Verify Privilege Server Suite 2022 Release Notes
About this Release
The IBM Security Verify Privilege Server Suite (previously called Centrify Infrastructure Services, or Centrify Zero Trust Privilege Services) is an integrated family of directory-based authentication, privileged access, privileged elevation, audit & monitoring solutions that secure your cross-platform environment and strengthen regulatory compliance initiatives.
Verify Privilege Server Suite includes the following components:
-
Authentication Service secures your platforms using the same authentication and
Group Policy services deployed for your Windows environment.
-
Privilege Elevation Service centrally manages and enforces role-based entitlements
for fine-grained control of user access and privileges on UNIX, Linux, and Windows systems.
-
Audit & Monitoring Service delivers auditing, logging, and real-time monitoring of user
activity on your Windows, UNIX, and Linux system.
This integrated solution helps you improve IT efficiency, strengthen regulatory compliance initiatives, and centrally secure your heterogeneous computing environment.
This release notes cover information specifically about Authentication Service, Privilege Elevation Service, and Audit & Monitoring Service.
Verify Privilege Server Suite and its component services have been changed to use the new IBM Security name and logo.
For more information about Delinea, see Delinea Announcement
Delinea software is protected by U.S. Patents 7,591,005; 8,024,360; 8,321,523; 9,015,103; 9,112,846; 9,197,670; 9,378,391 and 9,442,962. (Ref: CS-44575)
Media
This release usually includes packages for Windows, UNIX, and Linux operating system environments.
The files for this release are organized onto two media, each available in ISO and zip form:
Verify Privilege Server Suite for 64-bit Windows
-
main folder
This is the main folder containing information pertinent to this release.
- The readme.txt file provides a summary of where to find files in a plain text format.
- Copyright.txt and Acknowledgements.txt provide copyright information and legal notices for third party and open-source software used in IBM Security Verify Privilege Server Suite.
- IBM Security-end-user-license-agreement.txt provides the text of the license agreement displayed during installation.
-
autorun.inf controls the autorun program, autorun.exe, on Windows computers.
The following are sub-folders that are organized to provide you access to different software components in the IBM Security Verify Privilege Server Suite.
-
Agent folder
This folder contains the installer packages for installing Verify Privilege Server Suite Agent for Windows on Windows computers.
-
Common folder
This folder contains the installer packages for common components necessary for all IBM Security products on Windows computers.
-
DirectAudit folder
This folder contains the installer packages for IBM Security Audit & Monitoring Service on Windows computers.
-
DirectManage folder
This folder contains the installer packages for IBM Security Authentication Service and IBM Security Privilege Elevation Service on Windows computers.
-
LicensingService Folder
This folder contains the installer packages for IBM Security Licensing Service utilities on Windows computers.
-
Resources Folder
This folder contains resources for internal use for the media. It can be safely ignored.
Verify Privilege Server Suite Agents for UNIX/Linux
This image contains a zipped bundle of files for Verify Privilege Server Suite agent on each supported UNIX, or Linux platform and an adcheck utility for each supported platform.
You may find the appropriate bundle for an OS platform based on the following table:
Bundle Name | Applicable OS Platforms in Specified Architecture |
---|---|
delinea-server-suite-<release number>-aix7.1-ppc.tgz | IBM AIX, IBM VIOS |
delinea-server-suite-<release number>-cos-x86_64.tgz | Flatcar, RHCOS |
delinea-server-suite-<release number>-deb9-arm64.tgz | Ubuntu |
delinea-server-suite-<release number>-deb9-ppc64el.tgz | Ubuntu |
delinea-server-suite-<release number>-deb9-x86_64.tgz | Debian, Ubuntu |
delinea-server-suite-<release number>-hp11.31-ia64.tgz | HPUX |
delinea-server-suite-<release number>-hp11.31-pa.tgz | HPUX |
delinea-directcontrol-<release number>-mac10.15.tgz | MAC (Intel, Apple Silicon) |
delinea-server-suite-<release number>-rhel6-ppc64.tgz | RHEL |
delinea-server-suite-<release number>-rhel6-x86_64.tgz | Amazon Linux, CentOS, Fedora, Oracle Linux, RHEL, AlmaLinux, Rocky Linux |
delinea-server-suite-<release number>-rhel7-aarch64.tgz | Amazon Linux, CentOS, Oracle Linux, RHEL |
delinea-server-suite-<release number>-rhel7-ppc64le.tgz | RHEL |
delinea-server-suite-<release number>-sol10-sparc.tgz | Oracle Solaris |
delinea-server-suite-<release number>-sol10-x86.tgz | Oracle Solaris |
delinea-server-suite-<release number>-sol11-i386.tgz | Oracle Solaris (IPS package) |
delinea-server-suite-<release number>-sol11-sparc.tgz | Oracle Solaris (IPS package) |
delinea-server-suite-<release number>-suse12-aarch64.tgz | SUSE |
delinea-server-suite-<release number>-suse12-ppc64le.tgz | SUSE |
delinea-server-suite-<release number>-suse12-x86_64.tgz | SUSE |
Notes:
- The OS version number specified in the bundle name indicates the minimum OS version that it supports.
