US UK NL WebEx
Advanced Toolware LLC

Self Service Reset Password Management Product Versions

Version 6.04 build 1039, April 4th, 2008

Specific changes in SSRPM version 6.04:

Service

  • Several advanced configuration options have been added to SSRPM. A complete description of the advanced options can be found in the implementation guide.

Several Fixes:

Admin Console

  • While editing a profile it was possible to configure the profile in such a way that the user had to answer more random questions than the total number of answered questions.

Service

  • If certain characters were present in the account name or OU, the password reset could fail.

Version 6.02 build 1037, January 31th, 2008

Several Fixes:

Admin Console

  • In specific situations a connection to the SSRPM Service could not be restored after an upgrade. The Admin Console will now retry to connect to the SSRPM Service several times.
  • If the user deselected the option to create the database during the SSRPM Service Setup Wizard, a warning was shown to the user. This messages prevented the user from continuing with the wizard.
  • If the service settings are updated and the new configuration is incorrect, the configuration is not stored.
  • The profile option to generate new random questions each time a question was answered incorrectly, was not working properly.
  • The advanced random question options in the profiles were not saved correctly.

Service

  • If a corrupt license code was entered, the SSRPM Service could crash.
  • A database could not be created or upgraded with MSSQL 2000.
  • Rows that were exported to CSV during report generation were not enclosed in double quotes.

Reset Wizard

  • If a profile was configured to unlock an account only and the user name was changed during the password reset sequence, the user would still be presented with a finish button. Clicking on the finish button did not finish or advance the wizard.
  • If a user was blocked, he could still run the reset wizard and try to answer the questions after which he would be presented with the 'user blocked' message.

Version 6.00 build 1035, December 21th, 2007

Specific changes in SSRPM version 6.00 build 1035:

Failover/Redundancy support

Together with MS SQL Server SSRPM can be configured to automatically fail over to another SSRPM Service whenever a problem occurs.

Unlock Account

  • Users can now choose to only unlock their account.

Mandatory Questions

  • Administrator Defined Questions can now be marked 'mandatory'. These types of questions must be answered by the user during enrollment.

Random Questions

  • Profiles can now be configured to use random questions. During enrollment the user must answer several questions; during password reset, the user must answer a random subset of these questions.

GINA

  • The GINA controls can now be positioned relative to the 'OK' button. This solves compatability issues with several other GINA's.
  • The SSRPM GINA automatically detects the presence of the Entrust Entelligence GINA and loads in such a way that no compatability issues will occur.
  • An option has been added to load a specific GINA after the SSRPM GINA has loaded.

Advanced configuration

  • A registry option has been added to allow domain admins to enroll.
  • A registry option has been added to force SSRPM to use specific domain controllers.
  • A registry option has been added to register the RPC interface differently. This solves 'error 5' problems when running the SSRPM Reset Wizard from the logon screen.

Profiles

  • An option to disable the unlocking of an account during password reset has been added.
  • An option to disable password reset has been added. (So that the user can only unlock his account)
  • An option to specify the minimum question length has been added.
  • An option to specify the minimum answer length has been added.

Reporting

  • A new report component has been added to log information regarding SSRPM licensing.
    Reports can now be exported to CSV files.

Other

  • Database connection speed has been improved.
  • Questions are now globally stored and shared amongst profiles. Editing the question in a profile, will also edit the question in all other profiles.
  • Several additional custom messages have been added to the SSRPM User Client Software to clarify why access to the SSRPM service is denied.

Several Fixes:

Admin Console

  • On Windows 2000 the Admin Console would not start. The error generated was: "TzSpecificLocalTimeToSystemTime could not be located in the dynamic link library KERNEL32.dll".
  • A memory leak could occur when viewing log message details.
  • If the service was upgraded whenever the user was asked to upgrade the service, a log of events (and possibly errors) was not displayed.
  • If a license was added, it would often be displayed as 'not initialized'. This behaviour has changed: the new license is immediately checked.
  • In some cases the browse user dialog would fail to return a correct name.

Enrollment Wizard

  • The default enrollment check interval was set to an extremely long time.
  • The enrollment check interval could not be set to 0 (which means: 'check always')

Service

  • Canonical names longer than 255 characters were not supported.
  • Adding dates to the database could fail because of time format differences.

