11.3.3 Release Notes

>When upgrading Privilege Managerto a newer version, Delinea recommends upgrading the Directory Services agent such that both are running on the same release version.

Enhancements

  • Added various tooltips to fields within the product.
  • The MessageHistory table was unused and has been removed.
  • The Policy Events page now defaults to last 3 days to load more quickly, and is restricted to a maximum of 250,000 events.
  • Refresh button is now tab-aware in select locations. Refreshing on the membership page of a Secured Computer Group will recalculate the groups membership.
  • New maintenance task for purging Group Membership History table.
  • Changed default recursive group membership lookup to avoid issues with large nested groups when logging in to Privilege Manager.
  • Added an option for Secured Groups to enable selecting an OU and all children to address issues with migrating computers into directed policy groups.

Bug Fixes

  • Fixed issue with SAML Authentication Provider where certificates could not be uploaded.
  • Fixed structuredClone UI error in some browsers.
  • Fixed changing and saving Security tab settings for Secure Computer Groups.
  • Fixed sizing of graphs on high resolution monitors.
  • Fixed endless spinner on Alerts page when there are no alerts.
  • Fixed issue with gracefully handling null responses for report calls.
  • Fixed incorrect handling of local users that have the same name as the domain to which the computer belongs.
  • Fixed an issue related to AD import that caused database upgrade failures.
  • Fixed the Users as Local Administrators report and drilldown to no longer time out on large systems.
  • Fixed grid rows to show all text when the row is selected. Grid supports resizable columns.
  • Fixed the Computer Group Membership report was updated to prompt for required parameters instead of just displaying no results.
  • Fixed issue with license start dates being incorrect for multi-year keys.
  • Fixed local account lookup if the account name was the same as the domain to which the computer is connected.
  • Fixed issue with policy deployment statistics including computers that did not have the latest version of the policy.
  • Fixed issue with upgrades denying pending approvals.
  • Fixed issue with inaccurate data on Application Actions drilldown report.
  • Fixed issue with Agent Registration State drilldown to properly show last registered date.
  • Fixed issue with assigned a computer not being removed from assigned computer groups upon deletion of the computer.
  • Fixed report parameter issue that was blocking the Application Metering Events report from displaying data.
  • Fixed an issue that caused API calls to produce a 500 error following system maintenance.
  • Fixed and issue where the Secret name from Secret Server was not being updated.
  • Fixed issue where authentication through a SAML provider would produce 2 audit logon events.
  • Fixed an issue with the Thycotic Digital Certificate filter missing the certificate association in some environments.
  • Fixed an issue where collection filters were not properly displaying values.

Agent Specific

Windows

  • Fixed issue with user context filters not applying to child processes of elevated applications.
  • Fixed issue with advanced messages not opening up URLs in the default browser.
  • Fixed issue with advanced message crashing.
  • Fixed issue with remove programs helper not uninstalling some applications.
  • Fixed issue with 32-bit Application Control Agent crashing.
  • Changed certain repeating log messages to a trace level.

macOS

  • Native macOS agent now supports both Intel and Apple silicon-based hardware.

Known Issues

  • An improperly configured policy that uses the Group Member Authenticated Message Action [GMAMA] will result in the policy being erroneously applied to child processes created by a process that already had the policy applied to it. This results in multiple authentication prompts being presented to the user.
  • For the 11.3.3.1 macOS Agent support has been introduced for macOS Ventura (13.x) although the following known issues are noted below:

  • The Privilege Manager Agent does not currently support policy filtering for System Settings (preference panes) in Ventura.

    • Any policies deployed will not be supported on Ventura at present.

  • If the Agent is uninstalled and re-installed Full Disk Access will be required to be granted again in the System Preferences.

    • This is a known issue with version 13.0.x of macOS Ventura. Apple has documented the issue with details here: https://developer.apple.com/documentation/macos-release-notes/macos-13-release-notes/#Endpoint-Security.