Access Rights Manager 2020.2 Release Notes
Release date: June 4, 2020 (major release)
Latest service release: May 2021, 2020.2.7
Updated: May 17, 2021
Download a translated PDF: ARM 2020.2 Release Notes (Versionshinweise, deutsch)
These release notes describe new features and improvements in the Access Rights Manager 2020.2 release.
New Features and Improvements
Microsoft Teams Integration
Microsoft Teams is used by more and more companies for collaboration and communication. The familiar scope of ARM is now available to Microsoft Teams for analysis and report generation as well as for managing access rights and team memberships.
Configuration
Scan configuration (add Teams to ARM)
Change configuration (configure ARM to manage Teams permissions)
Please note that an Azure Active Directory scan is required to resolve usernames. Without an AAD scan, ARM can only display the SIDs.
Use cases
Permission analysis
Analyze access rights on Teams resources
Documentation & Reporting
The report "Who has access where?" can now also be used for Teams resources.
User Provisioning
Manage teams (create, delete, memberships, edit settings)
Manage channels (create, delete, edit settings)
Recertification of Active Directory group memberships
Previously, only file server permissions could be included in the recertification. With ARM 2020.2 you can now recertify Active Directory group memberships. This allows you to extend the regular check of the authorization situation to considerably more areas that are controlled by group memberships, for example in so-called role groups.
Graphical timeline analysis of events in the web client
When you log on to the Web client as an ARM administrator, a new graphical timeline display of events is available under Analyze > Timeline. You can use the display to analyze the events of all ARM management activities as well as all recorded Logga events. The Timeline view includes zoom in and out functionalities. Additional filters and a free search allow the administrator to quickly find the desired events. Read more...
AAD Logga - Monitoring events in Azure Active Directory (AAD)
Activities in AAD can now be monitored with ARM. Events are transferred to the ARM logbook and are available for graphical evaluation in the user interface and in reports, just as with on-premise AD Logga. To control the information quantity, ARM provides various filter options.
Enhanced support for forwarding events to syslog servers
Until now, ARM could only forward alarm events to syslog servers. With the new version, events of the following categories can also be forwarded to syslog servers:
- ARM system health status
- ARM operational issues
- ARM activity events
You can now also configure the Syslog Facility. Read more...
Extended Configuration Wizard
The Configuration Wizard now supports the following additional specifications during the initial configuration of the file server scans:
- Selection of the shares to be scanned
- Selection of file server type
- Schedule of the scan
With this extension, even the first file server scans can be configured optimally.
Diagnostic Tool
The ARM Diagnostic tool allows you to easily collect diagnostic data and prepare it for sending it to SolarWinds support. Read more...
Fixed issues
2020.2 release, June 4, 2020
| Case Number | Description |
|---|---|
| 438204 | AD Logga: A domain can be manually configured if it was not automatically detected. |
| 493056 | AD Logga: An issue where under certain conditions not all events from all domain controllers were recorded has been fixed. |
| 495364 | AD Logga Report: An issue where the report showed more events than related to the selected resource was fixed. |
| 478136 | FS Logga: A connection issue was fixed. |
| 492327 | Webclient: An issue where template validation rules doesn't respect certain RegEx was fixed. |
| 458695 | An issue where the FS Logga retrieves the NetApp (C-Mode) shares using system credentials instead configured one was fixed. |
| 467173, 424768, 469129, 345614 | An issue with OU-based licensing was fixed. |
| 478260 | Data Owner Configuration: Some problems with the behavior of the user interface were fixed. |
| 471595 | An issue with the maximum event log entry size was fixed. |
| 471710, 502091 | An issue with the dashboard report "Max depth with changed access rights" was fixed. |
| 442614 | An issue with the number of expired passwords displayed in the web dashboard was fixed. |
| 443147, 446567, 450996, 450275, 455603, 450026, 435597, 436902, 418139, 423169, 446567 | FS Logga: A problem with driver signing was fixed. |
| 443178 | An issue with an incorrectly displayed expiration date in the logbook was fixed. |
| 424768 | The warning message for restarting the ARM service when changing the license scope has been adjusted. |
| 420901 | The FS Logga Report and OneDrive Logga Report shortcuts are now no longer displayed on the ARM home page if they have been disabled for the appropriate role in the ARM configuration. |
| 435050, 412638 | An issue where users could not log into ARM under certain conditions has been fixed. |
| 396606 | AD Logga: An issue with attribute filtering was fixed. |
| 368221 | An issue where a manager under certain conditions could not use features assigned to his role was fixed. |
| 371157, 481379 | An issue where ARM (rich client) applications crashed sporadically in terminal server environments has been fixed. |
| 292364, 297201 | A problem with the display of certificate information was fixed. |
2020.2.1 service release, June 14, 2020
| Case Number | Description |
|---|---|
| - | A security issue was fixed. |
