Documentation forAccess Rights Manager

Access Rights Manager 2022.4 release notes

Release date: November 2022

Latest service release: February 2022, 2021.4.2

These release notes were last updated on January 17, 2023.

These release notes describe the new features, improvements, and fixed issues in Access Rights Manager (ARM) 2022.4. They also provide information about upgrades and describe known issues.

If you are looking for previous release notes for Access Rights Manager, see Previous Version documentation.

Download a translated PDF: ARM 2022.4 Release Notes (Versionshinweise, deutsch)

New features and improvements in ARM

Creation of Azure Active Directory guest accounts

With ARM, accounts can now be created in Azure Active Directory (AAD) with external email addresses. This facilitates collaboration (for example, with Teams and OneDrive) with external or freelance employees and companies.

When you prepare the Microsoft 365 environment, the following additional permission must be added for the app registration for this purpose:

  • User.Invite.All

For more information, see Create an Azure AD guest invitation located in the ARM Administrator Guide.

Recertification of Azure Active Directory group memberships

AAD group memberships can now be included in the recertification with the new version. Since many authorizations can be controlled through group memberships in AAD (for example, teams channels), this new feature significantly expands the scope of authorization reviews.

To use the new functionality after upgrading from previous ARM versions, an AAD scan must first be successfully completed with the new version and then the ARM service must be restarted.

Enhancement of Exchange Online configuration

ARM can now access Exchange Online through a registered application (Application ID and Thumbprint). This new method of authentication (Modern Authentication) is now recommended. Microsoft has already announced that the basic authentication method and EWS will soon no longer be supported by Exchange Online.

To set up, follow all the steps in the appendix of the following Microsoft "App-only authentication for unattended scripts" guide (© 2022 Microsoft,, obtained October 12, 2022). With the setup, you receive an application ID and a thumbprint, which you can use as the user name and password during the configuration in ARM.

ARM version 2022.4 eliminates the need to set up impersonation for Exchange Online using Exchange Web Services (EWS).

For more information, see Prepare Exchange resources located in the ARM Administrator Guide.

For customers who want to switch to modern authentication after upgrading to the new ARM version, the recommended method is to create a new configuration and delete the old one or disable the scanning schedule. If you want to continue using the old configuration, the organization used for modern authentication must match the previous domain (the part of the previous username after the "@"). Otherwise, a known issue will occur.

Configuration improvements

In the configuration application, the input fields for the access data are now labeled resource-specific. There is a link to the corresponding help in the documentation. This facilitates the configuration of resources.

New view of accounts in the web client

The display of accounts and actions for accounts in the web client is redesigned to follow the look and feel of SolarWinds products. In addition to accounts from Active Directory (on-premise), accounts from other resources (for example, Azure Active Directory or SharePoint) can now be displayed and actions can be performed on the accounts.

Improved security

For encrypted communication between ARM server and ARM collectors, the certificates used can now be displayed and approved. ARM can be configured to allow only connections with approved certificates. Connections without approved certificates are displayed as a warning in the ARM Health Check.

For more information, see Verify collector connection status and collector certificates located in the ARM Administrator Guide.

Interaction with SolarWinds Hybrid Cloud Observability (HCO)

Key data from Access Rights Manager, including ratings from the Risk Assessment Dashboard and current information about Active Directory, are now configurable as widgets in the HCO dashboards.

ARM version 2022.4 (or higher) is required for HCO integration.

See the SolarWinds Hybrid Cloud Observability 2022.4 Release Notes for more information.

SQL Express for ARM Express Installation

Microsoft SQL Express is no longer included in the ARM download package. For an ARM Express installation, use the SQL Express download link included in the installation wizard. If the targeted server is not connected to the Internet, use a locally stored installation package of SQL Express.

The option to install SQL Express through the ARM configuration application has been removed.

Return to top

New customer installation

ARM and SolarWinds Platform or Orion Platform products must be installed on separate servers. Note that ARM is not a SolarWinds platform or Orion Platform product.

