ServiceDesk Plus ReadMe

Behavior Changes :

• SD-49108 : Pending request count for a particular requester will be displayed under Actions >> View Requests by Requester, requester details section in request details page and near the requester field in the request add page.

Enhancements :

• SDF-83058 : Option to rename the default IT instance name.
• SDF-83784 : Option to delete a workstation/server or move to Disposed/Expired state, if the asset is not scanned for N days.
• SDF-83706 : Font sizes 8 - 16 added to the HTML editor.
• SDF-83417 : Global search now allows you to search configuration items by name, type, and site.
• SDF-83785 : Option to skip adding unknown assets by unchecking Add unknown Asset under Admin -> Scan Settings.

Issues Fixed :

Vulnerability

• SD-80684 : Weak SSL ciphers vulnerability.
• SD-77123 : CSRF vulnerability in non-login pages.
• SD-83942 & SD-83943 : Passive mixed content vulnerability.
• SD-83959 : CVE-2020-6843 : Reflected XSS vulnerability in the Reports module.
• SD-83133 : CSRF vulnerability occurs when actions are performed on solution topics under Solutions >> Manage Topics.
• SD-83941 : Information disclosure vulnerability in JIRA integration.

Home

• SD-83896 : Under Home >> Scheduler, scheduled problems are displayed for technicians even after the application is downgraded to the Standard edition.

Requests

• SD-83289 : Regardless of the option selected in the close wizard, the right panel displays Closed without Requester's acknowledgement when a request is closed.
• SD-83718 : Status update is not reflected in the Onhold status scheduler popup if RLC is configured for the request.
• SD-81126 : Unable to preview PDF attachments in Approval page.
• SD-78956 : If attachments in incoming emails (new requests and request conversations) are dropped due to size limit, the email sender will be notified.
• SD-83948 : Requester detail gets truncated instead of getting wrapped in the right pane of the request details page.

Assets

• SD-83780 : Zero installation software removed from scanned software in software list view.
• SD-83712 : An error is thrown when updating Windows Agent Configuration settings in non-windows OS
• SD-83225 : The correct application architecture (32 bit or 64 bit) is now displayed in the healthmeter under the community tab.
• SD-83782 : Error thrown while rendering Unknown OID list when sysDescription value is null.
• SD-83778 : While scanning the assets, Graphic card info is not fetched from Linux Machines
• SD-83777 : Unable to connect to SNMP devices using SNMPv3 credentials on MIB Browsers.
• SD-84174 : After a configuration item (CI) of the default OS-based CI type is deleted, CIs under other default OS-based CI types couldn't be edited.

CMDB

• SD-84188 : Under CMBD, you can now stop seeing the business view tutorial by clicking Skip.

Admin

• SD-83914 : Unable to save more than 250 characters under Email Address in the incoming mail server settings.
• SD-84173 : Under Admin >> Credentials Library, additional encryption protocols namely AES256 and AES192 are made available for SNMP V3 credentials.
• SD-84091 : Under Admin >> SNMP Configurations >> Configure product for unknown sysOID, users could duplicate models across different product types.
• SD-83781 : Under Admin >> SNMP Configurations >> Device Identification, you can now configure Model OID for SNMP devices.
• SD-84123 : Conditions containing resource questions/service category specific additional fields (applicable to service FAFR) or tasks (applicable to incident and service FAFR) are removed while converting a service/incident field and form rules into a global field and form rules.

Reports

• SD-83165 : In some query reports, columns couldn't be sorted in ascending or descending order.

General

• SD-83884 : Global search from the home page redirects to Solutions module in non-english setups.
• SD-84148 : The Chat icon is displayed for requesters even when Live Chat is disabled.
• SD-84023 : Mail fetching stops after processing an incoming email with an existing workstation's IP address in the header.

Enhancements :

• SDF-83398 : In reports, default reports of Computers with less/more than 256 MB RAM are replaced with Computers with less/more than 4 GB RAM.

Issues Fixed :

Vulnerability

• SD-83136 : CSRF vulnerability in base currency of Purchase Orders.

Requests

• SD-80481 : In some cases, error message thrown while viewing the print preview of Archived requests.
• SD-78523 & SD-78486 : Performance issue in Data Archiving and Auto-close.
• SD-83057 : Error occurs when choosing Request type as a criterion under custom filter.
• SD-83853 : Date filter in custom view is not as configured.
• SD-83328 : Error occurs if a resolution with more than 100 characters is submitted.
• SD-83389 : Request id is not mentioned in auto_close operation failure system log.

Changes

• SD-82529 : The print button is missing in the print preview page of change request.
• SD-79033 : When replying to change conversation, the To and CC fields are not populated automatically.

Assets

• SD-83352 : Performing an API call to modify any asset field also modifies the Total Memory Size and Virtual Memory of the asset.
• SD-78118 : When technicians edit details of an asset assigned to them, an incorrect notification mentioning that the technicians have returned the asset is sent out.

Purchase

• SD-82969 : Received quantity of a purchase request differs from the quantity in the purchase order when the license gets exhausted in-between the receiving process.
• SD-83397 : The value entered in Russian language in the Created by field of a purchase request is displayed as special characters in the approval notification.
• SD-83365 : In purchase orders, alert message on entering invalid price does not close until the page is refreshed.

Admin

• SD-75830 : Changes in list view of Business rules under default site are not reflected in the copy site.
• SD-83351 : Unable to add FAFR to change template when the ID is shared by a service template.
• SD-76552 : The Site field is not updated to the change template if the default location of site field is occupied by another field.
• SD-83242 : New organizational units imported from AD are hidden in ServiceDesk Plus if the Domain Controller's letter case had been changed during the import.
• SD-82776 & SD-83766 : Improved the French translation of a few admin configurations.
• SD-83250 : Task notifications are not sent if Exchange Web Services (EWS) is configured in outgoing mail server settings.
• SD-83088 : Under Admin >> Notification Rules >> Contracts, saving message ID in the notification table throws a null pointer exception.
• SD-83719 : Technicians imported from the Active Directory via scheduled import are auto-assigned with SDGuest role.
• SD-82710 : Editing the asset details of a user triggers an inappropriate email when the option Notify user when an asset is disassociated from the user is enabled under Admin >> Notification Rules.
• SD-82981 : Assets under custom product types are not getting synced in Analytics plus integration.
• SD-83063 : Exception occurs while updating a support group which is associated with a template and also when a support group is given a name which is greater than 50 characters.
• SD-83252 : Performance issue occurs while loading the tabs.
• SD-83415 : On enabling the option Alert group members by e-mail when leave is marked for a technician under Admin >> Notification Rules >> Request >> Technician Notifications, the notification is sent only to the first technician in the group with the recipient field having repetitions of the mail address.
• SD-83792 : Translation error: End Date text is displayed instead of To in Japanese language under Request Life cycle.
• SD-83288 : Unable to add more than 250 characters in the request closure comment field.

Reports

• SD-80107 : When we choose incident or service request filter in reports, the resolved time is displayed twice.

General

• SD-83082 : In certain cases, the backup fails due to connectivity issues.
• SD-83200 : Unable to run the changeDBserver command in console mode when the application is running in https mode.
• SD-83721 : Unable to start the server as a FailOver Service after applying the ESM license.

Behavior Changes

• SD-84068 : Under Admin >> Discovery, Audit Settings is now renamed as Schedule Scan.

Enhancements

• SDF-83306 : Going forward, the configurations required to send mobile push notifications will be customizable.
• SDF-80660 : The summary by column in custom reports will include decimal values.

Issues Fixed

Vulnerability :

• SD-83077 : CSRF vulnerability in change request deletion.
• SD-83074 : CSRF protection added while sending approval emails to technicians.
• SD-83076 : CSRF protection enabled for approval emails validation.

Home :

• SD-83292 : Unable to close tasks from the home page if the 'Closed' status has been renamed.
• SD-83186 : The self-service portal customization page displays the option to raise a service request in standard and professional editions.

Dashboard :

• SD-78988 : Under Dashboard >> Helpdesk, the legends in some widgets are misaligned.

Requests :

• SD-83279 : In technician login, history of deleted tasks is not captured in the request history when then task is deleted by a technician with permission to delete request task.
• SD-78284 : Total Time Taken of work logs is sometimes not the summation of individual work logs.
• SD-83227 : Auto-saved draft of a request reply displays the cursor in the beginning of the message.
• SD-83238 : Unable to search with resolution fields using Advanced Search in Request module.
• SD-83873 : Paste operation in the editor is executed twice when the content is copied from other tools like MS Office and MS Outlook.

Changes :

• SD-83369, SD-81394 : Scroll bars in change list view are not visible in chrome.

Projects :

• SD-82999 : In some scenarios, the tasks under a milestone are imported directly into the project or another milestone.