| - | An issue where the Configuration Wizard was not updated to the latest version was fixed. |
2020.2.2 service release, September 15, 2020
| Case Number | Description |
|---|---|
| 527574 |
In this release the network communication between the ARM components has been significantly revised. This has further improved the security of ARM. The connection between the ARM applications and the ARM server is now always encrypted. Random High Ports are no longer used for communication between the ARM applications and the ARM server, which may simplify the configuration of firewalls. See also: System Requirements > Port Requirements. Due to the changed communication it is necessary that additional collectors (not the ARM server itself) are configured with the FQDN (fully qualified domain name). In order to adapt existing configurations with IP addresses or NetBIOS names, a new function "Rename Collectors" has been added to the ARM collector configuration. |
| 578318, 567963 | The methods for connecting to Exchange Online have been revised and adapted to recent changes in Exchange Online. |
| - | A security issue in relation to script files called by EasyConnect was fixed. To close the gap, existing EasyConnect configurations with script calls must be deleted and then recreated in the ARM configuration application. |
| - | Encrypted data transfer between ARM server and SQL server is now supported. Please see also ARM basic configuration. |
| 462205 | A problem with high network load in certain configurations with AD-Logga was fixed. |
| 557541, 469759, 502946, 526045, 533788 | An issue where the ARM service stopped spontaneously and login to the ARM applications was no longer possible was fixed. |
| 544994 | An issue with the AccountSearchTextField function in custom templates was fixed. |
| 547914 | An issue with the Initial Password function in custom templates was fixed. |
| 543366 | An issue with the GroupAccountSearchTextField function in custom templates was fixed. |
| 549740 | An issue where searching for mailbox names did not work for certain configurations was fixed. |
| 451611, 557152, 570400, 576564, 557365, 558058, 559747, 559941, 563544, 566270, 558058, 575734, 582198, 559941 | An issue with the DataWarehouse precalculation for the risk assessment was fixed. |
| 560033, 561996, 548903, 576648 | An issue with FS-Logga was fixed. |
| 568827, 600813 | An issue with the import functionality in the resource owner configuration was fixed. |
| - | A connection problem with Microsoft Teams was fixed. |
| 476408 | A performance issue with a very high number of stored scans was fixed. |
| - | An issue where the Exchange scan failed due to special characters in the name of distribution groups was fixed. |
| 534039 | Usability has been improved in the DataOwner configuration. |
| 554471, 559207 | An error when scanning Azure Active Directory was fixed. |
| 385315 | An issue with the sending of recertification notification emails has been resolved. |
| 590887 | An issue with report generation has been fixed. |
2020.2.3 service release, September 23, 2020
| Case Number | Description |
|---|---|
| 616042, 617152, 614828 | An issue with separate installation of the ARM applications was fixed. |
| - | An issue with SharePoint sites that do not have the Secondary Contact or Site Owner properties was fixed. |
2020.2.4 service release, January 22, 2021
| Case Number | Description |
|---|---|
| - | ARM is signed with a new digital code-signing certificate. |
| - | New feature for SharePoint Online: It is now possible to configure multiple site collections in one step by using the SharePoint Admin URL (similar to SharePoint on-premise). For more information, see the "Add a SharePoint Online scan" chapter in the Administrator Guide. |
| - | A security issue was fixed. |
| 652956, 663072 | An issue with FS Logga not working on EMC was fixed. |
| 647876 | A security issue was fixed. |
| 493056, 502526, 438204 | An issue with AD Logga in large environments was fixed. It is now possible to configure more than one collector for AD Logga. |
| 614983, 549740 | An issue with the display of Exchange mailboxes was fixed. |
| 652266 | An issue with the RestrictToDataOwnerResources property in templates and webAPI calls was fixed. |
| 637144, 668550 | An issue with mandatory fields in templates was fixed. |
| 618999 | An issue with the change of group memberships in Azure AD was fixed. |
| 470828 |
An issue with name resolution for alarms triggered by users from non-trusted domains was fixed. |
| 535000 | An issue where data owners could see objects outside their scope in Multiselection was fixed. |
| 556601 | An issue with the configuration of SharePoint on-premise scans was fixed. |
| 552513 | An issue with Exchange mailboxes was fixed. |
| 610140, 642455 | An issue with the ARM user management/role management was fixed. |
| 617199 | An issue based on internal credential handling in ARM was fixed. |
| 650586 | An issue with the display of a specific LDAP attribute value was fixed. |
| 652319 | An issue with the department profiles was fixed. |
2020.2.5 service release, February 9, 2021
| Case Number | Description |
|---|---|
| 638858, 669594, 660045 | A connection issue was fixed. |
| - | An issue with the Azure AD Logga was fixed. |
| 545005 | An issue with the Recertification notification emails was fixed. |
2020.2.6 service release, March 2021
| Case Number | Description |
|---|---|
| 638911 | If the driver of the FS Logga for Windows file server is not running correctly, the FS Logga is now switched off and also displayed as switched off in the configuration application. A warning is displayed in the ARM logbook. |
