords to other stakeholders such as user's manager, any technician and the
admin apart from the user for any password related management actions in the notification profile.
Shared mailbox creation:
- You have an optional feature to auto map the Shared Mailbox to any mailbox to which a user has full
access permissions.
- You can now set a custom script to be executed on mailbox creation.
Fixes:
The following issues have been fixed in this release:
- When disabling a user, there was an error in moving Macintosh folders with lengthy path configured
in the disable policy.
- Even after the automation task was disabled, the configured successive tasks were executed.
- Unable to select contact creation templates while assigning templates for requesters for non-English
languages.
- Include/Exclude groups feature in modifying help desk technician in Delegation was not working in
Modify Single Group list.
- If the update user was done before memberOf completes loading, the group membership was deleted in
AD
- Error in generating Permissions for folder report when more than 100 folders are selected.
- Unable to see the mail contacts while trying to configure 'Forward to' for a user mailbox in user
creation through ADManager plus.
- While mailing Office 365 License details report, the attachment containing the report was not sent.
- While modifying users using CSV in Automation, the product will locate the user(s) with the help of
unique attributes such as userPrincipalName, Distinguished Name or samAccountName and make the desired
changes.
- Similar to AD, users without Delete SubTree permission can now delete users using ADManager Plus.
- The Office 365 users created using ADManager Plus not displayed while performing the Office 365
management actions.
Highlights of Build 6591 (Released on September 2017)
New Features:
ADManager Plus now,
- Automatic AD user creation by fetching user data from HR databases (MS SQL and Oracle databases).
- Sends its log data in Syslog format for analysis to a Syslog server, thus facilitating comprehensive
audit to ensure network security.
Click
here to know more.
Enhancements:
ServiceNow:
- Capability to alter user's group membership.
- For enhanced security and to block unauthorized access, ADManager Plus can now be accessed from your
ServiceNow if and only if your ServiceNow instance is configured on ADManager Plus web-console. Read
more.
You can now configure your ServiceDesk Plus integration with ADManager Plus from the new 'Integrations'
tab. Read
more.
Fixes:
The following issues have been fixed in this release:
- Domain synchronization failure in ADManager Plus when settings are updated on to the AD360
installation that encapsulates the former's setup.
- Unintended overwriting of default domain name with value from user modification template.
Highlights of Build 6590 (Released on August 2017)
New Features:
GPO management:
- Create GPOs: Now you can create GPOs and link them to OUs, sites, or a domain
(either at the time of its creation or later) without using GPMC.
- Edit GPOs: Options to search and modify the administrative template settings, for
both computer and user configurations, have been provided now.
- Delete GPOs: You can now delete single or multiple GPOs, in one go.
Archive audit report: The new feature helps archive help desk audit reports as well as
customize the archive interval and the retention period.
Enhancements:
- Report driven GPO management: You can now delete a GPO, enable the user
configuration settings, computer configuration settings, or enable/disable all the settings from 'GPO
Reports' itself.
- GPO management:
- 'Link GPO' option helps to link existing GPOs to multiple containers, at once.
- A revamped UI which lists GPOs, and also has a toggle button to easily enable or disable the
configuration settings.
- Scheduled audit reports: You can now generate reports automatically at a specific
time or at regular intervals.
- Custom LDAP attributes: ADManager Plus now supports LDAP attributes with
Generalized-Time syntax (UTC coded time).
- JRE upgrade: ADManager Plus now uses updated version of JRE for enhanced security.
- UPN/email suffix selection:
- Using ADManager Plus, you can now select the UPN suffixes and email suffixes which are already
configured in your domain.
- Remote routing address suffixes can be selected from the addresses configured in your Office
365.
- New suffixes can be added to users' UPN, email address or remote routing address, without
actually creating a new suffix in AD or Office 365 domain.
Fixes:
The following issues have been fixed in this release:
- Child OUs being displayed multiple times while editing 'User Creation Templates'.
- Danish characters , , and not accepted during user creation ('Simple display name' field).
- Shared folder creation error when the home directory ends with '$'.
- Issue while connecting to Office 365, if the machine where ADManager Plus is installed has .NET
framework (version 3.* and 4.*) and Exchange server (2007 or 2010).
- In 'Disable/Delete Policy', the home folder attribute not getting updated in AD, even after
successful movement of home folder.
- Prompting for OU name during bulk OU creation, though the CSV file already contains the name of OU
in which new OUs are to be created.
Highlights of Build 6583 (Released on August 2017)
New feature:
REST APIs: ADManager Plus offers REST Application Programming Interfaces (API) to
enable users of other applications such as help desk tools, to access ADManager Plus, and carry out the
necessary AD user management tasks from their applications. Using these APIs, you can perform the
following AD management operations without logging into ADManager Plus:
- Create user
-
Reset user password
-
Enable or disable user
-
Unlock user account
-
Delete user
-
Search user
Click here for more details.
Highlights of Build 6582 (Released on July 2017)
Enhancements:
File Server Management capability has been enhanced with option to
-
Create workflow requests for granting or modifying shared folder permissions.
It is also possible, while creating the request, to select a specific time duration, such as 30
minutes, one hour, two hours, one day, or permanently, for which the permissions being assigned must
be valid. After the specified time period, users' permissions will be automatically reverted.
- Modify or remove the NTFS/share permissions of multiple users and groups at once.
- Restrict the file server management permissions of help desk technicians to only specific file
servers.
Fixes:
The following issues have been fixed in this release:
- Country codes not being displayed in reports.
- When audit reports are
generated and emailed via scheduler, reports are not attached with the email if CSV is selected as
the report format.
- Exchange Servers of specific DAGs not being listed during mailbox creation.
- While modifying groups in bulk via CSV, product screen becomes blank if sAMAccountName is edited
after importing the data from the CSV file.
Highlights of Build 6581 (Released on July 2017)
Enhancements:
-
Sharing report schedules and automations: It is now possible for the administrator
or any help desk technician to share the report schedules and the automations configured by them,
with fellow technicians. The technicians with whom the schedules or automations are shared will be
able to view their details and also execute them.
- While exporting the reports, it is now possible to exclude the description and export only the
report data.
Fixes:
The following issues have been fixed in this release:
- Not being able to fetch the permissions assigned on Oracle ZFS servers using permissions for folders
report.
- Product hangs while specifying
password during user creation or resetting passwords of users, if smart card authentication is
enabled.
- 'Exclude child OU' option not working properly while generating users' real last logon report via
report scheduler.
- Product stops responding while removing the last SMTP address when it is configured as a custom
attribute in a user modification template.
Highlights of Build 6580 (Released on June 2017)
New Features:
- Active Directory management notifications: This feature notifies all the relevant
stakeholders via email and/or SMS, whenever an AD, Office 365 or Exchange management action is
executed. Further, the notification messages can be customized based on the management action
performed, the domain in which it is performed or the technician who is performs the action.
- Litigation hold enabled Exchange Online mailboxes report: View all the Office 365
users for whose Exchange Online mailboxes the litigation hold option is enabled.
- Recently created, modified, and deleted contacts reports: Fetch the complete list
of recently created, modified and deleted Active Directory contacts.
- Exchange Online (Office 365) mailbox management: Enable litigation hold and
in-place archive, and also add proxy addresses for the mailboxes of Office 365 users in bulk, using
the new features added to the Exchange Online management module.
- ServiceNow integration: IT help desk technicians can now create Active Directory
users, and also manage them reset passwords, enable or disable, move, unlock and delete user
accounts easily and instantly, right from within the ServiceNow console.
- Product update notification: This option keeps you informed about the new features
and enhancements added to ADManager Plus so that you can update your installation to the latest
version.
Enhancements:
- Office 365 management:
- Flexibility to choose any attribute other than the default 'objectGUID' as the 'sourceAnchor' to
replicate changes made in the on-premises AD in Office 365 environment.
- Option to automatically install MSOnline PowerShell module for Azure Active Directory,
prerequisite for managing Office 365 accounts via ADManager Plus.
- While creating shared mailbox in Office 365, it is now possible to specify an email address
also, along with the other settings.
- Organizational unit (OU) modification:
- Single OU modification: Allows you to make the desired changes to any specific OU.
- OU modification templates: Allows you to modify multiple
attributes of an OU, all at once.
- Protect OU from accidental deletion option in CSV-based bulk modification of OUs.
- Custom script option in computer, OU and group creation templates, to execute the desired action
after the completion of computer, OU and group creation tasks.
- Contact creation: Option to use templates while creating contacts in bulk.
-
Delegation:
- Option to set a default template for each domain in which the technician has been allowed to
carry out the assigned management actions.
- Audit reports now also display the module that was used by the help desk technicians while
performing the assigned actions.
- All users report will now display users' profile photos also, if available, along with all the
other details about the users.
- While creating Exchange mailbox for users via the single user creation feature, it is now possible
to select the desired DAG too.
Fixes:
The following issues have been fixed in this release:
- XSS issue in help desk roles, assignment rules in workflow and detailed group membership report.
- Issue in migrating from MySQL to MSSQL database.
- The 'Exclude Child OUs' option not functioning properly while generating the 'users with empty
attributes' report through scheduler.
- Office 365 license not being removed properly using the disable policy.
- Error in generating the 'computers not in group' report.
- They keystore password not being encrypted when the 'Encrypt Keystore Password' option is enabled.
