AD Bridge 24.1 Release Notes

February 29, 2024


  • None

For installation requirements, see the following:

New Features and Enhancements:

Ability to Disable Shutdown Timers

  • In some scenarios, the shutdown timers have caused issues for customers. A new configuration option has been added to disable the lwsmd service shutdown timers. This option takes affect then next time lwsmd starts up.
  • UseServiceShutdownTimer. New configuration option to disable service shutdown timers.

Database Connections Improvements

In the BeyondTrust AD Bridge Reporting Database Connection window:

  • Two new options have been added to support encrypted connections: Encrypt connection and Trust server certificate.
  • A new Perform Test Read option has been added to perform a query on the users table as part of the Database connection test (Rights required).
  • The Timeout was capped at 10 seconds when switching components in the BeyondTrust Management Console (BMC). This cap has been removed to help in environments that need a longer delay.


As the time is now respected, timeouts only occur when the set limit is reached.

  • BMC: Support Encrypted Database connections.
  • BMC: New option to query user table on with Database Connection test.
  • BMC: SQL timeout setting honored across BMC.

Reset Machine Password on Join

  • PwdLastSet was only getting updated after half the MachinePasswordLifespan (defaulted to 30 days) was reached. Now after a domainjoin is successful, it will initiate a machine password reset.

Database Hardening

  • We noticed that two of the recommended groups had been over provisioned. The script to set the permissions has been updated for new setups, but for existing deployments/customers, we recommend updating the permissions manually. We provide a new ReportingPermissionsUpdateV2.sql file in the Resource folder to provide a reference for updating existing permissions.

Issues Resolved:


  • Resolved an issue with the Orphaned Objects Tool: We now mention that additional scans might be required.
  • Resolved an issue where the Configuration Wizard License Import was not locale aware.
  • Resolved an issue where the LicensePage Import was not locale aware.


  • Resolved an issue with Domainjoin: Added support for restarting network manager with dhcp to resolve ERROR_BAD_COMMAND.
  • Resolved an issue with pbis-support: Added a djconfigfile option for PWS integration.
  • Resolved an issue to not store/read domain trust information with invalid SIDs.
  • Resolved an issue where MachinePassword reset occasionally caused a core dump.
  • Resolved an issue to support ubuntu minimal SERVER installs.
  • Resolved an issue where AD Account lockout on AIX was occuring before threshold.
  • Resolved an issue to update selinux to work with confined users.
  • Resolved an issue where users were unable to create schannel connection after being offline for 4+ hours.
  • Resolved an issue about portscript: the tryall option now searches all domains.
  • Resolved an issue with RHEL9, where one was unable to change password for an AD user.


  • A tenantjoin-cli man page has been added.

Known Issues:


Issues discovered after release can be found within our product Knowledge Base.


  • AD Bridge 24.1.0 supports upgrades from versions 23.1, 23.2, and 23.3.
  • AD Bridge rpm packages signed with key 7237d0ac.
  • The Windows build number is now split from the Agents build number. Installer build numbers will be different between Windows and the linux/unix installers.