DESlock Limited
DESlock+ Enterprise Server
Version 2.5.2 Release Notes
29 October 2014
+ What's new?
Supports DESlock+ Client on UEFI systems. Added support for iOS licensing. Added new email templates. New look and feel. Security Fixes.
Bug fixes and changes include
* DESlock+ Recovery ISO updated to support UEFI on systems that provide a legacy boot option.
+ System Requirements
* Microsoft Windows XP, Microsoft Windows Vista or Microsoft Windows 7, Microsoft Windows Server 2003 or Microsoft Windows Server 2008
* Apache HTTP Server 2.2 or IIS Server 6 or later
* PHP 5.3.x
* Microsoft SQL Server 2005 or 2008
* Microsoft SQL Native Client 2005
+ Installing
This version can be installed on a fresh system or used to upgrade a system in place, which will retain all existing data and settings.
+ Known Issues
* The DESlock+ Recovery ISO included with this install now supports UEFI systems, providing a legacy boot option is available on the system to be recovered.
* The Enterprise Server is no longer supported on IE7 or earlier.
* If you change role, permissions or password policy for an organisation login, the settings may not take effect until the user is logged out and logs into the Enterprise Server again.
* When adopting a version 4.4.x client (or later) that was upgraded from a previous 4.3 (or earlier) version, it is possible the command may fail with an error "The command is from an old enterprise server. This client requires a newer version (0xC00B002D)". In this instance, it is necessary to resend the adopt command. The second attempt should succeed.
* Under certain specific cases, old DESlock+ clients (prior to version 4.4.x) may display an activation dialog with no text if the install was stamped from a 2.2.14 or later Enterprise Server.
* Multi user licence that has been used in an unmanaged way may be blocked by server
+ Change History
Version 2.5.1
* Fix problem accessing Active Directory settings if invalid characters are saved to the form.
* Update recovery ISO image (MBR support only)
* Removed support for IE7 browser.
* Removed support for stand alone recovery ISO generator as you must now use the recovery ISO generator built into the Enterprise Server
Version 2.5.0
* Redesigned user interface for new look and feel.
* New hashing algorithm for organisation login passwords.
* Fixed two security issues: http://support.deslock.com/kb176 and http://support.deslock.com/kb175
* Added support for Full Disk Encryption for UEFI systems.
* Added support for Full Disk Encryption SafeStart.
* Added support for initial and subsequent encrytion/decryption of individual partitions.
* Added support for licensing the DESlock+ iOS app.
* Updated HTML and plain-text email templates (including English, Polish, Dutch, Japanese, German, French and Spanish).
* Default email templates can be customized.
* New custom email templates can be created and localised to any language.
* Users can now have more than one licence, one each from each different licence.
* Updated activation code generation interface, which includes new licence expiry information.
* Additional licences can be revoked independently, without requiring the user be deleted.
* SSL auto configuration for Apache preinstall installations.
* Initiate FDE, Adopt FDE and Add FDE Login now all require a licence with a Professional feature set.
* Add user now has additional email validation checks.
* Added ability to generate recovery ISO image directly from Enterprise Server.
* Fixed issue where Enterprise Server would become unresponsive to new login attempts until a restart.
* Fixed problem when installing the Enterprise Server, if you are using an internet proxy and you enter these details in the setup wizard.
* Fixed issue not sending an email when modifying an FDE login.
* Multi-user licence licence available value now decrements correctly when users are licensed.
* Enterprise Server control panel pages have improved detection idle logout detection.
* Added block to login page if IE6 is detected so you cannot use the Enterprise Server.
* If email is configured, the default checkbox state is disabled for the domain @example.com.
* New downloaded workstation report for technical support analysis.
* Password validation now decrements the bad password count on error.
* Many bug fixes
Version 2.4.7
* Started DESlock+ Enterprise Server service during the setup wizard for the Console service.
Version 2.4.6
* Improved support for SSL and TLS SMTP configurations.
* Improved active directory user import options.
* Improved interface for remote push install when specifying domain name.
