ADManager Plus MSPs Release Notes

8032 (Nov 26, 2025)

Enhancements:

• The Management module now includes the following enhancements.
  • Added support for the Manager, Employee Type, and Extension Attributes (1-15) fields in the Microsoft 365 tab under User Creation and Modification Templates.
  • The Email field is now mapped to Microsoft 365 in User Creation Templates.
• Backup add-on: Added support for configuring a custom Backup Repository location. Backups can now be stored in Local and NAS/Shared paths.

Issues fixed:

• Fixed an issue where group-based Help Desk Technicians in ADManager Plus were not synced to AD360, causing login failures in AD360.
• Fixed an issue where the Azure Active Directory duplication check allowed the creation of Microsoft 365 users with duplicate attributes.
• Fixed an issue where enabling Allow cross domain users to log in caused the parent domain users of the delegated group to lose their assigned roles.
• Fixed an issue in the Workflow tab for user modification requests where Microsoft 365 details of a hybrid user were not displayed to the requester.
• Fixed an issue where the search functionality in the Organization Attributes did not work in User Creation and Modification Templates.
• Fixed an issue where multiple Advanced Naming Formats configured in User Creation and Modification Templates were not displayed correctly.

Security fix:

• A security vulnerability in the JRE version used has been fixed by upgrading to 1.8.0_472.
• A security vulnerability in the Tomcat version used has been fixed by upgrading to 9.0.111.

8031 (Nov 17, 2025)

Issues fixed:

• Fixed an issue where only the prefix was being updated for the Logon name field in Active Directory when the Azure Active Directory duplication check was enabled.
• Fixed an issue where the User must change password on next logon flag was not getting updated when resetting a password through ServiceDesk Plus on-premises.
• Fixed an issue where Microsoft 365 licenses were not being displayed for the reviewer during user creation.
• Fixed an issue where the criteria dropdown for the Last Logon Time Stamp filter was not appearing in Computer Reports under Computer Automation.
• Fixed an issue in Japanese language environments where enable/disable actions performed via Custom Reports did not trigger Event-driven Automation, and Audit Reports incorrectly displayed successful tasks as Failure.
• Fixed an issue where the Refine Results filter was not retained when using the Check All option in Custom Reports, causing management actions to display results without the applied filter.
• Added support for the Email Alias field in both User creation and Shared Mailbox creation templates under the Remote Mailbox tab.
• Fixed an issue where Active Directory groups within the Builtin container were incorrectly shown under the Domain Local group scope in the All Groups report.
• Fixed an issue preventing the import of XLSX reports exported from ADManager Plus to other tools.
• Fixed an issue where files were getting accumulated in the dump folder, triggering a memory spike.
• Fixed an issue where users were unable to access ADManager Plus when /AppsHome.do was appended to the URL.

8030 (Oct 30, 2025)

Features:

• Zia - AI chat assistant: A new AI-powered assistant, Zia, has been introduced to help users perform AD management tasks and generate reports using simple natural language input—eliminating the need to navigate through complex menus.
• Zia Insights: Introduced Zia Insights in AD Explorer to provide AI-powered group membership analysis, including anomaly detection, privileged group identification, and peer comparison scores, enabling faster detection of outliers and corrective actions.
• Rollback support for AD and Entra ID objects: A new Advanced Recovery tab has been added, allowing you to roll back AD and Entra ID objects to a specific time to undo modifications or recover lost data. The recovery process can be further refined using granular filters.
• BitLocker recovery key retrieval: You can also now easily retrieve BitLocker recovery keys for domain-joined computers in AD through a dedicated interface.

Enhancements:

• The Application Integrations module now includes the following enhancements.
  • ADManager Plus now supports 50 more applications natively for identity life cycle management.
  • You can now modify computers, groups, and OUs through REST API.
  • Orchestration templates can now be retrieved and executed via REST API.
  • You can now search, create, modify, and delete contacts using REST API.
  • Environment Variables can now be searched, added, and updated using REST API.
  • Organization Attributes can now be searched, added, and deleted using REST API.
  • Added dynamic condition-based JSON value fetching support for custom HCM integration.
  • Added a custom response handler option for inbound webhooks.
• The Orchestration module now includes the following enhancements.
  • Added success and failure flow support for all the blocks in Orchestration.
  • Added support for using webhooks as an action in Automation and Workflow modules.
  • Orchestration module now supports using outputs from previous blocks as macros.
  • Added a new Sync to other domain block where the objects can be synced from a source domain to a target domain.
  • Added a new Database Operations block to perform database operations for custom database applications configured under Application Integrations.
  • Added a new Remove All ACE Permissions block to remove permissions from an AD object, useful for off boarding scenarios.
• The Automation module now includes the following enhancements.
  • Added share support under the Actions column in Event Driven Automation.
  • Event-driven Automation now allows you to specify a trigger action (create, modify, delete, etc.) and apply attribute-based filters to refine execution.
  • Automation tasks with Orchestration now support including non-AD objects, such as users from integrated applications configured in Directory/Application Settings.
• The Workflow module now includes the following enhancements.
  • Added a new executionTime attribute under Data Source – LDAP Attribute Mapping in Application Integrations to schedule the execution time of selected tasks for each object. This can be used when configuring an automation with CSV as the data source.
  • Preview support has been added to Modify User By Template workflow request.
• The Reports module now includes the following enhancements.
  • Notification Templates can now be configured in the Notification Settings section of Schedule Reports.
  • Scheduler support has been added to DC Replication Status report.
  • Contact and OU reports have been merged into a single category, Contact and OU Reports.
  • NTFS and Security reports have been merged into a single category, NTFS and Security Reports.
  • Added an on-the-fly management action in Security Reports to remove security principals’ permissions.
  • Added a new Object Permissions report under NTFS & Security Reports.
• The Management module now includes the following enhancements.
  • File server management actions (Manage DFS, File Servers, NetApp, and EMC Isilon servers) are now unified under a single action, Manage File Systems.
  • Added an option to select a forest-level Manager in user creation and modification templates.
  • Added support for updating the Microsoft 365 company attribute.
  • Added a new memberOfWithPG header in User Creation Rules to allow setting any group as the primary group.
  • Added Copy User Attributes and Field Options To options in User Creation and Modification Rules.
• The Migration module now includes the following enhancements.
  • Added support for copying passwords from source during inter forest user migration.
  • Added support to retain user password settings from the source domain in the target domain during inter forest migration.
  • Added support for selecting Same as Source in the Domain Suffix of UPNs section in User Migration.
  • Added Account Transition section in User Migration to enable target accounts and disable source accounts after migration.
• Other enhancements
  • Added support to configure Email servers in API mode using Microsoft and Google providers.
  • Removed the Remember Me option from Logon Settings under the Delegation tab.
  • Introduced new remediation options in Risk Exposure Management: Change Owner, Remove Permission, and Remove Membership.
  • Added support to configure a disclaimer for technicians logging into ADManager Plus.
  • You can now configure Product Uptime Notification to notify administrators each time the product starts.
  • Enhanced application security by implementing Content Security Policy (CSP) headers.

Issues fixed:

• Fixed an issue in the Dynamic Distribution Groups report where groups with a null value in the externalDirectoryObjectId attribute were excluded.
• Fixed an issue that caused Exchange Online reports to fail for tenants where a custom domain was set as the primary domain has been fixed.
• Fixed an issue in the following reports where No data available was shown when the product’s Entra application lacked the correct role assignment:
  • MFA Status
  • MFA Enabled Users
  • MFA Disabled Users
  • MFA Registration Details

8025 (Oct 13, 2025)

Security fix:

• A security vulnerability that exposed the NTLM hash of the service account configured in ADManager Plus to authorized technicians, as reported by bitxer, has been fixed.

8024 (Sep 19, 2025)

Issues fixed:

• Fixed an issue where the Microsoft 365 tab appeared blank for technicians and was only restored after editing and saving the technician profile once.
• Fixed an issue where the MFA Registration Details report did not appear for Help Desk Technicians in the Microsoft 365 Reports module, even though it was delegated.
• Fixed an issue where the home folder was created with the Full Name instead of the Logon Name when using Copy User Attribute during user creation.
• Fixed an issue in Automation where the Remove all permissions from file servers task failed to clear explicit permissions from subfolders.
• Fixed an issue with AuthToken validation in the ServiceDesk Plus On-Demand plugin integration with ADManager Plus.
• Fixed an issue where the Help Desk Audit Report appeared empty.
• Fixed an issue where exporting the Archived Audit Report resulted in a 400 error.
• Fixed an issue where emails were not sent when proxy settings were configured in the product.
• Enhanced Elasticsearch stability to prevent unnecessary dump files during connection failures.