Highlights of Build 6570 (Released on April 2017)
New Features:
- Group-based help desk delegation: You can now delegate help desk roles to AD
groups as well.
- Exchange Online (Office 365) management: The following Exchange Online management
features have been added:
-Disable/delete remote mailbox: This feature lets you disable or
delete remote mailboxes. You can also choose to disable only the archive of a remote mailbox.
-Mailbox delegation: You can grant full access, send on behalf, and
send as permissions for Office 365 mailboxes to specific users and groups.
-Hide from address lists: You can hide or unhide specific users from
address lists.
-Email forwarding and storage limits: This feature allows you to
manage the settings for email forwarding and storage limits.
- Office 365 reports:
The following new Office 365 reports have been added:
-Never logged on users report: Generates the details of all those
Office 365 users who have never logged on.
-ActiveSync enabled users report: Displays all ActiveSync enabled users
in your Office 365 environment.
-Shared mailbox reports: Lists the details of all Exchange Online
shared mailboxes.
Enhancements:
- All computers report displays BitLocker status as well.
- While configuring workflow requesters, it is now possible to exclude child OUs from the selected
OUs.
- AD explorer also displays BitLocker status in computer properties.
- If logon hours is among the data generated in a report, the exported copy contains logon hours as
well.
- User modification rules now let you configure conditions to automatically update Terminal Services
user profile and home folder.
- Disable/delete policy includes options to disable Lync/Skype for Business user account, remove EUM
address, and remove direct reports.
- The support for Office 365 licenses has been extended to:
-Bulk user creation via CSV import: You can now use the CSV import
option to assign Office 365 licenses while creating users' AD and Office 365 accounts.
-User creation rules: You can configure a user creation rule such
that if a certain condition is fulfilled, a specific Office 365 license must be automatically
assigned to the user account being created.
Additionally, the drag-n-drop feature now includes an option to not
create users in AD if any of the selected licenses are no longer available.
Fixes:
The following issues have been fixed in this release:
- Error in exporting and scheduling Office 365 user reports when user count exceeds 13000.
- Issue in configuring multi-valued proxy addresses.
- Email Address not being accepted as CSV file header while assigning or revoking Office 365 licenses
via the CSV import option.
- The properties of desired dynamic distribution groups not being displayed via the search AD objects
option.
- In single group creation, inability to assign a user from the child domain as manager.
- Automation not getting executed when an automation policy with user creation as instant task and
any other activities as successive tasks is implemented in it.
Highlights of Build 6560 (Released on March 2017)
New Features:
- Exchange Online (Office 365) distribution group and mail-enabled security group
modification: This new capability allows you to modify distribution groups or
mail-enabled security groups present in Office 365 environment.
- Enabled computers report: View all the enabled computers in your organization
using this report. Based on your need, you can generate this report for the entire organization or
only specific OUs, and also export it in multiple formats (HTML, CSV, PDF, EXCEL, etc.). Right from
this report you can also manage (disable, move, delete, reset, etc.) the desired computers from the
ones displayed in the report result.
- User creation capability in iOS mobile app: Now, you can also create user accounts
in AD right from your mobile devices using the iOS app. Further, while creating users, you can even
select the desired user provisioning template to create user accounts exactly as you need them, as per
your requirements.
Enhancements:
- File server permissions management: Managing NTFS or
Share permissions becomes even simpler and easier with the capability to:
- Copy the permissions assigned on any shared folder and use it for configuring the permissions on
another shared folder.
- View all the existing permissions on the desired shared folder.
- View a summary of the permissions that were assigned on any shared folder or file server, after
updating or modifying the permissions on them.
- Preview the new permissions that will be updated on the specified shared folder.
The permission management window has also been revamped with a more intuitive UI for quicker, and
easier management of permissions.
- Exchange Server management:
- For Exchange Server 2010 and later versions, the address book and managed folder mailbox policies
can also be assigned to the mailboxes of the user accounts right while creating the user accounts.
- Enable or disable outlook web access for devices for users' mailboxes, in Exchange Server 2013 and
later versions, using the user creation and modification features.
-
New options in Delegation:
- File server permissions management has been added to the delegation module; you can now delegate the
rights to manage the permissions of any shared folder or filer server to any user.
- Track the share or NTFS permission changes of shared folders and file servers with the built-in
audit reports.
- Export the technician and admin audit reports in CSV, PDF, HTML or Excel format, as needed.
- Specifying a custom naming format for email addresses in the single user
modification feature.
- Support for V5 and V6 profile folders management (create, move, and
delete).
- In custom naming formats, it is now possible to add random numbers and
also remove specific characters.
Fixes:
The following issues have been fixed in this release:
- Help desk audit report returning multiple objects in the search result,
even if only a specific object name is mentioned in the search.
- 'Copy user attributes' option not being visible to the requesters.
- Issues affecting the performance of Office 365 inactive users report.
- While modifying objects using CSV, the existing values of attributes in
AD are not cleared, even if the CSV file contains empty values for those attributes, and 'clear the
attribute's value in AD if its value in CSV is empty' option is also selected.
Highlights of Build 6550, 6551 (Released on March 2017)
New Features:
- Support for two-factor authentication through Google authenticator, DUO, and email
verification has been introduced. Now secure your ADManager Plus logins from credential exploitation
and brute force attacks with an additional layer of safety.
- ADManager Plus extends support for Spanish, in addition to the currently supported
foreign languages viz. Chinese, Dutch, French, German, Italian and Japanese
Enhancements:
- AD Reports
- Support for custom attributes in Contact reports: The existing custom attributes can now be
mapped to Contact reports. Also, new custom attributes can be added while creating Contact objects
using ADManager Plus.
- Export intelligent AD reports with your brand logo, in line with your corporate identity and
also get a quick overview of the current reporting scenario with the Reports' summary page.
- The contents of the AD reports are now prefixed with serial numbers for easy sorting and better
information organization while exporting.
-
The 'memberOf' attribute has been enhanced with the provision to search and navigate through the
selected groups for better usability and optimized loading time.
-
Scheduled reports have been enhanced with provision to set custom file name for the export. Inline
mail content can be predefined and sent along with the body of the mail when the scheduled export
type is set as html.
-
The UI of Support tab has been enhanced to offer a better user experience. It also includes, provision
for viewing schedules of the upcoming workshops and events.
-
Support has been added for 'OUName' attribute in Group/Computer/Contact modification while
performing a CSV import action.
- Delegation
- Support for appending Groups under the 'Included groups' column along with the existing groups
from OUs or domains that have already been delegated. Higher precedence for removal of the groups
enlisted under 'Excluded groups'.
- You can now set attribute level authorization for 'computer and group modification tasks' while
delegating help desk roles. Fine grained delegation, with provision to restrict group
type-specific access, and support for single group modification has been added additionally.
Fixes:
The following issues have been fixed in this release:
- While provisioning with smart templates, the User Creation rules get set rightly for the first one,
where as the consecutive rules don't get applied.
- In CSV based Bulk User Creation, the values for the 'OUName' and 'department' attributes don't get
set when the value of the 'office' attribute is preset in the CSV.
-
Misaligned notification emails are sent out as a part of the review based Workflow management.
-
Lack of support for using naming formats in the email field when creating a user in Office 365.
-
'Advanced link' missing under the Permissions column in the Permissions for Folders Report.
-
When copying the home folder, the location doesn't dynamically change with the logon name of the user
to be created.
Highlights of Build 6540 (Released on December 2016)
New Features:
- Support for Windows Server 2016: ADManager Plus now extends support for Windows
Server 2016.
- Office 365 group members report: You can now generate a list of all users who are
members of a selected group/groups in your Office 365 environment.
Enhancements:
- Office 365 Management
- Shared Mailbox can now be created only for Office365 environment. To do so, deselect the Active
Directory option under Mailbox Management section.
- Office 365 license management is now enhanced with provision to apply OU filters.
- Office 365 'Unlicensed users' report can now be refined by excluding the Shared, Room, and Equipment Mailboxes.
- The
'User Creation Template' has been enhanced to let you create an 'Archive Mailbox' for your Remote
Mailbox. Provision for adding additional email addresses has also been included.
- Now manage and report on Active Directory objects with 'Multi-valued' custom attributes.
-
Option to set the Keystore password, which will be encrypted for heightened security, directly using
the product UI.
- Automation
- While automating the computer objects, refine the criteria results based on the 'memberOf' or
'distinguishedName' attributes.
- Managing the photo attribute of a user object can now be automated.
-
Workflow has been enriched with the provision for 'Mailbox Creation' and 'Move Home
Folder' options.
-
User creation rules now include the provision to set a value for the office field
('physicalDeliveryOfficeName' attribute).
Fixes:
The following issues have been fixed in this release:
- XSS vulnerability in Employee Search.
- Lack of support for adding multiple admin email addresses in the Server settings of the Admin tab.
-
The delegated helpdesk technician who has access only to view specific OU is shown the count of all
users of Active Directory on the dashboard, erroneously.
-
Erroneous change of default domain to an another domain both in the AD Explorer and the Home tab when
it's been selected just for viewing.
Highlights of Build 6530 (Released on October 2016)
New Feature:
- Computer management and reporting capabilities in mobile apps: If
you are on the latest version of ADManager Plus
iOS or Android app, you will be able to manage and report on AD computer objects from your mobile
devices.