* Downloading merged install from the Enterprise Server strips MSI product key and digital signature.
* Improved setup process when using a local proxy install.
* Fixed some group policy and workstation policy checksum calculation issues.
* Fixed some typographical errors.
* Minor performance improvements.
Version 2.4.5
* Added some additional policies, including Auto Update policy.
* Added support to mask certain fields as password fields, in Enterprise Server error messages.
* Added SMTP log to SMTP test button in control panel for debugging.
* Added HTTP test button to control panel.
* Added HTTP log to HTTP test button in control panel for debugging.
* Added internet communication retries ability.
* Added ability to identify trial type licences.
* Added support end and maintenance end dates to licence display within Enterprise Server.
* Further improved SMTP error codes.
* Improved add user interface to report failure reason for individual addresses.
* Improved add licence and resync licence functions.
* Improved messages displayed when attempting to delete users and workstations.
* Fixed some issues relating to the use of a managed install uninstall password.
* Fixed update licence task where it could fail to report certain failure cases.
* Fixed problem when using the FDE recovery tool when workstation was using a foreign language or had foreign language software installed.
* Fixed ability to complete setup wizard if using a local proxy install.
* Fixed problem where adoption command could crash the Enterprise Server Service.
* Fixed problem workstation policy string checksum calculations.
Version 2.4.4
* Resolved problem downloading policy file on systems not using Windows 1252 character set
* Resolved problem manually downloading merged policy MSI install
Version 2.4.3
* Added ability to push a client MSI to multiple remote workstations.
Version 2.4.2
* Updated built-in manual with new remote push install dialog
* Removed two old database references to voucher
Version 2.4.1
* Modified push install user interface to simplify input required from user
* Modified push install error messages to resolve some ambiguity in failure cases
* Modified error handling from SMTP functions to avoid some ambiguity in failure cases
* Updated some network rescan error messages
* Modified javascript loading to include versioning and avoid issues encountered after upgrading to a new version
* Modified DESlock+ Enterprise Server install so it cannot be installed over a DESlock+ Client version
Version 2.4.0
* Initial setup wizard now only requires DESlock+ Proxy ID for much easier installation.
* Network "push install" functionality for deploying DESlock+ client software to PCs on the local network.
* Dynamic workstation policy updates so workstations can have policy remotely configured.
* Single sign-on options for Full Disk Encryption logins.
* Modified user interface to separate workstations and users.
* Workstation policy (for workstations) and Group policy (for users) has a consistent operation, and a consistent interface, across the two types of interface branches.
* New branch nodes appear under "Workstations" for "Unknown Policy" and "Network Workstations".
* Vouchers are now referred to as Licences
* Ability to create different policy file formats for 4.5.0 or later clients, and earlier versions.
* Creating merged installs is now much faster.
* Refreshing list of DESlock+ client installs is now much faster.
* Encryption Key issue function from Enterprise Server keystore.
* Workstations should move automatically between policy teams, if policy is changed via a downloaded policy file.
* Added support for different language versions of the DESlock+ client software.
Version 2.3.8
* Fixed problem where domain users with an apostrophe could be incorrectly identified as already existing in the ES during sync
Version 2.3.7
* Supressed information messages that could be displayed when importing from a very large active directory domain.
* Fixed problem during import when in domain records contained invalid characters.
* Fixed problem where synchronization icon could continually spin even after sync had been completed, when using certain LDAP configuration settings.
Version 2.3.6
* Fixed problem with add user.
Version 2.3.5
* Removed ability to "Change Password" or "Set Password" from organisation login types other than the default Strong Password type
* Disabled password related options (must change password and password expiry) from organisation login types other than the default Strong Password type
* Fixed problem where certain characters were filtered out when creating an organisation login, resulting in inability to login with correct password
* Enabled status column in user list enabled by default
* Escaped organisation login name, workstation policy and team name fields, so they can contain non-typical input characters
* Unicode characters in workstation description now display correctly in dash panel edit button
* Several functions have had input restrictions relaxed (e.g. length of email address, or workstation description).
