Delinea Documentation - Secret Server - 11.1.0

Secret Server: 10.9.000000 Release Notes

August 7–9, 2020

Note: The system requirements last changed with version 10.7.000000. See that version's release notes for details.

Upgrade Notes

New Features and Enhancements

Alerts, Events, and Logging

API and Scripting

Added a parameter for an API endpoint to identify inactive users that may be members of a given group.

Authentication and Encryption

Azure AD Synchronization

You can now synchronize users and groups in Secret Server with user and groups in an Azure AD. Does not require an on-premises AD for synchronization.

Connection Manager

Replaced the MacOS protocol handler. Secret Server no longer includes a MacOS version of the protocol handler for session launching. Instead, the Connection Manager free version is packaged with Secret Server for MacOS users.

DevOps Secrets Vault Integration

Added integration to allow Secret Server to create secrets in DSV and periodically push updates to those secrets. This allows customers to use DSV for fast API access and CI or CD pipeline integration while benefiting from the additional capabilities of Secret Server, such as credential rotation.


Event Pipelines for Groups

Added triggers, filters, and tasks for group events to event policy pipelines.

Google Cloud Discovery

Note: GCP account and instance discovery requires that projects belong to an organization.

Implemented discovery across Google Cloud infrastructure including:



ServiceNow integration now allows users to specify the ticket statuses that are accepted by Secret Server.


Added a "Run Launcher using SSH key" configuration setting to secret policies. The selected secret will be applied to all PuTTY launchers attached to the secret.

LDAP Synchronization

Synchronize users and groups in Secret Server with users and groups in an LDAP directory.

Performance Improvements


Significantly increased heartbeat and RPC message publishing rates by allowing distributing work across nodes.


Added a process to find lock keys that are over an hour old and subsequently remove them from the various caches.

Session Connector

You can now record video and keystroke data for sessions that do not use Delinea components at the user's client or target server.

Note: Removing the possibility of recording at a user's client or target server means that connections must be routed through a jump host running Microsoft RDS as part of the deployed PAM infrastructure. Connection recording occurs at a jump host running Microsoft RDS and additional Delinea software.

Session Recording

Changed behavior so viewing a session recording no longer opens a new tab in the browser from the UI.

User Interface

Bug Fixes

Alerts, Events, and Logging

API and Scripting

Authentication and Encryption



Fixed an issue with SQL not connecting due to high frequency schedules causing a timeout. Added a retry message to assist when a lock cannot be cleared.


Distributed Engine and Clustering

Fixed an issue where Distributed Engine would not reestablish a new connection after encountering an exception.

Export and Import




Installation and Upgrade

Updated the installer to configure worker roles to automatically start after a restart of Secret Server or IIS.


Remote Password Changing


Fixed a display issue with pie charts not displaying correctly when the chart needed to display a large number of unique values.

Session Recording

Fixed an issue with session recording for SSH and RDP proxied secrets.

User Interface


Resolved IIS header conflicts for the X-Frame-Options header.