Security fix:

• A security vulnerability (CVE-2025-10020) reported by bitxer has been fixed.

8023 (Aug 18, 2025)

Issues fixed:

• Fixed an issue where creating a Google Workspace user via CSV import resulted in an error stating the member was already in the group.
• Fixed an issue where the browser’s default locale was not applied for admin login.
• Fixed an issue that caused the product to restart every morning, generating a heap dump and triggering a memory spike.
• Fixed an issue where the Enable/Disable Users management task could not be completed because the screen kept loading indefinitely.
• Fixed an issue where audit data was missing in the Help Desk Audit Report for File Server Management tasks.
• Fixed an issue where the group count in the All Groups report did not match the count shown in the Modify Single Group module.
• Fixed an issue where the Exclude Nested Groups option did not work correctly in the Groups for Users report.

Security fix:

• A security vulnerability in the JRE version used has been fixed by upgrading to version 1.8.0_462.

8022 (Aug 01, 2025)

Issues fixed:

• Fixed an issue where the exported XLSX file for the Permission for Folders report displayed unicode characters in the sheet name instead of the original text.
• Performance of the Search Templates option in the Create Single User and Modify Single User management tasks has been improved.
• Fixed an issue that caused delays when loading the Help Desk Technicians page.
• Fixed an issue where the Send Mail option was not working in the DC Replication Status and Lingering Objects reports.
• Fixed the issue where cross-domain members could not be added to a group through REST API.
• Fixed an issue where the Servers With SMB Version 1.0 risk report incorrectly listed computers that had SMB Version 1.0 disabled.
• Fixed an issue where the OU filter was not applied when the Group Members report was selected in Automation.

Security fix:

• A security vulnerability (CVE-2025-48988) in the Tomcat version used has been fixed by upgrading to version 9.0.107.

8021 (Jul 18, 2025)

Enhancements:

• A new action, Remove Microsoft 365 Roles, has been added to Automation, Workflow, and Orchestration modules to streamline Microsoft 365 management.
• Help Desk Audit Reports now display both current and archived audit data in a single unified view. Additionally, archived data will now be included in scheduled audit reports, and a new filter option has been added to help you customize these reports.
• Performance has been improved for the Help Desk, Archived, and Scheduled Audit Reports.

Issues fixed:

• Fixed an issue where the LDAP query was not generated properly when using the isEmpty and isNotEmpty filters for the Direct Reports attribute in Custom Reports.
• Fixed an issue where the LDAP query was generated with the object GUID instead of the distinguished name for the Manager attribute in Custom Reports.
• An issue where help desk technicians with all OUs delegated to them were unable to view objects in the Modify Single User, Computer, Group, and Contact screens has been fixed.
• Fixed an issue where the bulk user and computer modification actions failed with a license limit error, despite being within the scope of the Standard ADManager Plus license.

8020 (Jul 02, 2025)

Features:

• Risk exposure management: Provides a visual map of high-privilege accounts, helping identify vulnerabilities and privilege escalation paths. It continuously monitors risk, provides security insights, and recommends remediation to strengthen your AD environment.
• Identity risk assessment: Risk Assessment now includes the following enhancements:
  1. Active Directory risk assessment
     • A new Misconfigurations category has been added.
     • 48 new risk indicators have been added across users, security, and misconfigurations categories for deeper analysis and improved security insights.
  2. Microsoft 365 risk assessment
     • On-the-fly management actions are now supported for Microsoft 365 risk indicators.
• Access certification campaign:
  • The following entitlements can now be reviewed and certified through access certification campaigns:
    • Exchange Mailbox Rights
    • Microsoft Teams and Channel Membership
    • Exchange Online Mailbox Rights
• Management:
  • Dynamic group membership: Create rule-based groups that automatically update memberships of security and distribution groups based on defined conditions, ensuring accurate group management with zero manual intervention.
  • You can now modify the properties of a dynamic distribution group.
  • Computer migration: You can now perform inter-forest and intra-forest computer migration.
  • Exchange Mailbox conversion: You can now convert any mailbox type to a regular, room, equipment, or shared mailbox in bulk.
  • Merge GPOs: The capability to merge multiple GPOs into a single policy within a domain has been added.
  • Template enhancements:
    • Group creation templates now support Creation Rules.
    • Computer modification templates now support Modification Rules.

Enhancements:

• ADManager Plus now supports Microsoft SQL Server version 2022.
• Performance has been improved for OU-based delegation and certain bulk management actions.
• The duration for which a member must remain in a specific group can now be configured while creating or modifying a group.
• Assign Conditional Access Policy and Remove Conditional Access Policy blocks have been added under Cloud Actions in the Orchestration template.
• The Mail Tips field has been added to Mailbox Creation Templates.
• You can now create script-based custom functions for naming formats. This allows the use of multiple macros within a single function to generate dynamic, organization-specific naming patterns in a structured, manageable way.
• Recipient Type and Label columns have been added to Exchange mailbox reports.
• Custom validation support has been added for custom attributes, enabling precise input checks when creating or modifying objects using templates.
• An Auto-map shared mailbox users to Outlook profiles checkbox has been added while setting mailbox rights for user mailboxes.
• Mail Server selection is now available in the Remote Mailbox tab of user and shared mailbox creation templates.
• AD Explorer now displays Windows LAPS details, including the password history entries, under the Computer Object properties.
• The LAPS setting has been removed from the Edit Help Desk Technician section, and a new Help Desk Role named LAPS Role has been added by default to the Legacy LAPS Details Workstation Computers report and AD Explorer.
• An option to notify on failed objects during workflow execution has been added.
• A Remove All NTFS Permissions action has been added under Other Actions in Orchestration.
• Custom reports now include the following enhancements:
  • Support for userWorkStation filter, and isEmpty and isNotEmpty criteria for Country attributes.
  • Ability to select multiple objects in the Member and MemberOf pop-ups.
  • New database filters such as BadPasswordCount, DaysSincePasswordLastSet, UserLogonCount, and CanonicalName have been added.
  • LAPSPassword, LogonHours, Nested Member and MemberOf Count columns have been added.
  • Support for Reset UserAccountControl Property management action.
• Scheduled reports now include the following enhancements:
  • Multiple servers can now be selected in the Shares in Server pop-up.
  • Schedule support to the Folders Accessible by Accounts and Non-Inheritable Folders reports has been added.
  • Refined filter support introduced for NTFS Reports.
• NTFS Reports now include the following enhancements:
  • Support for Remove, Modify, and Modify Bulk NTFS Permissions actions has been added.
  • A Disabled Users filter has been added to the Refine Filters section.
  • Description, Location, Last Write Time, and Last Access Time columns have been added for enhanced report visibility.
  • Built-in security principals such as CREATOR OWNER, SYSTEM, and AUTHENTICATED USERS are now available in the security principal selection pop-up.
• • Export support added for GPO Settings, GPOs with Specific Settings, Resultant Set of Policy, GPO Modeling, and Comparison of GPOs reports.
  • Scheduler support is now available for GPO Settings, GPOs with Specific Settings, and Comparison of GPOs reports.
  • Preferences settings such as Environment variables, Files, Folders, and Ini Files are now included in the Resultant Set of Policy and GPO Modeling reports.
  • New Enforced GPOs report under GPO Scope Reports has been added.

Issues fixed:

• Fixed an issue causing XLSX reports to be downloaded as 0 KB files.
• Fixed an issue that caused duplicate objects to appear while using the Modify Single User task.
• Fixed a slowness issue in Search AD Objects during continuous object searches.
• Fixed an issue where the Members and Member Of columns in reports appeared empty when a Domain Controller (DC) was non-operational.
• Fixed an issue where attachments were not included in emails triggered by the Send Notification task in Automation.
• Fixed an issue where the Automation page appeared blank when the automation policy was deleted even though it was still associated with an automation task.
• Fixed an issue where the duplication check did not function properly in workflow and automation for the Modify Users Using Template action.
• Fixed an issue where a random password was displayed in the workflow even when the Hide Random Password flag was set to true.
• Fixed an issue that caused performance degradation during Security ACE synchronization.
• Fixed an issue where editing or viewing Custom Reports caused significant delays, taking several minutes to load or save.
• Fixed an issue where the service pack installation failed if the newly added attributes were already configured in the Custom Reports column.
• Fixed an issue where the Sending Message Size and Receiving Message Size properties were incorrectly set to 0 KB in the User Creation and Modification templates, even when no changes were made.

Security fixes

• Upgraded to 7-Zip 24.09 version to address a vulnerability (CVE-2025-0411).
• Upgraded to Apache POI 5.4.1 version to address a vulnerability.