* Fixed some spelling mistakes in workstation policies and other dialogs
Version 2.3.4
* Prevented JSON handler from inserting NULL values when attempting to find missing JSON fields.
Version 2.3.3
* Fixed issue where sometimes settings in the control panel could not be saved (particularly the proxy settings).
* Increased user email validation checks (for edit operations).
* Additional functionality for login types other than enterprise server password authentication (e.g. network authentication).
* Fixed some enter key press handlers that were bypassing the checkbox to confirm action.
Version 2.3.2
* Fixed upgrade problem with specific upgrade path
Version 2.3.1
* Optimised mark read functions for list of alerts
* Modified status report processing for more efficient query use
* Lowered thread priority for background threads so as to allow UI threads to be more responsive
* Modified indexes on alert table
* Added missing text for some errors
* Enterprise Server service has improved rebuild/sync function
* Fixed problem of filters being ignored on user list when starting task on list of users
* Removed autoload on LDAP cache store for problem in cases where permissions where hiding the panel from the user
* Added total alert count to new alerts popup window
Version 2.3.0
* Added an Active Directory cache view to allow for viewing of the active directory and selective import of users.
* Added support for synchronising with an active directory automatically in the background.
* Added update notification for new releases of the Enterprise Server.
* Added an 'orphan' user state for licensed or activated users that have subsequently been removed from the Active Directory.
* Removed the 'blind import' Active Directory import from the add user window.
* Detected RDS clients and prevented the name from automatically updating in the Enterprise Server.
* Added function to allow any previously modified RDS workstation names to be reverted to the old format.
* Added "Posted By" field to Update description window, and removed "Event ID" field.
* Update FDE Recovery button now correctly reports error states that occur when posting the update
* Resolved some leaked resource handles
* Force Key-File password change warning state now reported as warning alert, rather than error
* Voucher Resync has been changed to allow user to force a full resync
* Updated libcurl library version
* Fixed problem with initial recovery password not working if policy forced a 32 character password
Version 2.2.19
* Reports are now no longer aborted after 30 seconds of running time
* Reports can now determine how far through a JSON list they have read, so can report progress
* Some front end dialogs now have improved key press handling
* Organisation lists no longer contain organisations that are in a pending delete state
* Added database upgrade logging functionality
* Improved reporting of a failed database upgrade
* Organisation details report now contains more details
* Workstation JSON information is now reformatted in the service prior to being stored in the database
Version 2.2.18
* Workstation name now updates dynamically when status is returned from a client
* Optimised voucher refresh function for improved performance
* User's default FDE username is calculated correctly if the user has a shortname set
* Fixed add user PHP script, if server had PHP error output enabled
* ChangeUsername now uses the correct username in the email it generates
Version 2.2.17
* Changed update status processing so that successful Start FDE also deletes all previous Start FDE updates.
* FDE Logins are now no longer placed in a pending delete state when FDE Decryption begins.
* Fixed problem with warnings generated by a key list queries that made key list appear empty.
* FDE Decrypt FDE now posts an alert when a successful status is processed.
* Fixed potential crash problem when posting recovery password updates.
* ChangeUsername function now allows sending of email.
* Added an end time to log file for internet debug.
* Fixed spelling error in policy element.
Version 2.2.16
* Add user input box now supports short name and long name to be specified with comma delimiters
* Workstation can now be re-adopted if it was only partially successful in a previous attempt
* TokenstoreLocationType is now always written out to admin.reg file even if the default value is set
* DLP version number of client is now used to determine which adopt command to send
* Password retries has been renamed to password attempts to avoid ambiguity
* Policy search now includes policy group headers
* FDE Login attempts box now renders on IE6
* Additional setup wizard pages have been updated to render correctly in Firefox 15
* Editing a user record no longer applies the red "dirty" icon to the column
Version 2.2.15
* Added artificial delay to prevent adopt command from being posted out of order
Version 2.2.14
* Fixed issues sending emails if server requires SMTP authentication.
