Date July. 28th, 2022
New Features
Safer Web Password sharing
Passly has introduced a new permission set in Password Server. Launch permissions.
Launch Permissions allows a Passly Administrator to provide access to web-based logins without the user needing “Read” permissions. These users will not be able to reveal passwords. This will allow the user to use the browser extension to complete web-based logins.
You will notice that a user that is a member of a group with only “Launch” permissions will not be able to reveal the password.
Selecting the password and trying to copy/paste the password will fail as well.
SSO Manager Microsoft 365
Microsoft 365 Group membership is now syncing Group Membership via the Graph api. This has improved the ability for Microsoft 365 domains to be federated with Passly.
SSO Manager: Microsoft 365
We have added a new sync source to the identity table. The new sync source will track the import of users from Microsoft 365. You will now see “Azure AD (Office365 application name)” in Directory Manager > Users.
Defect Fixes
Directory Manager: [Users] Users could not enable 'User supports Just In Time 2FA' feature under Directory Manager > Users. Specific User. We have patched this issue and selecting JIT will work as expected.
Directory Manager: [Users] Login: Authentication: Local Admin user is not able to login. In The following error “POLICY_UNSUPPORTED_PASSWORD_TYPE_SIMPLE” was seen in the audit logs. This issue was preventing users from logging into Passly post password reset, it is now resolved.
Integration Manager: [Dark Web ID workflow] Block compromised Passwords from being entered in existing Vault was allowing passwords like “1234567” or “Qwerty123$” if “Ignore the Vault Password Policy for this Password” was enabled. This is now patched, and the issue will no longer occur.
Password Server: [Legacy AuthAnvil Password Server Import] AuthAnvil Password Server Imports were failing with a 500 error. We have made changes in IIS to remove a timeout error that was causing this issue. Imports should work as expected now.
Password Server: [Sync Agents] When viewing deployed Sync Agents from a Passly tenant there was an issue where you could not view more than 100 agents at a time. This is now resolved in the UI and all agents will vertically list as expected.
Auth Manager: The Windows Logon agent was failing to log some users in with offline users. We found an issue with Windows Logon Agent: /authorize/token request failed with Trust Policies and Trusted Device. This led to offline mode not working for some users. This has been resolved and offline access should work as expected.
Auth Manager: [Agents] [Windows Logon Agent] The agent was displaying the Enable option incorrectly. This is working as expected now.
Policy Manager: [Authentication Policy]: Ability to enter comma separated IP address ranges for "Sign in IP" and "Internal IP" fields was not working. You can enter IP’s using a comma-separated variable such as e.g. 10.10.28.5/24,10.10.28.15/32 in Authentication Policies now.
Policy Manager: [Authentication Policy] "Internal IP" range is not validated correctly when user logs in. An issue occurred where “internal IP” works only for Windows Logon Agents, when connecting to Windows machine using Remote Desktop. This issue is now resolved and expected to work normally again.
Policy Manager: [Authentication] All policies are displayed as default and can't be checked. This has been corrected and you should be able to change the Default policy as expected now.
Policy Manager: [Authentication Policy] when changing an “if” clause for “Is within range of” & “in is not within the range of” changes are not saved. This was resolved in this release and the changes will properly save again.