Enhancements:
- 'Permissions for folders' report now allows you to:
Generate results for multiple folders, shares, or servers at once.
Fetch
permissions for multiple home folders.
View details of the 'members' attribute
-
'Folders
accessible by accounts' report can now be generated for an entire server.
-
Office 365
reports can now be auto-generated and emailed via the report scheduler.
-
Automation policy
includes an option to regenerate the associated report before executing each successive task. That
is, in
an automation policy where the list of objects to be managed is fetched from a report, you can now
regenerate the report right before executing each successive task. Only those objects that are
available in both the reports— the
one generated at the time of creating the policy, and the new one— will
be affected by the automation.
-
'Send
as' permissions can now be set for multiple Exchange users at once, using the 'delivery options'
feature under bulk
user modification.
-
Help desk
technicians can now be prevented from copying a user's attributes or changing the modification
template during the user modification process.
Fixes:
The following issues have been fixed in this release:
Highlights of Build 6520 (Released on September 2016)
New Feature:
Enhancements:
-
The user creation templates will
also list the new Office 365 licenses added after the template was created.
-
Naming formats now have enhanced customization options.
-
Option to check for duplicates of attributes
such as logon name, mail, etc. during user creation can
be enabled from the database.
-
Option to hide or show the 'logon to' option in the login page.
-
Organizational units (OUs) can now be renamed in bulk using the CSV import option.
Fixes:
The following issues have been fixed in this release:
-
The order of execution of tasks defined in automation policies getting changed.
- Legacy mailbox being created during user creation when 'automatic' is specified in the mail server
field in a template.
- Synchronization issue in generating members list in the 'all groups' report.
-
Issues in specifying email addresses using user creation rules.
-
If date value is specified as 'end of a specific date'; in the reports, it is displayed as one day
later than the specified date.
- 'Copy user attributes' option enables a help desk technician to copy all values in the memberOf
attribute of a user, including the groups to which the technician doesn't have access permissions.
Highlights of Build 6510 (Released on August 2016)
New Features:
- Exchange auto-reply settings:
ADManager Plus provides a GUI-based capability to configure automatic replies for the emails sent to
your users' Exchange mailboxes,
which offers options to:
-
Enable/ disable automatic replies to
senders
from your organization.
-
Enable/ disable automatic replies to senders
from other organizations.
- Send
different replies to senders from your organization and to those from other
organizations.
- Specify
the time period during which automatic replies must be sent.
- Support for custom attributes in computer creation: The existing
custom attributes can now be mapped to computer creation as well. Also, new custom
attributes can
be added while creating computer objects, in single or bulk, using ADManager Plus.
Enhancements:
-
Workflow has been enriched
with the following enhancements:
- Requesters
now get an option to cancel the requests that they create.
-
Email notifications sent to workflow technicians now include a link to access the relevant
request instantly.
-
Notification settings now include three new macros using which you can add the reviewer,
approver, and executor details in the notification message.
- All
changes made to the objects in a workflow request will now be audited.
-
For the users that will be disabled/ deleted using ADManager Plus, the 'disable/ delete policy'
includes the following actions as well:
When
an AD user account is disabled, you can also:
-
Disable the user's Google Workspace account.
-
Revoke the user's Office 365 license.
When
an AD user account is deleted, you can also:
-
Delete the user's Google Workspace account.
-
Delete the user's Office 365 account.
-
Option to configure the 'reset password policy' in ADManager Plus database for automatically
resetting users' Office 365 and Google Workspace passwords, whenever their AD passwords are reset.
Fixes:
The following issues have been fixed in this release:
-
Error in setting proxy addresses if givenName contains space(s).
- Inability to assign values for the custom attributes: msExchExtensionCustomAttribute (1-5) and
msExchAddressBookPolicyLink.
- During user
modification, the changes made to a user's mail alias not being reflected in the email address, when
the recipient policy specifies
alias as the local part of email address and the option 'automatically update e-mail addresses based
on recipient policy' is selected.
-
Error in user creation with Exchange properties if the user account gets created in one DC and
Exchange connects to another DC to configure the Exchange properties, due to a replication issue
between the DCs.
Highlights of Build 6500 (Released onJuly 2016)
New Features:
- Smart card authentication: The use of smart cards/ PKI/ certificates has
been enabled as additional options for ADManager Plus login. If
you have such an authentication system configured in your organization, ADManager Plus can be
configured to authenticate users through it,
bypassing other first factor methods.
- Support for Exchange 2016: With this release, ADManager Plus supports
management and reporting on Exchange Server 2016 environment as well.
- Google Workspace
reports: These
new reports provide detailed information such as, all users, active users, and suspended users in
your Google Workspace environment.
- Copy automation: It
simplifies the creation of new automations by allowing you to copy the settings of an existing one
and eliminating the need to create a new one from scratch. The newly created automation can then be
modified, as per requirement.
Enhancements:
-
Automation now includes the following:
New tasks:
- Modify users using templates
-
Disable, disconnect, or delete user mailboxes.
-
Hide from Exchange address lists.
-
Create groups using templates.
-
Create contacts using templates.
New
options:
-
Exclude child OUs from the selected OUs, while specifying the scope of a task that should be
executed automatically.
-
'Run now' to instantaneously run any automation from the list of scheduled automations.
-
'User can't change the password' and 'set password never expires', while automating the 'reset
password' task.
-
While
creating a user account in Google Workspace, its group membership and the organizational unit
where it must be located can also be specified.
- While managing a workflow request that was
created via automation policy, an option to remove objects either from that particular request, or
from all the requests generated by that automation policy, is provided.
- Bulk
modify templates option allows modification of more fields such as, Google Workspace, Office 365,
and Lync attributes.
- Report scheduler now includes an option to
exclude the child OUs while specifying the OUs for which the reports have to be
generated.
- Using ADManager Plus' iOS mobile app, you can now:
- - View all the workflow requests that you have created.
- - View all open requests, among the requests assigned to you.
Fixes:
The following issues have been fixed in this release:
-
Inability
to generate 'NTFS permissions for folders' report of a domain when authenticated with its child
domain's credentials.
- In help desk audit reports, SID being displayed
in place of distinguished name for a cross-forest group member, when
listing group management actions performed by technicians.
- inetOrgPerson object class not being supported
in 'group members' report.
-
Issue
in starting the product after service pack installation if database has been migrated to MS
SQL.
-
Error
in report generation if only multi-valued attributes are selected (in add/ remove columns) to be
displayed.
- In user modification templates, issue in applying a modification rule when 'select container' is
specified in the conditions field.
Highlights of Build 6380 (Released on June 2016)
New Features:
- Move contacts: You
can now move contact objects from one container (organizational
unit) to another. As per your need, you can:
- Move
a single contact.
- Move
multiple contacts at a time.
- Use
CSV import to move contacts in bulk.
- Copy schedule: This feature
simplifies the creation of new report schedules by allowing you to copy the settings of an existing
schedule. The settings can then be modified, as per requirement.
- ADManager
Plus mobile apps (v2.0) now support workflow and important user reports:
Using
the latest version of ADManager Plus iOS and Android apps, you can view and manage workflow
requests, and also execute the tasks requested. Furthermore, you can generate the user reports -
'locked out', 'disabled', 'password expired', and 'inactive' - as well as perform the required
management actions right from these reports.
Enhancements:
- Automation now provides the flexibility to either overwrite or append the values of user attributes
while modifying user accounts.
- Report
Scheduler now allows you to:
-
Select
multiple inputs while scheduling 'group
members', 'users
with empty attributes',
and 'OS-based computers' reports.
- Schedule
'shares in the servers' and 'permissions for folders' reports as well.
- User creation templates now offer a new option - Creation Rules.
It can be used to specify the attributes that should automatically be updated with predefined values
whenever a user account is created. It
also offers an option to set up conditions, which on
being satisfied, shall
auto-populate the specified fields in
the user account being created.
- Single user modification also includes Copy
User Attributes option.
- 'Shares in the servers' report also displays NTFS and share permissions in
the file when
it is exported to the desired format.
- Custom attributes can now be used as a filter:
-
In Report Scheduler, to refine the report results.
-
In Automation, while specifying the objects to be managed.
- Enhanced UI for selecting values
in department, title, company, and office attributes:
- Navigation
arrows to view the
next thirty entries in the list.
- Predictive Search option
to easily locate the desired entry. The search settings can
be enabled/disabled from the Admin tab.
- 'Detailed group members' report now also lists cross-forest
members.
Fixes:
The following issues have been fixed in this release:
- While modifying an automated task or policy, inability to remove the selected report (that lists the
objects on which the automated task or policy has been applied).
- Inability to enable or disable display of well-known security principals while creating a File
Server Management help desk role.
- Inability
to copy any of the user attributes when memberOf is included in the list of attributes to be
copied.
- Issues in the
email delivery of 'inactive users' report.
- 'Lync
Online' being displayed in place of 'Skype for Business Online' while assigning Office 365
licenses.
Highlights of Build 6371 (Released on May 2016)
New Features:
- Dynamic distribution group creation feature allows you to create query-based distribution groups in Active Directory. This feature also includes customizable dynamic distribution list creation template for standardizing and streamlining the group creation process.
