11.3.0 Release Notes – Server

Enhancements

When upgrading Verify Privilege Managerto a newer version, IBM Security recommends upgrading the Directory Services agent such that both are running on the same release version.

With this version of Verify Privilege Manager, IBM Security introduces the new brand design which includes updated colors and logos. For more information, refer to User Interface Updates.
On the Reports page, under the Local Security section, added a report for "Group Membership By Computer Group (Resource Target)" which returns the same details as the Group Management page for a Computer Group and can be exported as CSV or PDF.
On the Reports page, under the Local Security section, added a report for "User Membership By Computer Group (Resource Target)" which returns the same details as the User Management page for a Computer Group and can be exported as CSV or PDF.
New scheduled jobs have been added:
- Verify Privilege Managerallows the deletion of local User Names and Group Names via the Scheduling function. For more information, refer to Delete Local Users and Groups.
The Item Processing Performance report displays the agentevent category, which enables customers to track agent events passed to the server. These events include Application Control, Core, File Inventory, Local Security, and Directory Services.

Cloud

Added process randomization for out-of-the-box scheduled events to improve overall processing performance.
Performance improvement for setting up new cloud instances.
Added Reset Auth Provider to Thycotic One task to generate a new client ID and secret, allowing use of new values rather than those stored in the database.
Implemented process improvements for cloud provisioning tasks that were timing out due to pending app pool recycles.
Added reports to Cloud Manager for Verify Privilege ManagerCloud instances.

macOS

To ensure consistent behavior with the Energy Saver preference pane on Monterey, it is recommended that the latest macOS agent be used in conjunction with the Verify Privilege ManagerServer updates:
- To support the new Energy Saver preference pane on Monterey, the following filter was added:
  - Energy Saver Preference Pane (macOS) – Monterey and Later
- In support of the Battery preference pane on laptop hardware introduced in Big Sur, the following filter was added:
  - Battery Preference Pane (macOS) – Big Sur and Later
  The following policy was added as an example of how to target Battery and Energy Saver preference panes:
  - Elevate Energy Saver and Battery Preference Panes

Bug Fixes

If a Verify Privilege ManagerCloud connectivity issue occurs during a page load, a dialogue box will appear with a retry option.
Recursive AD Groups can cause queries from various resource groups, such as the Directory Service, to time out.
Verify Privilege Managerdoes not honor connection string settings for connection pool sizes.
Timing issues cause failures when decrypting the Azure Service Bus connection strings during Privilege Manager startup.
Following a Verify Privilege Managerupgrade to 11.2.0 and later, various widgets on the diagnostics and dashboard pages spin indefinitely.
UI displays multiple languages for a management group as opposed to the language specific to the user's region.
Mac Admin users can update Windows filters and policies; Windows admin users can update macOS filters and policies. Similarly, admin users can create macOS filters using Windows files; Admin users can create Windows filters using macOS files.
Unable to delete Secured Computer Groups.
Deleting Secured Computer Groups is blocked.
System improperly requests and reads the on-premises SID for Azure AD users/groups.
Certain group memberships are overwritten, depending on the domain size and the order domain objects are processed.

Known Issues

Adding a Foreign System for Azure AD Domain import and synchronizing wildcard substitutions for Group Display Names and/or User Names may cause errors.
Shortcut notations, such as c:\progra~2, should not be used when specifying a folder/file path in a filter.