For information about installing Access Rights Manager see the ARM Installation Guide.

How to upgrade

If you are upgrading from a previous version, see Perform an update installation located in the ARM Installation and Upgrade Guide for instructions.

Beginning in 2020.2, the ARM server was from pnServer.exe to armServer.exe. Please note this change if you have set up appropriate firewall rules.

Return to top

Fixed issues

ARM 2022.4

Case Number Description
983096 In large environments, long loading times could occur due to the AD Loggas being switched on or off.
997613 Due to excessive memory consumption during a SharePoint scan, it could happen that the scan could not be completed.
988088 The display of the date in the dashboard of the web client is now correct.
461175, 992823 A data owner can no longer perform actions in the Accounts view of the Rich Client that are outside of their assigned scope.
1145902, 1168799, 1106224 Fixed an issue where the AD Logga did not start correctly.
1141609 Azure AD group memberships are now read completely.
1073510 For events reported by ARM to SysLog servers, the encoding can be set.
1044952 It is now possible to accept deviations from the department profile even if no group membership has been defined in the profile.
1010624 An issue where users in non-trusted domains could not be found has been fixed.
1078285 The configuration of the directories for which orders are to be prevented works correctly again.
1071886 Fixed an issue that could occur when changing AAD accounts.
1018159, 1026158 An error could occur when executing scripts if $ProgressPreference = "SilentlyContinue" was not set. The provided sample scripts have been supplemented.
1020280 When executing scripts for alarms, single parameters can be processed (When running scripts on alerts, individual parameters can be passed).
948350, 949355, 1176706 The handling when scanning multiple paths in the DFS structure has been corrected.
1009591 Changing the AD attribute Description now also works in the web client.
366312, 1181685 The password options in the templates now work correctly.

Return to top

Known issues

User-defined templates
Issue: When using user-defined templates, AccountSearchTextField does not work for manager assignment.
Resolution/Work-around: Use a standard input field or, if possible, a drop-down menu.
Updating FS Logga components on Windows file servers
Issue: In some cases, automatic or manual updating of FS-Logga components on Windows file servers may fail.
Resolution/Work-around: Start the setup on the Windows file server and select the Repair option. The repair function removes the installation and reinstalls the components.
Active Directory accounts not resolved
Issue: In some cases, new installations may experience Active Directory scanning issues when scanning through a collector or ARM server installed on a domain controller (DC). This can result in AD accounts not resolving correctly under these conditions. Existing installations are not affected.
Resolution/Work-around: Install the ARM server or collector service on a different server, not on DCs.

Return to top

End of life

With the release of ARM version 2022.4, the following ARM versions are no longer supported:

  • ARM 2020.2

See the End of Life Policy for information about SolarWinds product life cycle phases. To see EoL dates for earlier ARM versions, see ARM release history.

Return to top

End of support

This version of Access Rights Manager no longer supports the following platforms and features.

Typ Details
Operating system

NetApp 7mode

Return to top

Deprecation notices

This version of Access Rights Manager deprecates the following platforms and features.

Deprecated platforms and features are still supported in the current release. However, they will be unsupported in a future release. Plan on upgrading deprecated platforms, and avoid using deprecated features. Customizations applied to a deprecated feature might not be migrated if a new feature replaces the deprecated one.

Type Deprecation
Exchange 2013

Exchange 2013 is considered deprecated as of ARM version 2022.4 Although you can still use ARM up to version 2022.4 with Exchange 2013, this Exchange version is deprecated and will no longer be supported in future versions of ARM. It is possible that problems caused by the deprecated Exchange version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your systems at your earliest convenience.

SharePoint 2013 SharePoint 2013 is considered deprecated as of this version. Although you can still use ARM with SharePoint 2013, this version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated SharePoint version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your systems at your earliest convenience.

Return to top

Legal notices

© 2022 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.


The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.