Solutions :

• SD-83392 : The application performance has been improved in the solution list view.

Assets :

• SD-83913 : Agent : SSL security certificate upgraded for agent-server communication.
• SD-78583 : Unable to import CSV files of assets with empty numerical fields.
• SD-80905 : In the professional edition, under Actions in purchase orders, the Associate Service Requests button is displayed even though the service catalog is not purchased.
• SD-82446 : Unable to resize the Available CIs column when adding relationship to an asset.
• SD-78541 : A dynamic asset group configured for the 'server' product type does not include servers of the 'workstation' product type.
• SD-82966 : Error occurs after copying a workstation and reopening the details page of the copied workstation.

Purchase :

• SD-81734 : In the purchase order list view, POs due in next 7 days and POs due in next 30 days filters include rejected, canceled, and closed purchase orders.

Contracts :

• SD-73561 : The print preview of contracts does not include Description and Support fields.

Admin :

• SD-83234 : When customizing the email template for comment notifications in Admin >> Notification Rules >> Tasks, including the Project/Milestone/Task owner's name displays the owner ID.
• SD-83387 : Upon upgrade, some technicians configured under Admin >> Users >> Technician Auto Assign >> Exclude following technicians are removed. The issue occurs only if more than 35 technicians have been excluded from the auto-assign configuration.
• SD-83130 : Unable to restart mail fetching when EWS is used.
• SD-82942 : Spam filter criteria that includes Description does not work.
• SD-82873 : LDAP authentication fails if 'CN' was mapped to any field during user import through LDAP protocol.
• SD-82561 : Request custom menu list view does not display more than 10 entries.
• SD-83383 : Unable to add additional fields in the Admin tab.
• SD-79005 : Preventive Maintenance tasks scheduled for the same time are not executed properly.
• SD-83410 : Unable to save custom trigger after selecting a notification template in Admin >> Custom trigger >> Email notification.

Reports :

• SD-80738 : Croatian characters are not displayed in reports.
• SD-76078 : While generating custom reports, the advanced filtering lists requesters in the technician's column.
• SD-82836 : Issues in replacing old schema to new schema in Query reports.
• SD-82943 : In IE, an inappropriate error message pops up when the Reports module is used.
• SD-82437 : Issues while generation reports due to the presence of single quotes in additional field names.

Community :

• SD-82849 : In the System Log Viewer, you can now view the details of a successful user import through LDAP.

General :

• SD-80408, SD-76175 : Unable to attach files having [] and {} in the file name.
• SD-80923 : HTTP to HTTPS redirection settings are not retained after the upgrade.
• SD-83038 : SAML single sign-on option is not supported for integrated live chat.
• SD-82150 : Dynamic notification count is not shown on the bell icon for non SDAdmin users.

Behavior Changes

• SD-33420 : Improved a few tooltips displayed under Helpdesk Dashboard >> Requests Closed in Last 20 Days and Requests Received in Last 20 days for better clarity.
• SD-83060 : Provision to add a new remote control is discontinued.

Enhancements

• SDF-80742 : Service catalog templates under a single service category will be expanded on clicking the service category in the list view and card view layout.
• SDF-83138 : When a new owner is added to a portal, the existing portal owner will be notified through email and broadcast. The Orgadmin can add any owner to any instance.

Issues Fixed

Vulnerability :

• SD-81637, SD-77407 : A DOS vulnerability is found in the attachments section.

SD-57988 : SLA applied to a service request is not automatically updated when the request is edited.

Dashboard :

• SD-80798 : Requesters are not able to access the hyperlinks of certain widgets in dashboards shared with them.
• SD-79497 : In Dashboards, the Requests by Technician widget lists technicians who are deleted or converted to users. This happens only when the corresponding request is in a custom completed status.

Requests :

• SD-81976 : Forwarding a technicians response on a request with $Description variable does not include the threaded content.
• SD-76882 : When creating a service request from the incident request details page, template names with certain special characters are displayed as an empty line.
• SD-80893 : Performance issues for requester login in Request list view filters.
• SD-67759 : Reopening a completed request sustains the technician who is deleted or converted into a requester.
• SD-77358 : Performing global search of requests without using the request ID displays inappropriate error message.
• SD-83062 : Incident additional field's vertical orientation configured in templates is not maintained while creating a request using the same template.
• SD-83189 : Help text are not displayed for a request's subject and description.
• SD-82998 : In request email notifications, inline images of the request resolution are broken. The issue occurs only if the notification is sent after a status change that called for the 'Close Window' pop-up.
• SD-82995 : Editing a request using global edit does not retain the previously added assets.
• SD-82409 : When an email fetched by EWS is converted into a request, the EML and MSG files in the email are not saved as request attachments but rather appended to the request description.
• SD-83709 : Changing the request status from Resolved to any pending status results in wrong Due by Time calculation.

Assets :

• SD-82992 : Web RDP is not shown under the remote control option in asset details page if the OS name does not contain the word Microsoft.

CMDB :

• SD-79892 : Disabled CIs are shown when we try to add a relationship for a CI under the CMDB tab.

Purchase :

• SD-73568 : Page crashes upon clicking Receive Items in Purchase Order.

Admin :

• SD-82712 : When the language is set to Japanese, importing category from CSV file displays an error.
• SD-81127 : Unable to associate the template with RLC when the template name length exceeds 100 characters.
• SD-76784 & SD-77881 : Whenever a non-OS based CI type like Application server or File server is scanned or its OS is modified manually the CI type of the device changes.
• SD-76601 : Unable to reorder surveys if more than 10 surveys are configured.

Reports :

• SD-74128 : Purchase order Created date is available as Ordered date in Reports.

General :

• SD-83010 : Unable to create new users through SAML login When the domain is not available in ServiceDesk Plus.
• SD-82793 : In some cases, an invalid certificate error is thrown when applying CA certified IdP certificate in the SAML configuration page.
• SD-78409 : The default response code for auto redirection from HTTP to HTTPs is changed.
• SD-83223 : The Apple push notification certificate is updated in this build.

Behavior Changes

• The Recent Items option now has a new icon.

Enhancements :

• SDF-78122 : Zia, Zoho's AI assistant for business, has been implemented in ServiceDesk Plus. Zia inspects each incoming request and applies her learning to understand and respond to the user's needs. Currently, Zia can perform approval actions by using users' responses to the approval email.

  Configure Zia under Admin >> Zia Configurations

  Learn more about Zia

• SDF-81210, SDF-78055, SDF-76301 : Chat Enhancements
  • You can now add hyperlinks to a chat.
  • You can now choose to include or exclude chat for sites, groups, and technicians under Admin >> Chat Settings.
  • Requesters can now close an unpicked chat which will be marked as a missed chat.
• SDF-82636 : HTML editor added under Reply template.
• SDF-79610 : Option to filter active/in-active/all templates.

  Admin >> Service Catalog

Issues Fixed :

Vulnerability :

• SD-80748 : Content spoofing vulnerability in error message pop-ups.

Requests :

• SD-82653 : Technicians are not listed in the editor field for users with requester login.
• SD-82827 : SDAdminusers are unable to close a service request in some scenarios.
• SD-82035 : Field and form rule set on form load is not applied for select approvers field when adding a request or editing a request using the global edit option.
• SD-71683 : Actionable buttons in the bottom of the work log section under the resolution of a request are given a floating design.
• SD-76089 : Technician with request "view permission" can see the Add New Request button in the request list view.
• SD-82996 : Editor focus is not set in Resolution tab in request details page.
• SD-83123 : Deleted technician profiles are listed in technician dropdown of request module.

Changes :

• SD-83218 : Typing the change description displays the characters in the reverse order.

Assets :

• SD-82661 : Creating a product type with square brackets in its name leads to security related error while accessing an asset of that product type via the asset list panel.
• SD-82510 : Unable to import asset data from CSV if the extension of the file contains uppercase letters.
• SD-82686 : When importing an asset from CSV, the asset loan details are not retained.
• SD-82830 : Values entered with line breaks in the asset/workstation multiline additional fields are displayed without the line breaks in the asset details page.
• SD-81660 : Unable to create a relationship between any two CIs using "Runs or Runs on" relationship type from XLS.

Admin :

• SD-82638 : Service catalogs are getting reordered while trying to reorder incident templates within a specific service category.
• SD-82637 : Reordering of service catalog templates is getting failed in some specific scenario.
• SD-82822 : Service Catalog templates cannot be opened in different tabs by right clicking on the template name.
• SD-78315 : In safari browser, on downloading the attachment from preview section the attachment file name is changed to 'true'.
• SD-79528 : i18n key value is displayed in Request Life Cycle's discard changes window.
• SD-70032 : In Admin >> Chat Settings, the drop-down list in Site, Group, and Technician fields closes after each entry.
• SD-83308 : Unable to save the configurations under Admin >> Problem/Change Management >> Change Closure Rules.
• SD-83212, SD-83305 : The Request notification rules are not getting saved.

