Introduction

This document provides information for the updated features and the fixed issues in the Sectona PAM version 3.7.0

What's New

  • [SPSL-1974] – Added a new report for List of users logged in (last 24 hours) in PAM.

  • [SPSL-1926] – Added a warning popup 20 seconds before web session timeout.

  • [SPSL-1909] – Added a notification to be sent whenever an account password is changed manually.

  • [SPSL-1908] – Added a notification to be sent whenever user password is changed by administrator.

  • [SPSL-1907] – Added Asset information, Configuration and Activities on EPM Dashboard.

  • [SPSL-1895] – Added a new option as Manage Permissions in User Access Policy.

  • [SPSL-1894] – Added “Allow File Download” and “Allow File Upload” option in User Access Policy under Manage Permissions.

  • [SPSL-1809] – Added an option to customize watermark text of OTP field on login page.

  • [SPSL-1803] – Added a new report as “Accounts never accessed” in PAM.

  • [SPSL-1802] – Added an option in appearance to change login page layout.

  • [SPSL-1742] – Added local to server and server to local file transfer support for RDP over browser sessions.

  • [SPSL-1701] – Added a feature “EPM - Windows Privilege Management”.

  • [SPSL-1690] – Added a new feature as JustInTime policy in asset management.

  • [SPSL-1224] – Added Privileged Account Governance  Reports and Dashboard .

  • [SPSL-1206] – Added new app services for PAG processing.

  • [SPSL-949] – Added a new feature as JustInTime account and session management.

  • [SPSL-811] – Added Privileged Account Governance (PAG) in the product.

Improvements

  • [SPSL-1976] – Added workflow URL from Primary or DMZ based on the configuration. 

  • [SPSL-1975] – Renamed base data "Login Failed Attempts" to "User Login Failed Attempts". 

  • [SPSL-1972] – Modified the notifications engine process. 

  • [SPSL-1971] – Added improvements in the System Defaults. 

  • [SPSL-1970] – Replaced misnomers with suitable and accurate names in Sectona Authentication under Configuration. 

  • [SPSL-1961] – Added 4 controls in the plugin designer. 

  • [SPSL-1944] – Added a column mentioning Directory Server name in User Group trail.  

  • [SPSL-1943] – Renamed Management Account label as Console Account in account manage UI. 

  • [SPSL-1941] – Added an option to set custom password change sequence as success without validating new password. 

  • [SPSL-1935] – Added an option to launch AWS token based SSO from external browser. 

  • [SPSL-1928] – Updated the notification templates of Privileged Account Governance. 

  • [SPSL-1920] – Added improvements in EPM. 

  • [SPSL-1915] – Deprecated Rule Type in EPM workflow configuration. 

  • [SPSL-1914] – Added statics for accepted and rejected entitlement reviews on the dashboard.

  • [SPSL-1913] – Added statics for approved and rejected user access reviews on the dashboard.  

  • [SPSL-1904] – Added same format Password Change webpage for Job History under Password Manager for PAM and EPM. 

  • [SPSL-1896] – Added video playback speed in session video log player. 

  • [SPSL-1853] – Added new options in app service configuration UI. 

  • [SPSL-1852] – Added notification for High Availability master change. 

  • [SPSL-1847] – Allowed special characters such as [!@#$%&=_]+|*-<>?{}(~) in password policy. 

  • [SPSL-1839] – Identified and removed cancel buttons wherever it is not required. 

  • [SPSL-1838] – Added "Exit Full Screen" button in discovery view page after opening page in full screen.   

  • [SPSL-1829] – Added new column in Assets base data of reports. 

  • [SPSL-1828] – Added improvements in Job History under Password Manager.  

  • [SPSL-1819] – Added a static table row for Manage Permission under User Access Policy in Policies. 

  • [SPSL-1818] – Added User Modified, Account Modified and Asset Modified notifications under Notification Engine. 

  • [SPSL-1810] – Removed "User Logon With OTP Option" from System Defaults.  

  • [SPSL-1800] – Added First name, Last Name, Asset's location and Asset's description fields under workflow request page. 

  • [SPSL-1796] – Added improvements in New Job  under Password Manager.  

  • [SPSL-1774] – Added improvements in embedded database analyzer.  

  • [SPSL-1768] – Added an option to allow login to specific application node when application load balancing is configured. 

  • [SPSL-1767] – Added improvements in Overview under Discovery View. 

  • [SPSL-1766] – Added an option to reinitiate vault replication from UI with Fallback and DR. 

  • [SPSL-1765] – Added improvements in Vault, RSH and Satellite Vault Installer.  

  • [SPSL-1763] – Added improvements in Web Installer. 

  • [SPSL-1760] – Added a feature to sync PAM assets to Satellite Vault server on real-time basis.

  • [SPSL-1512] – Added separate HTML boxes for Username and Password on the login page. 

Fixed Issues

  • [SPSL-1981] – Fixed issue wherein the account provisioning roles were not updated with correct commands. 

  • [SPSL-1980] – Fixed issue in which the account provisioning on Unix based server was failing. 

  • [SPSL-1977] – Fixed issue in which the POP3 (incoming email) was not working with email server. 

  • [SPSL-1968] – Fixed issue wherein the asset name was not shown in account trail when account is updated under Account in Manage.  

