Secret Server Cloud Release Notes for April 20, 2024

Release Date and Notes

Cloud Release - All Regions April 20, 2024

Component Versions

Distributed Engine and Advanced Session-Recording Agent: 8.4.24.0

Protocol Handler: 6.0.3.27

With this version, protocol handler has received changes to core internal functionality that prevents automatically updating to version 6.0.3.27 from a prior version. In environments with protocol handler automatic update enabled, the protocol handler will automatically update to version 6.0.3.26. To use the latest functionality and fixes of protocol handler, you must redeploy or install version 6.0.3.27 to end-user machines. Following that update, the automatic update will continue to work as before.

New Features

Left Navigation Panel

With this release, we have made several improvements to the left navigation sub-menu to provide a better user experience. Some of the most common configuration settings have been moved to the top of the menu. For more information about the latest changes, please see Main Navigation Drawers.

Improved Search

The main search is greatly improved. It now includes content search results as well as users. A status bar shows the full folder path for long secret-folder paths. Highlighted search categories include:

  • Content

  • Favorites

  • Folders

  • Secrets

  • Users

Entra ID Secret Template for RPC

Secret Server has supported Azure AD remote password changing for several years, this overhaul creates a new password changer and template, Entra ID, that uses Oauth application credentials as a privileged account to change a user password. Entra ID is Microsoft's comprehensive cloud-based identity and access management solution that helps organizations securely manage identities and access across their Microsoft services and applications. Our password changer and template support MFA and conditional-access policies and does not require PowerShell.

Bug Fixes and Enhancements

  • Fixed an issue with adding discovery sources that matched the domain of a current secret and were unmatched in the domain-name index table.

  • Enhancement: Increased back end performance of event queue processing when there are a large number of inbox rules.

  • Fixed an issue where users other than owners could view TOTP backup codes.

  • Fixed an issue where OAuth parameters were not validated. The OpenIdConnect flow has been adjusted to validate the redirection URI.

  • Fixed issues that could cause incorrect group or user interactions between Secret Server and Platform. We corrected an issue with Platform group synchronization that would not correctly add all group memberships once the number of synchronized groups was over 1000.

  • Fixed an issue where a ticket number was not present in SIEM logging.

  • Fixed a policy validation issue that occurred when using a $itemvariable.variablename in schedule pipeline minutes.