8012 (May 21, 2025)

Issues fixed:

• Fixed an issue where selecting the Inactive Azure AD Users report in automation resulted in incorrect data being fetched.
• An issue that caused a memory spike while generating Security Reports has been fixed.
• Fixed an issue where the is empty and is not empty conditions in the Advanced Naming Format did not function properly.

Other changes:

• Due to Microsoft's migration of authentication method management from legacy multi-factor authentication (MFA) and self-service password reset (SSPR) policies to the unified authentication methods policy, and the retirement of Azure AD and MSOnline PowerShell modules,
  • The following authentication methods can no longer be configured for users via the MFA Settings option under Microsoft 365 Bulk User Modification:
    • Phone app notification
    • Show one-time password (OTP) in application
    • Text code to mobile number
  • As part of this transition, ADManager Plus has removed its dependency on the MSOnline PowerShell module and has migrated to Microsoft Graph API to maintain compatibility with Microsoft's latest standards and ensure continued support.

8011 (Apr 10, 2025)

Enhancement:

• Load balancer with failover: Load balancing and automatic failover capabilities can now be enabled simultaneously, enhancing reliability and product performance while ensuring seamless operation and minimal downtime.

Security fix:

• A security vulnerability (CVE-2025-24813) in the Tomcat version used has been fixed by upgrading to version 9.0.102.
• The bundled PostgreSQL version has been upgraded to 15.12.

8010 (Mar 31, 2025)

Enhancements:

• ADManager Plus now allows you to manage Microsoft 365 without the mandatory configuration of a Microsoft 365 service account.
• Users can now diagnose and resolve issues related to network connectivity, URL endpoint connection, Exchange session creation and authentication, and the permissions required by the Entra ID application and service account from Directory/Application Settings.
• The default time period in Helpdesk Audit Reports can now be customized, allowing you to view data that aligns with your organization's requirements.
• A Select All option has been added for custom attributes in Custom Reports, making it easier to generate reports quickly and save time.
• The User must change password at next logon field can now be configured for Microsoft 365 and Google Workspace during single user creation.
• You can now view member details when selecting AD groups in Access Certification Campaigns.
• OUs can now be specified while importing objects from a CSV file or an external data source in automation, allowing you to filter and import only the necessary data from the selected OUs.
• The Backup tab has been redesigned for improved usability, and a new Quick Recovery tab has been added, enabling you to quickly review and restore deleted AD objects.
• ADManager Plus now supports Windows Server 2025.

Issues fixed:

• Exchange Attributes such as HideFromExchangeAddressList, AcceptMessagesFrom, and RejectMessagesFrom were not updated while updating user accounts using User Modification Templates.
• Issue preventing Rapid7 integration settings from being saved when GDPR or HIPAA compliance was enabled.
• The Members column in the All Users report displayed duplicate entries.
• The technician macro assigned to an attribute in ADManager Plus always resolved as Admin when configured in an orchestration template and triggered from the Advanced Management section.
• Issue where separate email notifications were sent for each task in the automation policy during workflow execution, regardless of the attachment configuration in the notification template.
• Issue where modifying group attributes for computers using a CSV file under Bulk Computer Modification failed for subsequent objects if the first object encountered an error.
• Deleted managers still appeared in the Manager column of reports.
• Issue where orchestration was not triggered for all remaining objects after one object failed during bulk user creation.
• Issue where inbound trust domains could not be selected in the Target Domain dropdown during migration.

8002 (Feb 24, 2025)

Enhancement:

• Minor changes to improve integration with the latest version of ManageEngine AD360.

Issue fixed:

• Issue in configuring the desired time period in a report while using it as datasource in automation.

8001 (Feb 03, 2025)

Enhancements:

• The jQuery version has been updated from 3.5.1 to 3.7.1.
• ADManager Plus now uses an upgraded version of Apache Tomcat (version 9.0.98) for enhanced reliability and security.

Issues fixed:

• Issue where the Unable to connect with Active Directory Server error was thrown while performing a management task from ServiceDesk Plus.
• Issue where macros were not resolved in automation failure notification.
• Issue in exporting reports in XLSX format when password protection was enabled.
• Issue during user creation where ManagerName macro did not resolve, and the other macros were duplicated when the User'sManager macro was added to the To address field in the notification template.
• Issue where the decision block in orchestration templates, used to check if a user is a member of a specific group, failed to execute.
• Issue where the external e-mail addresses column did not display data in custom reports.

Other changes:

• Support for the 32-bit build architecture has been discontinued from ADManager Plus build 8000. We recommend migrating to a 64-bit architecture before upgrading to version 8001.

8000 (Dec 26, 2024)

Enhancements:

• Access Recommendations: Utilize machine learning to receive smart suggestions for better decision-making during user provisioning and Access Certification.
• Risk Assessment now includes the following enhancements.
  • 34 new risk indicators across user, computer, and security categories for enhanced analysis and deeper security insights.
  • Flexible scheduling options to customize the Risk Assessment reports generation frequency.
  • Added a graph to display risk score trends over time, enabling data-driven insights.
  • Improved scalability and readability of the exported Risk Assessment report.
• The Application Integration module now includes the following enhancements.
  • CSVs exported from third-party applications can now be configured as data source in Automation.
  • Data preview functionality for third-party application data source during Automation modification.
  • Support for custom authentication methods.
  • Column customization in REST API responses for tailored integrations.
  • Macro usage for XML in the request body of Webhooks.
  • Advanced filter capabilities with regex support for Automation tasks.
  • Custom functions are now supported through macros in Webhooks, Automation, and Event-driven Automation.
  • OU name is now supported in decision-based criteria block of Orchestration Template.
  • Predefined inbound and outbound configurations for more than 60 applications added under Application Integration.
  • Improved SOAP API-based integrations with value-based indexing for additional attributes.
  • User and group templates can be mapped with the integrated applications.
• The following enhancements are made in the Automation module.
  • Added a filter to exclude non-mail-enabled users from Microsoft 365 reports.
  • Increased visibility for schedule frequency values.
• Reports module now includes the following enhancements.
  • Added the show hyphen for empty values option in report export settings.
  • Added the Creation Time column in the BitLocker Recovery Key report.
  • Exported Search Permission report now includes object permission details.
• When sending notifications with custom attributes of bulk users, the values will be displayed in a table format.
• Domain/Tenant Settings option has been renamed to Directory/Application Settings, with Google Workspace and Application Integration settings now included under it.
• ADManager Plus now uses upgraded JRE versions1.8.0_432.
• ADManager Plus now uses upgraded PostgreSQL version 15.8.
• Upgraded Microsoft JDBC Driver for SQL Server from version 7.4.1 to 8.4.1.

Issues fixed:

• Optimized the CPU usage in ADManager Plus.
• Enhanced the performance of the technician deletion and Group Member report exports.
• Issue where manager sync was not triggered if only the manager DN was available in the report.
• Conditional issues in Event-Driven Automation.
• Issue in Automation where administrators were receiving failed object emails despite the settings being configured for successful notifications only.
• The performance of user creation and modification templates has been improved.
• Issue with UTC format filter for the Next N Days in Custom reports.
• Issue where Event-driven Automation was not triggered when a user was disabled using the ADManager Plus disable user REST API.
• Issue where exporting the Group Members report in XLSX format limited the output to 19 sheets when more than 100 groups were selected.
• Issue where technicians could view and restore deleted users from OUs that were not delegated.

Other changes:

• The Generate Authtoken API in ADManager Plus will be deprecated starting January 2025. Technicians will receive an email notification each time this API is used until its deprecation.

7252 (Oct 14, 2024)

Issues fixed:

• Issue where exported files in XLSX format became corrupted due to a limitation in cell style count.
• CPU utilization has been enhanced when ADManager Plus is integrated with ManageEngine AD360 or Log360.

7250, 7251 (Oct 04, 2024)

Enhancements:

• All Managers as reviewers and approvers: ADManager Plus now allows you to automatically set managers as reviewers and approvers, streamlining the process with a one-step configuration that directly assigns workflow requests to the requester's manager.
• The Security Reports comes with built-in options to group data by objects or permissions.
• AD Explorer:
  • The Delegated Permissions tab now shows a selected user's direct, inherited, and delegated AD security permissions on AD objects.
  • DFS permissions can now be viewed in the File System Permissions tab.
• Workflow module in the notification template:
  • You can now add a user's manager as a macro in the Send Notification to field.
  • An Attachment Type option has been added.
• The Orchestration Template now provides an option to add a time delay in seconds, minutes, hours, or days between two consecutive actions.
• ADManager Plus now supports additional fields for Google Workspace user creation, including Mobile, Title, Department, Employee Type, Recovery Email, and Recovery Phone.
• An Empty option has been added to the email field in User Creation Templates, allowing the email to remain blank if a duplication is detected.
• User Logon Reports in the Microsoft 365 tab:
  • Option to exclude active AD users from the Inactive Users report.
  • Ability to include AD attribute columns in the Users Last Logon and Inactive Users reports.