Community :

• SD-81867 : Invalid link provided under Community >> Resources option.

General :

• SD-78866 : In request, problem, and change modules, hovering over the title after performing any action displays HTML tags along with the request details.
• SD-83080 : In some cases, data backup of application migrated from 10.5 to 11000-11005 fails to restore.
• SD-83137 : Due to partial deletion of resigned users data, some of the technicians profiles are migrated to 11000 as portal owners.
• SD-83148, SD-83125 : Mail fetching stopped when a new user tries to raise a request.
• SD-83262 : Due to usage of non-licensed SSO jar, only 25 technicians are permitted to log in.
• SD-83224 : Upgrade fails when a setup has any retried or expired license in an instance.

Behavior Changes

• Enabling SAML authentication will not disable Active Directory/LDAP authentication and vice versa.
• Enabling SSO under Active Directory authentication will disable SAML SSO and vice versa.
• SD-57988 : SLA applied to a service request is not automatically updated when the request is edited.

Enhancements :

• SDF-76315 : Request Details Page Customization

  Customize the Request Details layout by moving around the following :

  • Fields in the right panel
  • Resolution, Tasks, Worklogs, Approvals, Dependencies, Time Analysis, and History tabs
  • Description, Conversations, and Properties

  You can customize the Request Details layout from within any request details page.

• SDF-57988 : Multi SLA

  Include multiple Service Level Agreements (SLAs) for service templates.

• SDF-71102, SDF-71096 : Global FAFR

  Create Field And Form Rules common to all incident/service templates.

  To configure global field and form rules for incident templates, go to Admin >> Incident Management >> Field And Form Rules.

  For service request templates, go to Admin >> Service Catalog >> Field And Form Rules. Click here to know more

• SDF-39461, SDF-46108, SDF-60895 : Backup Approver

  Add a backup approver for users to ensure seamless processing of approval actions even during the approver's unavailability.

  Home>>Backup Approver

• SDF-70808 : Test Mail

  Test your mail server settings by sending and fetching a sample email.

• SDF-83181 : SSP Themes

  Customize the requester self-service portal by using the newly added themes.

• SDF-78285, SDF-77796 : Template Enhancements

  Option to copy and change an existing incident template as a service catalog.

  Option to inline edit the UDF options using the edit field pop-up under form customization.

• SDF-82631 : View Support Logs

  Technicians with SDOrgadmin role can now view logs under Support >> Troubleshoot >> View Logs. The logs will be displayed as a text file in a new tab.

Issues Fixed :

Vulnerability :

• SD-82765 : Prototype pollution vulnerability.

Requests :

• SD-82723 : When an excel table is pasted in the request description, it is pasted as an image instead of a table (only in Chrome).
• SD-81270 : In some scenarios, the mandatory field values (for Request closing rules) in completed requests cannot be removed.
• SD-82679 : Field and Form Rules with certain conditions are not applied.

Changes :

• SD-81388 : Search results in the Change list view reloads automatically to list all Changes.

Admin :

• SD-82354 : Under Admin >> Incident Managemet >> Chat Settings, choosing all the 100 sites from the drop-down list in Exclude chat for sites does not list the next available set of sites.
• SD-82714 : Clicking the back button after adding/editing a role and then clicking the Add New Role button opens a window with the previously entered data.
• SD-79198 : While adding a radio question in a survey, the order of options in the ranking list changes when the sort button is clicked but the ranking value does not change accordingly, resulting in incorrect survey report calculation.
• SD-78412 : Emojis are not encoded properly in survey radio questions.

General :

• SD-82071 : While configuring the database in build 10500 and above, the username is configured as the database name hence an error message is thrown.
• SD-82847 : Mail fetching is stopped when internet message headers are missing in an email.
• SD-82660 : Encoding issues when logging using single sign-on (SSO).
• SD-81174 : Unable to send announcements that contain URLs in some scenarios.
• SD-82937 : The Performed by column name in the System log viewer is updated with an incorrect name.

Behavior Changes

• The subject of email and SMS templates for business rules is now limited to 150 characters.
• SD-80706 : When the request status is moved from resolved to any completed state, due by time will not be re-calculated.
• SD-77362 : Global search for archived requests now includes Request ID and Default Search options.

Issues Fixed :

Requests :

• SD-78697 : Custom text formatting used in notifications for add/update request operations is not preserved when the notification is sent.
• SD-81261 : Recent Items is not updated when a request is opened from the left panel of another request details page.
• SD-80834 : Group notification sent when a technician picks up a request or assigns it to another technician does not capture the request assignment details.
• SD-71156, SD-72371 : If the logical operator 'OR' is used in advanced request search, it automatically switches to 'AND' in consecutive searches.
• SD-83131 : If you add notes to a request and then spot edit any field, the notes replace the description.
• SD-78701 : If you reply to a request while EWS is configured for the incoming mail server settings, the email address configured in the EWS gets auto-populated in the CC field.
• SD-81274 : Service requests in which the technician is mandated and assigned after approval are not closed upon rejection, as defined in the request closing rules.

Assets :

• SD-81379 : Technician with due permission is not able to exclude a workstation from a scan.
• SD-81387 : If several assets are disabled for scan, the system might encounter an Out Of Memory (OOM) error during a scheduled scan in some scenarios.
• SD-82445 : Clicking on the "Add New Network" button while attempting a new asset scan leads to an error.
• SD-82633 : Unable to push AE data to central server when the proxy is configured.
• SD-80661 : VMware machine's hard disk details are not fetched in workstation scan.
• SD-82641 : Issue occurs when two machines are scanned using an agent scan as the auth token generated is same for both the machines.
• SD-82721 : Linux machines are not scanned in some scenarios.
• SD-80898, SD-81992 : An inappropriate error message is displayed upon searching an asset in the global search.
• SD-82453 : After successful completion of the SCCM scan, the acknowledgement message is not displayed.

Admin :

• SD-81453 : Under Admin >> General Settings > Data Archiving >> Allow Exception, deleted criteria is restored.
• SD-82116, SD-82715 : Unable to update e-mail and SMS templates for Business Rules.

Issues Fixed

Vulnerability

• SD-82310 : Privilege escalation vulnerability occurs after Desktop Central is integrated with ServiceDesk Plus.

Requests :

• SD-74804 : Closed/resolved/on-hold requests are reopened on receiving bounced/auto-generated emails.
• SD-82349 : The solution suggest window is not properly aligned.
• SD-81360 : Unable to update the status of a request by using the RLC transitions in the details page if a dependency script is executed on form load.
• SD-80323 : If you edit any description or request resolution and save without any changes, an entry is created in history.
• SD-77469 : Improved the message displayed when a technician clicks a linked request that is beyond the technician's scope.
• SD-82223 : Notifications are not sent to the email addresses added under the E-mail ID(s) to Notify field of request forms if incoming mail server settings are not configured.
• SD-82477 : If there is any exception or negate action performed for an SLA Escalation action, then the schedule goes into a loop trying to process the same request again and again.

Changes :

• SD-67811 : Unable to add or "No response" error occurs while adding Risk, Reason for Change, Change Roles, Change Stage, and Change Workflow to a change.
• SD-73346 : Incorrect Email notification content is sent for notifying change owners and incident requesters on the addition of a new incident to a change.
• SD-75303 : Viewing the change calendar in the Week view and swapping the change list filters thrown a 'Null' alert.
• SD-75305 : In change conversations, if an attachment has special characters, it gets removed from the mail.
• SD-78934 : Unable to update a change template when the assigned technician profile is deleted.
• SD-78974 : A technician with view access restricted to a group cannot create changes outside the group.
• SD-80265 : The "Auto-approve change request when all CAB members recommend it" option stays checked when editing the workflow in Change Management.
• SD-80739 : A technician with complete access to change and associated to a particular site is not able to select a change approver for the associated site.

Projects :

• SD-82012 : When projects are imported from MS projects, the schedule start time is same for all the associated tasks.
• SD-82235 : When associating a change to a project, the All Changes filter lists only the open changes.

Tasks :

• SD-82401 : Task filters are shown in English even after choosing a non-English language as the default browser language.

Solutions :

• SD-80726 : Solution expiry schedule does not work after applying the ppm on any build over 10005 or below.
• SD-76330 : The Last updated on time in a solution is getting updated every time the solution is opened.
• SD-77567 : The APIs corresponding to Solution Module failed to work after the 10005 update.

