AD Bridge 22.1.1 Release Notes

March 29, 2022

New Features and Enhancements:

  • Netlogon messages are now signed and encrypted over Schannel. This addresses the challenge message requirements sent over Schannel for domain controller (DC) authentication. DCValidationSupport can now be enabled without any additional requirements. This addresses CVE-2021-3657.
    • Log agent and server capabilities.
    • Reauthenticate DC with changes.

For more information, please see Security Bulletin BT21-05.

  • Added additional support tools:
    • Added /opt/pbis/libexec/porttest.pl to the agent install.
    • pbis-support.pl now adds the output of the pbis acl command to script output.

Issues Resolved:

  • Resolved issue in which lsass was in dead state when one DC was blocked.
  • Resolved issue in which the support pack grabbed everything from the root of the drive (/) if rsyslog.conf was not found.
  • Resolved issue with AD Provider State lookup.

Notes:

  • AD Bridge 22.1.1.189 supports upgrades from 10.0, 10.1, 21.x, and 22.1.0.