* Fixes to modifying the permission of an FDE Login
* Re-added support for admin FDE Login retries on Start FDE
* FDE Adopt and Modify FDE Login now allow password retry count to be modified
* FDE Adopt command now allows the same admin password to be used, though it asks for extra confirmation in this case
* All FDE Login dialogs now support an unlimited retries checkbox
* Deployment client messages from Workstation policy can now contain Unicode text
* FDE Recovery help text now has a filter to prevent invalid characters
* Added debugging trace support for SMTP commands.
* Updated setup function to allow for SQL Server 2008 support
* Fixed crash that could occur if database access was lost in the middle of processing synchronisation errors
Version 2.2.13
* Added support for email addresses containing an apostrophe (').
* Front end can now correctly display Unicode characters where entered.
* Formatting of system dates/times can now be controlled from the client browser.
* Extensively reworked SQL indexes for faster performance.
* Fixed SMTP test button in control panel not reporting a true error.
Version 2.2.12
* Added several missing SQL table indexes, which improve performance on large databases
Version 2.2.11
* Activation codes are now sorted, with used at the bottom
Version 2.2.10
* Added more information to workstation information panel
Version 2.2.9
* Added sync state icon and descriptive text for activation codes
* Fixed problem generating an encryption group with a name containing a single quote
* Fixed problem generating an encryption key with a name containing a single quote
Version 2.2.8
* Previous activation codes are no longer removed when generating new activation codes
* Activation code list display multiple activation codes and allows them to be deleted
* Used and processed activation codes are now automatically removed
Version 2.2.7
* Forced FDE username and password to be ASCII (7bit) characters only.
* Added Caps Lock warning for password entry fields
* Added permission checks to tree context menu items
* Fixed problem that prevented control panel from rendering correctly when browser zoom level was changed
* Added order by filters for encryption group list
* Fix for the SMTP test address field in the control panel, so changes to that field no longer mark the form as needing to be saved
* Fixed problem resuming a task which later spawned a sub task - the sub task and alerts generated would not be visible in the main organisation
* Changes to the way background tasks are started for faster performance and to allow future improvements for long running tasks
* Fix for creation of encryption key following a key transfer (copy) operation
* Fix for receiving large JSON packets in the service (packets > 4K in size)
* Fixed team delete method so any generated errors are correctly reported
* Re-added function that creates new workstation policy items (accidentally removed in previous change)
* More code added to the Login delete function to cope with other scenarios where a login could not be removed
* Removed (made hidden) some deprecated group policy entries (auto update, offline folders, PEK key)
Version 2.2.6
* Fixed some LoginView commands that failed to supply an error code if they failed
* Re-added old/legacy background task type descriptions for upgrade scenarios
* Fixed a problem that prevented some organisation logins being deleted
* Removed some old redundant database queries
* Improved Active Directory import. This could crash, or fail to import all users, if importing a very large domain
* Fixed possible SQL table lock in background task table caused by background task
* Fixed GetLicensedTotals in userlist JSON response.
* Fixed permissions for displaying FDE login user list (from both workstation card, and user card)
* Added separate permission for AD user import and added it to super admin assignment as a default
* Fixed working mask on Active Directory import which wasn't cleared if the import failed
* Fixed tree refresh problem following AD import if a team was created as a result of the import
Version 2.2.5
* Fixed problem when performing workstation FDE adopt command
Version 2.2.4
* Fixed problem converting workstation JSON data information used by the front end
Version 2.2.3
* Deleting a workstation now de-owns any FDE logins so they are no longer associated with a user
* Modified the way group policy (and workstation policy) items are ordered
* Added new workstation policy items for FDE Lost Details customization
* Fixed a team rename problem
* Fixed problem with some user operations reporting "Error: Success" rather than the real error
* Added readme.rtf (this file) to the Enterprise Server control panel
* Added FDE Login panel to user card (it is also still available on the workstation card)
* Added more double click throughs
* Fixed some incorrectly specified role permission checks
Version 2.2.2
* Fixed a problem where right click context menus would not be shown in the main view.
