What's New in Adaxes 2020.1


Version:
3.13.18001
Release Date:
July 01, 2020
Latest update:
Update 1

In this release, we focused on extending the automation capabilities of Adaxes and improving end user experience. It comes with rule-based groups, the ability to approve requests from emails, a new editor for binary fields, the dark theme, and a long list of convenience features for the Web Interface.

Here’s more about what’s new in Adaxes 2020.1.

Rule-based groups

Groups in your Active Directory can now have rule-based membership. The idea is simple — you define the membership rules for a group and Adaxes manages its list of members for you.

Membership rules are very flexible and offer many criteria for including objects in a group. As an example, you can include all users located in a certain OU, but only if their department is Sales and their account is enabled. Also, you are free to mix and match different object types within the same rule-based group.

You can configure the membership rules yourself or delegate it to other users, for example, group owners. And, of course, you can hide all the inner workings of rule-based groups from ordinary users and let them only view the current members.

Learn more about rule-based groups

To top it up, we included two new reports to simplify auditing rule-based groups:

  • Rule-based groups - displays all existing rule-based groups and their properties.
  • Empty rule-based groups - shows all rule-based groups which currently have no members.

After you upgrade to the new version, you will need to enable the Membership Type section in the Web Interface Configurator to start using rule-based groups. For more details, see Automate group membership management.

Improvements to approval requests

Approval-based workflow is one of the core features of Adaxes, so we decided to streamline the approval process as much as possible. Here is a list of improvements which will make your user experience more complete.

Approve requests from email notifications

It is now possible to approve or deny requests without logging in to the Web Interface. The approver only needs to click a button in the notification email.

Operation descriptions in the notification emails are now more clear and concise, without any unnecessary technical details. Also, the layout now looks more consistent in different email clients.

After you upgrade to the new version, the ability to approve/deny requests from email notifications will be disabled. For details on how to enable it, see Enable Approve/Deny Buttons in Email Notifications.

Pictures in approval requests

It is now possible to review picture changes that are sent for approval. Updated pictures are displayed in the Web Interface and in the approval notification emails.

For example, you can now delegate updating pictures to your users and let their managers approve the new picture.

Pending requests indicator

You can now view both your pending requests and approvals on any page of the Web Interface thanks to the new indicator in the navigation bar.

Reason for approval

It is now possible to specify the reason for approval. This will make approved requests more informative.

Approval request processing date

Now Adaxes remembers the date when a request was approved, denied, or cancelled. It will help you with monitoring and auditing processed approval requests.

We have also updated the built-in Approved requests, Cancelled requests, and Denied requests reports. Now the requests in these reports are sorted and grouped by processing date by default.

These built-in reports will not be updated automatically after you upgrade to the new version. To replace the existing reports with the updated versions, you will need to restore them to the initial state.

Binary fields in Web Interface

It is now possible to upload files into binary properties of AD objects from the Web Interface. For example, your HR staff can now attach staff contracts, CVs, or any other relevant documents directly to user accounts. Adaxes recognizes the most popular file types like PDF, DOC, or XLS and displays the corresponding icon, but it is possible to attach any files.

You can download the attached files from various Web Interface views and from the report documents.

For more details, see How to attach files to AD objects.

Web Interface improvements

We continue extending the functionality of the Web Interface and making improvements to its visual appearance. Here's a list of improvements we have made this time.

Dark theme

The dark theme is now available for the Web Interface. Users can switch between dark and light themes according to their personal preferences.

It is also possible to use the dark theme in the Web Interface Configurator.

SVG logo support

The new version fully supports using SVG files for your custom logo. Your logos will now look great on any resolution.

You can even make your SVG logos dynamically change colors so they stand out on both, dark and light themes. For more details, see how to Set Custom Logo and Colors.

Enhanced auto-reply message editor

We have improved the user interface and have added new features to the HTML editor for automatic replies. You can now add tables to the messages and there are more formatting options available.

Bulk reset computers

It is now possible to bulk reset computer accounts in one click.

Filter operations

You can now filter long lists of operations. It is helpful if you have many Custom Commands and need to find one quickly.

Filter drop-down lists

Drop-down lists that have more than 10 items can also be filtered. You can easily find the right value in lists of any length.

New search criteria and filter

It is now possible to search for AD objects using a bunch of new search criteria. We have also added a filter to the criteria list, so you can find what you need quicker.

Here is the full list of new criteria:

  • Reversible Password Encryption
  • Cannot Change Own Password
  • Change Password at Logon
  • Password Never Expires
  • Password Not Required
  • Account Disabled
  • Smart Card Logon Required

Mobile Web Interface

We have improved the user interface of the sign in page and the Self-Service Password Reset wizard on small screens.

Other improvements

We have completely reworked all icons so they look crisp and clear on all resolutions, including 4K.

We have added a button to the Web Interface Configurator that lets you cancel all changes with one click.

We have increased the maximum number of fields in object mouseover popups from 5 to 10.

Email notifications sent by Adaxes can now have a friendly display name in the FROM field.

