What's New in Adaxes 2014.1
- Release Date:
- April 09, 2015
Good news for those who are looking into Office 365 or already are there! The headline
feature of this release is
Office 365 management and automation.
With 2014.1 you can automatically assign and revoke licenses for Office 365 users,
manage Office 365 mailboxes and delegate Office 365 management tasks.
We've enhanced Business Units to be more dynamic by allowing the use of value references
in membership rules. This gives you the ability to create Business Units that will
have different members depending on who is viewing their content.
We've also introduced many customization and usability improvements to Adaxes Web Interface
and Administration Console. These improvements seek to further streamline Active Directory
management routine and give you more control over what users can do and see within AD.
Office 365 Automation and Management
This short 2-minute video highlights some of the new features and functionality that
has been introduced for Office 365.
Office 365 Automation
The new version lets you automate user provisioning for Office 365 services.
It is especially useful when it comes to assigning and re-assigning licenses, as
there is no other automatic way of doing it in Office 365. New deprovisioning
options enable you to automatically revoke all the licenses assigned to a
terminated employee and block their corporate Office 365 account.
Office 365 Management
Now you can manage Office 365 user accounts and licenses using Adaxes
which eliminates the need to switch between multiple apps and tools for
Office 365 and your on-premises environment.
Exchange Online Management
With the new version, you can manage Exchange mailboxes hosted in Office 365 in
the same way you manage on-premise ones. Adaxes supports both pure cloud and
hybrid deployment scenarios. In addition to user mailboxes, you can manage
groups and contacts that are mail-enabled in Exchange Online.
Exchange Online Automation
Using condition-based rules, parameters of Office 365 mailboxes, such as
mailbox features, policies, storage quotas and mailbox rights, can be
configured automatically when a user is created, updated, added to a group,
moved to another OU, etc.
Office 365 Delegation
With Adaxes, you can delegate Office 365 management tasks with granular
permissions and controls. For example, you can delegate assignment of
Office 365 licenses to Help Desk or managers and define, which licenses they
can assign or revoke. Regular users can use Adaxes Self-Service portal to
select the Office 365 services they need and have access to the desired
services after an approval is issued.
Office 365 Multi-Tenancy
Adaxes allows you to manage multiple Office 365 tenants associated with either
a single Active Directory domain or multiple domains.
Office 365 Passwords
Adaxes gives you an option to synchronize passwords between Active Directory
and Office 365. When a password is changed for a user in Active Directory,
Adaxes will immediately update the password of the associated account in
Office 365. It also means that the Self-Service Password Reset feature of
Adaxes can be used to reset forgotten passwords in Office 365.
View Affected Objects
Dynamic Membership Rules
The use of value references in membership rules enables you to create
Business Units with dynamic content that depends on who is logged in.
For example, now you can create a Business Unit that contains users whose
department is the same as the department of the logged in user. Using dynamic
Business Units in Security Role assignments allows you to delegate rights to
users within their department, office, Organizational Unit, etc.
View Affected Objects
Now you can view which objects are included or excluded from a Business Unit
by a particular membership rule. If a membership rule contains
value references, you can view which objects are covered by the rule when the
Business Unit is viewed by a specific user.
Add Members and Add to Group
Now Adaxes Web Interface equips you with the capability to add members to
groups in bulk. The Add to Group and Add Members operations are
available when browsing Active Directory, in search results, AD reports,
Basket, Members and Member Of sections.
The new version gives you greater flexibility in customizing Web Interface
forms and views. Now you have an option to specify which Account Options should
be visible when creating, editing or viewing user accounts.
Now you have more options to customize object selection in the Web Interface.
For example, when selecting a value for the Manager property, Web Interface can
now display only users whose job title contains manager.
Now you can choose which user interface control to use for editing Boolean
properties of Active Directory objects. It can be either a checkbox (with two
or three states) or a drop-down list with customizable text for the True and
Brute Force Protection
The list of Brute Force Protection options has been extended with a new one:
When a login error occurs, do not show the reason and the number of login attempts left.
Self Password Reset
Now you can show/hide the links displayed in the Self Password Reset
Now you have the ability to add columns containing information about
Active Directory objects. You can choose which columns to view when browsing
Active Directory, in search results and Basket. In addition to that, you can
filter and group the displayed objects by any column.