Issues fixed:

• Date fields in XLSX exports were formatted as text strings instead of dates.
• Issue with resolving the accountExpires macro in the Automation task's send notification action.
• Issue in Workflow, Automation, and Event-driven Automation where Mailbox Auto Reply actions failed to resolve Microsoft 365 attribute macros in the message body.
• An issue where the manager's name appeared multiple times, separated by commas, when sending notifications to all users via Automation.
• An issue where Microsoft 365 actions triggered by Event-driven Automation were failing due to exceeding the Exchange Online PowerShell session availability limit.
• An issue where using the %ManagerOfRequester% macro in the Workflow's assigning rule fails to assign the request to the manager due to improper sync.

7241 (Aug 01, 2024)

Issues fixed:

• The startup issue faced by select customers with the latest JRE version after updating to ADManager Plus build 7240 has been fixed.
• Issue faced by customers when adding custom attributes in management templates has been fixed.

7240 (July 19, 2024)

Enhancements:

• The scheduled reports now support group-based view, including group name and member details.
• Audit report export operations have been optimized to improve performance and enhance user experience.
• Options to reset and delete a computer have been added to the Single Computer Modification task.
• Help desk technicians in a business workflow can now be allowed to edit and resend failed workflow requests.
• ADManager Plus offers the following enhancements for database migration,
  • Supports MS SQL Always On Availability Groups
  • Supports MS SQL failover cluster
  • Existing database can be migrated to Azure and AWS SQL server.
• You can now view Windows LAPS in AD Explorer.
• The Creation and Modification Rules now include the following enhancements:
  • Bulk deletion of rules.
  • A option to overwrite existing rules during import.
• Custom reports can now be added to existing widgets on the dashboard.
• ADManager Plus now uses upgraded JRE versions1.8.0_412 (Zulu 8.78.0.19-CA-win64)

Issues fixed:

• In the Automation module, if an OU name is specified in the CSV file and the technician lacks super admin privileges, the successive task only executes for certain users listed in the CSV.
• Event-driven Automation failed to remove users from groups when Move Users or Modify Users are the trigger actions.
• Modifying a custom attribute caused it to disappear from the filter condition drop-down of Custom Reports.
• Delay in creating user modification requests from automation module while using CSV file or HCM application as data source.
• Inability to view the Microsoft 365 security groups when all M365 domains are not delegated.
• Scheduled automations encountered a report generation failed error when Microsoft 365 tasks used data from an AD report.
• Issue in email notifications where the manager macro fetched the distinguished name for cross-domain managers.
• Inability to view the table border and logo when exporting scheduled reports in HTML format via mail.
• Issue in exporting reports that led to excessively large file sizes and exhaustion of disk space.
• Issue with editing GPOs that have only disabled values in the policy.
• An issue where the email notification triggered by selecting the Send Consolidated Report option would override the conditions set in the Send Notification About field.
• Issue in showing Database Information when migrated from PGSQL to MSSQL.

7231 (March 22, 2024)

Issues fixed:

• Issue in updating ADManager Plus if the default template under Orchestration was deleted.
• Issue in updating ADManager Plus from build 7224 if ManageEngine Log360 integration was disabled.
• Issue of help desk technicians not being able to copy any creation or modification templates.
• Issue of help desk technician group members not being able to login if there is a comma in their full name.
• Issue of Custom Report filters not functioning as expected with Last N days or Before N days conditions.

7230 (March 06, 2024)

Features:

• Microsoft 365 risk assessment: Identify potential risks in your Microsoft 365 environment with comprehensive risk assessment reports and implement the recommended mitigation measures straight from the reports.
• Access certification campaign:
  1. The following entitlements can now be reviewed and certified through access certification campaigns:
     1. NTFS permissions
     2. Microsoft 365 group memberships
     3. Microsoft 365 roles
     4. Microsoft 365 application assignments
  2. You can now track the progress of access certification requests.
• ServiceDesk Plus - ADManager Plus integration: The integration of ServiceDesk Plus with ADManager Plus now offers support to set account expiry for users and create users with an enhanced layout.
• Copy GPOs: The capability to copy GPOs from one domain to another within a forest has been included.

Enhancements:

• ADManager Plus now uses upgraded versions of Apache Tomcat (version 9.0.83), JRE (Zulu JRE 1.8.362) and PostgreSQL (version 15.4).
• Export operations have been optimised to improve performance and enhance user experience.
• Detailed Group Members report now provides options to export the result into a single file, a single file grouped by object type, or files grouped by selected objects.
• ADManager Plus now provides support to email the report directly from the GUI.
• An option to send a consolidated report after the completion of the automated tasks is added while configuring the notification template.
• You can now secure the access to shared paths by configuring the credentials of the custom service account for authentication.
• You can now view the lockout status and time of user accounts in reports.
• Microsoft 365 fields can now be included in creation or modification templates while using Copy User Attributes.
• An option to view the macros list supported in custom script has been added to user modification templates.
• The workflow request page has been redesigned to improve usability and now includes the ability to track the progress of workflows.
• ADManager Plus offers DC sort intelligence option which when enabled sorts domain controllers according to their response time and retrieves data from the domain controller with the fastest response time.
• Support to view the security settings (Account Policies, Local Policies, Event Log, Restricted Groups, System Services, Registry, and File System) along with the administrative template settings that will be applied on the selected user and computer has been added to the Resultant Set Of Policy and GPO Modelling reports.
• It is now possible to specify the duration of group membership while creating workflow requests to add groups, computers, contacts to AD groups, and to add users to Microsoft 365 groups.
• The GPO Delegation report now includes support for viewing invalid security principals and removing GPO permissions.
• Support to automate tasks like deleting Microsoft 365 users, disabling remote mailbox, creating computers, modifying users using CSV, and more has been added.
• The following enhancements have been made to the Orchestration Template:
  1. Decision block that operates according to the previous result, which could be a webhook response, script result, or AD attribute criteria.
  2. Inbound orchestration to pull data from external application and perform actions in ADManager Plus using webhook.
  3. Run orchestration templates directly from the Management, Workflow, Automation, and Automation Policy tabs.
  4. Support for M365 Auto Reply task has been added.
  5. Delegate the orchestration templates to Help Desk Technicians.
• While selecting reports like Recently Created Users or Soon-to-expire User Accounts as inputs in automation tasks or scheduled reports, you have the option to filter the data based on a specific time frame.
• ADManager Plus has now enabled the addition of user photos to Microsoft 365 user accounts during user creation or modification.
• You can now share automations, automation policies, and scheduled reports to help desk technicians with View/Edit permissions, and custom reports with View/Edit/Full Access permissions.
• The following enhancements have been added to the Admin Audit Report,
  1. Audit for creation or modification of Automation, Scheduled Reports, Custom Reports, Event-driven Automation, Webhook Template, and Orchestration Template has been added.
  2. An option to access the audit history has been included in the Automation and Event-driven Automation pages.
• An option to view the user entitlements has been added to the Modify Single User page.

Security Fix:

• The security vulnerability which exposes NTLM V2 hashes, as reported by Metin kandemir, has been fixed.

Issues Fixed:

• Issue in unlocking help desk technicians even if they do not exceed the total technician count allowed by their license.
• User migration using the ADMT module in ADManager Plus failing when the user display name has a comma.
• A minor issue in forest level duplication of email attribute when root domain is not added to ADManager Plus.
• Email notifications are not getting triggered when a user is enabled or disabled using the Modify Single User management action.
• Inability to view the templates by help desk technicians without the super admin role while delegating creation and modification templates to other technicians.
• Bitlocker Disabled Computers and Bitlocker Enabled Computers reports producing inconsistent data when the Exclude Child OU(s) option is selected.
• The email notification triggered after completion of the Modify User Attributes automation does not include the changes made to the custom attributes.
• Issue in saving the user creation template with changes to the Microsoft 365 license without selecting a value for the Country attribute.
• The time set for Session Expiry Time in the Connection Settings under the Admin tab is not being applied to the product globally.
• Management actions performed directly from the reports are not updated when the Check All users option is selected.
• Delay in creating single or bulk groups when a high number of members are added using CSV.
• Grouping conditions option missing in user creation and modification templates has been added.
• The All Users report displays the manager details even after the manager account is deleted in AD.
• Issue in running backup schedules and performing restoration due to difficulties in establishing connection with elasticsearch.
• Inconsistencies in backup schedules and data restoration due to difficulties in fetching data.
• Issue in performing GPO backup due to intermittent product restarts.