- Room mailbox management: You can now create new room mailboxes in both on-premise
Exchange Server as well as cloud-based Office 365, from a single window. This feature also offers
the capability to modify room mailboxes in Exchange Server. Also, to simplify the process of creating and modifying room
mailboxes, this feature offers customizable room mailbox creation and modification
templates.
- Equipment mailbox management: This feature enables you to create new equipment
mailboxes in Exchange Server and also Office 365. You can also modify an existing equipment mailbox
in Exchange Server using this feature. This feature also includes configurable equipment mailbox creation
and modification templates, to help you fine tune the process of creating and modifying
equipment mailboxes exactly as per your needs.
- Disable policy allows you to define
a set of tasks (deleting home folders, profiles, disabling mailboxes, execute a script, etc.) that
must be executed when any user account is disabled. Further, this feature also allows you to create
domain-specific disable policies.
- BitLocker enabled computers report
to identify all the computers for which BitLocker is turned on. You can view this list for multiple
domains using one report.
Enhancements:
-
Delete Policy now includes new options which allow
you to move remote home folders, and also execute a custom script, to perform any specific action,
while deleting a user account from Active Directory.
- The 'Manager can update members list' option can now be enabled during bulk or CSV-based
creation and also modification of groups.
- The protect from accidental deletion option is now included in both the single and bulk OU creation
features.
- The automation feature now allows you to add or remove computers from groups.
- The scheduler for detailed group members report now features more options to offer more
flexibility in specifying the report generation time and frequency.
- The 'BitLocker recovery keys' report now displays the computer name as well.
- Shared mailbox management now includes customizable templates for creating and modifying shared
mailboxes.
Fixes:
-
Issue in disabling users via automation is now fixed.
-
Issue in removing the objects to be managed from a
request that is yet to be executed is fixed.
-
While creating an account provisioning template or
editing an existing one, the read-only fields will now be displayed distinctly, to easily
distinguish them from the editable ones.
Highlights of Build 6361 (Released on Mar 2016)
New Feature:
Remote mailbox creation: You can now configure
remote mailboxes while creating new accounts for users, individually, as well as, in bulk.
Highlights of Build 6360 (Released on Mar 2016)
New Features:
- Delete users' remote home folders and roaming profiles: You can now
easily delete users' remote home folders or roaming profiles, or both, in bulk.
- Move or delete users' Terminal Services home folders and profile
paths: This feature allows you to delete or move the Terminal Services home folders
or profile paths for multiple users at once. Also, while moving the terminal services home
folders or profile paths, you can choose to retain a copy of them in the original location.
- Help desk technicians report: This report lists all available help desk
technicians, along with details like their delegated domains and OUs,
roles, management and reporting tasks, etc. It also offers filters to view:
- the settings of any specific help desk technician. Or,
- all technicians matching a specific criterion (like delegated domains, delegated tasks, etc.).
The report can also be exported to CSV, PDF, XLSX, and HTML formats.
-
GUI-based configuration of high
availability setup: You can now configure the settings of various components
(primary server, backup server, and virtual IP to access the server) required to ensure high
availability of ADManager Plus server from the GUI-based console.
Enhancements:
Fixes:
-
In modification templates, issues while applying
modification rules when OU is specified as a condition.
-
Inability to assign templates to workflow requesters
by help desk technicians.
-
OU selection pop-up taking a long time to load child
OUs.
-
In help desk technician audit report, passwords of
the user accounts created by the technician not being displayed in the 'details' of the action
performed.
-
Inability to add proxyAddresses as custom attribute
during group creation.
-
In help desk reset password console, need of an 'all
domains' option in the domain search field to list users from all the domains configured.
-
In help desk password reset console, the option 'user
must change password at next logon' not being a default selection.
-
In bulk user modification, error while importing a
CSV file containing employeeID attribute.
Highlights of Build 6350 (Released on Jan 2016)
New Features:
Support for Windows 10: With this release, ADManager Plus
extends support for Windows 10 as well.
Enhancements:
- Exclude nested groups from Group Members report: You can now choose to generate
Group Members report of specific groups with only the members belonging to that particular group, i.e.
without nested group members, appearing in the report.
- New time-based filters for reports: While generating time-bound reports like
recently created groups, recently expired user accounts, and so forth, you can now easily specify the
precise period for which you need the reports using options such as, today/yesterday, on/before/after a
specific date, last 'n' days, this week/month, any custom period, etc.
Fixes:
The following issues have been fixed in this release:
- Issues in listing the NTFS permission for folders located in DFS
environment.
- Error while modifying a user's Exchange mailbox server and store
settings.
- Error while applying retention policy during user creation.
- While creating titles, departments, offices, and companies, duplicate
values were being created if spaces were left after an entry.
- Inability to export memberOf attribute from a report to csvde format.
- Issues in provisioning users in Office 365 while creating mail or mailbox
enabled users in Active Directory.
- Issues in applying email address policy while creating mail enabled
groups.
Highlights of Build 6340 (Released on Dec 2015)
New Features:
Skype for Business (Lync 2015) Management & Reporting: Besides Lync 2010 and 2013,
you can now manage and report on user accounts in Lync 2015 / Skype for Business (SfB) as well. That is,
right from ADManager Plus' console, you can now:
- Create SfB/Lync user accounts, along with all relevant settings / policies (Telephony,
Conferencing policy, External access policy, etc.)
- Enable/Disable/Delete SfB or Lync user accounts
- Modify the SfB/Lync policies (Conferencing, Archiving, and Telephony) of specific users
- Identify all SfB/Lync enabled or disabled users via pre-defined reports
Manage AD User Photos: This feature enables you to manage the profile pictures of
Active Directory users individually, as well as, in bulk, by allowing you to:
- upload new pictures
- crop existing pictures
- replace existing photos with different ones
- delete pictures
Enhancements:
- Displaying users' AD attributes in Office 365 reports: Besides users' O365-specific
attributes, the Office 365 reports now also display their important AD attributes such as SID, SAM
Account Name, OU Name, Object GUID, etc.
- ADManager Plus now uses an upgraded version of Tomcat for enhanced reliability and security.
Fixes:
The following issues have been fixed in this release:
- Issues in adding cross-forest members while creating and modifying
groups, in single and in bulk.
- Exporting 'users in groups' report to xlsx results in the downloaded
file's name being cluttered with special characters.
- Product crashes while modifying the 'memberOf' attribute of users, if the
DN of the group exceeds 260 characters.
- While trying to create Exchange mailbox, legacy mailbox gets created
instead, if there are issues in establishing remote PowerShell session.
- Recovery mailbox database appears in Mailbox Store drop down list.
Highlights of Build 6330 (Released on Nov 2015)
New Features:
Shared Mailbox Creation and Modification features enable you to create and modify
shared mailboxes in both, on-premise Exchange Server, as well as cloud-based Office 365, from a single
console.
Copy Technician feature allows you to copy all the settings (delegated roles, assigned
templates, and the domains/OUs/groups that can be managed) of any help desk technician, and use those
copied values to create a new technician; eliminates the need for creating a new one from scratch.
Admin Audit Report helps in auditing all the changes made to a help desk technician or
a help desk role's configuration, by listing all actions (creation, modification, and deletion)
performed on it, along with details such as, who made the changes, the date and time at which they were
performed, etc.
Enhancements:
Bulk Management of Help Desk Technicians: The Active Directory (AD) delegation feature
now allows you to create and modify help desk technicians in bulk.
-
Create new Help Desk Technicians in bulk, by delegating the required roles and OUs to
all the relevant AD users, at once.
-
Bulk Edit Technicians allows you to modify multiple help desk technicians (add/remove
roles, templates, and OUs assigned to them) in one go, making management of help desk technicians
easier and quicker.
Export technicians and roles option allows you to export the details of all existing
help desk roles and technicians to html, pdf, and excel formats.
Fixes:
- The issue of Office 365 license count not being shown correctly has been fixed.
- CSV import now supports the creation of computers and contacts in different OUs, as required, using
'ouName' as CSV header. (In previous versions, bulk creation of computers or contacts could only be
done in one OU at a time.)
- Issues in bulk deletion of titles, departments, offices, and companies have been sorted.
- In Automation, custom attributes can also be imported via CSV files.
Highlights of Build 6322 (Released on Oct 2015)
New Feature:
- Computers not in groups report displays all the computers that do not belong to (not
members of) any of the Active Directory groups that you specify.
Enhancements:
- View common members of the specified groups - The 'detailed group members' report now features an
option to list the members who are common (part of) to all the selected Active Directory groups. In
other words, this option fetches all the users, groups, computers and contacts which are members of all
the specified AD groups.
- More options for deleting AD users; you can now locate and delete the desired AD user account using the
'single user modification' and 'AD Explorer' features too.
- New values appended to the Title, Department, Office and Company fields in AD directly will be
automatically updated in ADManager Plus ( at 0100 hrs everyday), and available for selection in the
relevant user management features.
(If you wish to immediately update and use a new value for any of these fields immediately, you can add
the desired value manually in ADManager Plus's Admin tab.)
- While reviewing, approving or executing the user creation requests, in the workflow, the corresponding
technicians can now change the template specified in the request to a different one, as needed.
- While assigning managers for AD objects, besides users it is now possible to select a group or a
foreign security principal as well as managers.
- During bulk creation of new contacts, groups and computers, you can now set the values for their custom
attributes as well.