* Fixed a problem with helpdesk information in workstation policy. \n new line now works as expected.
* Improved transition screens on Internet Explorer.
* Added copy to clipboard button for activation code. (only on Internet Explorer)
* Added the ability to login directly to the control panel. Enter the user name and password, then right click on the login button.
Version 2.2.1
* Fixed a problem that prevented teams from being created at organisation root level
Version 2.2.0
* Redesigned UI to for faster performance, and to support larger organisations.
* Redesigned backend for improved performance and improved stability.
* New organisation login password policy to enforce password strength and password usage.
* Improved organisation login role based permission system, for user definable login roles.
* Changed FDE Login password policy to use Group Policy for workstation. This allows policy enforcement when adopting workstation and for un-owned FDE logins.
* New FDE Decrypt command.
* Prevented team from being made a child of its own child.
* New policy entries for helpdesk information.
* Fixed some windows that did not render correctly on IE6.
Version 2.1.11
* Fixed problem with password policy where symbols option had recently been ignored by server so would not be applied to clients via Key-Files or FDE operations
Version 2.1.10
* Modified FDE login permissions when adopting so by default the login has a can change password right
* Fixed recently introduced problem where it was not possible to choose an FDE Login recovery index greater than 2
* Fixed a separate issue where misleading error was displayed when attempting to add FDE login to pending encryption workstation
* Modified EC_WkstFDELoginsPanel_AddUser panel check so it correctly detects unmanaged workstation
Version 2.1.9
* Changed policy hint for max password age policy to indicate user must also have 'can change password' right.
* Added mutex to prevent multiple concurrent calls to GenerateActivationCode for the same user.
* Modified message shown if a workstation is at 0.0% encryption/decryption, to indicate that progress has not yet been returned
Version 2.1.8
* Adopt command now checks workstation bootloader version
* Added new policy item for key-file password age
* Added new policy items for removable media
* User state check (after encryption key membership, or group policy change) is calculated in a background task rather than blocking the PHP
Version 2.1.7
* Added adopt command to front end
* Removed some extraneous data from JSON data
* Fixed incorrect error reported when trying to add an FDE login to a workstation that was pending encryption
Version 2.1.6
* Fixed problem uploading binary files to the service. Affected setup wizard and Import Update file functions.
* Removed password policy entries from the default permissions file
Version 2.1.5
* Change login levels to login roles, and added permission checking
* Added password policy checking and enforcement for organisation logins
* Added reporting tab for screen, CSV or PDF reporting
* Added escaping of data relating to FDE logins (e.g. so you can create an FDE login username containing a ' character)
* Modified FDE login password hash calculation to force OEM code page
* Fixed workstation orderby filter which was not being applied when requested
* Resolved error when failing to force an organisation login password change
Version 2.1.4
* Changed some policy defaults: Text encryption state disabled -> enabled; DESlock+ Go Password retries value 1 -> 5.
* Improved DESlock+ Removable Media Encryption exclusions list hint text.
* Added backend support to adopt FDE encrypted workstation into Enterprise Server.
* Added password phonetics to FDE login recovery password display.
* Improved user checks during activation, to avoid users sometimes being incorrectly marked dirty during activation on a new workstation.
* Can create a Team with the same name as a workstation policy entry.
* Fixed editing group policy when an applied filter yielded only a single policy entry.
* Disabled the FDE GUI option in Start FDE command, until it is supported by the client.
* Fixed problem deleting encryption keys.
* Added support for additional information from clients.
* Workstations card now display OS and DESlock+ version if it the client has returned it.
* Improved error message when attempting to generate an activation code for a user who is still being down synced from a voucher.
* Added config support for CC and BCC when sending SMTP messages from the Enterprise Server.