7224 (February 19, 2024)

Features:

• SOAR Workflow: Integrating ManageEngine's SIEM solution, Log360, with ADManager Plus will allow your SOC team to carry out AD management actions from Log360 as part of threat response and security remediation.

7223 (January 22, 2024)

Fixes:

The following issues have been fixed in this release:

• An authenticated RCE security vulnerability (CVE-2024-0252) in the load balancer component has been fixed. This vulnerability was reported by Joe Zhoy.
• An information disclosure security vulnerability reported by Samuel has been fixed.

7221, 7222 (December 08, 2023)

Enhancements:

• Two new Microsoft 365 reports have been introduced to give insights into last logon time of users and inactive users in your tenant.
• An option to allow or restrict technicians from viewing all other technician's audit data is added to the Help Desk Audit Reports.
• ADManager Plus now supports certificate-based authentication for Microsoft 365 tenant. You can now update the certificate details under Domain/Tenant Settings to authenticate your account against Azure AD.
• ADManager Plus has now enhanced its integration capabilities by extending support for various business application like ServiceDesk Plus Cloud, JIRA, Freshservice, and more. These integrations come with preconfigured settings are designed to enhance identity management, governance, and AD management.

Issues fixed:

• The email ID shown during user creation and in Help Desk Audit Reports has been updated to display the E-mail attribute value.
• The Refine Results configurations in custom reports are not accounted when the report is triggered using an automation task.
• The users deleted using the Modify Single User task are still being displayed in the list.
• Issue in setting the In/Out Policy while creating or modifying a room mailbox.
• The workflow requests created using automation is showing duplicate entries.
• Issue in connecting to Microsoft SQL database to generate reports when there is a space in the database name.
• The country name Macau SAR has been updated to Macao SAR as listed in Active Directory.
• Technicians and workflow requesters were facing difficulty in searching and navigating to choose user creation templates when there are multiple templates available during the user creation process.
• The page range selection was not working as expected under the creation and modification template pages.
• Minor issues while creating Microsoft 365 shared mailbox and modifying Microsoft 365 mail-enabled security and distribution groups.

7220 (November 18, 2023)

Features:

• GPO management and reporting: The following new features have been added under GPO management and reporting,
  • View the GPOs linked to OUs that do not have any security principals and perform management actions to disable or remove those GPO links using the GPOs Linked To Empty OUs report.
  • Ability to reorder the GPOs linked to a particular OU, domain, or site using the GPO Links Priority task.
  • View the GPO preference settings like Environment, Files, Folders, Ini Files for user and computer configurations using the GPO Settings report.
  • Select specific security principals to which the GPO application should be denied using the Manage GPOs task.

Enhancements:

• Support to automate Microsoft 365 tasks like Microsoft 365 Mailbox Conversion, Add Users to Microsoft 365 groups, Microsoft 365 Mailbox Delegation, Modify Microsoft 365 Mailbox Permission, Mailbox Auto Reply, and more.
• The automation history popup now displays the input data fetched from the external HCM application and the execution status, with an option to export this data as a report.
• ADManager Plus can be now be integrated with any application that responds to nested API calls.
• You can now group the creation and modification templates. This functionality is helpful in delegating HDTs to perform management actions using a specific group of templates.
• You can now create shared mailboxes in bulk using the CSV and template options.
• The reset password API now supports random password generation.
• The search group API will now display group type and manager data in response.
• The webhook template now supports x-www-form-urlencoded message type.
• It is now possible to migrate the existing bundled or external PostgreSQL database to a different external PostgreSQL databases (AWS and Azure).
• An editable drop-down has been added for the City and State fields in user creation, user modification, contact creation and contact modification templates.

Issues fixed:

• Issue in sharing automation to other technicians due to the access denial alert.
• Issue in adding or removing a user from a unified group using modification template.
• The issue of DC Replication Status report displaying all DCs in the forest instead of the ones from the selected domain.
• Upgradation of product with high availability enabled taking longer than expected.
• The process of upgrading the product with high availability enabled is taking longer than expected.
• The exported report attached to the notification email after performing bulk user modification using CSV not including all the attributes.
• The requesters who were added before upgrading to versions above 7200, were not able to select templates while requesting a creation or modification task.
• The Add to Group task when performed across domains, running indefinitely under delayed tasks.
• The manager data not displayed properly in the notification mail triggered from event-driven automation tasks.

7212 (October 30, 2023)

Fixes:

The following issues have been fixed in this release:

• Product crashing when the GPO synchronisation activity is initiated in the backend.
• Issue in creating help desk roles if the role name has special characters in it.
• Single user creation in AD, along with simultaneous provisioning in Microsoft 365, running indefinitely under delayed tasks.
• Inability to create a single shared mailbox in Microsoft 365.

7211 (October 10, 2023)

What's new:

• Public key certificate used during service pack upgrade is up-to-date.

Issues fixed:

• Issues in applying the recent service packs to upgrade from build 7203 to the later builds.

7210 (September 29, 2023)

Features:

• Identity risk assessment: ADManager Plus' Identity Risk Assessment feature helps organizations in detecting potential identity risk indicators in your AD environment. This tool provides a risk score based on NIST SP 800-30 guidelines, and identifies potential vulnerabilities and threats to the system, as well as providing strategies for remediation to help secure the system.
• Access certification: Review and validate entitlements by creating automated access review campaigns. This helps your organization prevent privilege creep, improve security posture, and adhere to compliance regulations by regularly reviewing user entitlements.
• Contact and GPO migration: You can now perform inter-forest and intra-forest Contacts and GPOs migration.
• Improved user and group migration: Flexibility to move users and groups, along with their SID history and membership across forests with additional migration settings.

Enhancements:

• GPO reports: The following enhancements have been made to the GPO reports,
  • GPOs with specific settings report now supports searching of major security settings in all or selected GPOs.
  • Security Filter and WMI Filter columns added to GPO reports: All GPOs & Linked AD Objects, Recently Created GPOs, Recently Modified GPOs, Disabled GPOs, Computer Settings, and User Settings Disabled GPOs.
• Schedule reports: Standard Scheduler and Advanced Scheduler functionalities are now available together under Schedule Reports page.
• Custom reports: New enhancements added for custom reports as mentioned below,
  • New built-in custom report added to retrieve Shared Mailbox Users.
  • Refine Results option to filter the data being fetched from the database.
  • Filter from Report option to use the filter settings configured in the chosen report.
  • Export custom reports to CSVDE format.
  • New filter conditions for attributes like Simple Display Name, Street Address and Direct Reports.
  • New columns Smart Card, User Account Control, User Account Control Flag added to the result.
• Orchestration: The following new enhancements have been made to the Orchestration feature:
  • You can now add conditions based on Object Name and Template Name while creating new orchestration profiles.
  • New blocks like Modify users by CSV/Template, Move TS Home folders, Set Mailbox Rights, Move/Delete Profile, and more added for creating new orchestration templates.
  • OAuth authorization support added for webhook.
  • Macro support for custom attributes added to parameter configuration in webhook.
• Security response headers: You can now add default security headers while configuring HTTPS settings to protect the product from various vulnerabilities.
• Two-factor authentication: The below enhancements are added to the 2FA configuration under Logon Settings,
  • RSA authenticator: ADManager Plus now supports REST API-based integration with RSA Secure ID, besides SDK-based integration. It is recommended to use REST API-based integration as RSA Security LLC has deprecated SDK-based integration.
  • Duo Security: ADManager Plus now supports Duo Web SDK v4 with universal prompt which provides a simplified and accessible Duo login experience.
• Integration with ManageEngine EventLog Analyzer: You can now integrate ADManager Plus with ManageEngine EventLog Analyzer for log forwarding.
• Backup: The backup add-on now comes with the following enhancements,
  • It is now possible to store Active Directory and Azure Active Directory backups in archives, to ensure prolonged data retention.
  • Azure AD Policies and Administrative Units can now be backed up and restored.
• AD Explorer: New enhancements added to AD Explorer as mentioned below,
  • The top panel now includes the following tabs,
    • Entitlements: Lists the group membership and folder permission details of users and groups. A section named M365 Entitlements will be available if the AD user also has an Azure AD account which shows the list of M365 groups the user is a member of, along with assigned licenses, roles, and mailbox permissions.
    • Objects: When a container or OU is clicked, it displays the list of users, groups, contacts, and other containers within it.
    • History: Displays the list of modifications made to the chosen object using ADManager Plus. It also maintains a record of access updates made during access certification campaigns.
  • A refresh button next to the domain name to sync current data instantaneously.
• Search AD objects: The following enhancements have been added to the this functionality,
  • Revamped search console with new customizations and advanced search options.
  • Search Settings option added to configure the search criteria. Admins can customize and freeze the search criteria for users by using the Set Globally checkbox.
  • New management actions like reset user password, add or remove group members and delete contact have been added.
• Support to group filter conditions by specific criteria has been added for all reports including Custom Reports, Schedule Reports and also, Search AD Objects.
• The M365 tenant configuration is moved under Domain Settings. It is no longer available under Admin tab.
• New match criteria Between (for any condition specifying date) and Not Like can be used while adding conditions.
• Prevent Duplication option now checks for duplicates across forests and Azure AD tenants.
• You can now fetch M365 guest users and their manager details while configuring automation using M365 reports as input. This can be used to automate guest users clean-up and get approval from respective managers before blocking or deleting them.
• Exclude Nested MemberOf option added to Groups for Users report to avoid displaying nested group memberships.
• You can now modify the manager of computer through workflow or automation using Modify Managed By Of Computers management action.
• Support for Inactive Azure AD Users report added to Automation.