- Logo customization option to personalize and rebrand ADManager Plus by replacing its logo with your
organization's logo.
Fixes:
The following issues have been fixed in this release:
- Unable to delete users via the delete option in the 'disabled users report'.
- Domain name not being displayed in the 'permission for folder' report while selecting the required
shared resource's path.
- Product crashes whenever a management action is performed on users with a lengthy DN (>250
characters).
- Proxy addresses and extension (custom) attributes of users and groups not being displayed in
Exchange reports.
- The 'check all' option not working as desired in the 'inactive users report'.
- Issues in 'permissions for folders report': not being able to type the shared folder path, and
unable to generate this report for a custom level (number of folder levels).
- Error in adding proxy address in formats other than SMTP, such a X.400, X.500, etc., during creation
or modification of AD users, groups and contacts.
- Help desk technicians not being able to configure the delegated fields while creating new contacts
via bulk contact creation.
- The necessity to use the same password format for all the users while creating new users via the
bulk user creation feature (you can now specify different password formats for different users).
- Error in configuring Google Workspace accounts.
Highlights of Build 6310 (Released on Jul 2015)
Enhancements:
Grant 'SendAs' permission to Active Directory (AD) users during user creation and
modification: You can now set the 'Send As' permission for users right during their onboarding
process, in single or in bulk, using the new option added to the single and bulk user creation features;
you can configure the 'Send As' permission for existing users too using the single user modification
feature.
Flexible CSV-based modification of AD objects:The CSV import
feature has been enhanced by adding the following options to offer more flexibility for modifying AD
objects:
- - For multi-valued attributes: you can choose to either append the values specified in the CSV file
to the attributes' existing values in AD, or overwrite their existing AD values with the values
specified in the CSV file.
- - If the value of an attribute in the CSV file is empty, you can now choose to either clear the
attribute's existing value in AD, or retain its current value in AD, as per your need.
Bulk modification of user creation templates: This option allows you to make the desired
changes to multiple user creation templates at once. For example, consider the case where you wish to
standardize the naming format for the logon name in a specific set of templates. Instead of modifying
the relevant templates one after the other, you can set the desired naming format in all the relevant
templates in a single action, using this option.
Fixes:
The following issues have been fixed in this release:
- Issue in configuring the 'Enhanced Presence' setting for users in LCS/OCS
- Error in exporting report data to XLSX format if the report contains date-related fields
- 'User Forum' link in the Support tab not being visible after enabling SSL
- Error when a help desk technician tries to add AD users/computers to groups
Highlights of Build 6300 (Released on May 2015)
New Features:
OU (organizational unit) Management provides the ability to perform the following
tasks via ADManager Plus:
- Create OUs
- Modify OUs
- Move OUs
- Delete OUs
OU management also offers:
- - Bulk creation and management of OUs via CSV import
- - Customizable OU creation templates which allow you to fine tune the OU creation process
to exactly meet your organizational demands
- - The ability to create a new parent OU, and then create the required OUs inside it.
Report from CSV: This report helps in viewing the Active Directory information of
existing user and computer accounts. You can import the list of desired users and computers from a CSV
file into ADManager Plus, which then extracts and displays the Active Directory details of those
accounts.
This report also features an option to refine its result based on specific attributes mentioned in the
CSV file; you can also customize the report by choosing the specific fields (columns) that you wish to
view in the result.
Exchange ActiveSync Policy Management allows you to assign the appropriate ActiveSync
policies for users, right while creating new accounts for them in Active Directory and MS Exchange
Server. You can apply the ActiveSync policies while creating new user accounts in single and also in
bulk.
Exchange Archive (online and on-premise) Management offers the flexibility to create
archive mailboxes for users either on the cloud or on premises. Using this feature you can create
archive mailboxes for users simultaneously while creating their Active Directory accounts and Exchange
mailboxes; you can also enable archiving for those users who already have Exchange mailboxes.
Enhancements:
ADManager Plus now automatically synchronizes itself with the details of OUs and contact objects that
are created or modified in Active Directory. This synchronization happens periodically throughout the
day. Whenever needed, you can also manually synchronize the details of:
- All new and modified OUs and contact objects in Active Directory using the update dashboard
(in Dashboard) and update domain objects (in Domain Settings) options.
- Only the modified/updated OUs and contact objects in Active Directory using the refresh
option (in Select Container popup window while selecting the OUs for management and
reporting).
Active Directory reporting has been enhanced with:
- Addition of: add to group, remove from group and move objects, to the list of management tasks that
can be performed from reports, via the 'More Actions' option present in them.
- A revamped UI (layout) in reports for viewing the report results (objects fetched by the report).
- Performance improvements for faster report generation
The report scheduler features a 'Run Now' option to allow ad-hoc execution of any existing
report schedule.
Fixes:
- HttpOnly setting has been enabled to fix security vulnerabilities.
- Database cleanup issue is now fixed.
- Issue in applying Exchange mailbox retention policy has been corrected.
- SSL v3 has been disabled to guard against security vulnerabilities.
- Issue in displaying entries under Titles and Departments (located in Admin Tab) in
sorted order while adding new entries to the list is now fixed.
- Reports will now be adjusted (resized) to printable format while exporting them.
- Group members report's group selection popup window now allows removal of all the selected groups at
once.
Highlights of Build 6290, 6291 (Released on Apr 2015)
New Features:
Filters in Report Scheduler: ADManager Plus now offers filters using which you can
customize the Active Directory reports exactly as per your needs, while scheduling them.
Enhancements:
- Intensifies security with fixes for security vulnerabilities by updating its JRE (Java Runtime
Environment) to 1.7
- Offers greater flexibility in selecting the objects to be managed via Automation, by adding more
attributes/fields to the filters in its report library.
Fixes:
This release includes fixes for the following issues:
- Headers are repeated for every 5000 rows while exporting the reports to CSV format.
- The first sheet has 5000 rows and the subsequent sheets have only 150 rows each while exporting the
reports to XLS format.
- While a request is created through Workflow/Automation for bulk user creation via CSV, user details
are not displayed in the 'view objects' link in the request if template name is mentioned in the CSV
file.
- Helpdesk technicians are not able to unlock user accounts that are locked out.
- ADManager Plus mobile app displays locked out user accounts as not locked (lockout status: false).
Highlights of Build 6280 (Released on Feb 2015)
New Features:
Office 365 License Management helps you assign, replace or remove the licenses of
multiple AD users who are enrolled in Office 365, in one single action. Further, to make it easy for you
to specify the users whose licenses have to be modified, this feature provides an option to import the
list of users from a CSV file.
Copy AD Group feature allows you to copy the attributes/settings of any group in your
Active Directory and use the copied values to create a new:
- Distribution or Security group in AD, or
- Group creation template
This feature also gives you the option of copying either all the attributes or only specific attributes
such as the container, group type/scope, memberOf, members, etc., from the desired group.
LDAPS Support which allows you to communicate securely with the Active Directory.
Enhancements:
- Reinforced security: This release fortifies the protective mechanism with a fix to guard
against the CSRF vulnerability.
- Additional input field types for Custom Attributes: To make it easy to specify the values
for custom attributes, you can now pick the most appropriate input field type from the new options
such as combo box, editable combo box and date picker.
Fixes:
This release includes fixes for the following issues:
- Not being able to logon using the password obtained through random password generation.
- Helpdesk technicians' description getting replaced with the description mentioned in AD.
- Error in generating the Licensed O365 users report.
- Not being able to view all the configured File Servers in File Server management.
- Error when using %sAMAccountName% as SIP URI format for Lync enabled users.
Highlights of Build 6271 (Released on Dec 2014)
New Features:
'Reactive' Group Modification Template: These templates help you standardize the
process of modifying AD groups and also automatically populate specific attributes during the single
group modification process via:
- - Customizable Layout: With simple
'drag-n-drop' actions, you can place only the desired attributes in the templates; you can also make
any attribute editable, read-only or hidden during the modification process. With customized
templates, you can provide role-based access to helpdesk technicians for modifying AD groups
- - Reactive modification rules: You can
configure conditions to be checked whenever an AD group is modified and auto-update specific
attributes, if the conditions are satisfied. These rules are triggered in the background whenever a
group is modified and the specified fields are automatically populated with appropriate values.
Enhancements:
- Cross-domain support in single group creation and modification - you can now add users and
also contacts from different domains as members of a group; also, you can now add contacts to groups
via single group creation and modification.
- Reset computer accounts feature to help you reset the passwords of computers that cannot
connect to the domain as they cannot be authenticated by the domain controller
- Multiple group selection in 'Users not in groups' report: You can now select multiple
groups while specifying the ones based on which this report has to be generated; fetches all the users
who are not members of any of the specified groups
- Enhanced random password generator: the password policy now offers advanced options like
exclude characters, dictionary words, etc. for more efficient and secure password policy generation,
in compliance with the organization's password policy
- Users with empty attributes report now brings custom user attributes also under is scope; will now
fetch users even if their custom attribute is empty
- Enhanced error indicators for the failed CSV-import operations now offer detailed error
messages for greater understanding about the reason for the error.
- While performing single user modification, you can now sort the list of users displayed
alphabetically, to locate the desired user without much effort.
- The AD objects search, located inside the product, now lists the objects in the search result in
alphabetical order.