  • [SPSL-1967] – Fixed issue where the requester itself was allowed to be the approver and operational manager in PAG. 

  • [SPSL-1966] – Fixed issue where the entitlement review, data filters were not working as expected in PAG. 

  • [SPSL-1965] – Fixed issue wherein the entitlements review, irrespective of instance specified all account were selected for review in PAG.

  • [SPSL-1964] – Fixed issue where the task bucket was created without entering bucket name in task bucket access page. 

  • [SPSL-1963] – Fixed issue where no date was shown under "Last run on" column in task bucket access page. 

  • [SPSL-1960] – Fixed issue wherein the AD account password was not getting synced automatically when its local account password was updated in PAM. 

  • [SPSL-1945] – Fixed issue wherein if you add two AD users having same name but on different AD servers, they get mapped to a wrong user group.  

  • [SPSL-1942] – Fixed issue wherein the password change fails if account locked to console. 

  • [SPSL-1940] – Fixed issue where the trail highlights the approver names of all the approvers when user changes just one approver in the workflow. 

  • [SPSL-1934] – Fixed issue wherein SFTP and STFP Over Browser dose not connect to some Unix based servers. 

  • [SPSL-1933] – Fixed issue where the user was unable to update the status of the service when clicked on the start button. 

  • [SPSL-1932] – Fixed issue where the page layout on My Access page of PAM and EPM was different. 

  • [SPSL-1931] – Fixed issue where the user was not able to save 'List of active account groups' reports in PDF format. 

  • [SPSL-1929] – Fixed issue where the %PAG_ReviewCreatedBy%  tag was giving inappropriate output. 

  • [SPSL-1925] – Fixed issue where the scheduler reports were getting saved without entering the email address. 

  • [SPSL-1924] – Fixed issue where the account password was getting changed using the wrong policy. 

  • [SPSL-1916] – Fixed issue wherein the EPM Workflow trail was showing incorrect 'Scheduled Time'. 

  • [SPSL-1912] – Fixed issue wherein the comment added by Operational Manager should be shown to the requestor. 

  • [SPSL-1911] – Fixed issue where the records under cycle review for both user access reviews and entitlements were not sorted by 'Created On' column.  

  • [SPSL-1910] – Fixed issue where an appropriate error message was not shown when the user tries to create duplicate cycle. 

  • [SPSL-1906] – Fixed issue where the password was not changed for accounts on endpoints in EPM. 

  • [SPSL-1905] – Fixed issue where the filter window in User Access/ Entitlement was not closed on clicking the 'X' at the top corner of the window. 

  • [SPSL-1903] – Fixed issue wherein the email was not received by the requester when review request is approved by the approver. 

  • [SPSL-1902] – Fixed issue where the count for 'Pending Review Cycles' was shown incorrectly in PAG Dashboard. 

  • [SPSL-1900] – Fixed issue wherein the hovering mouse pointer on 'Asset Activity' chart showed 'data_2:' in the information. 

  • [SPSL-1899] – Fixed issue wherein the execution time of Bucket was showing current date and time under Task Bucket. 

  • [SPSL-1897] – Fixed issue where the entitlements in PAG were showing data for other instances. 

  • [SPSL-1892] – Fixed issue wherein the server access policy (Windows Server) was blocking explorer.ex. 

  • [SPSL-1851] – Fixed issue where the emails were received with inappropriate content. 

  • [SPSL-1850] – Fixed issue where the role not selected was used while provisioning or deprovisioning an account in account lifecycle. 

  • [SPSL-1849] – Fixed issue wherein the page goes to asset detail page instead of Asset's action page when logs are closed with the help of "X" button under Account Lifecycle. 

  • [SPSL-1846] – Fixed issue where the “No of Cycles” column gets updated even if user edits the User Access Review or Entitlements configuration. 

  • [SPSL-1842] – Fixed issue where the AD Sync entry once added with inactive state gets deleted when user clicks the 'Update' button. 

  • [SPSL-1831] – Fixed issue where the jump server over browser was not opening without NAT settings with Over LAN configuration.

  • [SPSL-1830] – Fixed issue where the command execution was denied in Sectona PuTTY.exe. 

  • [SPSL-1827] – Fixed the typo error and description missing in notification content tags. 

  • [SPSL-1824] – Fixed issue wherein the approver role user didn’t have access to approvals section in PAG. 

  • [SPSL-1823] – Fixed issue where the secondary IP address was not shown on My access page when "Use Secondary IP of Asset" is set to 1. 

  • [SPSL-1822] – Fixed issue wherein PAG worked even if the configuration is inactive. 

  • [SPSL-1799] – Fixed issue wherein the user was unable to create provision account on Windows Active Directory. 

  • [SPSL-1798] – Fixed issue wherein the user was unable to deprovision any account under Account Lifecycle. 

  • [SPSL-1795] – Fixed issue wherein user was unable to login to Splunk web console when password contained “^” character when login type is auto enter. 

  • [SPSL-1762] – Fixed issue where the user was unable to add or update the role in account lifecycle when the input inside "Remove Role Command" was empty. 

  • [SPSL-1761] – Fixed issue where the same name of account was used on different asset under Account Lifecycle. 

  • [SPSL-1758] – Fixed issue where the user was able to see session commands in a Sectona PuTTY session even when 'Session metadata' is disabled.