Version 2.1.3
* Improved description for minimum password length policy item to take into account FDE password length limitation
* Resolved issue creating policy file when settings were not set and default values were used
Version 2.1.2
* Correct error message now displayed if attempting to create an organisation login with the same name as an existing login
* Many changes to the communications functions between the PHP extension and service, for improved reliability and performance
* Additional policy item added to workstation policy to control activation dialog behaviour
* Fixed problem when setting integer data type policy options as empty string values
* Fixed error displayed following failed attempt to change organisation login password
* Changed alert processing so a badly reported status update will still revert a user to the dirty state if the update was intended to cleanse them
* Added JSON encoding to encryption group name to prevent errors displaying atypical characters
* Moved curl_global_init to a common start-up function, rather than each thread calling it
* Modified My Account details card in the control panel to correctly display last login time
* Fixed some spelling mistakes
* Fixed crash in AdminSrv which was caused by internet access configuration errors
* Added additional debugging support for debugging internet communication problems
* Modified activation email for future device support
Version 2.1.1
* Fixed problem when users who only had an activation code were not correctly flagged dirty after some changes
Version 2.1.0
* Deletion of an organisation now works correctly.
* Deletion of user now removes their licence and key-file information.
* Added Active Directory import functions.
* Voucher resync now adds users again that are not found in the local database.
* The SQL login is now created specifying "English" language, to avoid datetime problems on non "English" SQL servers.
* Improved SQL error handling. Better detection for dead SQL connections found in the pool, and retry support.
* Fixed potential crash when logging in with users who were marked as dirty.
* Improved debugging options available for problem diagnosis.
Version 2.0.38
* Modified dirty state so that is calculated dynamically. This results in the dirty state being removed if a change is undone, or won't be applied if a change has no effective result to group policy.
* Improved working memory set by releasing objects sooner if they are no longer being used
* Fixed some memory leaks
* Added ability to rename licensed users
Version 2.0.37
* Fixed problem with auto email of activation code when generating codes as a task
* Fixed problem generating additional (i.e. not first) activation codes as a task
* Fixed problem entering certain characters into proxy username and password fields
* Improved error handling in PHP/JS scripts
Version 2.0.36
* Added "Copy To..." ability on encryption keys for system admins to be able to copy encryption keys from one organisation to another
Version 2.0.35
* Allowed duplicate encryption key (serial number) to be is use by different organisations
* Fixed FormatError function retuning invalid information for unrecognised errors
* Fixed problem where users on perpetual licences were incorrectly flagged as being expired
Version 2.0.34
* Added "Voucher Type" to voucher card, which also includes expiry date if subscription.
* Modified voucher resync function to allow atomic update and reissue of licences when voucher changes.
* Added alerts for background task completion, and suppressed some alerts posted as a result of a background task.
* Added JavaScript checks to allow FDE to fail earlier if the user does not have a supported licence.
* Allowed user interface background polling interval to be modified via Enterprise Server control panel.
Version 2.0.33
* Implemented password policy from team, to generation of FDE login and recovery passwords.
* Fixed bug closing database handle during upgrade that could cause problems when upgrading very old versions
* Added more escaping of data returned as JSON to front end
Version 2.0.32
* Added some missing Alerts relating to posting of certain update types
* Added automatic creation of database backup prior to any database upgrades
* Fixed FDE workstation reporting there were updates pending when they were paused (after a reboot)
* Resolved some additional stability issues
Version 2.0.31
* Some minor memory leaks were addressed, which over a period of time could lead to instability in the service
* Resolved an issue which prevented managed uninstall mode being applied to 32 bit client installs
* Some GUI elements now have a default selection rather than always relying on user selection
Version 2.0.30
* EnterpriseServer setting in config.cfg can now be ignored, and a default is used.
Version 2.0.29
* Enterprise Sync errors are now reported to the user via the front end
* Added dlp_error.xml error list for formatting error codes to human readable strings
* Modified alert list SQL query to return distinct results, to avoid the user being told more alerts exist than are actually being displayed
* Fixed potential crash situation when logging out of the front end whilst performing other operations
* Added extra FDE debugging options to set behaviour during encryption
* Added backend support to allow resuming paused FDE operations
* Start FDE override compatibility checks now has option to remember setting
* Used activation codes are now hidden to avoid confusion and prevent re-use
* Alert notifications have been improved, making it easier to locate more information for a new alert.