Fixes:
This release has fixes for the following issues:
- Not being able to disable and move user accounts via automation.
- Issues in helpdesk technician not being able to reset passwords
- Not displaying the names of requesters (users) who are not helpdesk technicians, while configuring
the assigning rules
- Issues in updating the 'Country' attribute of users in AD via bulk user modification
- Product does not start when Java crashes due to 'out of memory'
- 'No Lync server found' message being displayed in the user creation templates randomly
Highlights of Build 6260 (Released on Nov 2014)
New Features:
Inactive Office 365 users report: This report lists all the Office 365 users who have
not accessed their Exchange Online mailboxes during the specified time period.
CSV-based computer modification: This feature helps you modify the attributes of
Active Directory computers, in bulk, by importing a CSV file which has the list of computers and their
attributes to be modified.
Computers with duplicate attributes report: This report displays all the computers
which have duplicate values for the specified attribute.
Enhancement:
OS filter in OS-based computers report: While selecting the operating systems to
generate the OS-based computers report, you can use this filter to view the list of only the server
operating systems or all the operating systems (server as well as client versions) used in the
organization.
Fixes:
The following issues have been fixed in this release:
- Issue in setting the Dial-in attribute's value for AD users via single user modification
- Names of objects modified via bulk user modification feature (using a CSV file) not being displayed
in helpdesk audit reports
- Issue in selecting the required domains for generating the photo-based users report
Highlights of Build 6250, 6251 (Released on Oct 2014)
New Features:
Exclude Child OUs filter: For AD management/reporting tasks, this filter allows you to
precisely select the particular OUs only in which the specified management/reporting tasks have to be
executed, by allowing you to exclude their child OUs from being modified/affected by the task.
'Remove users/computers from all groups' option: For pruning the group membership of
user and computer objects, instead of going through the list of each group that they belong to, and then
removing them from all the irrelevant groups one by one, you can use this option to remove them from all
the groups that they are currently members of, and then add them only to the desired groups.
Copy Help Desk Role: You can use this feature to create a new helpdesk role by just
copying the settings of an existing helpdesk role. Instead of creating a new role from the scratch, this
feature allows you to use any existing role as a building block for creating a new role.
Fixes:
- In automation, issue in removing a filter criterion when the value contains special characters has
been fixed
- Helpdesk technicians not being able to change admin passwords which contain special characters has
been fixed
- When applying custom templates, issue in providing a longer user logon name, like a logon name
consisting of 20 characters, is now fixed
- Issue of helpdesk technicians, with super-admin privilege, not being able to access the support tab
is now rectified
- Custom attributes now support multi-value proxyAddresses in single and bulk user creation as well as
single user modification
- Issues in exporting scheduled report to Excel is now fixed
- Issue in denying the 'set as primary group' option during single user creation and single user
modification is now fixed
- Issue in automatic selection of mailbox servers is fixed; this option is now available for Exchange
Server versions 2010 and later
- Changes to domain name not reflecting in the Exchange tab during single user creation is now fixed
- Performance issues in single user modification have been rectified
Highlights of build 6241 (Released on Aug 2014)
New Features:
Google Workspace User Provisioning: You can now provision Google Workspace user
accounts, automatically, via ADManager Plus. Along with the existing Office 365 user creation ability,
this feature makes it easy to manage the users' identities in the cloud.
BitLocker Recovery Keys Report: This report helps in unlocking or recovering data from
the drives, which are protected by BitLocker encryption, by fetching their corresponding volume and
recovery GUIDs, recovery passwords and also their Key Packages in downloadable format.
Photo-based User Report: This report helps you identify the Active Directory users who
have a profile photo. This report also helps you zero in on the users who don't have a profile photo.
Fixes:
- Issue in displaying the default domain during group management operations has been fixed
- Issue in execution of automation when new files are added to a shared location, which is already
being used is fixed now
- Empty reports issue in scheduled generation of audit reports is now fixed
- Issue in generating computer reports from MSSQL database has been fixed
- Issue in removing a distribution group during contact modification is fixed now
Highlights of build 6230 (Released on Jul 2014)
New Features:
Office 365 Reports:You can now obtain vital details about all the users, groups and
licenses of your Office 365 environment using the following new reports:
- All Users: This report gives you the list of all the users in your Office 365 setup.
- License Details: License-specific information such as the list of all licenses, the
corresponding number of active units, number of units used, number of units in warning state,
suspended units, locked out units, etc. can be obtained via this report.
- Licensed Users: This report lists all the users for whom Office 365 licenses have been
assigned, along with the respective list of services assigned to them.
- Unlicensed Users: Using this report you can identify the list of all users who do not have
any license assigned to them.
- All Groups: You can fetch the list of all the groups in your Office 365 environment.
- Security Groups: This report helps you identify all the security groups in Office 365 setup
along with their last DirSyn time.
- Distribution Groups: This report lists all the distribution groups in your Office 365 setup
along with their last DirSync time.
Fixes:
- Issue in opening an exported CSV file, which has Japanese characters, using Japanese version of
Excel is fixed.
- Office 365 user attributes have been updated to include the latest changes introduced by Microsoft.
- Issues in applying multiple rules in user modification templates have been fixed.
- Issue in creating a user with more than one proxy address, when Office 365 settings are configured,
has been fixed.
- HTML injection vulnerability has been fixed.
- When ADManager Plus is started as a service, the issue of browser process not stopping even after
ADManager Plus service is stopped, has been fixed.
- Incorrect account expiry date issue in bulk user modification is corrected.
- Issue in displaying the 'date' field in Excel format has been fixed.
- Issue of 'Reject Message from' value getting changed, when the members attribute of a group is
modified, via single group modification, is fixed now.
- Error in saving the user template after deleting the Exchange tab, if Office 365 is enabled in
ADManager Plus, has been corrected.
- Issue in selecting OU in 'Real Last Logon' report is now fixed.
Highlights of build 6220, 6221 (Released on Jun 2014)
New Features:
Copy User: This feature allows you to copy the attributes/settings of any user account
in your Active Directory and use the copied values to create a new:
- User account
- User creation template
The advantage of this feature is, instead of copying a user account entirely, this feature also allows
you to pick and choose only specific attributes like User Account Control (UAC) attributes, Terminal
Services attributes, Custom attributes, etc., that you wish to copy from a user account.
New group-based reports: Active Directory group reporting gets more detailed with the
addition of these new reports:
- Recently created groups: fetches all the groups that were created during the
specified time frame.
- Recently modified groups: lists all the groups whose attributes were modified
within a particular time period.
- Recently deleted groups: identifies all the groups that were deleted from your
Active Directory within a specific time span.
Fixes
- The 'license details' window will now display the product architecture (64/32 bit) information also.
- In bulk user management, if the 'export as' option is used after performing a task/action, the
report will also display the type of action performed, in addition to other details like the domain
and the objects modified.
- The 'export as' option in Employee Search page can now be hidden by configuring the product database
accordingly.
- The naming attributes (Logon name, Pre-windows logon name and Full name) can also be made silently
active.
Highlights of build 6210 (Released on May 2014)
Enhancements:
- Option to customize columns at the time of report scheduling and sort the reports using
specific columns included.
- Support added for using Microsoft SQL server as a back end database server for ADManager
Plus.
- NTFS report enhanced to handle large volume of data at the time of exporting.
Issue Fixes:
- Issue in deleting memberOf attribute from Group Modification fixed.
- Issue in revoking a role under Security Management handled.
- Issue in listing C Drive in terminal services home directory resolved.
- Issue in increase in db size at the time of report generation fixed.
- Issue with change in Logon name at the time of creating an Office 365 user account
resolved.
Highlights of build 6201,6202 (Released on May 2014)
Issue Fixes:
- Issue in appearance of list of week days, at the time
of report scheduling handled
- Issue in full name containing special character, at the
time of creating a home folder in single user creation, corrected.
- Issue in duplication of row at the time of exporting a
report fixed.
Highlights of build 6200 (Released on April 2014)
New Features:
Support
added for MS Office 365
- Support
extented for provisioning
of user accounts in Microsoft Office 365.
Lync Management and reporting
- You can now modify
policies such as conferencing, archiving and telephony, associated with
a specific Lync User.
- Option to enable,
disable or delete a user from the Lync Server control panel included.
- Reports for Lync
Enabled as well as LCS or OCS enabled users included.
- Reporting capabilities
added for Lync disabled users.
Exchange policy settings
- You can now apply Exchange 2010/2013 policy settings such as
sharing, role assignment, retention, UM Policy and policies on
ActiveSync to appropriate mailboxes.
Others
- Option to enable mailbox archiving included
Enhancements:
- Exchange features
enhanced to support enabling and disabling of ActiveSync (2010,2013) /
User Initiated Synchronization(2003) and MAPI Protocol.
- Multiple 'OS
selection' enabled under OS based reports.
- Reset Password option
under Bulk User Modification enhanced. Separate delegation included for
actions under the same.
- Delegated actions
under 'Bulk User Modification' will hence be displayed based on the
domain selection.
- Single User
Modification templates enhanced to include 'Home Folder' Permissions
- Option to set custom
attributes included under modification rules for 'Single user' and
'Single Contact' modification
- Language settings for
the product can now be configured in 'Personalize' Page.
Fixes
- Issue in setting custom period at the time of scheduling audit
reports fixed.