Grouping Property Values
If a property of an Active Directory object contains more than four values,
the values will now be grouped in the Result Pane.
The user experience for executing long-running and bulk operations has been
We've enhanced the views displaying lists of Adaxes configuration objects with
new columns and the ability to group and filter their contents.
Now, when selecting objects in Active Directory, you can choose between the
Tree View and List View.
For this version, we massaged the code of Administration Console, so now it
performs about ten percent faster.
Windows Server 2012 R2 support
The new version of Adaxes is fully compatible with Windows Server 2012 R2.
Submit for Approval from Script
Requests for approval can now be submitted from PowerShell scripts executed by
Business Rules, Custom Commands and Scheduled Tasks. For more details, see
Submitting for Approval.
SMS via HTTP
Now Adaxes can send SMS messages over HTTP.
New Custom Properties
We have added 10 new custom properties to store text data
(CustomAttributeText21 - CustomAttributeText30),
and 10 custom Boolean properties
(CustomAttributeBoolean6 - CustomAttributeBoolean15).
New Calculated Properties
The following new calculated properties have been introduced:
The distinguished name (DN) of the Organizational Unit or container, where the
object is located.
The distinguished name (DN) of the Active Directory domain of the object.
The distinguished name (DN) of the manager of the operation initiator.
The global unique identifier (GUID) of the operation initiator.
The message text of the first error that occurred during operation execution.
This property can be used in Business Rule actions only.
- Release Date:
- July 21, 2014
Office 365 and Exchange
- From now on, Adaxes allows you to edit all properties of Exchange Online mailboxes,
even the properties that are synchronized with Office 365 via DirSync (e.g.
Email Addresses or Exchange Alias).
- Now, you can grant permissions for an Exchange mailbox to a user located in a
different domain than the mailbox, provided that appropriate domain and forest
trusts are in place.
- Now, to prevent possible username compromising, you can configure Adaxes not to
store usernames in browser cookies, prevent using them in URLs, and disable
auto-complete for the Username field on the Sign In page. For details, see
- We've eliminated the possibility of scanning for open ports via the
Web Interface, which is especially important when the Web Interface is available
from the outside.
- Now, Adaxes allows managing users' home folders located in a different forest
than the forest where Adaxes is installed.
- Now, Adaxes can move and delete home directories of users containing read-only
files and/or directories.
- We've reduced the home page loading time.
- From now on, the timeout for user authentication is sliding, which means that users
actively interacting with the Web Interface will not be forced to re-login.
- Now, with the help of Quick Search, you can find not only objects whose names
start with the entered text, but also objects that contain the entered text in
any part of the name.
- Now, to specify default values for form fields, you can use controls adapted to
the content of the fields. For example, now when selecting a default manager,
you can browse the AD for the necessary user.
- To make things easier for non-IT users, values of Boolean properties are now
displayed as Yes/No instead of True/False.
- The ExecuteScriptContext class has been extended with the
method that allows you to retrieve credentials of the Office 365 tenant
associated with the target object.
- Now, the built-in PowerShell script editor opens much faster.
- Now, you can
list of Domain Controllers that Adaxes can connect to.
- In response to requests from our customers, we have added 10 new Boolean custom
properties (CustomAttributeBoolean16 - CustomAttributeBoolean25).
Fixed a possible deadlock that could be caused by actions executed asynchronously
in Business Rules, Custom Commands, and Scheduled Tasks.
- Fixed a bug that made it impossible to manage Exchange Online mailboxes of users
who have the Exchange Alias property populated on premises.
- Fixed replication issues with enabling new users for Lync.
- Fixed an error that prevented creating or editing an Active Directory object in
the Web Interface, if the Protect from Accidental Deletion field was
present on the form.
- Fixed the Access Denied error that could appear in the Web Interface
immediately after a user changes their expired password.
- Now, the Web Interface correctly displays the time when an Exchange mailbox was
last logged on to.
- Fixed handling of the Remote Desktop Services Settings property.
- Now, unmanaged accounts are not displayed in Password Self-Service statistics.
- Fixed the Administration Console crash when clicking the Clear All button
in the Find dialog.