* Posting a key-file to all users in a filtered list now works as expected
Version 2.0.28
* Updated some policy descriptions to reflect changes to DESlock+ client components
* Modified some SQL Indexes for faster queries
* Modified alert list to be more responsive and only read certain data when the user requests it
Version 2.0.27
* Changed inactivity DetectionMethod value when writing policy registry file. This was hardcoded to the wrong value.
* Modified alerts so they can be shown and read on a per login basis rather than a global basis.
* Fixed FDE tool managed mode policy which was incorrectly inverted and thus allowed dlpfua to run in an Enterprise Managed Environment, despite the default being set to not run.
* Added a function to remove some deprecated group policy values that could have been set outside their default values in some circumstances, when upgrading from a previous version.
Version 2.0.26
* Ability to set managed uninstall for 64 bit client installs
Version 2.0.25
* Updated to set inactivity timeouts in admin.reg file
Version 2.0.24
* New workstation policy settings added to admin.reg file
* Ability to enable/disable splash screen
* Added tokenstore path override settings
Version 2.0.23
* 64 bit client installs can now be uploaded into the client installs panel.
* Client installs panel now sorts correctly on date and version number.
Version 2.0.22
* Resolved problem where commands could fail in the enterprise server but the specific error code was lost resulting in an erroneous "success" error.
* Attempted to alleviate the "No licence" error when generating new activation codes.
* Changed version information order to show package version (most important) first
* Added support to recognised RDP Client virtual workstations i.e. different icon, FDE commands disabled.
Version 2.0.21
Added ability to generate a workstation uninstallation code for workstations where uninstall is in a managed mode.
Version 2.0.20
* Removed pending state of FDElogin following failed recovery updated.
* Changed password function to allow enforcing mixed case passwords
* Made unrecognised status message generate an alert and are then marked as processed, rather than being ignored (which causes it to be stuck in a loop)
* Added master encryption key identity to config file
Version 2.0.19
* Fixed problem authenticating a workstation, that had previously been authenticated and then de-authenticated, or simply authenticated by a different user, where the generated alert contained the wrong workstation information.
Version 2.0.18
* Fixed problem authenticating workstation after upgrading the server to version 2.0.17 (previous version).
Version 2.0.17
* Modified revoke/authentication so that the authenticate re-adds the workstation if it was just revoked.
* Resolved incorrect error resulting from failed database connection.
* Fixed problem when creating registry policy file.
* Changed default expiry action in registry policy file to a valid value rather than 0.
* Prevented downloading of merged install when no policy selection has been made.
Version 2.0.16
* Install changes only
Version 2.0.15
* Install changes only
Version 2.0.14
* Install changes only
Version 2.0.13
* Install changes only
Version 2.0.12
* Install changes only
Version 2.0.11
* Escaped JSON used by group policy, in case of special characters
* Escaped REG_SZ values when creating .reg files as certain special characters must be escaped
Version 2.0.10
* Added extra policies for RME and DESlock+ Go
* Setup wizard now works when using IE9 in normal mode (i.e not compatibility mode)
* Set FDE defaults to 5 recovery uses and 3 retries, when starting FDE
* Resolved some 'Sync Errors' generated by the Enterprise Server service, when there was no actual error (just no data)
* Limitations on the characters which are considered invalid in passwords (for FDE or the Enterprise Login account) have been relaxed
Version 2.0.9
* Fixed a problem generating Activation Codes
* Changed dlpadm start type from Automatic to Manual to prevent startup issues
* Fixed some issue relating to the setup wizard and missing text when running on IE6
Version 2.0.8
* Added new DESlock+ Go policy setting to allow configuration of bad password attempts
* Fixed some problems with status processing where it could get stuck processing the same message continuously
* Moved import workstation to beginning of ES_COMMAND_INITIALKEYFILE status processing so alert contains more information
* Delete workstation now also deletes associated updates
* Moved code that removed failed tasks to later in program startup
* Added GetJSONDescriptors for new group policy functions
* Fixed problem with IsDatabaseInitialized call
* Fixed potential issue when checking to see if admin FDE login username can be changed
* Added front end support to allow the admin FDE login to be changed
* Fixed ::Refresh functions not refreshing some changes and returning blank data
* Changed default named pipe name for communicating with dlpadm service
* If MSSQL was installed by the pre-install, the setup wizard now displays the SA details
* Fixed generate password so it distinguishes between upper and lower case when validating a password
* Fixed deletion of teams
Version 2.0.7
* Added ability to change terminator count for key in group
* Added password policy settings to add FDE-Login command, so policy can be enforced by the client
* Fixed delete encryption key
* Prevented tasks from being started on empty lists
Version 2.0.6
* Fixed a problem searching in lists. Search on some panels did not work at all. Switching paging on in control panel would cause searching to fail until the browser was refreshed.