| 648966 | In case one of several DCs was not reachable by name resolution (invalid DNS configuration), the AD logga could not start. This issue was fixed. |
| 668334 | The Exchange Logga could not be configured in mixed environments of Exchange 2010 (no longer supported) and newer Exchange versions. The issue was fixed and supported Exchange versions are now always displayed and can be added. |
| 730973, 738075 | An issue with importing a very large DataOwner configuration file was fixed. |
| 724579 | An issue with resolving group memberships in multi-domain environments with restricted trust settings was fixed. |
| 744123 | When writing FS-Logga data to the database, duplicate assignment of IDs could occur in rare cases. This issue was fixed. |
| - | Security for configuration files has been increased. |
2020.2.7 service release, May 2021
| Case Number | Description |
|---|---|
|
A connection issue with Exchange has been fixed. The Exchange update KB5001779 (included in several cumulative updates) changed the settings for accessing Exchange via PowerShell and ARM had to be adapted to it. |
|
| 732363 | Compatibility with SysLog has been increased so that messages are no longer truncated after 1024 bytes in length for certain protocol versions. |
Known issues
If only the ARM collector was installed on a Windows file server and then the ARM FS-Logga feature was added via "Programs and Features" of Windows control panel, the FS-Logga feature will not work. Solution: Uninstall the ARM collector and reinstall ARM Collector and FS Logga feature in one single step using the ARM setup.
When using custom templates, AccountSearchTextField does not work for assigning managers.
During ARM Express installation, the built-in SQL Express installation fails if SQL 2017 or later is already present on the server. Use the Express installation only on a server where SQL is not already installed or choose the Advanced installation to use an existing SQL instance.
In some cases the automatic or manual update of FS-Logga components on Windows file servers may fail. As a workaround, start the setup on the Windows file server and select the Repair option. The repair feature will remove the installation and reinstall the components.
The ARM Diagnostic Tool must be run with administrator privileges.
In version 2020.2.7, the Exchange mailbox size is not displayed.
New customer installation
Installing ARM onto a server that has an Orion Platform installation is not recommended. ARM and Orion Platform products should be installed on separate servers. Note that ARM is not an Orion Platform product.
For information about installing Access Rights Manager see the "ARM Installation Guide" from the Success Center.
How to upgrade
If you are upgrading from a previous version, please refer to the chapter "Perform an update installation" from the Success Center.
The ARM server is renamed from pnServer.exe to armServer.exe. Please note this if you have set up appropriate firewall rules.
End of support
This version of Access Rights Manager no longer supports the following software:
| Type | Software |
|---|---|
| Operating system |
Windows 2008 R2 |
| Database server | SQL Server 2008 |
| Database server | SQL Server 2008 R2 |
Deprecation notices
This version of ARM deprecates the following platforms and features.
Deprecated platforms and features are still supported in the current release. However, they will be unsupported in a future release. Plan on upgrading deprecated platforms, and avoid using deprecated features. Customizations applied to a deprecated feature might not be migrated if a new feature replaces the deprecated one.
For information about supported version of SolarWinds products, see Currently supported software versions.
| Type | Deprecation |
|---|---|
|
Windows Vista |
The operating system is considered deprecated for the ARM applications as of this version. Although you can still install ARM applications on Windows Vista, this operating system version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated operating system version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your operating systems at your earliest convenience. |
| Windows 7 | The operating system is considered deprecated for the ARM applications as of this version. Although you can still install ARM applications on Windows 7, this operating system version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated operating system version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your operating systems at your earliest convenience. |
| Exchange 2010 |
Exchange 2010 is considered deprecated as of ARM version 2020.2.0. Although you can still use ARM up to version 2020.2.6 with Exchange 2010, this Exchange version is deprecated and will no longer be supported in future versions of ARM. It is possible that problems caused by the deprecated Exchange version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your systems at your earliest convenience. |
| SharePoint 2010 | SharePoint 2010 is considered deprecated as of this version. Although you can still use ARM with SharePoint 2010, this version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated SharePoint version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your systems at your earliest convenience. |
End of life
With the release of ARM version 2020.2 the following versions of ARM are no longer supported:
- ARM 9.0
- ARM 9.1
Legal notices
© 2023 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.