Issues Fixed:

• Issue in creating users using naming format for Logon Name under user creation templates.
• Issue in duplicate User Principal Names (UPN) leading to intermittent SSO login issues for the technicians.
• Issue in executing few bulk management actions because the page continues to load indefinitely after importing a CSV file and clicking the apply button.
• Issue in re-enabling built-in technicians after they are forced out due to revoked roles.
• Issue in viewing the Account expires value when the attribute is dragged and dropped under General tab of any management template and the value is set to Select.
• Issue in contacting DCs to fetch information while running multiple DC reports.
• Issue in updating sAMAccountName of HDTs under Delegation when they are modified in AD preventing HDTs from logging in.
• Issue in using Prioritize Rules functionality under User Creation Templates due to Prioritize Rules pop-up not getting displayed properly.
• Issue in migrating ADManager Plus' database from the bundled PostgreSQL to an external PostgreSQL.

Other Changes:

• The default timeStamp for the Account Expiry attribute has been changed to 11:59:59 PM instead of 12:00:00 AM when the End of option is selected.
• The Random Password Policy, which previously had a limit of 32 characters, has now been extended to allow passwords up to 256 characters in length.

7203 (July 30, 2023)

Enhancements:

• All non-English language builds (Chinese, Japanese, German, French, Italian, Dutch, Turkish, and Spanish) have now been updated with all the latest features.

Fixes:

• Issue in applying a naming format for user principal name (UPN), when a User Creation Template configured with Creation Rules and Custom Attributes is applied.
• The security vulnerabilities CVE-2023-39912 reported by Son Nguyen from VNG Security and CVE-2023-41904 reported by the vector research team have been fixed.

7202 (July 01, 2023)

Fixes:

The following issues have been fixed in this release.

• A security vulnerability reported by dalt4sec.
• Issue in modifying the manager attribute by technicians with custom help desk roles.
• Unparseable date exception in non-English builds when setting account expiry date to End of in Single User Modification.
• A security vulnerability (CVE-2023-38332) reported by dalt4sec.

7201 (June 20, 2023)

Fixes:

The following issues have been fixed in this release:

• Two security vulnerabilities reported by dalt4sec, including CVE-2023-35785, have been fixed in the release.

7200 (June 13, 2023)

Important update:

• From 7200, updating ADManager Plus using the service pack has been restricted if your ADManager Plus instance is using PostgreSQL version older than 10. You will be forced to update PostgreSQL to 10.18 or migrate to MS SQL during installation.
• You will be shown a warning message while installing the 32-bit version of ADManager Plus. It is advised to install or migrate to 64-bit architecture for better performance.

Features:

1. Management:
   • While configuring Creation Rules in User Creation Templates you can:
     • Import and export them to CSV
     • Reorder based on priority
     • Preview before importing
     • Preview while copying them from an existing template
   • You can now remove or enable mailbox accounts for users or groups using Single User Modification task and Single Group Modification task respectively.
   • You can now edit the GPO Preference settings like Environment, Files, Folders, Ini Files values for user and computer configurations directly using GPO Management task.
   • You can now perform Force GPO Update operation on domain computers instantly.
2. Reports:
   • You can view the GPOs that are directly linked or inherited in the Direct and Inherited GPO Links report.
   • You can see the list of users and groups that have access to the selected GPOs in the GPO Delegation report.
   • The GPO Modeling report simulates the possible Administrative Template settings that will be applied on the selected user and/or computer.
   • Scheduled reports can be directly shared with users or groups that are added as help desk technicians.
   • You can now schedule Google Workspace Reports.
   • View the Employee ID of the Google Workspace user accounts in the Google Workspace Users report by adding the column in the result.
   • You can now see the Local Administrator Password Solution (LAPS) password and LAPS expiry time in AD Explorer and Workstation Computers report with adequate permissions.
3. Delegation:
   • Anomaly detection: ADManager Plus now uses machine learning to establish a baseline for help desk technicians' and admins' activities, and detect anomalies by flagging activities that deviate from the baseline.
4. Workflow:
   • Service Level Agreements (SLA): SLA in Workflow help users to take appropriate actions on pending and time-sensitive requests in the most efficient manner.
     • In order to escalate a SLA violation to multiple levels, you can define a set of conditions based on the delay in response.
     • At each level of the escalation, actions like changing workflow priority, sending notifications in required frequencies, re-assigning requests to selected technicians and changing the status of the request can be performed.
     • You can set priorities among the SLAs for any conflicting SLA conditions.
   • Any AD user can now be added as a Workflow Reviewer even if they are not a help desk technician.
   • Workflow now supports assigning Approver and Executor roles to Help Desk Technician groups. You can also assign Reviewer role to AD groups.
   • You can now add groups while setting Rule Criteria to the Workflow Requesters attribute under Assigning Rules.
   • %ManagerOfRequester% macro support added for reviewer and approver under Assigning Rules.
5. Automation:
   • Automation can be directly shared to users or groups who are added as help desk technicians.
6. Google Workspace:
   • You can now link multiple Google Workspace accounts to the same domain.
   • Sync AD users with their Google Workspace accounts created with the same email ID by refreshing the Google Workspace account in the Admin tab.
   • Instantly create independent Google Workspace accounts without the requirement of pre-existing AD user accounts.
   • You can now add Employee ID for the Google Workspace user accounts.
7. Admin:
   • You can now directly add help desk technician groups to Technician Name while configuring profile criteria under Notification Profile.
8. Backup add-on:
   • Azure Active Directory backup and recovery: Backup and restore your Azure AD environment in addition to the existing AD and Google Workspace backup and recovery feature. Support to backup Azure AD objects including users, groups, devices, applications, directory roles and domains is added.
9. Load balancing: ADManager Plus now supports load balancing, which distributes the workload across multiple servers simultaneously. This helps improve performance, eliminate downtime, and provide a better experience for users accessing the product.

Enhancements:

1. Management:
   • New fields added in the Creation Rules of User Creation and Modification Templates to add or remove Microsoft 365 licenses, Microsoft 365 group memberships, MS Teams and channels, mailbox server and mailbox store, Google Workspace groups, and more.
   • You can now specify time along with date to the Account Expiry attributes.
   • You can now copy rules while configuring Creation Rules.
   • Computer creation templates now support Creation Rules.
   • You can perform the following operations while configuring templates,
     • Use the Immediate Duplication Check option to instantaneously check duplicates values for the fields which support duplication check.
     • Prevent Duplication support added for Alias field in contact creation.
     • Provide access to users or groups to add the computer to a domain.
   • ADManager Plus now provides cross domain manager support, with which you can choose a manager from any domain while creating or modifying users.
   • Performance enhanced for Add to Group and Remove from Group tasks carried out under Management, Workflow or Automation tabs.
2. Reports:
   • NTFS Reports:
     • Option to view all the permissions of a specific folder cumulatively within the results of Shares in the Servers, Folders Accessible by Accounts and Non-Inheritable Folders reports.
     • You can now use Refine Results option to filter NTFS permissions in Shares in the Servers and Folder accessible by Accounts reports as per requirement.
     • You can now run the Folders Accessible by Accounts and Non-Inheritable Folders reports for multiple folders simultaneously.
     • CSV import support has been added for the Accounts field in Folders Accessible by Accounts report.
     • Elasticsearch support enabled for NTFS Reports module.
   • You can now use the tree view option in Detailed Group Members report to view the list of direct and nested group members exclusively. It also provides the following features:
     • Prevents the redundant display of circular groups (a group nested inside its own group).
     • Provides the Hide Duplicate Objects option to avoid showing nested group members that are already shown at the parent level.
     • Provides the List View option to view details about individual members and their nested group memberships.
   • You can view the GPO owner details in GPO reports by adding the Owner column in the result.
3. Delegation:
   • You can now specify Authtoken Name (required name), Scope (type of action to be performed like create, delete or modify) and Expiration Time (time until which the authtoken can be used) while generating authtokens.
   • A new column History has been added under Technician Authtokens tab that provides authtoken's usage history.
   • Details of the used authtokens is added in the Help Desk Audit Reports.
4. Automation:
   • The automation process for the Mailbox Auto Reply task now supports macros for Microsoft 365 attributes.
5. REST APIs:
   • REST APIs added for the below actions:
     • In User Management, move user from one OU to another.
     • In OU Management, search OU and delete OU.
     • In Computer Management, search, enable, disable, delete, add or remove from groups and move from one OU to another.
     • To remove authtokens of help desk technicians.

