Documentation forAccess Rights Manager

Access Rights Manager 2020.2 release notes

Release date: June 4, 2020 (major release)

Latest service release: May 2021, 2020.2.7

Updated: May 17, 2021

Download a translated PDF: ARM 2020.2 Release Notes (Versionshinweise, deutsch)

These release notes describe new features and improvements in the Access Rights Manager 2020.2 release.

New Features and Improvements

Microsoft Teams Integration

Microsoft Teams is used by more and more companies for collaboration and communication. The familiar scope of ARM is now available to Microsoft Teams for analysis and report generation as well as for managing access rights and team memberships.

Configuration

Scan configuration (add Teams to ARM)

Change configuration (configure ARM to manage Teams permissions)

Please note that an Azure Active Directory scan is required to resolve usernames. Without an AAD scan, ARM can only display the SIDs.

Use cases

Permission analysis

Analyze access rights on Teams resources

Documentation & Reporting

The report "Who has access where?" can now also be used for Teams resources.

User Provisioning

Manage teams (create, delete, memberships, edit settings)

Manage channels (create, delete, edit settings)

Recertification of Active Directory group memberships

Previously, only file server permissions could be included in the recertification. With ARM 2020.2 you can now recertify Active Directory group memberships. This allows you to extend the regular check of the authorization situation to considerably more areas that are controlled by group memberships, for example in so-called role groups.

Graphical timeline analysis of events in the web client

When you log on to the Web client as an ARM administrator, a new graphical timeline display of events is available under Analyze > Timeline. You can use the display to analyze the events of all ARM management activities as well as all recorded Logga events. The Timeline view includes zoom in and out functionalities. Additional filters and a free search allow the administrator to quickly find the desired events. Read more...

AAD Logga - Monitoring events in Azure Active Directory (AAD)

Activities in AAD can now be monitored with ARM. Events are transferred to the ARM logbook and are available for graphical evaluation in the user interface and in reports, just as with on-premise AD Logga. To control the information quantity, ARM provides various filter options.

Enhanced support for forwarding events to syslog servers

Until now, ARM could only forward alarm events to syslog servers. With the new version, events of the following categories can also be forwarded to syslog servers:

  • ARM system health status
  • ARM operational issues
  • ARM activity events

You can now also configure the Syslog Facility. Read more...

Extended Configuration Wizard

The Configuration Wizard now supports the following additional specifications during the initial configuration of the file server scans:

  • Selection of the shares to be scanned
  • Selection of file server type
  • Schedule of the scan

With this extension, even the first file server scans can be configured optimally.

Diagnostic Tool

The ARM Diagnostic tool allows you to easily collect diagnostic data and prepare it for sending it to SolarWinds support. Read more...

Fixed issues

2020.2 release, June 4, 2020

Case Number Description
438204 AD Logga: A domain can be manually configured if it was not automatically detected.
493056 AD Logga: An issue where under certain conditions not all events from all domain controllers were recorded has been fixed.
495364 AD Logga Report: An issue where the report showed more events than related to the selected resource was fixed.
478136 FS Logga: A connection issue was fixed.
492327 Webclient: An issue where template validation rules doesn't respect certain RegEx was fixed.
458695 An issue where the FS Logga retrieves the NetApp (C-Mode) shares using system credentials instead configured one was fixed.
467173, 424768, 469129, 345614 An issue with OU-based licensing was fixed.
478260 Data Owner Configuration: Some problems with the behavior of the user interface were fixed.
471595 An issue with the maximum event log entry size was fixed.
471710, 502091 An issue with the dashboard report "Max depth with changed access rights" was fixed.
442614 An issue with the number of expired passwords displayed in the web dashboard was fixed.
443147, 446567, 450996, 450275, 455603, 450026, 435597, 436902, 418139, 423169, 446567 FS Logga: A problem with driver signing was fixed.
443178 An issue with an incorrectly displayed expiration date in the logbook was fixed.
424768 The warning message for restarting the ARM service when changing the license scope has been adjusted.
420901 The FS Logga Report and OneDrive Logga Report shortcuts are now no longer displayed on the ARM home page if they have been disabled for the appropriate role in the ARM configuration.
435050, 412638 An issue where users could not log into ARM under certain conditions has been fixed.
396606 AD Logga: An issue with attribute filtering was fixed.
368221 An issue where a manager under certain conditions could not use features assigned to his role was fixed.
371157, 481379 An issue where ARM (rich client) applications crashed sporadically in terminal server environments has been fixed.
292364, 297201 A problem with the display of certificate information was fixed.