 

Self Service Reset Password Management 5.00 build 1028, August 31th, 2007

Specific changes in SSRPM version 5.00 build 1028:

Reporting

  • Every event in SSRPM is now logged to the SSRPM database. (Enrollment, unenrollment, Password Reset, Account Block) Reports can be generated and sent by email on scheduled intervals. SSRPM is shipped with several default reports. These default reports can be customized and new reports can be created.

Web Interface

  • The Web Interface Example has been updated. All of the SSRPM Profile options are now enforced by the web interface itself.

Email

  • Keywords can now be used in email addresses.

COM Object

  • Password complexity rules can now be retrieved for a specified domain if the profile permits it.

Logging

  • The SSRPM Service now writes it's log information to several different log files.

Several Fixes:

General

  • Incorrect Login name format fixed. Users can now properly use different syntaxes when specifying their account names.
  • The %FAILEDRESETCOUNT% keyword was never resolved in emails.

Web Interface

  • If the input was not checked (in for instance the web interface) the user could enroll using the same question multiple times. This was not possible in the Enrollment Wizard.
  • A user could enroll with answers shorter than the minumum answer length.

VBScript Example

  • A variable was not declared, which caused an error.

Self Service Reset Password Management 4.04 build 1020, April 30th, 2007

Specific changes in SSRPM version 4.04:

Database

  • Support for Microsoft SQL 2000 and 2005 (all versions) has been added. The SSRPM Service can now store all user information in a Microsoft SQL database.

Automatic unenrollment

  • Users that have been deleted from the active directory will be automatically unenrolled from the SSRPM Service. All information regarding this user will be deleted from the SSRPM database.

Several Fixes:

General

  • When the Enrollment Wizard or the Reset Wizard failed to connect they would display a 'connect to server' dialog even though messages were disabled through the 'EnrollmentWizardDisableMessages' in the GPO.
  • In version 4.00 build 1016 the password reset would fail if the SSRPM service was not installed on a domain controller

Admin Console

The SSRPM Service upgrade failed sometimes because of unexplained RPC errors.

Service

  • The log was filled with (non critical) errors regarding name translation. These errors have been given a different log level which can be turned on or off in the logging tab of the Service Configuration dialog.
  • The service sometimes crashed right after an enrollment or password reset if the UMRA connector was enabled. This issue has been fixed.

Reset Wizard

  • If a user name was not entered in the edit box in the GINA an error was generated in the Admin Console.
  • The Welcome Title entry in the LocaleResetWizard.txt file was not used, in stead the WelcomeHeader was used.

GINA

  • Custom locale files located on the network were not being loaded properly.

UMRA Connector

  • The SSRPM service would rarely crash when trying to load the UMRA COM object.

Self Service Reset Password Management 4.0 build 1016, Feb. 9th, 2007

Specific changes in SSRPM version 4.00:

Vista

  • Enhancements to completely support Microsoft Windows Vista. The logon screen of Windows Vista can now be changed so that it features a 'Forgot my Password' link which provides the 'Forgot My Password' button functionality.

Multiplatform

  • Connection with Tools4ever's product User Management Resource Administrator (UMRA) for integration with other platforms, systems, databases and applications.

Security

  • New features to be able to configure the user re-enrollment and unenrollment:
    • Users can now be warned to re-enroll after a specified interval.
    • User can now be automatically unenrolled after a specified interval.
  • New option to force a minimum answer length.
  • Support for additional password policy enforcement capabilities: 'Password History' and 'Minimum Password Age'.
  • Enhanced e-mail notification in which case specific e-mail addresses can be specified per e-mail notification type.
  • Additional logging: The source computer name and IP address is logged when a user enrolls or resets his password.
  • New feature to be able to deny users from enrolling into SSRPM. Due to security risks, users with Administrative Privileges are never allowed to enroll into SSRPM.

User Interface

  • COM interface to support full end-user web functionality, so that users can enroll and reset their passwords via a web browser.
  • New option which allows to enable an answer confirmation box in the SSRPM Enrollment Wizard.

Auditing

  • Extra user information is shown within the blocked users overview ('block time', 'block count', 'unblock time' and 'block duration').

Other

  • Extra SSRPM Keywords have been added.
  • A different locale file can be specified for the SSRPM GINA.

Several Fixes:

General

  • When searching for users, only the account name was returned. Now the domain name is included as well.
  • When browsing for users, groups or computers the new selection overwrote the current selection. The new selection will now be added to the current selection.

SSRPM Admin Console

  • When OU's were moved between profiles in the Manage Profile Dialog, the SSRPM Admin Console could crash.

