Endpoint Privilege Management Cloud 24.2 Release Notes

March 26, 2024

This release notes document covers the following:

Requirements:

  • Microsoft .NET Framework 4.6.2 (required to use EPM Windows adapter)

For more information about Windows or macOS requirements, see the Privilege Management Release Notes.

EPM Console

New Features and Enhancements:

Policy Editor

  • Updated Applications Rule UI and On-Demand Rule UI with drilldown links for the Custom Token and Messages properties. This make is easier to change the settings for those properties. Select the link to go directly to the configuration page without having to navigate to the Custom Token or Messages areas in the EPM UI.
  • Added truncation to the Advanced Agent Settings page and replaced the input text box with a modal to view and edit multi-string values to improve the user experience and provide better readability of the values.
  • Added search feature to Policy Editor that facilitates ease-of-use searching when trying to find specific details about policy configuration. Search results finds all matches in the policy and indicates the exact location of the matches. Click the linked text to navigate to the element you want to manage. The search results includes these areas of the policy:
    • Windows and macOS Application Groups
    • Applications (including application matchers)
    • Workstyles properties: Application Rules, Account Filters, Computer Filters.

EPM Console

  • To help reduce the time it takes to secure your estate, you can now add more than one event at a time to the same policy. The matching criteria for all selected and compatible events are added to the policy and application group selected.
  • On the Microsoft Entra ID tab, monitoring and health indicators have been added to help you respond to connection issues as they occur. Synchronizing the Policy Editor group index and group membership ensures group information is accurate and current. See KB0020937.
  • Bulk actions are now displayed when one computer is selected on the Computers page. Actions include edit group assignment, delete computers, and archive computers.
  • A purge connector rule has been added to the Management Rules page. The rule purges local AD connectors from the database after the connectors are deleted.
  • Added GET /Roles endpoint to SCIM API that returns a list of EPM roles for roles discovery.
  • Updated occurrences of Azure Active Directory to Microsoft Entra ID.

Issues Resolved:

Policy Editor

  • Resolved an issue with the Identity Provider Settings Authority URI textbox artificially truncating values at 100 characters. The textbox character limit has been increased to 200.
  • Resolved an issue to ensure Windows Store Pkg Name matching criteria no longer resets to default on save of a Windows Store Package application type.
  • Resolved an issue with the Save button not activating when changing filter properties, specifically deleting a filter or using the Set As Not Equal property. Applies to all filters: Windows and macOS account and computer filters, and WMI filters.
  • Resolved an issue in macOS workstyles that was not allowing numeric account and group names. The macOS workstyle filters and Messages (Designated Users messages) now permit numeric naming conventions.
  • Resolved an issue with viewing Windows and macOS Messages > Designated User/Groups information when viewing the policy in read-only mode. In read-only mode, you can now select the View Designated Users/Groups link to see the AD accounts the messages apply to.

EPM Console

  • Resolved an issue that was causing a database exception when the same group ID with a different case is used in a policy.

Known Issues:

None.

EPM Windows Adapter

No updates.

EPM Mac Adapter

No updates.

Notes

None

Components:

  • PM Reporting Database: 23.9.13
  • Web Policy Editor: 24.2.392
  • PM Reporting UI: 24.2.112
  • Event Collector: 24.2.16
  • EPM Cloud: 24.2.499

Compatibility:

 

Do not install a new adapter version before you are running a version of Endpoint Privilege Management Cloud that supports it. Installing an unsupported adapter can result in endpoints that no longer connect. You will be notified before your instance of Endpoint Privilege Management Cloud is upgraded.

Supported Versions

  • PM Windows Adapter: Recommended: 24.2.491 | 24.1.581 | 23.9.578 | 23.8.515 | 23.7.356 | 23.6.562 | 23.5.516 | 23.4.424 | 23.3.256 |
  • PM for Windows: Recommended: 24.1.108.0 | 23.9.225.0 | 23.7.150.0 | 23.6.76.0 | 23.5.212 | 23.3.130.0 | 23.1.259.0 | 22.9.268 | 22.9.243 | 22.7.205.0 | 22.5.184.0 | 22.5.179.0 | 22.3.145.0 | 22.1.95 | 21.7.152 | 21.5.106 | 21.4.91.0 | 21.3.135
  • PM for macOS: Recommended: 24.1.0.1 | 23.9.0.1 | 23.7.0.3 | 23.5.0.3 | 23.3.1.1 | 23.3.0.1 | 23.1.0.1 | 22.9.0.22 | 22.7.0.83 | 22.5.1.1
  • PM macOS Adapter: Recommended: 24.1.0.1 | 23.9.0.1 | 23.7.0.3 | 23.5.0.3 | 23.3.0.1
  • PM Rapid Deployment Tool for macOS: Recommended: 24.1.0.1 | 23.9.0.1 | 23.7.0.1 | 23.5.0.1 | 23.3.0.1 | 23.1.0.1 | 22.7.0.9 | 22.5.1.1 | 22.5.0.1 | 22.3.145.0 | 22.1.0.1 | 22.1.0.74
  • PM Response Generator for Windows: Recommended: 24.1.108.0 | 23.9.225.0 | 23.7.150 | 23.5.212 | 23.3.130.0 | 23.1.259.0 | 22.9.268.0 | 22.9.243.0 | 22.7.205.0 | 22.5.184.0 | 22.5.179.0 | 22.3.145.0 | 22.1.95
  • PM Response Generator for macOS: Recommended: 24.1.0.1 | 23.9.0.1 | 23.7.0.3 | 23.5.0.3 | 23.3.0.1 | 23.1.0.1 | 22.7.0.83 | 22.5.1.1 | 22.5.0.1 | 22.3.0.1 | 2.2.0.74

Supported, but Deprecated, Versions

These versions are compatible with EPM but best avoided. Support for deprecated versions will be removed in the future.

  • EPM Windows Adapter: 23.2.506 | 23.1.942.0 | 22.9.393.0 | 22.8.396 | 22.7.271 | 22.6.273 | 22.5.144 | 22.4.227 | 22.3.310 | 22.2.584
  • EPM macOS Adapter: 23.3.0.1 |23.1.0.1 | 22.9.0.22 | 22.7.0.83 | 22.5.0.1 | 22.3.0.1 | 22.1.0.74
  • PM MMC snap-in: 23.9.225.0 | 23.7.150.0 | 23.5.212.0 | 23.3.130.0 | 23.1.264.0 | 22.9.268.0 | 22.9.243 | 22.7.205.0 | 22.5.184.0 | 22.5.179.0 | 22.3.145.0 | 22.1.95 | 21.7.152 | 21.5.106 | 21.4.91.0 | 21.3.135 | 21.2.98 | 21.1.133