AD Bridge 22.2 Release Notes

June 30, 2022

New Features and Enhancements:

  • Elasticsearch integration now uses ECS common fields for better integration. A conversion tool is available to convert v22.1.0 indexes to the 22.2.0 ECS indexes. Please contact BeyondTrust Support if you have used Elasticsearch with Privilege Management for Unix & Linux or AD Bridge v22.1.0.
  • Added GPO to enable and configure DC authentication across the domain. In addition, there is a new report to view any failed DC authentication attempts from an endpoint.
  • Customers now have the option to scrub information from the support pack data gathered on their systems. A new option, scrubdata, has been added to find entries listed in /opt/pbis/libexec/scrubdata.txt and replace them. This file is composed of two tab-separated columns. The first column is the key customer data and the second is the mapped value the customer would like it to be.
  • Customers can now allow setting the computer password during offline join. This is usable with the new --password option.
  • Solaris SMF integration: if lwsmd is stopped or started, svcadm is used to enable or disable the server. This addresses issues of the lwsmd going into maintenance state in high load scenarios.
  • In v10.1 we added a dependency for krb5 in both lsass and nsswitch. This is not needed as the library is transitive. A few issues were addressed by cleaning up this code.

This also addresses issue on AIX hosts where AD users cannot authenticate.

Issues Resolved:

  • Resolved issue in which Windows 10 did not display data on GPO reports.
  • Removed weak types from krb5.conf encryption types.
  • Resolved issue with systemd by setting lwsmd TasksMax to infinity by default.
  • Resolved issue in which DBReaper was not incrementing last reaped ID for Elasticsearch on error.
  • DC/GC now fails over to the same site.
  • Core dump issue resolved on license status on domainjoin.
  • Resolved Centos/RHEL7 issue in which AD Bridge upgrade caused double prompts for local user password changes.
  • Resolved Solaris issue in which lwsmd went into maintenance mode when shutting down.
  • Addressed issue that occurred while mounting CIFS share as AD user from 10.1.0.
  • SUSE 12SP5: Resolved a Libcrypto error that occurred when trying to sudo.

Notes:

  • AD Bridge 22.2.0.210 supports upgrades from 10.0, 10.1.x, 21.x, and 22.1.x.
  • SUSE Linux Enterprise Server 12 SP5 is now supported.