Issues Fixed:

• Issue in generating Technician Logon Report for inactive technicians.
• Issue in extracting memberOf attribute value (if specified) while using search user REST API.
• Issue in displaying the GPO delegation details for certain users.
• Issue in generating the Real Last Logon report as the User Logon Count column displays zero for certain users.
• Issue in autoscrolling while using Enable Drag-n-Drop option in templates.
• Security vulnerabilities reported by dalt4sec and Trend Micro, have been fixed.
• A security vulnerability (CVE- 2023-38743) reported by an anonymous user in Trend Micro's Zero Day Initiative has been fixed.
• Issue in displaying reports due to inconsistent data in few columns caused by database dumping.

7188 (June 07, 2023)

Fixes:

The following issues have been fixed in this release:

• A security vulnerability reported by dalt4sec, has been fixed in this release.

7186 (April 15, 2023)

Fixes:

The following issues have been fixed in this release:

• An issue which displayed No data available error message while generating or exporting the Group Members scheduled report.
• Inability to add file servers in group-based delegation and issues in delegating Microsoft 365 tasks.

7185 (March 28, 2023)

Enhancements:

• Custom HCM integration :
  • You can now provision users who were previously skipped when the automation process is run for any HCM application with Sync Type as Incremental.
  • For OAuth, you can now use client credentials as the Grant Type in Authorization.
  • You can now customize the Repeat Calling this Endpoint configuration by replacing the field values with EndpointURL or any Header to get consecutive page responses.
  • OAuth authorization now supports uploading client certificate.
  • Added SOAP API support in addition to REST API. It supports both XML and JSON responses too.

Issues fixed:

• Issue in displaying replication errors in the domain settings.
• Issue in sending scheduled reports via email in UTF-8 format with BOM (Byte Order Marketing).
• Issue while using Copy User Attribute to append memberof attribute values in user creation template.
• Issue in loading the page while configuring Server Settings, when Retain database backup files option is empty in the Retention Settings tab.
• Issue with rules not getting populated automatically in the user creation and modification template when the template is set as default.
• Issue in the Custom Report result if both Last Logon Time Stamp and Last Logon Time filters are selected.

7184 (March 18, 2023)

Fixes

The following issues have been fixed in this release:

• An issue which prevented technicians from logging into the product in certain scenarios.

7183 (March 15, 2023)

Important update:

• End of support for PostgresSQL 9.2.x: ADManager Plus will soon end support for PostgreSQL version 9.2. Please upgrade to the latest PostgreSQL version or migrate to Microsoft SQL to continue using ADManager Plus.

Features:

• Enable remote mailbox: Option to enable and modify remote mailbox for users in bulk.
• Auto-install hotfixes: Option to automatically download and install ADManager Plus' hotfix updates.

Enhancements:

• Reports:
  • You can now schedule and store reports without creating sub-folders.
  • Exported custom reports will now display users' photos whenever the User Photo column has been added.
  • Flexibility to export reports with desired objects.
• Members of a delegated group can now change the default template assigned to a group in group-based delegation.
• Option to filter users who are not members of any group in the Users Not in Groups report in Automation.
• You can now check if your ADManager Plus installation location is secure or not in Security Hardening settings.
• You can now view who created a template in the product.
• Pop-ups that display Microsoft 365 data in Management, Workflow, Automation, and other modules now use REST APIs to relay information.
• In a high availability-enabled environment, applying service packs in the primary server would automatically update your ADManager Plus instance in the secondary server.
• API keys in UltiPro and BambooHR integrations are now masked in the UI.
• Performance enhancements for optimized AD synchronization.
• Third-party JavaScript libraries have been upgraded to these versions:
  • jQuery UI 1.13.2
  • Bootstrap 3.4.1
  • Moment 2.29.1
  • JSoup 1.11.3
  • ojdbc8-19.15.0.0.1

Issues fixed:

• Issue in displaying the members of groups whose member count exceeds 1000 in the Advanced Filter option of Real Last Logon reports.
• Issue of data mismatch in Mailbox Enabled Users reports' results.
• Inability to configure the retention policies of Microsoft 365 users when special characters were specified in a retention policy's name.
• Issue of help desk technicians not being able to unlock users via the reset password console, when the 'Deny Bulk Modification' option was also enabled in the role delegated to them.
• Issue of service pack application failure when large volumes of temporary tables were retained during backups.
• Issue in sending notifications via SMS using the POST method.
• Issue with the macros specified in webhook templates.
• Issue of technicians not being able to delete non-delegated and unused templates.
• A security vulnerability reported by metin has been fixed.
• A security vulnerability (CVE-2023-35786) reported by metin has been fixed.

7182 (January 24, 2023)

The following issues have been fixed in this release:

• High memory utilization issue across environments having M365 configurations with a huge volume of objects.

7181 (January 16, 2023)

Fixes:

The following issues have been fixed in this release:

• An issue which prevented users from opening the password-protected reports has been fixed.

7180 (December 31, 2022)

Features:

• Group Migration: Flexibility to move groups, along with their SID history and membership across domains in a forest with and without using the Active Directory Migration Tool (ADMT).

Enhancements:

• REST APIs:
  • You can now create, delete, move, search and list the members of a group using REST APIs.
  • Ability to locate users by specifying LDAP attributes like sAMAccountName, employeeID, and more while modifying a user's attributes using REST API.
• You can now secure access to your mail server using OAuth, besides basic authentication.
• Flexibility to create and use naming formats in the Data Source - LDAP Attribute Mapping section while integrating with a custom HCM solution.
• Option to skip 2FA for help desk technicians.
• Customize columns while configuring the member, memberOf and manager attributes of objects during provisioning.
• Duration can now be specified as N days while creating workflow requests to add users to groups, enable users, etc.
• The sAMAccountName of group members will now be displayed when the members view filter is applied to the All Groups report's result.
• Any leading and trailing spaces specified in search options will now be automatically removed.

Fixes:

The following issues have been fixed in this release:

• Automations were not closed or cancelled when the product was stopped or restarted during execution.
• The Service is currently unavailable error message was displayed while modifying groups using CSV, whenever a non-existing AD group was specified in the CSV file.
• Issue in adding cross-forest members to groups.
• Help desk technicians were unable to view NTFS shares after upgrading to build 7163 and above.
• Error in sending workflow notifications via SMS as there was an issue in fetching the value of %UserMobileNumber% and other related macros.

7171 (December 06, 2022)

Fixes:

The following issues have been fixed in this release:

• Office 365 F3 was displayed as Office 365 F1 in the product.
• Help desk technicians were not able to reset passwords via the reset password console, when the 'Deny Bulk Modification' option was enabled in the role delegated to them.

7170 (November 29, 2022)

Features:

• Dynamic distribution groups report: Obtain a list of the dynamic distribution groups in your Active Directory environment using this report.

