Skip to main content
Skip table of contents

Version 4.2.0


This document provides information on the updated features and the fixed issues in the Sectona PAM version 4.2.0

What’s New

Vault Storage

  • [SPSL-2441] - Upgraded MySQL core engine from version 8.0.25 to version 8.0.28.

Session Management

  • [SPSL-2709] – Support for key based management account in case of Just-In-Time session for Unix based assets.

  • [SPSL-2697] – Support for live session monitoring in SSHD proxy-based sessions with live session termination.

  • [SPSL-2688] – Option to enable Windows server wallpaper in RDP over browser (v4).

  • [SPSL-2683] – Option to customize the session window title (in the browser tab) for over browser access types.

  • [SPSL-2666] – Centralized live session monitoring and collaboration support in case of multiple application and application proxy nodes configured.

  • [SPSL-2650] – Option to filter/view sessions based on session review status.

  • [SPSL-2637] – Support to play and export session video logs from the archival location.

  • [SPSL-2633] – "No Preview" screen when a live session monitoring snap is unavailable.

  • [SPSL-2560] – Improvement in the overall performance of the SSHD Proxy session.

  • [SPSL-2546] – Improved session video playback quality.

  • [SPSL-2488] – MFA (user interactive) support for SSH and SFTP-based sessions.

  • [SPSL-2428] – Option to configure MFA for every new session in asset security settings when connecting to any account of a specific asset.

  • [SPSL-2413] – Added file size in session metadata for files being uploaded and downloaded.

  • [SPSL-2412] – Option to configure user access policy wise restriction for upload and download a file based on file size.

  • [SPSL-2300] – System will transfer video logs to the Primary P1 node once the user session is completed on Primary P2/application proxy nodes.

  • [SPSL-1770] – Support to capture and display application node (P1/P2/Application Proxy) details in session view from where the user logins to the system and initiated a session.

  • [SPSL-1202] – Asset wise option to bypass session proxy and web proxy for an asset specific session.

Asset Management

  • [SPSL-2708] – Support for IPv6 on Primary and Secondary IP address fields.

  • [SPSL-2696] – Provided ADSync support for the Unix-based operating system.

Password Management

  • [SPSL-2681] – Added filter "Out of Sync Accounts" in the New Job section of Password Manager.

  • [SPSL-1279] - Feature for multiple password change sequences based on account name for specific asset version.


  • [SPSL-2610] - Run option in App Services for started services on non-primary application nodes.

  • [SPSL-2629] – Support multiple host names in application node hostname for cluster configuration.

  • [SPSL-2619] + [SPSL-2663] – Notifications type for Session Reviewed, User Group Created, User Group Modified and User Group Deleted.

  • [SPSL-2617] + [SPSL-2607] – Trails for tag details, asset discovery (for active directory), user group mapping, account group mapping and user role management in system trails and respective UI.

  • [SPSL-2532] - Instance name in Asset Direct Access email notification.

  • [SPSL-2481] – New system defined access type as "RDP (Admin Console)" to get the direct admin console of Windows Server.

  • [SPSL-2426] – Option to configure custom Java scripts to support the SSO process in browser-based access type.


  • [SPSL-2537] – Added “User Status” in the “User & User Group” base data for customized reports.

  • [SPSL-2472] – Added "Asset Version" in the Asset(s) base data for customized reports.

  • [SPSL-2471] – Added "Comment" and "Ticket No." in the session-related reports, such as Session metadata (last 24 hours), Session activities (last 24 hours), Session metadata – Blocked (last 24 hours) and Collaborated sessions (last 24 hours).

User Management

  • [SPSL-2702] – Added column "Account Group" in the user’s View Entitlement option.


  • [SPSL-2549] - Option to revoke (cancel approval) workflow request, which has already been approved in workflow all requests (administrative option).

Fixed Issues

Session Management

  • [SPSL-2716] – Fixed issues where the Risk view graph was not working as per the instance and did not display sessions of the current day.

  • [SPSL-2689] – Fixed an issue where the system was throwing an error for session collaboration when the session was enforced through the jump server (RDP + SSH).

  • [SPSL-2678] – Fixed an issue where the SCP file upload, download, and make directory functionality was not working as per the User Access Permissions given in the User Access Policy.

  • [SPSL-2651] – Fixed an issue related to high CPU utilization while using SSH Over a Browser session.

  • [SPSL-2601] – Fixed an issue of syntax error while calculating the Risk Score if the Account Name and User Name contain a single quote (').

  • [SPSL-2536] - Fixed issues in Windows Monitoring Service (WMON) regarding hostnames with more than 15 characters.

  • [SPSL-2533] - Fixed an issue where the file gets copied into the wrong directory in SFTP Over browser session in case of a special character in the directory name.

  • [SPSL-2351] - Fixed an issue where certain Keyboard keys were not working as expected in Session Collaboration.

  • [SPSL-2527] – Fixed an issue regarding validation for the email field on the session collaboration pop-up.

  • [SPSL-1079] - Fixed an issue where the screen is visible and accessible using the keyboard but not with the mouse under Collaborated Session.

Asset Management

  • [SPSL-2723] – Fixed an issue where “Job Name” was blank in Asset Discovery History in Asset Discovery View.

  • [SPSL-2622] - Fixed an issue where the system did not allow to take a session if the Account Name and Host Name contained a single quote (').

  • [SPSL-2496] - Fixed an issue where the filter was not working as expected in the Account Lifecycle.


  • [SPSL-2548] – Fixed an issue where workflow-based approved access was not shown in reports and user entitlements.

Dashboard and Reporting

  • [SPSL-2613] – Fixed an issue where the "User Activity Analysis” was showing incorrect and partial data in the dashboard.

  • [SPSL-2531] - Fixed an issue where the search box values disappear once search results in Analytics are selected.


  • [SPSL-2739] - Fixed an issue where the user was unable to receive a notification email for “user group deleted” and “account group deleted.”

  • [SPSL-2706] – Fixed an issue in the notification email where the system displayed zero accounts when the user ran the password management job.

  • [SPSL-2662] – Fixed issues in the View Sectona Authentication Lockout Policy Trail and Sectona Authentication Password Policy Trail, where a new record was not created for any update in the policy.

  • [SPSL-2661] – Fixed an issue related to an incorrect username in the notification email of account group update/modify.

  • [SPSL-2578] – Fixed an issue where the trails were not visible for asset type in configuration.

  • [SPSL-2461] - Fixed an issue related to incorrect data getting highlighted on the view trails page when the user bulk updates Asset/Account/User.

Task Management

  • [SPSL-2498] - Fixed an issue where the task was not executed through the task manager if the output was less than 8000 characters for SSH and Powershell.

Password Management

  • [SPSL-2691] – Fixed an issue where the system was unable to rotate the key of the key based account without a passphrase (for Unix based).

  • [SPSL-2612] – Fixed an issue where the Password status icon was showing unverified for all accounts on the account view page due to missing configuration.

  • [SPSL-2602] – Fixed an issue where if the password change sequence is marked inactive but still system was considering the same sequence for password change of account.

User Management

  • [SPSL-2679] – Fixed an issue where the user was prompted to reconfigure MFA while login in even if MFA reset was not performed by the administrator

  • [SPSL-2673] – Fixed issues related to user role management where the system allowed saving a new user role with no read / write access permission.

  • [SPSL-2603] - Fixed an issue where the last registration date for Google Authenticator was shown as blank.

  • .[SPSL-2501] - Fixed an issue where SCIM “User Update API” allowed users to update the username, which is not allowed from PAM.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.