Release date: November 2022
Latest service release: February 2022, 2021.4.2
These release notes were last updated on January 17, 2023.
These release notes describe the new features, improvements, and fixed issues in Access Rights Manager (ARM) 2022.4. They also provide information about upgrades and describe known issues.
If you are looking for previous release notes for Access Rights Manager, see Previous Version documentation.
Download a translated PDF: ARM 2022.4 Release Notes (Versionshinweise, deutsch)
New features and improvements in ARM
Creation of Azure Active Directory guest accounts
With ARM, accounts can now be created in Azure Active Directory (AAD) with external email addresses. This facilitates collaboration (for example, with Teams and OneDrive) with external or freelance employees and companies.
When you prepare the Microsoft 365 environment, the following additional permission must be added for the app registration for this purpose:
For more information, see Create an Azure AD guest invitation located in the ARM Administrator Guide.
Recertification of Azure Active Directory group memberships
AAD group memberships can now be included in the recertification with the new version. Since many authorizations can be controlled through group memberships in AAD (for example, teams channels), this new feature significantly expands the scope of authorization reviews.
Enhancement of Exchange Online configuration
ARM can now access Exchange Online through a registered application (Application ID and Thumbprint). This new method of authentication (Modern Authentication) is now recommended. Microsoft has already announced that the basic authentication method and EWS will soon no longer be supported by Exchange Online.
To set up, follow all the steps in the appendix of the following Microsoft "App-only authentication for unattended scripts" guide (© 2022 Microsoft, https://learn.microsoft.com/en-us/powershell/exchange/app-only-auth-powershell-v2?view=exchange-ps#step-1-register-the-application-in-azure-ad, obtained October 12, 2022). With the setup, you receive an application ID and a thumbprint, which you can use as the user name and password during the configuration in ARM.
For more information, see Prepare Exchange resources located in the ARM Administrator Guide.
In the configuration application, the input fields for the access data are now labeled resource-specific. There is a link to the corresponding help in the documentation. This facilitates the configuration of resources.
New view of accounts in the web client
The display of accounts and actions for accounts in the web client is redesigned to follow the look and feel of SolarWinds products. In addition to accounts from Active Directory (on-premise), accounts from other resources (for example, Azure Active Directory or SharePoint) can now be displayed and actions can be performed on the accounts.
For encrypted communication between ARM server and ARM collectors, the certificates used can now be displayed and approved. ARM can be configured to allow only connections with approved certificates. Connections without approved certificates are displayed as a warning in the ARM Health Check.
For more information, see Verify collector connection status and collector certificates located in the ARM Administrator Guide.
Interaction with SolarWinds Hybrid Cloud Observability (HCO)
Key data from Access Rights Manager, including ratings from the Risk Assessment Dashboard and current information about Active Directory, are now configurable as widgets in the HCO dashboards.
ARM version 2022.4 (or higher) is required for HCO integration.
See the SolarWinds Hybrid Cloud Observability 2022.4 Release Notes for more information.
SQL Express for ARM Express Installation
Microsoft SQL Express is no longer included in the ARM download package. For an ARM Express installation, use the SQL Express download link included in the installation wizard. If the targeted server is not connected to the Internet, use a locally stored installation package of SQL Express.
The option to install SQL Express through the ARM configuration application has been removed.
New customer installation
ARM and SolarWinds Platform or Orion Platform products must be installed on separate servers. Note that ARM is not a SolarWinds platform or Orion Platform product.
For information about installing Access Rights Manager see the ARM Installation Guide.
How to upgrade
If you are upgrading from a previous version, see Perform an update installation located in the ARM Installation and Upgrade Guide for instructions.
Beginning in 2020.2, the ARM server was from pnServer.exe to armServer.exe. Please note this change if you have set up appropriate firewall rules.
|In large environments, long loading times could occur due to the AD Loggas being switched on or off.
|Due to excessive memory consumption during a SharePoint scan, it could happen that the scan could not be completed.
|The display of the date in the dashboard of the web client is now correct.
|A data owner can no longer perform actions in the Accounts view of the Rich Client that are outside of their assigned scope.
|1145902, 1168799, 1106224
|Fixed an issue where the AD Logga did not start correctly.
|Azure AD group memberships are now read completely.
|For events reported by ARM to SysLog servers, the encoding can be set.
|It is now possible to accept deviations from the department profile even if no group membership has been defined in the profile.
|An issue where users in non-trusted domains could not be found has been fixed.
|The configuration of the directories for which orders are to be prevented works correctly again.
|Fixed an issue that could occur when changing AAD accounts.
|An error could occur when executing scripts if $ProgressPreference = "SilentlyContinue" was not set. The provided sample scripts have been supplemented.
|When executing scripts for alarms, single parameters can be processed (When running scripts on alerts, individual parameters can be passed).
|948350, 949355, 1176706
|The handling when scanning multiple paths in the DFS structure has been corrected.
|Changing the AD attribute Description now also works in the web client.
|The password options in the templates now work correctly.
|Issue: When using user-defined templates, AccountSearchTextField does not work for manager assignment.
|Resolution/Work-around: Use a standard input field or, if possible, a drop-down menu.
|Updating FS Logga components on Windows file servers
|Issue: In some cases, automatic or manual updating of FS-Logga components on Windows file servers may fail.
|Resolution/Work-around: Start the setup on the Windows file server and select the Repair option. The repair function removes the installation and reinstalls the components.
|Active Directory accounts not resolved
|Issue: In some cases, new installations may experience Active Directory scanning issues when scanning through a collector or ARM server installed on a domain controller (DC). This can result in AD accounts not resolving correctly under these conditions. Existing installations are not affected.
|Resolution/Work-around: Install the ARM server or collector service on a different server, not on DCs.
End of life
With the release of ARM version 2022.4, the following ARM versions are no longer supported:
End of support
This version of Access Rights Manager no longer supports the following platforms and features.
This version of Access Rights Manager deprecates the following platforms and features.
Deprecated platforms and features are still supported in the current release. However, they will be unsupported in a future release. Plan on upgrading deprecated platforms, and avoid using deprecated features. Customizations applied to a deprecated feature might not be migrated if a new feature replaces the deprecated one.
Exchange 2013 is considered deprecated as of ARM version 2022.4 Although you can still use ARM up to version 2022.4 with Exchange 2013, this Exchange version is deprecated and will no longer be supported in future versions of ARM. It is possible that problems caused by the deprecated Exchange version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your systems at your earliest convenience.
|SharePoint 2013 is considered deprecated as of this version. Although you can still use ARM with SharePoint 2013, this version is outdated and will not be supported in future versions of ARM. It is possible that problems caused by the deprecated SharePoint version may not be resolved by SolarWinds. SolarWinds strongly recommends that you upgrade your systems at your earliest convenience.
© 2024 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.