Enhancements:

• Scheduled reports:
  • Ability to schedule and generate reports on your Active Directory objects using CSV files at a desired time and date.
  • Logon Hour-Based Reports can now be automatically generated at defined intervals.
• Bulk user creation automations using data from HCM integrations can now be executed successfully even when there's an issue in validating a user's Manager or memberOf attribute in AD.
• Flexibility to import and use custom attributes configured in your AD schema.
• The Server Settings UI has been revamped for effectively managing the retention settings of scheduled reports, audit archive reports, and more from a single place.
• ADManager Plus' Logon Settings has been moved to the Delegation tab for easy access.
• The following reports have been added to ADManager Plus' dashboard for better visibility:
  • OS-Based report
  • Locked-out Users report
  • Custom reports

Fixes:

The following issues have been fixed in this release:

• Issue in searching for an AD object using the AD Search option, whenever there is a leading or trailing space in an entry.
• Issue in locating an AD object using the search option in AD Explorer.
• Help desk technicians were unable to view user accounts and groups while delegating GPO permissions, when more than 1000 OUs were delegated to them.
• Help desk technicians were unable to view the users in an OU delegated to them via group-based delegation, while delegating GPO permissions.
• Issue in adding Microsoft 365 users to channels in Microsoft Teams while creating a Microsoft 365 account for an existing AD user.
• Unable to send notifications to user's manager using macros when a user creation or modification task is executed via automation.
• Workflow requests were not automatically closed when a cross-domain management task was successfully executed as a delayed task.
• Error in fetching the active user account from UltiPro when there is an inactive user account for the given employee ID.

7163 (November 07, 2022)

• Notification Profile/Notification Templates:
  • You can now use custom macros in notification messages.
  • Option to send reports as part of the email content in notification templates.
  • Flexibility to customize columns in User Creation notification attachments.
  • Options to configure user and group-based profile criteria.
  • Notifications can now be triggered for the Enable User, Disable User and Reset Password actions.
• You can now manage Distributed File Storage (DFS) Namespaces and their permissions in File Server Management.
• New actions such as Set folder permission, Remove folder permission and Bulk modify folder permissions using CSV have been added to the automation module.
• You can now assign Microsoft 365 licenses via automation and workflow.
• Flexibility to specify filter, select and domainList as parameters in Search user API request.
• Workday attributes such as Job_Profile_Id, Job_Profile_Name and On_Leave, Location_Id can now be mapped to LDAP attributes in ADManager Plus-Workday integration.

Fixes:

• Issue in assigning Microsoft 365 licenses while creating users via user creation templates, when none of its service plans are selected.
• Unable to delete users using the delete icon in Inactive Users report.
• Error in creating shared mailboxes in Microsoft 365 when the Exchange mailbox and remote mailbox attributes were not configured during shared mailbox creation.
• Unable to map LDAP attributes to user records in Oracle database.
• Issue in adding cross-domain members using the Add to Group task in automation.
• Synchronization issue in updating the changes made to the Manager attribute value specified in templates.

7162 (October 28, 2022)

What's new:

• In ADManager Plus builds 7162 and above, NTLMv2 SSO can only be enabled after downloading and adding the Jespa JAR file to the product's lib folder. Click here to learn more.

7161 (October 10, 2022)

Fixes:

• Issue in displaying license pop-up window in the latest build when updated from builds 7102 and older has been fixed.
• Issue in displaying the search feature in the management tab of the Spanish localized version has been fixed.
• An authenticated RCE vulnerability, reported by George Koumettou, has been fixed.

7160 (September 26, 2022)

Features:

• Orchestration: Option to automate a series of tasks in succession at defined time intervals whenever a user or group management task is carried out in the product.
  • Orchestration Profile: Create a management profile and specify the conditions under which an orchestration has to be executed.
  • Templates: Build orchestration templates from scratch and use them to automate tasks.
  • Webhook templates: Create webhook templates and pre-fill them with REST API endpoints, messages, etc. and use them while configuring an orchestration template. You can also predefine webhook fields that hardly change and those that hold crucial data with environmental variables while creating a webhook template.
• Integration with Power BI and Rapid7: Integrate ADManager Plus with Power BI and Rapid7 servers, and forward logs seamlessly.
• Google Workspace backup and recovery: Protect user drives, mailboxes, contacts, journals, notes, posts, tasks and calendar items from accidental deletions, insider threats, and ransomware by backing them up.
• DC Replication Status Report: Report on the replication status of domain controllers and trigger replication instantly using this report.
• Lingering objects Report: Fetch the lingering objects in your AD and delete them on the go.
• BitLocker Disabled Computers Report: Obtain a list of the computers that are not encrypted with BitLocker using this report.

Enhancement:

• You can now assign well-known security principals as security filters to a GPO.
• Custom Reports:
  • Flexibility to copy a custom report.
  • You can now perform management actions from custom reports.
• Reports on all computers, recently created computers and BitLocker enabled computers and custom reports now display BitLocker status and recovery passwords.
• You can now list shared mailboxes and delegate access to them using REST APIs.

Fixes:

The following issues have been fixed in this release:

• Error in authenticating MS SQL server using Windows Authentication while configuring the server for automated AD user management.
• Microsoft 365 licenses were not displayed in the product due to Microsoft Graph API issue.
• When the first N characters option was configured in a naming format, the last N characters were displayed; no name was displayed when the number specified was greater than the length of the name provided.
• Issue in creating requestor roles with just Modify User Attribute enabled for the Choose Template option.
• Issue in deleting the Organization attribute of users in bulk, when more than 125 users were selected.
• Error in fetching a report on inactive computers with the Password Last Set Time filter, via automation.
• The temporary tables created while generating reports were retained in the database, even after displaying the reports' results.

7151 (August 01, 2022)

Enhancement:

• ADManager Plus can now be integrated with Jira Service Management Data Center, in addition to Jira Service Management Server.

Fixes:

The following issues have been fixed in this release:

• Issue in updating to the latest build, when large volumes of data are stored in the tables in Management and Workflow modules.
• Issue in removing redundant entries in the database caused by Microsoft 365 module changes while updating to the latest build.
• Issue in updating to the latest build when non-english languages are configured in the machine where ADManager Plus is installed.

7150 (July 20, 2022)

Features:

• GPO management and reporting: Five new reports have been added for enhanced GPO management and reporting. They are:
  • Resultant Set of Policy Report
  • Linked GPOs Report
  • Empty GPOs Report
  • GPOs with Inactive Policy Settings
  • Comparison of GPOs
• You can now modify the custom attributes of computer objects.
• It is now possible to recover the deleted AD groups.
• Schedule and automate database backups in the product.
• Option to view disk space information of the server where ADManager Plus is installed.

Enhancements:

• Management: Option to enable/disable computers from Single Computer Modification
• Custom HCM authorization: OAuth2.0, Bearer, Basic Authentication and API Key have been added to authorize API requests.
• Help desk delegation: Customize columns while selecting technicians in the delegation tab.
• Workflow:
  • Flexibility to add comments in workflow requests.
  • Create workflow requests to add users to Microsoft 365 groups, enable and delete Lync accounts of users, enable litigation hold, and more.
• AD search: Option to apply filters and customize columns while searching for users, groups, computers and contacts.
• Naming formats:
  • While configuring naming formats, it is now possible to preview the output format.
  • You can now choose words, initialize capitals, use Nth character, random numbers, and more in naming formats.
  • Option to automatically increase the numbers in the specified alphanumeric name to avoid duplication of attributes like logon name, mail, etc.
• Automation:
  • Additional options have been added to the reset password action in user automation.
  • Flexibility to copy the configurations of an existing automation policy.
  • While configuring successive tasks in automation policy, it is now possible to set time in minutes.
• A larger number of Microsoft 365 reports now use Microsoft Graph API in place of Azure AD module for swift communication.
• Report on security policy settings like account policies, local policies, event log, restricted groups, system services, file system and registry settings using the GPO Settings report.
• Flexibility to sort domains alphabetically for easy identification.
• Option to use SMS verification as a two-factor authentication method.
• You can now configure the department attribute for computer objects.
• Flexibility to customize columns while modifying users, groups, computers, etc.
• Administrators can now disable concurrent logins for technicians, and also have the flexibility to sign technicians out of their active sessions.
• Two new filters, member and memberOf have been added to filter group-based reports' results.
• Option to create a remote shared mailbox using the shared mailbox creation template.
• Ability to delegate compliance reports to help desk technicians.
• You can now search and select OUs while creating AD objects.
• Member-based group reports have been optimized for enhanced performance.
• A Custom Script field has been added to the Shared Mailbox Modification Templates.
• You can now validate the Telephone Number and Mobile attributes with a format of your choice in templates.

Fixes:

The following issues have been fixed in this release:

• Technicians with ServiceDesk Plus configuration privilege were able to obtain authentication tokens of privileged accounts.
• Issue in creating workflow requests using REST APIs.
• Issue in generating reports on active computers and recently created users.
• The client secret key was missing while configuring a new Microsoft 365 tenant in the product.
• External senders were able to send messages to groups despite enabling the Requires that all senders are authenticated option for them.
• Technicians were unable to login to the product due to synchronization issues.
• Error in displaying user data while modifying users' photos using the Manage User Photos option.
• Issue in deleting objects from a bulk user modification request in workflow.
• While creating a new user, technicians other than those with administrator privileges, were unable to configure home folder permissions.