Admin :

• SD-81316 : In scheduled LDAP import for two domains, the empty fields of a user in the second domain gets updated with the fields of the corresponding user in the first domain.
• SD-79749 : Spam filter select pop-up is not closing automatically after clicking the Save button.
• SD-82630 : In few cases users are unable to edit request templates.
• SD-81385 : The browser default language does not apply to the conditions and the actions in the field and form rules.
• SD-75840 : In the request life cycle pop-up window, the template association section contains an inapt title.
• SD-81411, SD-82180 : The Complete Json File is not accessible from Custom trigger Script when SDP is installed under Program Files.

General :

• SD-81994 : Unable to preview the PDF attachments if the file extension name is in the Uppercase.
• SD-82478, SD-81276 : Unable to go back to the search results after opening an entity's details page.
• SD-81488 : The size of the 'backupfilepath' column in the 'backupschedule' table has been increased to the maximum size defined in the database.
• SD-77617 : After the application data is restored through the command prompt, the command prompt does not close.
• SD-81709 : Unable to login via SAML when the application runs in the default http and https ports.
• SD-81232 : Non-English users logging in through the Internet Explorer face an error stating "Error while fetching domain".
• SD-80235 : Backup failure occurs when a file is saved as "blog" in the inline images folder.
• SD-78399 : The mail to link in the email notification does not invoke the default mail client page.
• SD-80048 : Wrong translation for the word Others in the Swedish language setup.
• SD-78548 : Error in email parsing when the XML response contains the characters '&' or '#'.
• SD-78048 : During integration with Desktop Central/Mobile Device Manager Plus, accessing the Mobile Device Manager tab displays inappropriate error message.

Behavior Change

• SD-79214: In Reports list view page, public query reports are listed for technicians without permission to create query reports.

Enhancement

• SD-77786: Help text provided for request fields will be displayed upon hovering over the field.

Issues Fixed

Requests

• SD-76409: In versions 10000 and later, the API response of Request details for Sites and Department properties is null if the database value is a hyphen (-).
• SD-80621: Dependency map was unavailable to technicians to whom dependent tickets were already shared.
• SD-80902: Navigation buttons in the Merge window do not display the relevant results during search.
• SD-81150: Custom trigger is not working if two python scripts are invoked in parallel.
• SD-82253: Privilege escalation vulnerability in notifications under request module.
• SD-75321: When creating a request via quick create, multiple requests are created on clicking the Save button multiple times.
• SD-70666: In service requests with pre-configured approvals, approval stage/s are not created if the organization roles added as approvers are not associated with any users.
• SD-74684: The approval notification configured to be sent upon a service request creation will now contain the system as the sender.

Solutions

• SD-82034: The Solution Add and Edit forms will support field resizing alike.

Admin

• SD-82746: Unable to add user when the email ID contains special characters.
• SD-80889: The field and form rule configured to remove options from the Group field does not work in requests and changes.
• SD-81282: In request templates, bulk addition of options is supported for all Multi Select and Pick List additional fields.
• SD-81190: Any custom SSP message in Japanese is garbled in the service catalog page.
• SD-81380: Service templates with a resource description exceeding 200 characters couldn't be saved. The character limit has been increased to 1500.
• SD-82348: Remote code execution (RCE) vulnerability during SCCM scan initiation (CVE-2019-19034) reported by Sahil Dhar (xen1thlabs).
• SD-82224: In Advance Analytics integration, Instance/Scheduled sync fails even after successful completion of initial sync.
• SD-82763 : Unable to add general instructions in service templates for technicians and requesters simultaneously.

Reports

• SD-70572: Newly generated report automatically scrolls to the bottom of the page.
• SD-71475: In non-English language setups, when a Report is generated with the date criteria, the date appears in the report having both the From and To in English.
• SD-79593: On generating reports, single quotes in the description fields across modules is replaced with its relevant ASCII code.
• SD-80136: Exporting a matrix or advanced matrix report into a PDF does not contain the page margins.
• SD-81104: Remote Code Execution(RCE) vulnerability in reports module.
• SD-81194: In some scenarios, multiple scheduled reports generated on the same time contain incorrect report titles.
• SD-81196: In some scenarios, unable to run reports with null in the query.

Issues Fixed

Request

• SD-81249, SD-80324 : Description of a request is not properly visible from the details page if fonts with different colors and formats are used in it.

Asset

• SD-76470 : In Asset Loan, changing the timezone results in mismatch of loan dates.
• SD-78392 : Zero (0) is not accepted as a value in the asset additional field pick list.
• SD-80736 : Inconsistency in the order of fields during CSV import of assets.
• SD-81610 : In Assets >> Barcodes >> Print barcodes, clicking the print button displays the page instead of the barcode preview. The issue occurs only in Firefox and Internet Explorer.
• SD-81932 : In Assets, the height of the Groups widget is inappropriate.
• SD-82002 : When we add assets by generating our own barcodes and then try scanning them, the generated barcodes get dissociated from these assets but continue to persist in the database as orphan values.

Purchase

• SD-80931 : In Purchase request notification, after approval action, the notification is sent to approvers & Created by mail IDs instead of notifying the purchase request's technician.
• SD-81123 : Able to modify the quantity ordered value lesser than the received quantity value in purchase orders.

Contract

• SD-80900 : Contract expiry notifications are sent even after disabling them.

Admin

• SD-82669: User Criteria configured under Admin >> Users do not work when the application is viewed in any non-English languages.

Others

• SD-80908: The text line is overlapped by the next highlighted text line in HTML editor across modules.
• SD-82551, SD-82459: Header is not visible , if the bundled administrator or guest login name is modified.
• SD-82681: After the upgrade, if there are any old unsent feedback submitted through Product OverView >> Feedback form, the license switches to Enterprise version.

Behavior Changes

In the following table, we have documented the behavior changes between the upgraded Version 11 and Versions 10.5 and earlier.

Feature	Version 10.5 and earlier	Version 11 (ESM)
Users
Naming Conventions	Requesters and Technicians	Users
User Additional Fields	Unlimited	Maximum limit: 250 across instances.
AD Import	Users with attributes mapped to a Pick List additional field are added dynamically.	Users with attributes mapped to a Pick List additional field will not be added, and the import will fail. For such cases, the possible values for the Pick List additional field must be already added before the AD import can happen.
Roles
SDSiteAdmin	Assign to any Technician, even when no sites are configured.	Role will be available ONLY when sites are configured. After migration, when no sites are configured, the All Modules role will perform all SDSiteAdmin tasks. When new sites are added, the SDSiteAdmin role will become available.
	View Technicians across all sites.	View all Users/Technicians associated with sites mapped to SDSiteAdmin.
	Convert any Technician to Requester.	Convert as Requesters only the Technicians associated with sites mapped to SDSiteAdmin.
	Associate departments across any site to a Requester.	Associate departments to Users in sites mapped to SDSiteAdmin.
	Unable to change Requesters to Technicians.	Change Users to Technicians.
Advanced Permissions>>Adding Requesters	Add fine-grained permissions.	Not available.
Technicians>>Adding Requester	Can add new requesters.	Not available.
CMDB
CI Types	Referred as People, Requester, and Technician.	Replaced with Users.
Child CI Types	Create Child CI types for Requesters and Technicians.	Create Child CI types for Users.
API
Change as Technician	Unable to change Requesters to Technicians.	Change Users to Technicians in bulk.
Operation	API V2	API V3
Requester/ User	http://localhost:8080/sdpapi/requester	http://localhost:8080/api/v3/users
Technicians	http://localhost:8080/sdpapi/technician	http://localhost:8080/api/v3/technicians
User CI (CMDB)	http://localhost:8080/api/cmdb/ci	http://localhost:8080/api/v3/users
Requester Servlet API	http://localhost:8080/servlets/RequesterServlet	http://localhost:8080/api/v3/users
Technician Servlet API	http://localhost:8080/servlets/TechnicianServlet	http://localhost:8080/api/v3/technicians
Reports
Flash Reports	Available	Not Available.
Custom Reports	Generate Technician-related reports.	Not Available.
Self Service Portal
Requesters are allowed to: Edit/View profile	The My Details tab available for the Requester.	Replaced as My Profile and available under the user icon.

• Admin configurations in ServiceDesk Plus 11 are reshuffled and grouped for better user experience.
• Using old table names will throw an execution error. Under ESM, table names have undergone extensive changes. Therefore, while generating reports, query using the newly created ESM tables.

New Features

• SDF-42635: ServiceDesk Plus now brings you Enterprise Service Management (ESM), which extends the best practices of IT service management (ITSM) to other business functions, such as Human Resources, Admin, Finance, and Facilities.
• SDF-35387, SDF-39629: The SDAdmin can now color-code requests in the list view page, based on Category, Group, Priority, and Status. To configure the color settings, go to the request list view page and click Color Palette.
• SDF-59809: Add Technicians as VIP User.

