Documentation forAccess Rights Manager

Access Rights Manager 2020.2 Release Notes

 

Release date: June 4, 2020

Updated: September 15, 2020

Download a translated PDF: ARM 2020.2 Release Notes (Versionshinweise, deutsch)

These release notes describe new features and improvements in the Access Rights Manager 2020.2 release.

 

New Features and Improvements

Microsoft Teams Integration

Microsoft Teams is used by more and more companies for collaboration and communication. The familiar scope of ARM is now available to Microsoft Teams for analysis and report generation as well as for managing access rights and team memberships.

 

Configuration

Scan configuration (add Teams to ARM)

Change configuration (configure ARM to manage Teams permissions)

Please note that an Azure Active Directory scan is required to resolve usernames. Without an AAD scan, ARM can only display the SIDs.

 

Use cases

Permission analysis

Analyze access rights on Teams resources

 

Documentation & Reporting

The report "Who has access where?" can now also be used for Teams resources.

 

User Provisioning

Manage teams (create, delete, memberships, edit settings)

Manage channels (create, delete, edit settings)

 

Recertification of Active Directory group memberships

Previously, only file server permissions could be included in the recertification. With ARM 2020.2 you can now recertify Active Directory group memberships. This allows you to extend the regular check of the authorization situation to considerably more areas that are controlled by group memberships, for example in so-called role groups.

 

Graphical timeline analysis of events in the web client

When you log on to the Web client as an ARM administrator, a new graphical timeline display of events is available under Analyze > Timeline. You can use the display to analyze the events of all ARM management activities as well as all recorded Logga events. The Timeline view includes zoom in and out functionalities. Additional filters and a free search allow the administrator to quickly find the desired events. Read more...

 

AAD Logga - Monitoring events in Azure Active Directory (AAD)

Activities in AAD can now be monitored with ARM. Events are transferred to the ARM logbook and are available for graphical evaluation in the user interface and in reports, just as with on-premise AD Logga. To control the information quantity, ARM provides various filter options.

 

Enhanced support for forwarding events to syslog servers

Until now, ARM could only forward alarm events to syslog servers. With the new version, events of the following categories can also be forwarded to syslog servers:

  • ARM system health status
  • ARM operational issues
  • ARM activity events

You can now also configure the Syslog Facility. Read more...

 

Extended Configuration Wizard

The Configuration Wizard now supports the following additional specifications during the initial configuration of the file server scans:

  • Selection of the shares to be scanned
  • Selection of file server type
  • Schedule of the scan

With this extension, even the first file server scans can be configured optimally.

 

Diagnostic Tool

The ARM Diagnostic tool allows you to easily collect diagnostic data and prepare it for sending it to SolarWinds support. Read more...

 

Fixed issues

With the release 2020.2 the following issues were fixed:

Case Number Description
62924 AD Logga: A domain can be manually configured if it was not automatically detected.
64786 AD Logga: An issue where under certain conditions not all events from all domain controllers were recorded has been fixed.
64896 AD Logga Report: An issue where the report showed more events than related to the selected resource was fixed.
64420, 64219 FS Logga: A connection issue was fixed.
64670 Webclient: An issue where template validation rules doesn't respect certain RegEx was fixed.
63386 An issue where the FS Logga retrieves the NetApp (C-Mode) shares using system credentials instead configured one was fixed.
63360, 60831, 63571, 56934 An issue with OU-based licensing was fixed.
63575 Data Owner Configuration: Some problems with the behavior of the user interface were fixed.
63303 An issue with the maximum event log entry size was fixed.
63299, 64790 An issue with the dashboard report "Max depth with changed access rights" was fixed.
61777 An issue with the number of expired passwords displayed in the web dashboard was fixed.
62018, 62020, 62161, 62162, 62406, 62471, 62472, 61873, 61893, 62297, 62020 FS Logga: A problem with driver signing was fixed.
61969 An issue with an incorrectly displayed expiration date in the logbook was fixed.
60831 The warning message for restarting the ARM service when changing the license scope has been adjusted.
60679 The FS Logga Report and OneDrive Logga Report shortcuts are now no longer displayed on the ARM home page if they have been disabled for the appropriate role in the ARM configuration.
61372, 60225 An issue where users could not log into ARM under certain conditions has been fixed.
59459 AD Logga: An issue with attribute filtering was fixed.
58554 An issue where a manager under certain conditions could not use features assigned to his role was fixed.
58212, 64193 An issue where ARM (rich client) applications crashed sporadically in terminal server environments has been fixed.
54953, 54151 A problem with the display of certificate information was fixed.

 

 

With the service release 2020.2.1 the following issues were fixed:

Case Number Description
- A security issue was fixed.
- An issue where the Configuration Wizard was not updated to the latest version was fixed.

