AD Bridge 24.1 Release Notes
February 29, 2024
Requirements:
- None
For installation requirements, see the following:
- For the AD Bridge agent, see the Install Requirements for the AD Bridge Agent.
- For the management console, see the Requirements to Use AD Bridge with Active Directory.
- For a list of supported platforms for the latest version of AD Bridge, see the Supported Platforms Guide.
- Supported Platforms Guides for previous versions of AD Bridge can be found in the AD Bridge Documentation Archive.
New Features and Enhancements:
Ability to Disable Shutdown Timers
- In some scenarios, the shutdown timers have caused issues for customers. A new configuration option has been added to disable the lwsmd service shutdown timers. This option takes affect then next time lwsmd starts up.
- UseServiceShutdownTimer. New configuration option to disable service shutdown timers.
Database Connections Improvements
In the BeyondTrust AD Bridge Reporting Database Connection window:
- Two new options have been added to support encrypted connections: Encrypt connection and Trust server certificate.
- A new Perform Test Read option has been added to perform a query on the users table as part of the Database connection test (Rights required).
- The Timeout was capped at 10 seconds when switching components in the BeyondTrust Management Console (BMC). This cap has been removed to help in environments that need a longer delay.
As the time is now respected, timeouts only occur when the set limit is reached.
- BMC: Support Encrypted Database connections.
- BMC: New option to query user table on with Database Connection test.
- BMC: SQL timeout setting honored across BMC.
Reset Machine Password on Join
- PwdLastSet was only getting updated after half the MachinePasswordLifespan (defaulted to 30 days) was reached. Now after a domainjoin is successful, it will initiate a machine password reset.
Database Hardening
- We noticed that two of the recommended groups had been over provisioned. The script to set the permissions has been updated for new setups, but for existing deployments/customers, we recommend updating the permissions manually. We provide a new ReportingPermissionsUpdateV2.sql file in the Resource folder to provide a reference for updating existing permissions.
Issues Resolved:
Windows
- Resolved an issue with the Orphaned Objects Tool: We now mention that additional scans might be required.
- Resolved an issue where the Configuration Wizard License Import was not locale aware.
- Resolved an issue where the LicensePage Import was not locale aware.
Agent
- Resolved an issue with Domainjoin: Added support for restarting network manager with dhcp to resolve ERROR_BAD_COMMAND.
- Resolved an issue with pbis-support: Added a djconfigfile option for PWS integration.
- Resolved an issue to not store/read domain trust information with invalid SIDs.
- Resolved an issue where MachinePassword reset occasionally caused a core dump.
- Resolved an issue to support ubuntu minimal SERVER installs.
- Resolved an issue where AD Account lockout on AIX was occuring before threshold.
- Resolved an issue to update selinux to work with confined users.
- Resolved an issue where users were unable to create schannel connection after being offline for 4+ hours.
- Resolved an issue about portscript: the tryall option now searches all domains.
- Resolved an issue with RHEL9, where one was unable to change password for an AD user.
Others
- A tenantjoin-cli man page has been added.
Known Issues:
None.
Issues discovered after release can be found within our product Knowledge Base.
Notes:
- AD Bridge 24.1.0 supports upgrades from versions 23.1, 23.2, and 23.3.
- AD Bridge rpm packages signed with key 7237d0ac.
- The Windows build number is now split from the Agents build number. Installer build numbers will be different between Windows and the linux/unix installers.