Enhancements

• SDF-76318: In the Request form, you can now search for requesters using these fields: Name, Email ID and Employee ID.
• SDF-59939: Multiple email ID support now available for Technicians also.
• SDF-81176: Allow Requesters to view or edit their Additional Fields. Configure under Self-Service Portal Settings.

Issues Fixed

• SD-74682: On deleting the administrator account, unable to save the changes made by the user with SDAdmin role in the dashboard, technician homepage, and self-service portal customization.
• SD-82114, SD-82231: Editing a request from the request details page displays checkbox field values as plain text.
• SD-53018: In the request details page, the requester details displayed on the right panel now include the 'Reporting To' user.
• SD-78475: Execution of FAFR defined for Requester field change is fixed.
• SD-77948: Global Config requester search functionality fix.
• SD-69847: The Search button in the Users list view page is auto-focused when the page is loaded.
• SD-82447: In some scenario, Default Request template is unnecessarily listed in the request catalog drop-down.
• SD-75776: Unable to add or update a technician associated with more than 300 sites.
• SD-82112: Unable to add attachments in some sections of the application for non-English personalizations.

Enterprise Service Management (ESM)

After upgrading to ServiceDesk Plus version 11, you can implement enterprise service management (ESM) in your organization.

ESM enables you to bring ITSM-like help desk service to other business functions in your organization. Each business function can have a dedicated service desk instance with templates, categories, and configurations specific to that function. For example, you can have a template to request for new hire orientation under HR and request for air conditioner service under Facilities.

Before you can create these service desk instances, you need to configure the ESM Directory, which will now be the central repository of all organizational data, including user information, service desk instances, and user association to these instances.

All users can log on to the ESM Portal to access service desks to submit specific issues. User permissions to instances are configured in the ESM Directory. You can configure the application with a single service desk instance or with multiple instances.

The following table lists module-wise differences between single instance and multiple instances under enterprise service management.

Feature	Single Instance	Multiple Instances	Feature Update under ESM
Users
VIP User	Configure under Admin>>Users	Configure under ESM Directory	Available for all users.
SMS Mail ID
Secondary Email ID
Additional Fields	Configure under Admin>>Users>>Additional fields.	Configure under ESM Directory. Configure instance-level additional fields under Admin tab of specific instances.	Available for Users and Technicians Additional field data will not be available under CMDB users.
AD Import	Configure under Admin>>Active Directory.	Configure under ESM Directory.	All user data (Users and Technicians) will be updated during the Active Directory (AD) import.
CMDB
Add Users	Not Applicable		User Management done only under the ESM directory.
Relationships and Attributes	All People, Requester, and Technician relationships and attributes will be mapped to Users.

Schema changes

• Any query reports saved in the old schema or any new query report on the old table schema will now be redirected to be executed in the database using the new schema.
• Errors during replacement are tracked in the FailedQuery.html file under logs.
• All old schema queries successfully tracked are available in the SucceedQuery.html file.
• Querying the following tables is not possible anymore: Requester, Technician, HelpdeskCrew, and UserAdditionalFields

Deleted	Replaced With
HelpDeskCrew	PortalTechnician
CrewEscalation	NILL (Not handled)
Requester	UserAdditionalFields and PortalUsers(for ciid)
Requester_Fields	NILL (Not handled)
Technician	UserAdditionalFields and PortalUsers(for ciid)
Technician_Fields	NILL (Not handled)

Column changes under ESM table schema

Before		After
Table	Column	Table	Column
DepartmentDefinition	CIID	PortalDepartments	CIID
SDUser	AllowedToViewCost	PortalTechnicians	AllowedToViewCost
SDUser	CostPerHour	PortalUsers	CostPerHour
SDUser	CIID	PortalUsers	CIID
People	All columns except CIID	UserAdditionalFields	Equivalent columns can be found in UserAdditionalFields.json file under logs directory

Note: The "TechnicianId" column of the "HelpdeskCrew" table is moved to "UserId" column of the table "PortalTechnician"

Issues Fixed in 9426

• SD-74184 : Mail processing time increases in IMAP protocol if the attachment size is huge.
• SD-74263 : The Apple push notification certificate is updated in this build.

Issues Fixed in 9425

Vulnerability

• SD-61216 : Cross site scripting vulnerability in change password.
• SD-73218 : Information disclosure vulnerability in Contact Support section under Help.
• SD-73219 : Cross site scripting vulnerabilities in Language section of the Personalization menu.
• SD-73928 : XSS vulnerability in Personalization menu.
• SD-73929 : XSS vulnerability in View All Requesters API.
• SD-70638 : Vulnerability: Inappropriate use of HTTP methods while resetting user password.

Behavior Change in 9424

• SD-71761 : Earlier, while creating a request/ticket, the client machine's host name was stored in the request's history. Henceforth, only the client machine's IP address will be stored since the property 'enabledLookups' will be set to 'false' in 'server.xml' file by default.

• You can revert to the old behavior by setting the property 'enabledLookups' to 'true' in the 'server.xml' file

  Note: This requires a restart and might result in performance problems since resolving the client host name depends on a call to the DNS server.

Issues Fixed in 9424

Vulnerability

• SD-22200 : Privilege escalation vulnerability of a technician being able to view all changes.
• SD-22231 : Privilege escalation vulnerability of a technician being able to send announcements.
• SD-22246 : Privilege escalation vulnerability of a technician being able to add reminders.
• SD-22255 : Privilege escalation vulnerability of a technician being able to view add remainder page.
• SD-22267 : Privilege escalation vulnerability of a technician being able to view change related reminders.
• SD-69231 : Privilege escalation vulnerability of a user being able to view task template details.
• SD-70610 : XSS vulnerability in Request Form description under Insert Image, reported by Hussien Yousef of Saudi Information Technology Company, was fixed
• SD-71464 : Input value is not encoded in log files resulting in a XSS vulnerability
• SD-71473 : Vulnerability found in file extraction during the restore process.
• SD-72074 : Vulnerability present in the attachment path.
• SD-72572 : Fixed CRC related issue in restore process.
• SD-73217 : Information disclosure vulnerability present in home page.

Home

• SD-69831 : Able to view project tasks in Home tab's tasks list view after downgrading the license from trail version to standard/professional.
• SD-71972 : Under Home >> Tasks >> Show All Tasks, the 'Owner' field doesn't populate the Project members for the tasks created under a Project.

Dashboard

• SD-71090: OOM Error occurs while processing 'Unassigned and Open Requests' Dashboard widget if there are many Open requests.

Request

• SD-71095 : In Service Template workflow, sending of approval emails fails for requesters who do not have 'Service Request Approver' permission but are Department Heads.
• SD-71458 : Unable to translate request list view columns in non-English languages.
• SD-73323 : 9418 Breakage: The issue fix for 'When more than one approver has same e-mail id, error message shown for actual approver while taking approval action' is broken.
• SD-73417 : The set field action of FAFR does not work for radio button field.

Project

• SD-70802 : Task bars are blank in PDFs exported from Projects Gantt view.
• SD-70919 : While navigating from a project to the next project by clicking the right arrow in project details page, same project loads repeatedly.
• SD-72812 : @PROJECT_OWNER variable fetches milestone owner in milestone comments.
• SD-73169 : Project Dashboard is present for technician without project module permission.

Solution

• SD-73852, SD-73859 : 9422 Breakage: Requesters are not able to view solutions.

Admin

• SD-69169 : Technician and Support Group are not saved in task templates when the application runs in Internet Explorer 11.
• SD-69664 : Server link in the Account Lockout email notification is not opened.
• SD-70368 : While creating a copy of a site, the sender name and sender email of the default site's support group is copied
• SD-73678 : Field and form rules binding does not work for resources in grid view.
• SD-71882 : Security settings >> Security response headers: After updating the latest service pack, custom security response headers are lost.

Reports

• SD-72306 : Default report: Time spent by technician on projects is not working in MSSQL.

Mobile

• SD-73572, SD-73579 : SDP mobile app: When trying to reply to a conversation, the 'To' field is not auto-populated in mobile app version 4.7.1.

Others

• SD-69465 : Option to download digitally signed service packs
• SD-70502 : Secondary installation configured for Fail Over Service (FOS) does not start if the application runs in the HTTPS mode.
• SD-70646 : Files uploaded on to the application through UI are not replicated in the secondary installation configured for Fail Over Service (FOS).
• SD-70739 : No proper authentication error message is shown for incorrect non-login URLs.
• SD-70751 : Tasks added by changing the task template are not shown for technicians in calendar view(Home -> scheduler) in foreign language setups
• SD-70947 : A grammatically wrong message is displayed while accessing a deleted task ID.
• SD-71005 : Update manager heap size is set to 512M even after migrating to BIN setup
• SD-71721 : Group is removed while editing a task using the 'Edit icon in task details page' from the comments tab.
• SD-72857 : For instances enabled with Active Directory authentication along with dynamic user addition, user login fails if the username is in upper case
• SD-73041 : Out Of Memory error occurs during the backup of directories with large number of files. If you adjust the memory size and complete the backup, Restore will still not be possible.
• SD-73154 : Backup restore fails without the fileattachment zip in it. The issue occurs only if the previous backup has been manually terminated.
• SD-73506 : Unable to change port number while installing ServiceDesk Plus in Windows machine.
• SD-73562 : Incomplete backup files will have the .partial extension to distinguish from the complete backup files with the .data extension. Please note that the incomplete backup files cannot be restored.
• SD-69306 : New indexes have been added to few columns in database tables for better performance.
• SD-71578 : Application lag caused by logging and i/o delay.