-
You should also choose the appropriate bundle for the specific architecture as indicated in
the bundle name.
-
Inside each bundle, it contains packages of associated products supported on that platform.
The naming convention follows the above bundle names except that the prefix of a package reflects
the product it serves. The following are the possible package prefixes and the corresponding
product names:
Package Prefix | Product Name |
---|---|
CentrifyDA
|
IBM Security DirectAudit package |
CentrifyDC
|
IBM Security DirectControl package |
CentrifyDC-cifsidmap
|
IBM Security for CIFS ID mapping package |
CentrifyDC-curl
|
Required component of IBM Security DirectControl package |
CentrifyDC-ldapproxy
|
IBM Security OpenLDAP Proxy package |
CentrifyDC-nis
|
IBM Security Network Information Service and IBM Security NIS Server package |
CentrifyDC-openldap
|
Required component of IBM Security DirectControl package |
CentrifyDC-openssh
|
IBM Security OpenSSH package |
CentrifyDC-openssl
|
Required component of IBM Security DirectControl package |
-
Before installation, please review the Upgrade and Compatibility Guide and run the
adcheck
utility to make sure the environment is ready, especially if you are using native package
manager to install.
Support Statement
Go to Supported Versions.
Supported Platforms
Newly Added Supported Platforms
Support is added for the following operating system platforms in this release:
- AlmaLinux 8.5
- Flatcar
- Red Hat Enterprise Linux CoreOS (RHCOS)
- Rocky Linux 8.5
Supported UNIX/Linux Platforms
Supported Platforms | CPU | Express | DirectControl | DirectAudit | Remark |
---|---|---|---|---|---|
AlmaLinux 8.5 | x86_64 | Yes | Yes | Yes | |
Alpine Linux 3.13, 3.14 | X86_64 | No | Yes | Yes | |
Amazon Linux 2 LTS | aarch64 | No | Yes | Yes | |
Amazon Linux 2 LTS | x86_64 | No | Yes | Yes | |
CentOS 7.4-7.9, 8.0-8.5 | aarch64 | No | Yes | Yes | |
CentOS 6.0-6.10, 7.0-7.9, 8.0-8.5 | x86_64 | Yes | Yes | Yes | |
Debian 9.0-9.13, 10.0-10.11, 11 | x86_64 | Yes | Yes | Yes | |
Flatcar | x86_64 | No | Yes | Yes | |
HP-UX 11.31 (Trusted and Untrusted) | Itanium | No | Yes | Yes | |
HP-UX 11.31 (Trusted and Untrusted) | PA-RISC | No | Yes | Yes | |
IBM AIX 7.1 TL1+, 7.2 | ppc | No | Yes | Yes | Note 4 |
IBM Virtual I/O Server 3.x | ppc | No | Yes | Yes | |
MacOS 11, 12 | Apple Silicon | No | Yes | No | Note 3 |
MacOS 10.15, 11, 12 | x86_64 | No | Yes | No | Note 3 |
Oracle Linux 7.4-7.9, 8.0-8.5 | aarch64 | No | Yes | Yes | |
Oracle Linux 6.0-6.10, 7.0-7.9, 8.0-8.5 | x86_64 | Yes | Yes | Yes | |
Oracle Solaris 10 u8+, 11.0-11.4 | SPARC | No | Yes | Yes | Note 2 |
Oracle Solaris 10 u8+, 11.0-11.4 | x86_64 | No | Yes | Yes | Note 2 |
Red Hat Enterprise Linux 7.4-7.9, 8.0-8.5 | aarch64 | No | Yes | Yes | |
Red Hat Enterprise Linux 6.0-6.10, 7.0-7.9 | ppc64 | Yes | Yes | Yes | |
Red Hat Enterprise Linux 7.1-7.9, 8.0-8.5 | ppc64le | Yes | Yes | Yes | |
Red Hat Enterprise Linux 8.0 | S390 | No | Yes | No | |
Red Hat Enterprise Linux 6.0-6.10, 7.0-7.9, 8.0-8.5 | x86_64 | Yes | Yes | Yes | |
Red Hat Enterprise Linux CoreOS (RHCOS) | x86_64 | Yes | Yes | Yes | Note 1 |
Red Hat Fedora Linux 34, 35 | x86_64 | Yes | Yes | Yes | |
Rocky Linux 8.5 | x86_64 | Yes | Yes | Yes | |
SUSE Enterprise Linux 12 SP3+, 15 | aarch64 | No | Yes | Yes | |