- Issue in handling special characters at the time of displaying
object properties in AD Explorer corrected.
- Issue in clearing 'memberOf' attribute, post unchecking it in
Bulk User Modification resolved.
- Issue in user identification at the time of modifying 'Deliver'
options in Bulk User Modification handled.
- In 'Permission for folders' report, issue in selecting a computer
object under an OU name containing special characters corrected.
- Issue at the time of creating a department fixed. Leading white
space trimmed.
- Issue in using 'Random Password' type in custom script resolved.
- Issue in creating groups with pre windows 2000 name greater than
20 characters fixed.
- Issue in naming reports, exported in XLS format corrected.
- Issue in displaying groups at the time of domain change resolved.
Highlights of build 6180 (Released on March 2014)
Enhancements:
- Logon Hours Configuration:This new option
in single user creation feature empowers you to specify the appropriate
hours during which a user can login by configuring the 'logon hours'
attribute, right while creating a new user account. You can also set
the desired logon hours for any existing user via the enhanced single
user modification feature.
- Enhanced data selection popups:Selecting
the required accounts for any management or reporting operation gets
even more easy and convenient with the option to select the number of
accounts to be displayed in the pop-ups, displaying the matching
objects even as you key in the name in the search box, etc.
- Improved delivery restriction feature, in
bulk user modification, now allows you to set the desired size limit
for sending or receiving emails either in KB or MB, as required.
Issue Fixes:
- Issues in viewing the 'users in groups' report in Excel
2013 format is fixed.
- Help desk technicians not being able to 'enable/disable'
users via 'single user modification' in specific scenarios is fixed.
- Issue while creating mail enabled users in non-English
Exchange environment has been fixed.
- While creating new users, the issue of naming format fields
sometimes not being displayed as per the specified naming-format has
been corrected.
Highlights of build 6173 (Released on January 2014)
Issue Fixes:
- Employee Search can now be accessed using just the URL,
from anywhere, and not just from the product screen.
- Blank page issue in single user creation, if there are
spaces in the naming format used in the default template or the default
naming format has been fixed.
- The execution history of ADUpdateScheduler (one of the
default schedulers) not showing up in the 'Scheduler History' is fixed
now.
- In single user modification, the issue of User's office
attribute not displaying the appropriate value in Active Directory is
fixed now.
- The issue of User account status being displayed as 'locked
out' even after it is unlocked has been corrected.
- Issue in saving contact creation templates if the
Automatically Update Email Policy option is not selected, is now
fixed.
- Issue in finding users in the 'delivery options' in single
user modification is fixed now.
- In single user modification, issue in modifying the
Requires that all senders are authenticated" and "Hide from Exchange
Address lists" options has been fixed.
- The issue of names being displayed with only one space,
even if naming formats are configured with multiple spaces has been
rectified.
- Issue in creating the homefolder with the desired name if
the naming format is specified using LDAP attributes (%ldapname%) is
fixed now.
- Audit reports not displaying proper homedirectory values
for the 'move homefolder' operation (in bulk user modification) is
fixed now.
- Issue in displaying the Lync conferencing policies properly
in the templates even if the Lync settings have been enabled has been
rectified.
- Issue of Lync servers sometimes not showing up in the
templates is fixed now.
- Not being able to modify a user via the single user
modification feature, if the user has 'Free/Busy Sharing' enabled is
now fixed.
- Issue in modifying mail enabled accounts in Office 365 via
the single user modification feature has been rectified.
Highlights of build 6170 (Released on January 2014)
New Features:
- Logon hours configuration support included under Bulk User
Modification.
- The details of modified attributes included in the HDT
Audit reports. Two new formats introduced to view the report - The
standard view and the summary view.
- Manage Users' Group Membership via iPhone app.
Enhancements:
- Manager Can Update Group members Option included in Group
Modification with that Option.
- Hide / Display Password option included in Admin server
settings.
- 'Move home folder' feature significantly enhanced to
include an option to either delete or retain the existing home folder.
Issue Fixes:
- Issue in Real last logon and Inactive Users report
generation due to high number of DCs addressed.
- Issue in Modifying the Account Expiry Time resolved.
- Problems with selection of child OUs with special
characters in IE handled.
- Issue in removing the description of computer object
handled.
- Issue in modifying a user's primary group using mobile app
has been fixed.
- Issue of difference in time at the time of exporting
'Inactive users' report corrected.
- Fixed issues in copying User Modification Templates with
modification rules.
- Issue in Email validation at the time of saving scheduled
reports cleared.
- Creating Groups with more than 20 characters made possible.
- Lync Server display issue fixed.
- employeeID attribute can now be used to disable users
through Automation.
- Issue in Server Permission Report generation resolved.
Highlights of Service Pack 6.1 SP 6.0 and build 6151:
New Features:
- Lync 2010/2013 support: With this new component
of ADManager Plus's user creation templates, you can configure all the
appropriate Lync server settings for your users even as you create new
accounts for them. While Lync makes intra-organizational communication
swift, the new user creation templates make even the process of
configuring / enabling intra-organizational communication equally swift.
- Exchange Server 2013 support: You can now
configure user mailboxes in Exchange Server 2013 and apply the
appropriate mailbox policies required to govern them as well; use all
the latest features and advantages innate to Exchange 2013 and make
your Exchange mailbox management efficient and top of the line.
- Drag-n-Drop Customization in user creation templates
to fine tune the process of creating new user accounts to fit your
organizational policies and requirements to a T; make any attribute
mandatory, read-only or even hidden as per your needs or based on the
technician to whom you will be assigning the user creation template.
Enhancements:
- LCS/OCS configuration in user creation template:
The user creation console will now have a separate tab exclusively to
configure all the appropriate settings to enable instant communication
in your organization. This feature will enable you to specify the
appropriate value for LCS/OCS and even Lync Server settings from the
same screen.
- Exchange 2010 Policies Support: You can now
configure Exchange mailboxes for the new user accounts that you are
provisioning and also apply the appropriate policies at the same time
using this feature.
- Revamped 'Avoid Duplication' feature to check
for duplication of critical/specific attributes at the desired level
(OU / Domain /Forest) and perform the appropriate operation to avoid
duplicate values.
- Enhancements in 'User Modification Templates':
- Updates to organization attributes (Title, Department,
Offices and Companies) in 'Admin' tab will reflect in user modification
templates that have been already created.
- 'Member Of' attribute has been added to 'Modification Rules'
component in user modification templates.
- Delete users' existing group membership information during
the modification process.
- Unlock user accounts via templates during user modification
process.
- Recursive naming formats will now be supported in users'
description and custom attributes.
- Execute a custom script on successful modification of a user
account.
- Move users' to a different container during user modification
process.
Issue Fixes:
- Polish characters not exported in PDF format.
- Additional email address attribute in 'group creation template'.
- Hiding the new password generated during single user modification.
- Issues in Cleanup scheduler.
- Issues in authorizing HDTs for 'Move Home Folder' action.
Highlights of build 6140 (Released on September 2013)
Enhancements
Automation:
- The scheduler has been enhanced to accommodate more accurate time
frequencies.
- 'Select only the appended objects from the file' option
has been added to help choose only the appended data while importing
records through iterations from a CSV.
- Filters in AD reports have been enhanced to drill down to the
specifics of reported data; Reports can now be filtered based on
attributes such as Primary Group, WhenChanged, whenCreated,
DisplayName, Account Expires, Bad Password Time, Lockout Time, Last
Logon Time, Last Logon Timestamp, Bad Pwd count, and Pwd status.
Issue Fixes:
- Issue in setting Deny permissions over a mailbox during Bulk
User Modification has been fixed.
- Issue in creating Mailbox on Exchange Server 2007 when installed
on Windows server 2012 has been fixed.
- Issue in modifying external email address has been fixed; the
external email address in the additional mail address list will now be
replaced with the newly modified address.
- Issue in using configured custom attribute in CSV while creating
or modifying users via automation has been fixed.
Highlights of build 6130 (Released on August 2013)
New feature:
- ADManager Plus Group Templates standardize the group creation
process. These templates store values and formats that are applied
automatically across all the group objects that are created using these
templates.
- The drag-and-drop option in Group Creation Templates helps
customize templates as per organizational needs to display or hide the
specific tabs or attributes as required.
Enhancement:
- The UI for Single group creation is now more flexible and user
friendly with the fields categorized under General, Group and Exchange
tabs.
- 'Managed by' field added to single group creation can be used
designate managers for the groups.
Issue Fixes:
- Issues in configuring HDT, when many templates, OUs and roles
are assigned to him, have been fixed.
- Issue in setting 'Deny Permissions' over a mailbox while
performing set mailbox rights in Bulk User Modification has now
been fixed.
- Issue in importing 'UTF-8' format files in Automation and
Workflow during user creation/modification (using CSVs) has been fixed.
- Browser issue (IE) that occurs when the number of objects chosen
in 'delegate security role-step 1' is huge, has been fixed.
- The resultant page that occurs after 'user creation using CSV'
will no longer have export option issues in Firefox.
- Local groups will no longer be displayed in the 'add members'
options under Universal distribution group creation/modification.
Highlights of Build 6120 (Released on July 2013)
Enhancements:
Automation
- The actions list has been enhanced. Modify
Users by CSV, Add To Group, Remove From Group actions have now been
added.