Enhancements

• SDF-70993 : Option to disable automatic delta scan. Admin >> Discovery >> Scan Settings.

Issues fixed in 9423

Vulnerability

• SD-71557 : XSS vulnerability found in success/failure message pop-ups is fixed.
• SD-69428 : XSS Vulnerability in the Software Metering graph of the Software Summary page.

Assets

• SD-70892 : In a certain scenario, issue occurs while viewing History tabs of some assets.
• SD-71049, SD-71127 : Error occurs while Auto Assigning assets. The issue happens if the page has more than 150 workstations.
• SD-71376 : Unable to update the WarrantyExpiry date in Diff scan while syncing the asset data from Desktop Central to SD.
• SD-72560 : Org Serial Number field is getting duplicated in the CI details page of workstations and servers.
• SD-72400 : Assets that are not associated to any site are not displayed for technicians without site association.
• SD-71873 : There is no managed connection while uninstalling an agent.
• SD-72411 : Agent information of the scanned XMLs from Desktop Central is now captured in ServiceDesk Plus.

Purchase

• SD-70632 : Unable to enter names with characters more than 30 in purchase orders.
• SD-70798 : When an approver's name contains characters from a foreign language then these characters' encoded values are displayed in the Print Preview section of the corresponding purchase orders.
• SD-69240 : Attachment names with commas cause page break in the Purchase Order form.
• SD-70922 : Notification table entry undone after changing the PO status to 'Ordered'.
• SD-71860 : Unable to delete an existing item and add new from PO edit page.
• SD-72310 : Default Sales Tax Rate is not maintained in a PO once a vendor is selected.

Contracts

• SD-71128 : A technician with only "View" permission for contracts can attach documents to it.

Scan

• SD-70941 : The scanned asset/workstation additional field values for a VM host get reset to default values, if configured.
• SD-72376 & SD-74063 : While scanning CentOs machines with version above 7.2 and Red Hat machines with version above 7, the IP and MAC addresses are not captured.
• SD-69033 : Custom CI type of workstations/servers is not preserved after a second scan.
• SD-70950 : After the scan In SDP version9423, Network scanned status and last scanned time is not updated.

Admin

• SD-69974 : Application freezes while clicking on the Add New Cost Centre button. The issue occurs due to loading of too many departments.
• SD-70262 : Asset CSV import fails when a non-SD-Admin performs the import. The issue occurs if the username field is left blank and only the department name is filled in the CSV file.
• SD-72303 : In Asset details page, the title is not in i18N.
• SD-69147 : CIs under a child CI type is only partially preserved when the child CI is added to a different parent.
• SD-69156 : Unable to access the Standalone Audit page by a technician who though is not an SDAdmin but has the "Scan Now" permission in Assets Module.
• SD-73357 : Technicians (except admins) could not add/edit assets from the left panel in the Asset Home page.
• SD-71861 : Global search under Assets now includes the value in Last Logged In User.
• SD-73622 : UI glitch occurs on clicking expand icon in department field in Cost Center. Admin >> Purchase/Contract Management.

Software

• SD-70080 : Incorrect software information stored in the database.

CMDB

• SD-70564 : Under CMDB, unable to delete barcode if more than 100 CIs are deleted in one go.

Remote

• SD-71612 : Security exception occurs during remote access by Web RDP for any non-English languages.

Others

• SD-73263 : GET API for CI Details using criteria is not working in the REST API Documentation tool.
• SD-70008 : Applications installed in an Iphone scanned by Desktop Central and pushed into ServiceDesk Plus are not listed under the Applications tab.

New features in 9422

• SDF-69532 : Advanced analytics integration for ServiceDesk Plus now supports two new modules - Projects and Solutions.

• Project management analytics

  Track progress of all your projects simultaneously from a single console. These reports help you identify bottlenecks and closely monitor project activities using Burn-down and Burn-up charts.

• Analytics on Solutions/Knowledge-base

  Keep your knowledge-base articles up-to-date by analyzing the usage patterns and measuring the relevance of your self-service solutions.

• Analytics on Request transition history

  Analyze the transition history of a request such as,

  1. The number of times each request was re-assigned to a different technician.
  2. The amount of time a request was put in an on-hold state.
  3. The number of support groups that have worked on each request.
• SDF-72903 : Support for Bulgarian language in ServiceDesk Plus

Issue Fixed in 9422

Vulnerability

• SD-68374 : External Entity Injection (XXE) vulnerability while processing license XML data (CVE-2019-14693)
• SD-68374 : When a vulnerable license file gets uploaded, no proper error message is shown
• SD-69317 : Vulnerability: Credential information is hard coded in plain text format
• SD-71558 : vulnerability in asset association field
• SD-72592 : Script error pops up while changing the list view filter/personalization in projects/change list view pages.
• SD-68703 : GET URLs replaced with POST URLs.
• SD-72082 : Directory traversal vulnerability found in file upload.

Home

• SD-70986 : Time format configured in Personalize menu is not reflecting in My Reminder(s) widget in the home page
• SD-73571 : 'Report an incident' widget contents are not translated for non-English languages.

Dashboard

• SD-71616, SD-71420 : Technicians are not able to open pending tasks from their dashboard page if their name contains (,) comma

Requests

• SD-68176 : Closure Code and Closure Comments added by a technician when resolving a request reset to a null value after the requester closes the request.
• SD-68529 & SD-71431 : An exception is thrown while deleting a conversation in request
• SD-70631 : Request couldn't be updated after deleting the user assigned as the request's Editor.
• SD-70924 : A service request that's raised on a template configured with the approval condition Do not assign technician before Service Request is approved and converted into an incident request could not be reverted to a service request.
• Please note that you can directly modify the template of a service request into a different service template.
• SD-71888 : Query performance for shared list view filter is improved.
• SD-72147 : Password Manager Pro Integration: Unable to view passwords for PMP resources from within SDP.
• SD-72399 : Unable to select request group filter if there are special characters in the group name.
• SD-73265 : Issue occurs while loading a resource question's pick list values in grid view.
• SD-73303 & SD-73306 : Help card text is not wrapped properly in the request details page for requester logins

Admin

• SD-70887 : Unable to add a technician in 'exclude list' under 'Technician Auto Assign' if the technician's email id contains a single quote (').
• SD-70990 : In Professional and Standard editions, service category couldn't be deleted.
• SD-71632 : Edited SSP message in incident and service catalogs get restored to the default message when PPM is applied
• SD-71652 : HTTPS error message shown in ME integration page is not pointing to the right section in help card
• SD-72795 : Closed option is not displayed for Status field in the criteria section of the custom trigger.
• SD-73310 : Issue of field properties being editable from the requester layout
• SD-73511 : Unable to add more than 100 values for incident/service request's pick list additional fields
• SD-73536 : Inability to add more than 10 options for a resource question, under Service Catalog.
• SD-73537 : Few customers, who configured the ServiceDesk Plus application in HTTP and simultaneously enabled the HTTP to HTTPS redirection, couldn't submit the surveys and encountered an 'undefined' error.
• SD-73549 : Inability to add more than 10 questions for a resource, under Service Catalog.
• SD-71212 : Users' email addresses are not merged if the user merge process is initiated from the requester list view.
• SD-73496 : Advanced Analytics sync failure, caused by the addition of encrypted incident additional fields in configuration file, which resulted in breakages in 9418.
• SD-69043 : Unable to add additional fields in Advanced Analytics Plus if the alias name has more than 60 characters
• SD-65879 : For enhanced security, Zoho Reports will now be accessible only through TLS1.2 from Nov 1st 2018. Support for TLS 1.2 connectivity has been added in this release. Customers are requested to move to this version before Nov 1st 2018, to avoid Zoho Reports integration failure.

Chat

• SD-72163 : Technician unable to receive chat requests if the technician is enabled for one chat group and excluded from other groups
• SD-72593 : Technicians with 'Enable CMDB' role is not listed in Chat's 'All Technicians' list

Reports

• SD-26644 : Query Report : Capitalized characters in the display name of a column in a table under query reports gets un-capitalized automatically.
• SD-70145 : Deleted service catalog additional fields displayed under Available Columns in custom reports.