- Now, Adaxes SPML provider correctly sets the Content Type property of SOAP
- Release Date:
- September 4, 2014
To improve the search responce time, Quick Search now returns only objects whose
names start with the entered text. The asterisk sign (*) at the beginning allows
finding objects that contain the text in any part of the name.
Now, Web Interface displays Boolean properties of AD objects using settings
configured for their editing. For example, if a drop-down list is used to modify
a Boolean property, instead of True/False, Web Interface will display the text of
the drop-down list item that corresponds to the property value.
Fixed Adaxes service startup delay that could occur after reinstallation of Adaxes.
Fixed a bug with renaming AD objects whose old and new names differ in
character case only.
Fixed an issue with Office 365 administrative account lockout. Now, Adaxes
does not cause the administrative accounts to be locked.
The most typical symptoms of the issue are as follows: you are no longer able to
manage user accounts and/or mailboxes in Office 365, and one the
following errors appears in
Adaxes Event Log:
Connecting to remote server failed with the following error message: The
request is not serviced on the server. Your request is too frequent.
Fail to create a runspace because you have exceeded the maximum number of
connections allowed: 3 for the policy party: MaxConcurrency.
This operation exceeds the throttling budget for policy part 'LocalTime',
policy value '3000000', Budget type: 'PowerShell'.
Now, if the Edit button is hidden on the Office 365 section, and a user
doesn't have an account in Office 365, the Create button is not displayed
Now, the Start the following program at logon option is not enabled when
specifying a Remote Desktop Services profile path for a user.
- Release Date:
- November 18, 2014
Reduced the time required to load recipients who have access to Exchange Online
mailboxes and distribution lists.
Now, you can enable mail forwarding to shared mailboxes and configure
recipients to accept or reject messages from shared mailboxes. Also, shared
mailboxes can be specified as distribution list moderators and senders who bypass
Improved performance of the Web Interface when certain groups are allowed or
denied the access to it.
Now, the following properties are displayed in a human-readable format:
Fixed the following error that occurred when performing an operation in Office 365:
An error occurred during authentication. Please retry your operation. If this
problem persists, contact Technical Support.
Fixed an issue with authenticating users whose custom User Principal Name (UPN)
is the same as the implicit UPN of another user.
Fixed the Administration Console crash when launching the visual HTML editor to
edit e-mail messages.
Now, searching for inactive user and computer accounts using the
Search-AdmAccount cmdlet also returns accounts that never logged in.
- Release Date:
- April 9, 2015
part of an AD object name or a Favorites folder name.
Fixed an issue with Web Interface access control rules in the DMZ. Due to the
issue, members of the groups that were allowed access to the Web Interface could not
log in, while members of the groups that were denied the access, could log in
We've improved performance in environments where Adaxes is used to manage
Improved the mechanism of checking the availability of Active Directory domains.
Now, slowly responding domains are not marked as unavailable.
Now, to avoid issues with loading log records from an external logging database
over a slow network, you can
increase the time-out
loading log records.
A typical symptom indicating that log records cannot be loaded because of a slow
connection is the following error message that appears when viewing log records:
Failed to load log records. Timeout expired.
Fixed the following error that could appear after a user from a domain managed by
Adaxes logged in:
You are authenticated as Guest since your domain (example.com) is not managed by
Fixed Access Denied error that occurred when trying to resend
SMS verification code during password reset from the Windows Logon screen.
Fixed an issue that prevented triggering of Business Rules on certain members of
Business Units. Now, if an AD object is a member of a Business Unit on the basis
of a LDAP query, operations on such an object will trigger Business Rules which
include the Business Unit in their Activity Scopes.
Fixed the Requested value 'PendingActivation' was not found error when
registering or modifying an Office 365 tenant.
Fixed errors that prevented management of Exchange 2007 accounts and
distribution lists when the administrative credentials for managing their domain
were specified explicitly. Now, credentials of Adaxes default service administrator
are always used to perform operations in Microsoft Exchange 2007.
Now, with the help of the cmdlets from
you can manage Active Directory objects whose names are the same as aliases for
well-known security identifiers, for example, BG, DU etc.
Fixed overlapping of long names in lists of Active Directory objects displayed
in the Web Interface.
Fixed the following warning:
The term 'Get-ManagedFolderMailboxPolicy' is not recognized as the name of a
cmdlet, function, script file, or operable program.