Skip to content

Release notes for the September 7, 2025 update

Update Version 4.1.202509051825

New Features

Added password rotation support for domain service accounts.

The option updates password of dependent services, tasks and application pools run as Active Directory account on multiple domain computers after rotating password of the domain account.

The option allows to manage Windows domain accounts while maintaining consistency with the accounts dependencies across the network.

Added support for WEB sessions to use user linked mirror accounts.

Mirror account option enables a user to access a remote asset endpoint using the privileged credentials related to the original account unique for each user instead of sharing the same privileged credentials.

The option enables support for the endpoint to track access for individual users while maintaining least privileges for the main user account. The option also enables support for Microsoft Enhanced Security Admin Environment (ESAE, red forest, admin forest).

Added Access report to display assets with granted permissions.

The access report allows to cross reference assets, list of users with permissions to this asset and the chain og groups memberships that allow these users to receive each specific grant.

This report is one of the main tools for the system owners to show auditors who exactly can access what in their network with what exact permissions and how. It also simplifies identity governance management in the organization to identify unnecessary access often granted through the chain of nested user groups.

Security

  • Updated application framework for Linux x64, Linux arm, Windows x64 and Windows arm platforms to the latest version.

  • Updated application WEB Container to the latest version.

  • Updated application client side WEB framework to the latest version.

  • Updated network streaming component to the latest version.

  • Updated software Bill of Materials maintenance component to the latest version.

Extensions

  • Added SSH tunnel destination IP forwarding restrictions based on the asset fields Tunnel Host and Tunnel Port. The option allows asset owners to restrict the destination services users can build tunnels to through the zero trust session.

  • Added the option for request approver to review the list of the legacy approved requests in addition to the requests to approve.

  • Added account qualification such as Main, Transit or Mirror to the account column in the session report.

  • Added binary hashes for offline installation, distributed gateway and WEB HTTP driver binaries to verify integrity of the downloaded packages.

Fixes

  • Fixed the issue with the blanket error message in the system log about during job pool recovery.

  • Fixed the issue with archiving jobs with attached schedules.

  • Added warning messages to the application log about failing to send request approval notifications because of no enabled SMTP servers found or no email on the user profile to better troubleshoot notification issues.

  • Fixed the issue with logout from the WEB GUI in some cases of completing the WEB Session.

  • Fixed the issue with security verification of the starting the WEB Session with the member assets as a credentials provider.

  • Fixed the issue with error messages displayed in the WEB Session console when establishing WEB Session using the user from the master tenant user directory.

  • Fixed the issue with the About screen title translation after refreshing the screen.

  • Fixed the issue with the Windows Password Reset by Account Itself script to work with the account given in the domain\user notation.

  • Fixed the issue with displaying login of Active Directory users without User Principal Name defined.