Others

• SD-73545 : Newly added and modified keys are supported in all languages.

9421

(Released on 04, October, 2018)

Issue Fixed in 9421

• SD-73564 :Cross site scripting vulnerability is present while viewing the asset details page

9420

(Released on 25, September, 2018)

Issues Fixed in 9420

• SD-73254 : Asset field is available in both incident and service templates of the standard edition.
• SD-71359 : Configure Agent's TLS Protocols and Ciphers to secure communications from within the Agent side. Configure it under Admin >> Windows Agent Configuration >> Settings.
• SD-73273 : Field and form rule configured with the "enable field" action for incident template does not get applied to request form.

9419

(Released on 19, September, 2018)

Issues Fixed in 9419

• SD-73208 : After upgrading to 9418, approvers are unable to approve incident/service requests in the Standard and Professional edition.
• SD-73207 : Upgrade failure occurs if the notification subject and description in custom change status are empty. This issue occurs in those setups where mapping of old status to new custom status executed, after migrating from older versions to 9.0

9418

(Released on 17, September, 2018)

Behavior Changes in 9418

• SDF-63255 : Change workflow will be displayed only in Single view and not in Tab view anymore.
• SDF-72086 : The application will function on free license after the acquired license expiry.
• SDF-72909 : Duplicate additional fields will be automatically removed from the request template forms. To view the changes, go to the System Log Viewer.

New Features in 9418

• SDF-73175 : In service templates, ability to mark cost of individual resources along with the base service cost so that requesters get to know the over all service cost, and approvers can take action based on the cost involved. To learn more, click here.
• SDF-45759, SDF-38935, SDF-47202, SDF-47573, SDF-53066, SDF-60260, SDF-61173, SDF-65154, SDF-45834, SDF-46616 : In request templates, add sections, search existing fields, preview the template, and provide help content for individual fields and for the template. In addition, you can bulk add pick list values and reorder them.
• SDF-61033 : Field and form rules inclusion for each incident template will be indicated by an icon in the list view.
• SDF-40475, SDF-47321, SDF-47888, SDF-46885, SDF-23574 : New field types such as Radio and Checkbox are available for incident additional fields.
• SDF-36189 : You can now change the template of a service request. The new template can be from the same or different service category.
• SDF-29892 : Archive requests by using the Any Completed Status criteria under Admin>>General Settings>>Data Archiving.
• SDF-66881 : Files attached to a change in the Submission and Planning stages will be added to CAB recommendation email notifications.
• SDF-65546 : SDAdmin can now mandate change roles in templates, and users can assign change roles while creating the change request.
• SDF-63255 : Change roles to be notified for a given status is made specific to a change workflow. The Notify To field in a change status can be edited only within a change workflow.
• SDF-65657 : In change workflow, configure auto-approval for changes recommended by all CAB members.
• SDF-65114 : Define change custom triggers to be executed for recommendation, rejection, or any approval action by a CAB member. Also, you can set status change as a criteria to be fulfilled by changes for executing the trigger.
• SDF-73177 : Share a Change Request with all technicians by selecting $AllTechnicians for SharedRole, or select specific technicians for the role.
• SDF-60652 : User can view and perform approval actions on change requests from within iOS mobile application.
• SDF-73179 : User emails and system notifications will be listed under Conversations inside a change. You can also reply to and forward notifications.
• SDF-63637 : The Asset Loan feature enables you to mark loanable assets; track asset loaning, return, extension, and expiry; and configure asset loaning notifications. To learn more, click here.
• SDF-61123 : Integrate ServiceDesk Plus with Mobile Device Manager Plus to track lost devices and perform various tasks, such as lock the device and wipe off data.
• SDF-31037, SDF-45095, SDF-37001 : User import from Active Directory can now fetch Employee ID and 'Large Integer' type field accountExpires.
• SDF-70656 : ADManager Plus integration, with a revamped UI, now offers the following additional user management actions through Active Directory :
  • Add to Group
  • Modify Department
  • Modify Manager
  • Remove Folder Permissions
  • Remove from Group
  • Set Folder Permissions
• Configure from the application UI the fields to be displayed in the User Creation form. Map individual user domains with specific templates through which select fields must be modified in the Active Directory.
• ADManager Plus version must be 6640 or above for the enhancements.
• SDF-73176 : Configure a password, for both login and non-login users, to ensure secure access to files, such as exported reports, scheduled reports, and exported request list generated from within the application. Enable File Protection Password under Admin >> Privacy Settings. To learn more, click here.
• SDF-65144 : Install the SSL certificate from the UI under Admin >> General Settings >> Import SSL. However, SSL certificate trusted by an internal certificate authority cannot be imported from the UI.
• SDF-61199 : Under Sites, use the Inactive Sites filter to list the sites that are deleted, but used in the product.
• SDF-73054 : Customize the Report an Incident widget in the requester home page by editing the HTML. Search option for templates is now available inside the same widget, making it easy and simple for users to raise requests and to report incidents.
• SDF-69125 : The application login page gets a UI revamp. Post upgrade, default login page will be displayed. Under the self-service portal settings, customize the page by editing the HTML. You can also revert to the previous login page by inserting the corresponding CSS script. To learn more, click here.
• SDF-76414 : Support for new language - Macedonian

9417

(Released on 10, September, 2018)

Issues Fixed in 9417

• SD-72858: Failure in sending system notifications for incoming requests and conversations in environments where Microsoft Office 365 and Microsoft Exchange mailboxes are configured. This is because even the valid emails sent within these domains are marked as bounced as they don't have the 'Return-Path' header.
• SD-72318: Under Admin > Support Group > Edit Group, the 'Notify to' option doesn't show up when the option 'Send notification to group technician when a new request is added to this group' is enabled.

9416

(Released on 27, August, 2018)

Behavior change in 9416

• If authentication is disabled in the outgoing mail server, do not enable it under Outgoing Mail Server settings. Otherwise, outgoing emails will be stopped.

Issues Fixed in 9416

Vulnerability :

• SD-69292 : Vulnerability of an unauthorized user able to create, edit, and delete currency in the application is fixed.

Requests :

• SD-72110 : Purchase requests couldn't be associated with a service request from within the service request.

Purchase :

• SD-70963 : Purchase Requests with similar vendors are not listed in the Associate PR list when trying to associate a PR with a Purchase Order.

Reports :

• SD-72161 : Exception occurs in survey-based custom reports (tabular) if the 'Survey Type Name' is added into the column.
• SD-72107 : Exception occurs when a technician with site restricted login permission tries to access survey reports.

Admin :

• SD-72372: Error occurs while trying to save the customized self-service portal draft. The issue occurs when we remove a widget from the portal and try saving it.
• SD-71923: After upgrading to 9412, survey reports are projecting the wrong values.
• SD-71937: Unable to edit the incident and service surveys created in Evaluation/Enterprise edition. The issue occurs when we try to edit those surveys after downgrading to the Standard Edition.
• SD-72047: Unable to view older survey responses in some MSSQL (SQL Server) DB environments after migrating to 9412/9413/9414/9415.
• SD-71945: Technician with SDSiteAdmin role is not able to trigger a survey from the request details page.
• SD-72148: Exception occurs when an On Behalf of User (OBO User) tries to save a survey response.
• SD-72426: Notification rules are cleared while editing the rules if VIP user or Department based survey exclusion rule is applied.
• SD-72000: In MS SQL setups, an exception occurs if we click on Organize Business Rule under Admin>>Business Rules.
• SD-68586: No alert message is shown while enabling mail debugger informing that the mail server's username and password will be printed in the logs.
• SD-70794: In some environments, bouncing emails causes an indefinite looping of conversations as replies to such bounced emails triggers another loop.
• SD-71608: Support group names are not fully displayed if the name of the support group contains more than 50 characters.

9415

(Released on 20, August, 2018)

Issues Fixed in 9415

Vulnerability :

• SD-72109 : XSS vulnerability found in the asset details page is fixed.
• SD-71576 : XSS vulnerability found in Change Calendar is fixed.
• SD-72080 : Directory traversal vulnerability found in file upload is fixed.
• SD-71495 : ZipSlip vulnerability found in distributed asset scan is fixed.
• SD-72568 : Vulnerability in deletion of default license types is fixed.
• SD-68282 : No alert message is displayed, warning about the impacted scan types when we enable "Stop uploading scanned XMLs via non-login URL" under the Security Settings.
• SD-71928 : Privilege Escalation Vulnerability in project module Gantt view.
• SD-69108 : Security response headers are missing in the login form.
• SD-71704, 71703, 71702, 71676, 71675, 71674 : GET URLs replaced with POST URLs.
• SD-71595 : Vulnerability : Able to create a table and copy data in MSSQL.
• SD-66826 : Vulnerable HTTP method (OPTIONS) disabled.