 

2020.2.1 service release, June 14, 2020

Case Number Description
- A security issue was fixed.
- An issue where the Configuration Wizard was not updated to the latest version was fixed.

 

2020.2.2 service release, September 15, 2020

Case Number Description
527574

In this release the network communication between the ARM components has been significantly revised. This has further improved the security of ARM. The connection between the ARM applications and the ARM server is now always encrypted. Random High Ports are no longer used for communication between the ARM applications and the ARM server, which may simplify the configuration of firewalls. See also: System Requirements > Port Requirements.

Due to the changed communication it is necessary that additional collectors (not the ARM server itself) are configured with the FQDN (fully qualified domain name). In order to adapt existing configurations with IP addresses or NetBIOS names, a new function "Rename Collectors" has been added to the ARM collector configuration.

578318, 567963 The methods for connecting to Exchange Online have been revised and adapted to recent changes in Exchange Online.
- A security issue in relation to script files called by EasyConnect was fixed. To close the gap, existing EasyConnect configurations with script calls must be deleted and then recreated in the ARM configuration application.
- Encrypted data transfer between ARM server and SQL server is now supported. Please see also ARM basic configuration.
462205 A problem with high network load in certain configurations with AD-Logga was fixed.
557541, 469759, 502946, 526045, 533788 An issue where the ARM service stopped spontaneously and login to the ARM applications was no longer possible was fixed.
544994 An issue with the AccountSearchTextField function in custom templates was fixed.
547914 An issue with the Initial Password function in custom templates was fixed.
543366 An issue with the GroupAccountSearchTextField function in custom templates was fixed.
549740 An issue where searching for mailbox names did not work for certain configurations was fixed.
451611, 557152, 570400, 576564, 557365, 558058, 559747, 559941, 563544, 566270, 558058, 575734, 582198, 559941 An issue with the DataWarehouse precalculation for the risk assessment was fixed.
560033, 561996, 548903, 576648 An issue with FS-Logga was fixed.
568827, 600813 An issue with the import functionality in the resource owner configuration was fixed.
- A connection problem with Microsoft Teams was fixed.
476408 A performance issue with a very high number of stored scans was fixed.
- An issue where the Exchange scan failed due to special characters in the name of distribution groups was fixed.
534039 Usability has been improved in the DataOwner configuration.
554471, 559207 An error when scanning Azure Active Directory was fixed.
385315 An issue with the sending of recertification notification emails has been resolved.
590887 An issue with report generation has been fixed.

 

2020.2.3 service release, September 23, 2020

Case Number Description
616042, 617152, 614828 An issue with separate installation of the ARM applications was fixed.
- An issue with SharePoint sites that do not have the Secondary Contact or Site Owner properties was fixed.

 

2020.2.4 service release, January 22, 2021

Case Number Description
- ARM is signed with a new digital code-signing certificate.
- New feature for SharePoint Online: It is now possible to configure multiple site collections in one step by using the SharePoint Admin URL (similar to SharePoint on-premise). For more information, see the "Add a SharePoint Online scan" chapter in the Administrator Guide.
- A security issue was fixed.
652956, 663072 An issue with FS Logga not working on EMC was fixed.
647876 A security issue was fixed.
493056, 502526, 438204 An issue with AD Logga in large environments was fixed. It is now possible to configure more than one collector for AD Logga.
614983, 549740 An issue with the display of Exchange mailboxes was fixed.
652266 An issue with the RestrictToDataOwnerResources property in templates and webAPI calls was fixed.
637144, 668550 An issue with mandatory fields in templates was fixed.
618999 An issue with the change of group memberships in Azure AD was fixed.
470828

An issue with name resolution for alarms triggered by users from non-trusted domains was fixed.

535000 An issue where data owners could see objects outside their scope in Multiselection was fixed.
556601 An issue with the configuration of SharePoint on-premise scans was fixed.
552513 An issue with Exchange mailboxes was fixed.
610140, 642455 An issue with the ARM user management/role management was fixed.
617199 An issue based on internal credential handling in ARM was fixed.
650586 An issue with the display of a specific LDAP attribute value was fixed.
652319 An issue with the department profiles was fixed.

