Privilege Management PMC 2.4 SR1 Release Notes

May 19, 2020

Changed text on the Force Policy Update button to Apply Policy to make it less confusing.
Improved the performance of the system for agent activations.
Added the UpgradeClusterDurabilityTier.ps1 script to allow customers to upgrade to silver durability on their PaaS cluster. Customers will need to run this script only for upgrades on Azure PaaS. This script is for customers upgrading to the 2.4 SR1 release. New installs are handled automatically. The script is run on the Jump Box for PaaS.
Database indexes are now automatically maintained for Azure PaaS installations for both the Management (for new installs) and Reporting database (existing and new installs).
Enabled the database purge job to be run automatically on a daily schedule by default for the Reporting database for Azure PaaS installations. The purge time for the Reporting database is set to 90 days. You can use the \AzurePaaS\DeployDatabases\SQL\MergeDataRetentionConfig.sql script to change this if required.

Host names are correctly reflected in the portal, even if they have changed since authorization with PMC.
Improved the adapter migration path from iC3 1.x to PMC 2.x. The 2.x adapter installation now removes older adapter registry profiles on install.
Resolved an issue that prevented deleting a policy from PMC when it was associated with a deactivated endpoint.
Improved the speed of manual agent activation by about five minutes.
IIS logging has been disabled for new installs. For upgrades, you must run the \DeploymentWizard\Upgrades\DisableIISLogging.ps1 script (On-Prem) or \AzurePaaS\Upgrades\DisableIISLogging.ps1 script (PaaS) to disable logging. This change affects all sites in the IIS application pools.

Resolved an issue that caused the job agent to sporadically stop running.
Resolved an issue that prevented the database indexing jobs for Management and Reporting database from running.
Addressed an issue to ensure that duplicate hosts are correctly identified by the Job Agent.
The Job Agent now correctly manages inactive computers that have been authorized with PMC but have never communicated with the platform.
The CopyFromStaging stored procedure now correctly pauses while the database maintenance job is running.
Database maintenance jobs no longer sporadically timeout in the Management or the Reporting database.

Resolved an issue which could be used for arbitrary URL redirection in the portal.
Hardened the security of URL paths within PMC for a PaaS deployment. Added the \AzurePaaS\Upgrades\PostUpgradeHardenPortalSecurity.ps1 script for customers upgrading PaaS deployments to the 2.4 SR1 release. New installs are handled automatically. This script needs to be run on the portal VM.
This release does not support communication over TLS 1.1 and older. Added the \AzurePaaS\Upgrades\PostUpgradeHardenTLSSecurity.ps1 script for customers upgrading PaaS deployments to the 2.4 SR1 release. New installs are handled automatically. This script needs to be run on the Jump Box.
Hardened the security of the nodes in a PaaS deployment. Added the \AzurePaaS\Upgrades\PostDeploymentInfrastructureHardening.ps1 script for customers upgrading to the 2.4 SR1 release. New installs are handled automatically. This script needs to be run on the Jump Box for PaaS. The script needs to be able to upload content to the Azure storage account that it creates.

The PMC Adapter requires .NET Framework 4.6.2 or later.

Recommended: 5.5 GA