SSRPM Service

  • If a canonical name cannot be translated to an LDAP name, SSRPM would try to convert the name itself. This would result in a failure if the canonical name was not just a domain, but also contained an OU.

SSRPM GINA

  • Several possible GINA chaining issues have been fixed.

Self Service Reset Password Management 3.22 build 1010, Dec. 8th, 2006

Fixes:

SSRPM Enrollment Wizard

  • The GPO 'Check Enrollment Interval' setting was not working. Because of this the Enrollment check was executed once per week.
  • The GPO 'Check Enrollment Interval' setting was specified in seconds. The GPO 'Check Enrollment Interval' setting is now specified in hours.
  • The date at which the enrollment is checked, was updated every time the Enrollment Wizard successfully connected to the SSRPM Service.

SSRPM Reset Wizard

  • The SSRPM Reset Wizard was not translated, when the Portuguese languages was used.

SSRPM GINA

  • The GINA (the 'Forgot my password...' button) was not translated to other languages.

SSRPM User Client Software Installer

  • If the SSRPM User Client Software was installed together with the SSRPM Admin Console. The Windows Installer would try (and fail) to reboot the computer. Automatic rebooting has been disabled.

Self Service Reset Password Management 3.21 build 1008, Nov. 24th, 2006

Specific changes in SSRPM version 3.21:

  • Multilingual support for the user interface in the SSRPM Enrollment Wizard, SSRPM Reset Wizard, SSRPM GINA and administrator defined questions. SSRPM is shipped with default questions in the following languages: English, French, German, Italian, Spanish, Polish, Portuguese and Dutch.
  • Support for x64 Edition-based Windows
  • Display details of blocked users

Fixes:

SSRPM Admin Console

  • Creating or editing a profile: If a user enters a number of questions that must be answered that is higher than the amount of available questions, the user is warned. The user was however not able to change the number anymore.
  • Creating or editing a profile: A user was able to enter 0 admin and 0 user defined questions. This is not allowed.
  • Service Configuration: The security tab displayed a different icon than the page itself.
  • Service Installation Wizard, Installation Options: When the service is not running, a version and build number of 0.00 and 0000 were displayed. This has been changed to 'unavailable'.
  • Error dialog: There was not enough space in the dialog for some of the error messages.

SSRPM Service

  • When a user from a child domain or a trusted domain tries to connect to the service it receives an error due to a failure in the name translation. The log displays an error 'Failed to initialize name translation'.
  • Profile Management: If a user disabled Account Blocking in the profile configuration, users were still blocked when answering too many questions incorrectly.
  • License: If a Domain/OU license was used, the users were counted every time.
  • Database: Special characters like ' were not handled correctly. This would result in failure to enroll users with names containing these characters.

SSRPM Enrollment Wizard

  • Define Question page: When Windows XP themes are enabled the answer edit box displayed '*' characters in stead of bullets.

SSRPM Reset Wizard

  • Specify user page/dialog: When only one domain is found it should be selected.
  • Reset password page: If the password complexity rules had been disabled and the minimum password length was smaller than 6, the SSRPM Reset Wizard always warned that the password must be longer than 0 characters.

SSRPM GINA

  • The SSRPM Reset Wizard always started when a user presses a key on the keyboard and the 'select domain' combo box was active. This only happened at the logon screen, not at the 'locked computer' screen.
  • If for some reason the SSRPM Reset Wizard location could not be read from the registry, the SSRPMGINA.DLL could crash.

SSRPM Installer

  • The shortcut for the SSRPM help was targeted at the SSRPM Admin Console instead of the help.
  • When a Windows installer version of 2 or lower was used, the SSRPM installer appeared to hang during installation/modification or removal. This was due to the fact that the Windows Installer displayed a hidden message box.

SSRPM User Client Software Installer

  • If for some reason the 'SSRPMGina.dll' file could not be copied to the system32 folder of a computer, the registry would still be updated. This could result in a failure to load the logon screen when booting a computer.

Self Service Reset Password Management 3.20 build 1006, Oct. 12th, 2006

First Release

 

 

Windows Server Monitoring Solution

RESOURCES

DOWNLOAD A TRIAL Version

 

Advanced Toolware LLC.
800 15th Ave South West
Puyallup, Washington 98371
U.S. Toll Free: 1-888-770-4242
International: (253)770-4823
Fax: (253)435-4966

Copyright © 2007 Advanced Toolware, LLC. All rights reserved. (Site Map)