SUSE Enterprise Linux 12 SP3+, 15 | ppc64le | Yes | Yes | Yes | |
SUSE Enterprise Linux 12 SP4 | S390 | No | Yes | Yes | |
SUSE Enterprise Linux 12 SP3+, 15 | x86_64 | Yes | Yes | Yes | |
Ubuntu Linux 18.04, 20.4, 21.04, 21.10 | arm64 | No | Yes | Yes | |
Ubuntu Linux 18.04, 20.4, 21.04, 21.10 | ppc64el | Yes | Yes | Yes | |
Ubuntu Linux 18.04, 20.4, 21.04, 21.10 | x86_64 | Yes | Yes | Yes |
Note 1: Please refer to the Planning and Deployment Guide for features supported on this platform.
Note 2: Starting with Release 2020, we require the OS patch level update 8 or above on Solaris 10.
Note 3: IBM Security OpenSSH is not supported on this platform.
Note 4: Starting with Release 2021.1, we require the TL1 or above on AIX 7.1.
Additional Information
You should follow the OS vendors' recommendation to update the necessary patches. Here are the minimum patch requirements for the specific UNIX platforms (Ref: CS-45562):
-
HPUX 11.31
- PHNE_40225 - Cumulative Console and BSD Pty Patch (it is required for DirectAudit package)
-
Solaris 10 x86_64
- 119255-66
- 127128-11
- 141445-09
- 142910-17
-
Solaris 10 SPARC
- 119254-66
- 120011-14
- 127127-11
- 142909-17
Supported Windows Platforms
The following 64-bit Windows platforms are supported on IBM Security Verify Privilege Server Suite (Ref: CS-49379):
- Windows 10 LTSB/LTSC (Note 1)
- Windows 11 LTSB/LTSC
- Windows Server 2012
- Windows Server 2012R2
- Windows Server 2016
- Windows Server 2019 LTSC
- Windows Server 2022 LTSC
- Windows Server 2012 Core (Note 2)
- Windows Server 2012 Minimum Server Interface (Note 2)
- Windows Server 2012R2 Core (Note 2)
- Windows Server 2012R2 Minimum Server Interface (Note 2)
Note:
-
We support Windows 10 Long Term Servicing Channel (LTSC), or previously called Long Term Servicing Branch (LTSB), editions based on Microsoft's lifecycle factsheet https://docs.microsoft.com/en-us/lifecycle/faq/windows andhttps://docs.microsoft.com/en-us/windows/release-health/release-information
-
Only the Privilege Elevation Service component of Verify Privilege Server Suite Agent for Windows supports these platforms (Core and Minimum Server Interface)
-
Support for all 32-bit Windows platform was terminated in 2015 (Verify Privilege Server Suite 2015.1)
Also note that Verify Privilege Server Suite require specific versions of .NET to work. Please refer to the following table for the requirement (Ref: CS-49381):
Release | Release Date | Minimum .NET Version | Installation Media Version |
---|---|---|---|
Verify Privilege Server Suite 2022 | April 2022 | 4.8 | --* |
Verify Privilege Server Suite 2021.1 | December 2021 | 4.8 | --* |
Verify Privilege Server Suite 2021 | July 2021 | 4.8 | --* |
Infrastructure Services 2020.1 | December 2020 | 4.6.2 | --* |
Infrastructure Services 2020 | September 2020 | 4.6.2 | --* |
Infrastructure Services 19.9 | December 2019 | 4.6.2 | --* |
Infrastructure Services 19.6 | August 2019 | 4.6.2 | --* |
Infrastructure Services 18.11 | December 2018 | 4.6.2 | 4.6.2 |
Infrastructure Services 18.8 | August 2018 | 4.6.2 | 4.6.2 |
Infrastructure Services 2018 | April 2018 | 4.6.2 | 4.6.2 |
Infrastructure Services 2017.3 | December 2017 | 4.5.2 | 4.5.2 |
Infrastructure Services 2017.2 | September 2017 | 4.5.2 | 4.5.2 |
Verify Privilege Server Suite 2017.1 | May 2017 | 4.5 | 4.5.2 |
