Secret Server 11.7.000060 Release Notes
Release Date: On-premises: January 24, 2025
Version Information
Component Versions
Distributed Engine and Advanced Session-Recording Agent: 8.4.43.0
Protocol Handler: 6.0.3.32
If your protocol handler version is 6.0.3.26 or lower, you must manually upgrade to a higher version. Automatic upgrades will not work for versions 6.0.3.26 or below. However, if your protocol handler version is 6.0.3.27 or higher, the automatic upgrade will function properly.
Improvements
| 548904 | Improved: Performance updates for SSH Proxy when using an SFTP subsystem connection. |
| 558857 | Improved: New UI for selecting restricted lists on teams. Allows user to select and manage more than 60 lists. |
| 560728 | Improved: The activity items in the session recording list have been simplified and extended details now appear below the video when a user clicks. |
| 585624 | Improved: TOTP history icons on the secret settings tab are now always visible and do not require hovering to see. |
| 595555 | Improved: Downloading event subscriptions now includes the target column in the .csv file. |
| 601841 | Improved: The API call to create a group now has a flag to control behavior for pre-existing group names. The flag specifies whether the call should fail creating groups or if the API should generate a unique name by appending a suffix as it did before. |
| 602146 | Improved: UI of Platform Migration Center has been localized. |
| 602588 | Improved: Added additional logging to clarify the reasons why a secret was skipped for RPC. |
| 603971 | Improved: Report editor SQL runner now updates columns when the SQL columns are updated. |
| 607689 | Improved: Accounts with a heartbeat failure status on an associated secret, displaying an error chip in the network view, now display a "heartbeat failed" chip and message on the details tab. |
| 609150 | Improved: Added support for French (Canadian), Italian, Dutch, and Polish. |
| 609271 | Improved: Updated the API to handle the "Quote Tokens" setting for PowerShell script secret dependencies. |
| 609274 | Improved: Changed default for timeout to Platform from 100 seconds to 5 minutes. Made this into an advanced configuration option in case it needs to be adjusted in the future. |
| 610216 | Improved: Details pages for secret-associated discovery accounts now include localized detailed messages below the "heartbeat failed error" chip for all heartbeat failure statuses. |
| 610768 | Improved: Added sorting to the directory account grid under the discovery network view. |
| 613946 | Improved: Added a user preference to underline links. |
| 614507 | Improved: Added a text instruction for Step 2 of the Platform Integration Center. |
| 615583 | Improved: Favorite and recent added as login home options. |
| 615589 | Improved: Stub secret API endpoint will now include which fields map to the password changer. |
| 615939 | Improved: Secret Server now contains support for PostgreSQL account secrets. PostgreSQL account secrets can participate in heartbeat and RPC operations. |
| 615740 | Improved: Selecting a filter will now announce the filter description after reading the label (accessibility). |
| 616742 | Improved: Upon selecting a single select filter the selected option is now associated and announced (accessibility). |
| 616744 | Improved: Remove filter button now uniquely announces which filter will be removed instead of just "remove filter" (accessibility). |
Fixed Issues
| 545095 | Fixed: In a secret's card view, under the shared users section, the initials allowed into the small colored Icon for each user was reduced from three to two, as some combinations of three letters were long enough to overflow the icon. |
| 548022 | Fixed: Updating roles on a group will no longer impact secret template permissions. Prior to this change, the TemplateCreateSecret role would show on the roles tab and get removed upon update of roles. |
| 548815 | Fixed: REST API doc for getting token now indicates that the user name can include the domain. |
| 548967 | Fixed: Discovery take over created secrets with the same name even when "Allow duplicate secret names" is set to false. |
| 584024 | Fixed: Multi-line text will now formats correctly when exported to a .csv file. |
| 592485 | Fixed: A check was added to verify that at least one permission from Secret Server is available in Platform to ensure users are not locked out during migration. |
| 594281 | Fixed: There was an issue where the ITSM integration script failed to run, resulting in an 'Object reference not set to an instance of an object' error when the 'Ticket System Publicly Available' option was disabled and a specific site was selected. The script now executes properly regardless of this setting, ensuring ITSM integration works as expected. |
| 595576 | Fixed: Bulk reactivation of disabled secrets that have deactivated templates now works, consistent with activating them one by one with a disabled template. |
| 603969 | Fixed: Report editor layout clipping issues. |
| 604097 | Fixed: Increased the timeout period for discovery scans to two days, allowing longer-running scans to complete without being canceled. |
| 605349 | Fixed: Resolved error that prevented a restricted user from updating lists on a secret. |
| 605427 | Fixed: Addressed an issue where customers without outbound internet access might be unable to generate session recordings. |
| 606973 | Fixed: Updated SafeReportSqlChecker to prevent queries using "sysdatabases" and bypassing table exclusions by prepending "dbo." |
| 607694 | Fixed: Addressed an issue where some computer accounts showed a "computer scan error" chip in details but not in the network view grid. |
| 607730 | Fixed: Resolved a resilient secret issue where in-progress replication log summaries were truncated mid-sentence during large dataset replication causing the replication state to remain stuck as "partially successful" even when the process completed successfully. This fix ensures smoother replication workflows, even for environments with large datasets. |
| 608089 | Fixed: Corrected the column label in the Discovery Network View. Previously mislabeled as "Full Name," the column now correctly displays as "Account Total" for improved clarity and accuracy. |
| 610542 | Fixed: Addressed a timing issue that could cause localization keys to show instead of the actual text in Platform. |
| 610595 | Fixed: Addressed an edge case where computers from a disabled discovery source would still appear in the Platform inventory. |
| 610621 | Fixed: UserId update (instead of name) for internal vault accounts. |
| 611124 | Fixed: User's enabled status is no longer determined by licensing and permission during sync from Platform to Secret Server. |
| 611863 | Fixed: Azure Active Directory renamed to Microsoft Entra domain on the directory services grid following Microsoft's renaming guidelines. |
| 612788 | Fixed: Addressed issue with being able to correct expired Azure AD domain credentials for clients that are not yet using "sync secrets." |
| 613129 | Fixed: Corrected a typo on add scanners filter localization that showed a duplicate option instead of "Show all scanners." |
| 613755 | Fixed: Directory services log now indicates Microsoft Entra instead of Azure AD. |
| 614044 | Fixed: Force check-in now allows the user to get into a secret when the password change is failing, canceled, and retried. |
| 614742 | Fixed: Updated filter for secret favorites is now applied properly. |
| 615582 | Fixed: When using Platform with Secret Server, an Active Directory user using a connector that is removed from Platform could be re-enabled in Secret Server. |
| 616739 | Fixed: The "Add item" button on top of grids is now labeled "Add filter." |
| 616745 | Fixed: The multi-select filter is now properly defined as role=menuitemcheckbox and the search announces how many are selected (accessibility). |
Known Issues
None at this time.
