What's New in Adaxes 2019.2


Version:
3.12.17124
Release date:
October 24, 2019
Latest Update:
Update 2

We are constantly working to improve Adaxes, and here is an overview of what we have added in version 2019.2. This time we mainly focused on security-relevant aspects and have introduced another authentication factor for self-service password reset, two-factor authentication for Web Interface, auditing of sign-in activities and new notification capabilities for approval-based workflows.

Here’s more about what’s new in Adaxes 2019.2.

Authenticator app verification for self-password reset

We've added the option to use a mobile authenticator app as a verification method for self-service password reset. With this option enabled, users will be required to open the app on their mobile phone (or any other device) and enter the code displayed in the app to verify their identity.

Authenticator app verification for self-password reset

Unlike SMS messages, authenticator apps run locally on the user's device which means that verification codes can't be intercepted on the phone network, code generation is instant and does not require an Internet connection or mobile service.

Adaxes supports the following authenticator apps:

  •   Google Authenticator
  •   Microsoft Authenticator
  •   Okta Verify
  •   OneLogin Protect
  •   Authy
  •   Auth0 Guardian
  •   Duo Mobile

When the new authentication method is enabled, users will be prompted to enroll for password self-service and setup the authenticator app. The process is simple and will only require the user to install the app on their device and then activate it by scanning a QR code.

Activate authenticator app

If a user loses their mobile device or gets a new one, they will need to re-activate the authenticator app on the new device. This can be done one of three ways: transfer the activation to the new device by means of the app itself (provided it supports that), reset the app activation using the Reset multifactor authentication operation in Adaxes, or use the Change device option in the Web Interface for self-service. For more details, see Reset authenticator app.

Change device

The Change Device option

Password self-service enrollment

We have also improved the user experience during enrollment for password self-service. We have made it a step-by-step process with clear and simple instructions that are easy to follow. To make sure mobile phone numbers are entered correctly, we have added an SMS verification step to it.

And now you have the option to remove the Disenroll link from the Password Self-Service card.

Two-factor authentication for Web Interface

We've added the ability to use time-based one-time password verification (via Google Authenticator and other similar apps) as an authentication factor for the Username/Password authentication type in the Web Interface. If enabled, the user will need to install the app on their device and activate it upon the first login. During subsequent logins, after entering their credentials, the user will be asked to enter a code generated by the authenticator app to sign in to the Web Interface.

Monitoring sign-in activity

Starting from the new version, Adaxes will log all user logins to the Web Interface and Web Interface Configurator. It will allow you to track who logs in, who fails to log in, from which host, to which Web Interface, when, etc.

Notification about operations that failed after approval

Now Adaxes will send an email notification to the user who initiated an operation that was submitted for approval, approved but executed with errors.

The subject, header and footer of the email notification can be customized according to your needs.

Email template for failed operations

Sending emails to mailboxes that are being created

It is now possible to send email messages to mailboxes that are currently being created in Exchange Online. For example, you can now send a welcome email to a user right after assigning an Exchange Online license. Adaxes will wait until a mailbox is created in the cloud and only after that it will send the email message to the mailbox.

New reports

We've added two new reports for the features introduced in this release:

  • Web Interface sign-ins - contains information about all user sign-in activities to Adaxes Web Interface.
  • Authenticator app activation - shows which mobile authenticator apps have been activated by users.

Update 1


Version:
3.12.17205
Release Date:
November 5, 2019

  • Fixed the issue with restoring Web Interface column settings from a backup.
  • Now enrollment prompt is not displayed when the Password Self-Service policy is disabled.
  • Fixed the issue with field focusing in Web Interface.

Update 2


Version:
3.12.17215
Release Date:
November 15, 2019

  • Fixed the issue with displaying the unlock account step before questions and answers verification when using Password Self-Service for locked out accounts.
  • Fixed the Index (zero based) must be greater than or equal to zero and less than the size of the argument list error that occurred when generating reports in German language.
  • Fixed the Object reference not set to an instance of an object error that occurred when a Custom Command had a drop-down list parameter without items.
Try Adaxes right now!