 

2020.2.5 service release, February 9, 2021

Case Number Description
638858, 669594, 660045 A connection issue was fixed.
- An issue with the Azure AD Logga was fixed.
545005 An issue with the Recertification notification emails was fixed.

 

2020.2.6 service release, March 2021

Case Number Description
638911 If the driver of the FS Logga for Windows file server is not running correctly, the FS Logga is now switched off and also displayed as switched off in the configuration application. A warning is displayed in the ARM logbook.
648966 In case one of several DCs was not reachable by name resolution (invalid DNS configuration), the AD logga could not start. This issue was fixed.
668334 The Exchange Logga could not be configured in mixed environments of Exchange 2010 (no longer supported) and newer Exchange versions. The issue was fixed and supported Exchange versions are now always displayed and can be added.
730973, 738075 An issue with importing a very large DataOwner configuration file was fixed.
724579 An issue with resolving group memberships in multi-domain environments with restricted trust settings was fixed.
744123 When writing FS-Logga data to the database, duplicate assignment of IDs could occur in rare cases. This issue was fixed.
- Security for configuration files has been increased.

 

2020.2.7 service release, May 2021

Case Number Description
 

A connection issue with Exchange has been fixed. The Exchange update KB5001779 (included in several cumulative updates) changed the settings for accessing Exchange via PowerShell and ARM had to be adapted to it.

732363 Compatibility with SysLog has been increased so that messages are no longer truncated after 1024 bytes in length for certain protocol versions.

 

Known issues

If only the ARM collector was installed on a Windows file server and then the ARM FS-Logga feature was added via "Programs and Features" of Windows control panel, the FS-Logga feature will not work. Solution: Uninstall the ARM collector and reinstall ARM Collector and FS Logga feature in one single step using the ARM setup.

When using custom templates, AccountSearchTextField does not work for assigning managers.

During ARM Express installation, the built-in SQL Express installation fails if SQL 2017 or later is already present on the server. Use the Express installation only on a server where SQL is not already installed or choose the Advanced installation to use an existing SQL instance.

In some cases the automatic or manual update of FS-Logga components on Windows file servers may fail. As a workaround, start the setup on the Windows file server and select the Repair option. The repair feature will remove the installation and reinstall the components.

The ARM Diagnostic Tool must be run with administrator privileges.

In version 2020.2.7, the Exchange mailbox size is not displayed.

New customer installation

Installing ARM onto a server that has an Orion Platform installation is not recommended. ARM and Orion Platform products should be installed on separate servers. Note that ARM is not an Orion Platform product.

For information about installing Access Rights Manager see the "ARM Installation Guide" from the Success Center.

How to upgrade

If you are upgrading from a previous version, please refer to the chapter "Perform an update installation" from the Success Center.

The ARM server is renamed from pnServer.exe to armServer.exe. Please note this if you have set up appropriate firewall rules.

End of support

This version of Access Rights Manager no longer supports the following software:

Type Software
Operating system

Windows 2008 R2

Database server SQL Server 2008
Database server SQL Server 2008 R2

Deprecation notices

This version of ARM deprecates the following platforms and features.

Deprecated platforms and features are still supported in the current release. However, they will be unsupported in a future release. Plan on upgrading deprecated platforms, and avoid using deprecated features. Customizations applied to a deprecated feature might not be migrated if a new feature replaces the deprecated one.

For information about supported version of SolarWinds products, see Currently supported software versions.

Type Deprecation

Windows Vista

The operating system is considered deprecated for the ARM applications as of this version. Although you can still install ARM applications on Windows Vista, this operating system version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated operating system version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your operating systems at your earliest convenience.

Windows 7 The operating system is considered deprecated for the ARM applications as of this version. Although you can still install ARM applications on Windows 7, this operating system version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated operating system version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your operating systems at your earliest convenience.
Exchange 2010

Exchange 2010 is considered deprecated as of ARM version 2020.2.0. Although you can still use ARM up to version 2020.2.6 with Exchange 2010, this Exchange version is deprecated and will no longer be supported in future versions of ARM. It is possible that problems caused by the deprecated Exchange version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your systems at your earliest convenience.

SharePoint 2010 SharePoint 2010 is considered deprecated as of this version. Although you can still use ARM with SharePoint 2010, this version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated SharePoint version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your systems at your earliest convenience.

End of life

With the release of ARM version 2020.2 the following versions of ARM are no longer supported:

  • ARM 9.0
  • ARM 9.1

Legal notices

© 2024 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.