From now on, clicking on the My account card opens your account in view mode instead of edit mode.

And more

New condition

A new condition is now available — If <property of the member> <relation> <value>. You can use it in Business Rules that trigger before/after adding or removing a member from a group. It allows you to check the property values of the member who is being added or removed, and execute different actions depending on those values.

For example, you can request approval for adding a user to a group if they are not from a specific department.

New virtual properties

We have added a number of new virtual properties to simplify extracting information about AD object owners and group members. For example, you can now check whether a group owner has a mobile number, and send them an SMS if they do.

Here is the full list:

Available in Business Rules, Scheduled Tasks, and Custom Commands configured for an object type that has a Managed By property e.g. computer or group. Will retrieve information about the object owner.

  • adm-ManagedByFullName
  • adm-ManagedByFirstName
  • adm-ManagedByLastName
  • adm-ManagedByDisplayName
  • adm-ManagedByUserName
  • adm-ManagedByEmail
  • adm-ManagedByMobile
  • adm-ManagedByPhone

Only available in Business Rules that trigger before/after adding or removing a member from a group. Will retrieve information about the group member who is being added or removed.

  • adm-MemberFullName
  • adm-MemberFirstName
  • adm-MemberLastName
  • adm-MemberDisplayName
  • adm-MemberUserName
  • adm-MemberEmail
  • adm-MemberMobile
  • adm-MemberPhone
  • adm-MemberObjectType

As another example, you can now send email notifications to new group members without using scripts.

Merging property patterns

We have improved how Adaxes handles situations when several Property Patterns for the same property overlap in their activity scope. Now, Adaxes will combine and apply all effective patterns, providing they are not conflicting. For example, you can now set a default value for a specific property in one pattern and define constraints in another pattern.

Even more improvements

  • Now the permissions for specific object types are taken into account when determining the visibility of Web Interface actions for the signed in user. For example, if a user has the permission to create only User objects, the Create computer action will not be displayed.
  • The number of custom attributes provided by Adaxes is extended, as CustomAttributeBinary6...CustomAttributeBinary15, CustomAttributeDate6...CustomAttributeDate15, and CustomAttributeTimestamp6...CustomAttributeTimestamp15 are now available.
  • You can now set maximum sending message size and receiving message size for Exchange Online mailboxes.
  • A Reset room mailbox password and Modify account options actions are now available in Business Rules, Scheduled Tasks, and Custom Commands configured for the Room mailbox object type.
  • The recipient type of an Edit Exchange properties action is now displayed when you edit the action in the Web Interface Configurator.
  • Unnecessary technical details were removed from the operation descriptions.
  • It is now possible to modify the Automatically update e-mail addresses based on e-mail address policy option of remote mailboxes.
  • You can now retrieve the DN of the new group member via %member% value reference in the Modify Exchange properties action in Business Rules that trigger After adding a member to a group.
  • The EnableRemoteMailboxEx2 method was added to the IAdmExchangeRemoteMailboxOps3 interface to simplify the creation of shared remote mailboxes in PowerShell scripts executed by Adaxes.

Update 1


Version:
3.13.18001
Release date:
July 01, 2020

Enhancements

  • Improved how Adaxes determines the validity of time-based one-time passwords generated by authenticator apps. This in turn resolved the issue where codes generated by Duo Mobile app were sometimes considered invalid.
  • Now it is possible to disable logging of the rule-based group updating summary operation.
  • Now it is possible to use the values of the following properties as thumbnail user images: JPEG Photo, Photo, and Logo.
  • Chrome and Firefox browsers no longer suggest a browser-generated password on the Sign In page of the Web Interface.
  • The adm-MemberXXXX value references can now be inserted in the Visual HTML Editor in Adaxes Administration Console using the Insert Value Reference button.
  • Improved the clarity of Web Interface elements in the dark theme and made the transitions between dark and light themes smoother.

Bug fixes

  • Fixed the issue where the default value of the Can be joined to domain by property (set by a Property Pattern) would be displayed incorrectly on the computer creation form in the Web Interface.
  • Fixed the Could not acquire a connection for 'domain.com'. Connection pool is full. error which appeared when many manual rule-based group membership updates were started simultaneously.
  • Fixed the No HTTP resource was found that matches the request error which could occur when selecting a property in a property name picker parameter of a Custom Command.
  • Fixed the Unable to cast object of type 'System.Byte[]' to type 'System.String' error which could occur when selecting a group in a Remove from group Web Interface action.
  • Fixed the issue where querying the value of PasswordExpirationDate property in Adaxes scripts (e.g. using $Context.TargetObject.PasswordExpirationDate) would return an empty value.
  • Fixed the issue where an XLS file uploaded into a binary property would be sometimes identified as CSV.
  • Resolved several issues where the displayed value of Membership Update Schedule of rule-based groups would not take into account the timezone of the user who is viewing it.
  • Fixed the issue where a Business Unit that has an Objects located in OU or container rule would include the base OU itself if the Sub-tree level scope is selected in rule parameters.
Try Adaxes right now!