Verify Privilege Server Suite 2017 | February 2017 | 4.5 | 4.5.2 |
Verify Privilege Server Suite 2016.1 | May 2016 | 4.5 | 4.5.2 |
Verify Privilege Server Suite 2016 | December 2016 | 4.5 | 4.5.2 |
Note: We no longer bundle .NET in our installation media any more starting Release 19.6. (Ref: CS-47940)
Notice of Termination of Support
This is the last release to support the following operating system platforms:
- Ubuntu 21.04, 21.10
- Fedora 34
Security Advisories
IBM Security has established product security policies documented in this web page. You may also find the details of all the published security advisories there.
For component specific security fixes in this release, you may find them in the corresponding component release-notes.html files. Please refer to Section 7 for a description of individual release notes.
Verify Privilege Server Suite Product Component Version Table
Release Notes for Verify Privilege Server Suite Components
-
For Access Manager, DirectControl agent and IBM Security OpenSSH, see the
Authentication Service and Privilege Elevation Service Release Notes.
- For Audit Manager and DirectAudit agent, see the Audit & Monitoring Service Release Notes.
- For Agent for Windows, see the Agent for Windows Release Notes.
- For Verify Privilege Server Suite PuTTY, see the Verify Privilege Server Suite PuTTY Release Notes
Download Center
You can get all the supported releases from the download center in IBM Security support web site.
- All the ISO, ZIP, and TGZ files are associated with the MD5 checksum.
-
All RPM and DEB packages as well as YUM and APT repositories are also protected by the
GPG signature. You can find the GPG public key in the download center.
Bugs Fixed
Component specific bug fixes in this release can be found in the corresponding component release notes files. Please refer to Release Notes for Verify Privilege Server Suite Components for a description of individual release notes.
Known Issues
Component specific known issues/limitations can be found in the corresponding component release notes files. Please refer to Release Notes for Verify Privilege Server Suite Components for a description of individual release notes.
For the most up to date list of known issues, please login to the Customer Support Portal at https://www.delinea.com/support and refer to Knowledge Base articles for any known issues with the release.
Additional Information and Support
In addition to the documentation provided with this package, you can find the answers to common questions and information about any general or platform-specific known limitations as well as tips and suggestions from the IBM Security Knowledge Base.
The IBM Security Resources web site provides access to a wide range of information including analyst report, best practice brief, case study, datasheet, ebook, white papers, etc., that may help you optimize your use of IBM Security products. For more information, see the IBM Security Resources web site.
You can also contact IBM Security Support directly with your questions through the IBM Security Web site, by email, or by telephone. To contact IBM Security Support or to get help with installing or using this software, send email to support@delinea.com or call 1-202-991-0540. For information about purchasing or evaluating IBM Security products, send email to info@delinea.com.