- Option to enforce user must change password at next logon
in reset Password action has been provided.
- Filters have been introduced in library of reports for accurate
results.
Reset password console
- A Quick visibility into User's account lock out status while
trying to reset password from the reset password console.
Naming formats
- Option in Naming Formats to define replacement characters
for 'umlaut accent' has been provided.
Employee Search
- Configuration for multiple domains in employee search.
- Export as PDF, excel, html and CSV options for results from
'employee search'.
- Options for attribute-based user/contact search have been
improved.
Issue fixes:
- 'A HDT without permissions to generate a report can do so from
the dashboard when report count is zero' issue has been fixed.
- Special characters issue in HDT role name has been fixed.
- Issue in restoring users when parent OU has been deleted is now
fixed. Users will be restored in the 'users container'.
- Issue in clearing 'show in Address book attribute', when you
uncheck hide from address lists option in single group
modification has been fixed.
- UAC value issue while creating normal accounts through bulk user
creation has been fixed.
Highlights of Build 6110 (Released on July 2013)
Enhancements:
- The value selected by the technicians for 'Show Rows' option, in
all the features that it is available, will now be saved.
- Delete groups option is now available in 'Groups without Members'
report also.
Fixes:
- 'OS Based Report' will now have the operating system of the
customer environment also in the OS list.
- Deleted computers showing up in computer selection pop-up windows
issue is fixed.
- Distribution Groups created with '#' in their name throwing up
'Properties on this object have invalid data' error when opened in
Exchange Management Console is fixed.
- Mismatch in 'password expiry date' in Real Last Logon report for
those users for whom PSO has been applied is fixed.
- Reset Password feature will now display the new passwords
generated as '**********' instead of the actual passwords in the result.
- 'OU' option not working in the 'Advance Filter' of Real Last
Logon report in IE Compatibility mode is fixed now.
Highlights of Build 6100 (Released on June 2013)
New Features:
- File Server Management: Manage the permissions
on multiple File Servers and workstations across your organization in
just one operation. This feature facilitates bulk modification and
removal of NTFS or Share permissions on Shared Folders and their
subfolders.
- Now you can also manage Active Directory 2012
(in Windows Server 2012) using ADManager Plus.
- This build also included support for Windows 8
platform.
Enhancements:
- Remote PowerShell Support for Exchange 2010: Even
from a 32-bit machine and with just PowerShell 2.0 you can now create
mailboxes in Exchange 2010. You can accomplish this even if you do not
have Exchange Management Console (EMC) installed on your 32-bit
machine.
- Performance tuning for Exchange Management.
Fixes:
- Windows 8 and 2012 have been included in OS based Computer
reports.
- Issue in using 'Hide from Exchange Address Lists' option for
Groups has been fixed.
- Issue in fetching information about cross-domain members in
'Detailed Group Members report' has been fixed.
- Issue in setting/updating email address of users through a CSV
file, if it is mentioned as empty in the template being used has been
fixed.
- Error in exporting filtered (partial) results from reports has
been fixed.
Highlights of Build 6012 (Released on February 2013)
New Features:
Enhancements:
- Mailbox Storage Limits specified using single user modification
will be validated based on the version of mailbox Exchange Server.
- 'Automatically update e-mail addresses based on e-mail address
policy' attribute will also be available in reports now.
- Instead of only the OUs from primary domain, OU's of all the
selected domains will be displayed for 'Move Computers' option in
computer reports.
- In Single Group Modification while adding new members, HDTs can
now select Users, Computers as well as Contacts instead of only Groups.
- The complete value of Office attribute will be displayed as the
tool-tip text in User Creation Template.
Fixes:
- Unable to select AD Objects issue to Delegate Security Role while
using Internet Explorer 9 in Compatibility mode has been fixed.
- Select Country option not being saved issue in user creation
template has been fixed.
Highlights of build 6010 (Released on February 2013)
Enhancements
- Date type columns will be exported as date fields while exporting
to excel.
- Migration support for 6001 ,6002, 6003.
Fixes
- Issue in setting dial-in properties during user creation and
modification has been fixed.
- Active sync support issues post 6000 build have been fixed.
- Exporting issues in group members report has been fixed.
- Auditing issues for remove members operation is fixed.
Highlights of build 6001, 6002, 6003:
Enhancements
This release refines 'Report Scheduler' to make it
more efficient with the following enhancements:
- Flexible Schedule Execution Frequency: The
enhanced scheduler provides more options to configure the execution time
and frequency of scheduled reports with flexible time
intervals such as yearly, quarterly, fortnightly, multiple days in a
week, every 15 minutes, etc.
- You can now Disable Email Notifications for
scheduled reports if the reports do not have any data in them.
- Filters are now available in scheduled reports
as well (for Inactive and Password Expired Users reports) to make sure
you get the specific and relevant data that you need.
Fixes
- Blank attachments issue in email notification of scheduled
reports with no data has been fixed.
- Product Installation issues on non-English Operating systems is
fixed.
Highlights of build 6000:
New Features
- Automation: Set up
'end-to-end' automation of any AD task using the 'automation'
feature. Further, with 'automation policy', you can also set
up its time-based sequential follow-up tasks, as per your
organization's requirement. With the 'implement business workflow'
option, you can also set up a controlled workflow-based automation in
which the task will not progress unless the administrator/the
authorized technician gives the go ahead, at each stage of the workflow.
- Single User Modification
with/without templates: It is now possible to modify any
existing single user account, with/without using any 'modification
template'. Using these templates, you can allow the help desk
technicians to view/modify only those fields that they are allowed
to, as per your requirement.
- Single User Modification through
Rules: Specify the fields that should be automatically populated,
whenever a user account is modified by a help desk technician and these
rules will not be visible at all to the help desk technician.
- GPO Management:
With this feature, it is now possible to accurately specify and manage
the GPOs that should be applied to any target location. For any
Domain/OU/Site, administrators can now Enable/Disable GPOs
completely or only the User/Computer configuration settings, Add/Remove
GPOs, Enforce/Unenforce GPOs, and also Block/Unblock
GPO inheritance to Domains/OUs, exactly as required. Plus, view all the
GPOs available in all the configured domains along with their
status and the locations that they are linked to, from one central
location.
Enhancements
The following enhancements have been made to the 'Workflow'
feature:
- Quick-link to 'Create
Request': Requesters can now create requests for all the
management actions that they have permissions for, from just one
centralized location.
- Add Requesters Directly:
Now, turn any AD user into a 'requester', even if the user is not a
help desk technician. Just select the required user(s), assign the
appropriate roles domain and save the settings, to turn any normal AD
user(s) into a 'requesters'.
- Requester permissions to
Group/OU: Assign 'requester' permissions to an entire
Group/OU, for any AD task, as required. This automatically turns all
the existing members and any user who becomes a member of this group/OU
into 'requesters'.
- Assigning Rules:
With these rules, specify the technician(s) to whom the request being
created has to be assigned and also set the required priority for the
request, based on either the type of action or the requester who
creates the request, as needed. Also, specify the technicians/users to
be notified of the request status and progress, at each stage of the
workflow.
- Requester Roles:
Administrators can create custom roles to specify the task or the set
of tasks for which a 'requester' can create requests. These roles can
be used to provide the necessary request creation permissions to any
new requester. While creating a new requester, by just assigning a
specific 'requester role' to any user, administrators can specify all
the tasks for which this specific requester can create requests, in one
single step.
Fixes
- The 'IMAP4 setting not reflecting
when modified through single user modification feature' has been fixed.
- 'streetAddress' can now store
multiline values also
- Customers now have the option of
providing database password in encrypted format, if required.
- 'Recently Modified Users' report
can now retrieve more than 1000 objects.
- Windows 7 Enterprise SP1 has been
added to the options in the 'OS Based Report'.
- Approval notification email will be
sent to executors, even if they are not specified in the workflow.
Highlights of Previous Releases (Builds
5200 to 5241)
New Features
- Active Sync Enabled/Disabled Reports
- Single Contact Object Modification
- Contact Modification Templates
- Contact Modification Rules
- Detailed Group Members Report
- Single Computer Object Creation
with/without Templates.
- Delegation of Computer Creation
Templates to Helpdesk Technician(s)
- Exchange Mailbox Migration
- Restoring Deleted Users/Computers
- Workflow Notifications
- Single Contact Creation
- Template based Contact Creation
- Drag-n-Drop customizable Contact
Creation Templates
- Mandatory field(s) / attribute(s)
for Contact Creation
- Disable/Delete User Mailbox for
Exchange 2003, 2007 & 2010
- Customized Date/Time Format
Enhancements
- Performance enhancement in all
User, Computer reports that retrieve and display the most recently
updated data from multiple Domain Controllers.
- Enhanced performance in report
generation.
- Enhanced Localization and
Internalization for non-English language compatibility.
- Includes latest Windows OS releases
in 'OS Based Report'.
- Session timeout handling for Help
Desk Technicians.
- Custom Attributes / Additional
Custom Attributes
- Contact Creation - Field
Authorization and Template Delegation
- Refresh link in Modify Single User
page.
- 'Unlock Users' option along with
'Reset Password' in 'Helpdesk Reset Password' Console.
- 'Add/Remove' Users, Computers to
and from multiple groups in just a single action in Bulk User/Bulk
Computer Modification.