 

 

With the service release 2020.2.2 the following issues were fixed:

Case Number Description
66315

In this release the network communication between the ARM components has been significantly revised. This has further improved the security of ARM. The connection between the ARM applications and the ARM server is now always encrypted. Random High Ports are no longer used for communication between the ARM applications and the ARM server, which may simplify the configuration of firewalls. See also: System Requirements > Port Requirements.

Due to the changed communication it is necessary that additional collectors (not the ARM server itself) are configured with the FQDN (fully qualified domain name). In order to adapt existing configurations with IP addresses or NetBIOS names, a new function "Rename Collectors" has been added to the ARM collector configuration.

69173, 69578 The methods for connecting to Exchange Online have been revised and adapted to recent changes in Exchange Online.
- A security issue in relation to script files called by EasyConnect was fixed. To close the gap, existing EasyConnect configurations with script calls must be deleted and then recreated in the ARM configuration application.
- Encrypted data transfer between ARM server and SQL server is now supported. Please see also ARM basic configuration.
63627 A problem with high network load in certain configurations with AD-Logga was fixed.
67863, 64035, 65453, 65960, 66467 An issue where the ARM service stopped spontaneously and login to the ARM applications was no longer possible was fixed.
67096 An issue with the AccountSearchTextField function in custom templates was fixed.
67297 An issue with the Initial Password function in custom templates was fixed.
67286 An issue with the GroupAccountSearchTextField function in custom templates was fixed.
67665 An issue where searching for mailbox names did not work for certain configurations was fixed.
62392, 67806, 68658, 69064, 67826, 67857, 67963, 67969, 68206, 68380, 67857, 69065, 69303, 67969 An issue with the DataWarehouse precalculation for the risk assessment was fixed.
68150, 69063, 68184, 69681 An issue with FS-Logga was fixed.
68487, 70671 An issue with the import functionality in the resource owner configuration was fixed.
67986 A connection problem with Microsoft Teams was fixed.
66449 A performance issue with a very high number of stored scans was fixed.
70032 An issue where the Exchange scan failed due to special characters in the name of distribution groups was fixed.
66519 Usability has been improved in the DataOwner configuration.
67674, 67891 An error when scanning Azure Active Directory was fixed.
58999 An issue with the sending of recertification notification emails has been resolved.
69990 An issue with report generation has been fixed.

 

 

Known issues

If only the ARM collector was installed on a Windows file server and then the ARM FS-Logga feature was added via "Programs and Features" of Windows control panel, the FS-Logga feature will not work. Solution: Uninstall the ARM collector and reinstall ARM Collector and FS Logga feature in one single step using the ARM setup.

When using custom templates, AccountSearchTextField does not work for assigning managers.

During ARM Express installation, the built-in SQL Express installation fails if SQL 2017 or later is already present on the server. Use the Express installation only on a server where SQL is not already installed or choose the Advanced installation to use an existing SQL instance.

In rare cases, if customers had installed version 2020.2.0 and updated to version 2020.2.1, the update of FS-Logga components on Windows file servers to version 2020.2.2 may fail. In this case please contact our support.

 

New customer installation

Installing ARM onto a server that has an Orion Platform installation is not recommended. ARM and Orion Platform products should be installed on separate servers. Note that ARM is not an Orion Platform product.

For information about installing Access Rights Manager see the "ARM Installation Guide" from the Success Center.

 

How to upgrade

If you are upgrading from a previous version, please refer to the chapter "Perform an update installation" from the Success Center.

The ARM server is renamed from pnServer.exe to armServer.exe. Please note this if you have set up appropriate firewall rules.

 

End of support

This version of ARM no longer supports the following software:

Type Software
Operating system

Windows 2008 R2

Database server SQL Server 2008
Database server SQL Server 2008 R2

 

Deprecation notices

This version of ARM deprecates the following platforms and features.

Deprecated platforms and features are still supported in the current release. However, they will be unsupported in a future release. Plan on upgrading deprecated platforms, and avoid using deprecated features. Customizations applied to a deprecated feature might not be migrated if a new feature replaces the deprecated one.

For information about supported version of SolarWinds products, see Currently supported software versions.

Type Deprecation

Windows Vista

The operating system is considered deprecated for the ARM applications as of this version. Although you can still install ARM applications on Windows Vista, this operating system version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated operating system version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your operating systems at your earliest convenience.

Windows 7 The operating system is considered deprecated for the ARM applications as of this version. Although you can still install ARM applications on Windows 7, this operating system version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated operating system version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your operating systems at your earliest convenience.
Exchange 2010 Exchange 2010 is considered deprecated as of this version. Although you can still use ARM with Exchange 2010, this version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated Exchange version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your systems at your earliest convenience.
SharePoint 2010 SharePoint 2010 is considered deprecated as of this version. Although you can still use ARM with SharePoint 2010, this version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated SharePoint version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your systems at your earliest convenience.

 

End of life

With the release of ARM version 2020.2 the following versions of ARM are no longer supported:

  • ARM 9.0
  • ARM 9.1

 

 

Legal notices

© 2020 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.