* Fixed a problem where an organisation appeared in the MRU list but no longer existed. Now missing organisations are removed from the MRU list.
* Added key transfer functions.
Version 2.0.5
* Modified alert text to allow longer string and html formatting.
* Added "Recovery Update pending" to FDE login display when a recovery update is pending.
* Supports Key-File update postpone warnings.
* Supports FDE Login Recovery Update warnings.
* Modified authenticated workstation arrival method. Forcibly removed AM/PM from 24 hour time formats as some Windows locales could still cause 24 hour times to include these.
* Fixed double alert message when user applies a recovery password update. Unified error codes with rest of DESlock+.
* Minified JavaScript, PHP and CSS files.
* Fixed a problem with navigation tree where duplicate copies of entries could occur.
* Fixed Organisation Management and Tasks buttons so they now work and go to the correct pages.
* Added rudimentary global JavaScript error handler. This only works in IE and Firefox and does nothing in unsupported browsers.
* Changed incorrect text in some places from ‘Authentication’ to ‘Activation’ to bring in line with documentation and client software.
* Updated filters for users so they work correctly.
* Updated themes so the path bar displays correctly. Especially the DESlock theme.
* When download a workstation policy settings the name is now set to “DESlock+ ES Settings - -
.reg”. Previously “admin.reg”
* Starting FDE and Adding FDE Login : Recovery Uses now cannot be 0. Valid values are 1-254.
* Changed Alert, Update and Task details windows to have a close button and not OK/Cancel.
Version 2.0.4
* Fixed a problem saving certain formatted data to the database.
* Setup wizard now correctly validates Customer Reference code.
* Added functions to team object to allow saving settings on a per team basis.
* Added some missing error descriptions.
* Added support for multiple workstation policy settings.
* If no workstation policy settings exist, a new one called "Default" will be created with default settings.
* Updated refreshing of tree and lists after changes to group policy and key groups.
* Create encryption key : algorithm type drop down no longer editable.
* Activation codes now refreshed in background so they go from unused to used automatically.
* Changed workstation and group policy edit boxes so they do not accept return.
* Added workstation policy for client proxy settings.
* Updated download settings file so that an error is displayed if it fails.
Version 2.0.3
* Fixed code used for proxy access
* Made the delete of multiple users a task.
* Added alerts for user deletion events.
* Added some missing successful task reports.
* Modified Enterprise Proxy Sync error.
Version 2.0.2
* Added support to use an Internet Proxy for web access.
* Added Customer Reference code validation.
* Modified some delete functions (e.g. Team::Delete).
* Added support to process recovery update status.
* Encountering a "sync error" during an activation now marks the Activation Code as having been used.
* Activation codes remain in a "used" state even if the original workstation is deleted.
* Unused policy bits are forcibly cleared from workstation policy when creating an admin.reg file.
* Fixed some issues where FDE logins were not shown as pending addition or removal when in fact they were.
Version 2.0.1
* Fixed a group policy issue caused by team inheritance.
* Update to mark users dirty by changes to groups to whom the user is an implicit member (explicit membership already did this).
Version 2.0.0
* Initial public release of v2 Enterprise Server package.
|