Requests :

• SD-72141 : In the request history, Before Modification and After Modification sections with regards to Description changes are not displayed.

Assets :

• SD-71491, 71490 : Failure exception message displayed during network scan is fixed.

9414

(Released on 24, July, 2018)

Issues Fixed in 9414 :

Vulnerability :

• SD-71123 : Vulnerability in the login page as domain filtering is not enabled.
• SD-69907 : Vulnerability of a technician with request view only permission being able to add attachments and add/edit worklogs is fixed.
• SD-68547 : Vulnerabilities fixed in requester search.
• SD-65745 : Vulnerability fixed : Password has been encrypted in the Incoming Mail Server settings.

Requests :

• SD-71938 : 9412 Breakage : Service templates are listed under 'Incident Catalog' tab even if the "Combine incident and service templates listing for the service' option is disabled in Self service portal.
• SD-71876 : Task filter name is not encoded in requests list view.
• SD-71587 : If a request has a table in its description field, then error occurs while printing that request.
• SD-71180 : Description field is left blank in some cases where requests are created through Mail.
• SD-71122 : Images in email signatures are considered as attachments while sending a reply to a request.
• SD-70481 : Admin requester history is not recorded when a technician spot edits any requester's field in the request details page.
• SD-69187 : Archived requests are not listed up while performing a Request ID search using the global search bar.
• SD-68277 : Typo in the request approval success message has been rectified.
• SD-66339 : When a Technician with permission to a particular group changes the group of a request, the resulting page redirects to the requests list view.
• SD-64098 : The requester's list view doesn't load completely while creating a custom view and in Advanced Search when there is a large number of Requesters
• SD-70909, SD-70770, SD-70017 : FAFR : Unable to create a request when a mandatory field present under resource section is hidden through FAFR.
• SD-71188 : Field and form rules are not applied for disabled fields in IE.
• SD-68439 : Request Status Scheduler popup doesn't appear for a Technician if his/her role doesn't have the FGA "Reopening Request" enabled under Advanced Permission.

Changes :

• SD-71192 : Option to allow a Change Owner to globally edit a Change Request.
• SD-71572 : While printing request/problem/change list view using the browser print option (Ctrl/Cmd + P), request URL gets added to prints.
• SD-71094 : After saving default values for all user roles, values do not get reflected in change template roles tab.
• SD-69947 : Non-login attribute link added in the subject of a change template exposes the key in change details page. Also, the description after the non-login link is not displayed.
• SD-69784 : Alignment issue occurs in change details page if there are a number of users in a change roles field.
• SD-69046 : Performance issue occurs in Change Form if there are a large number of options (few thousands) in any of the select component (site, group etc).
• SD-68375 : Error exception report thrown instead of error messages across product.

Dashboard :

• SD-71211 : Unable to open requests from the following dashboard widgets; 'SLA violated requests and requests', 'Requests received in last 20 days' and 'Requests closed in last 20 days'.
• SD-71478 : Report widgets in dashboards page are not displaying custom reports.

Projects :

• SD-71877 : Requester with a project owner role is not able to view task link present in the notification email. An authorization error is thrown.

Solutions :

• SD-70665 : Public solutions are not displayed for requesters even if no user groups are selected.

Reports :

• SD-71377 : Incorrect report data gets exported if we have selected 'default reports' as the filer option. Issue occurs while exporting reports in HTML, XLS, and CSV formats.

Others :

• SD-71959 : Upgrade failure is not handled in foreign language setups for MS SQL databases.
• SD-71188 : Field and form rules are not applied for disabled fields in IE.
• SD-71177 : Mail fetching schedule does not function as per the fetch interval customization.
• SD-70961 : While importing users from AD, notification gets triggered for the AAAUser table even if the username doesn't get changed.
• SD-70932 : HTTP to HTTPS redirection settings are not retained after the upgrade.
• SD-70917, SD-70881 : Loading screen doesn't get closed even after SDP gets started.
• SD-70832 : Technician with SDSiteAdmin role with restriction to a specific site can edit requester accounts and provide all sites view permission to requesters.
• SD-70822 : Application backup runs into an infinite looping condition if the primary key for the table is large.
• SD-70777 : Login details appear even after selecting 'Don't show login details" option in the login page.
• SD-70357 : In additional fields' pick list values, "+" symbol is getting replaced with space.
• SD-70347 : When editing a requester's details who is also a purchase approver requester, site, and department data is not loaded.
• SD-70222 : In a Multi-language license setup, where a requester login is personalized to Arabic, home page solution search throws an error (the same search works fine if the login is personalized to english).
• SD-70213 : In SSO enabled setups, header tabs keeps reloading.
• SD-70069 : While importing company logo under organization details, 'GIF Image' option is selected by default instead of 'All Files'.
• SD-69952 : Department name gets duplicated during LDAP user import if the department name has some trailing space.
• SD-69473 : Account lock option is enabled by default in fresh installations.
• SD-68666 : UI glitch occurs near Available User Groups and Selected User Groups while creating a new announcement.
• SD-68487 : Filter option "View Emergency Templates" under change template UI flows out of select box.
• SD-67654 : Unable to log in to the application when domain filtering is disabled and there is no public domain.
• SD-66169 : Alternative mail server configured under 'Outgoing' mail server settings does not work.
• SD-40643 : User-defined fields are allowed to be imported using LDAP.

9413

(Released on 12, July, 2018)

Behavior Change in 9413:

• SD-71872 : Custom statuses, created before 9.3, displayed as system project filters are removed with this release.

Issues Fixed in 9413:

• SD-71818 : Upgrade failure occurs during migration if a PO had "null" value for the "item" field.
• SD-71817 : Upgrade failure occurs due to non-synced entries in "changetoci" and "ciinfo_otherapps" table.
• SD-71816 : While adding a new relationship to a relationship map, non-English characters appear as "??"
• SD-71810 : Upgrade failure occurs if the personalization data is missing in "ACTABLEVIEWCONFIG" table.
• SD-71808 : Upgrade failure occurs if a task comments owner value is 'null'.
• SD-71800 : Upgrade failure occurs if both incident and service business rule have a same name under the same site.
• SD-71796 : Task list view does not load properly after migrating to the latest version in certain cases.
• SD-71783 : Projects custom filters added in versions prior to 9.3 are missing after migrating to the latest version.
• SD-71782 : Webinar URL has been updated.
• SD-71871 : Projects' private filters, created in versions before 9.3, will be visible in the "Manage Views" section only to users who created them.

9412

(Released on 05, July, 2018)

Behavior Change in 9412:

• SD-70724 : Actionable items in the Admin module are moved to the left side.
• SD-70728 : 'Add new form' in business rule, SLA, custom filter has a revamped UI.
• SD-71104 : Community tab is hidden for technicians (non-admins).
• SD-71646 : Item price is mandated in purchase order.
• SD-56821 : Links displayed for Project Title, Tasks, Milestones in the Associate Project pop-up in requests are removed.
• SD-71027 : "More Fields" button is removed in the New project form.
• The maximum character limit for command scripts in custom triggers has been restricted to 200.

New features in 9412:

• Privacy settings enhancement:

  • Encryption At Rest for sensitive data: Option to encrypt the confidential information collected in Incident/Service Additional Fields. Single or Multi-line and Pick List fields can be encrypted. Click here to know more.
  • Password protected backup data: The application backup is now protected with a password. The password is required to open the backup file / restore it. This password can be changed in the Admin-> Backup schedule page. click Edit Scheduling and input the backup password to change the backup password.
  • Anonymize deleted users: Option to anonymize deleted users from the Requesters list. Click here to know more.
  • Limitation :
    Reports, advanced search, custom filters will not display any of the encrypted fields.
    The MasterKey password cannot include non-English characters.
• SDF-71766 : Password Manager Pro Integration: Option to remotely access privileged accounts in target machines (or resources) from within ServiceDesk Plus without account credentials. Find the feature at Admin >> General Settings >> ME Integrations. Click here to know more.
• SDF-71759 : Do more with V3 API: Now you can perform the following operations using the V3 API: ADD, UPDATE, GET, GET ALL, DELETE, CLOSE requests. Add Resolution, pickup requests, associate requests, and link requests.
• SDF-21131 , SDF-22400 , SDF-24334 , SDF-61555 : Enhanced Survey - Some of the enhancements include,

  Option to:

  • Configure different survey templates for different type of requests.
  • Send ad hoc surveys; the survey need not be associated to a request.
  • Send surveys periodically; in predefined intervals, such as once after 2 weeks or 4 months.
  • Configure different answers for different questions. Find these features at Admin >> User Survey. To learn more about this features. Refer to this.
• SDF-63939 : Custom Scripts in BR: Option to invoke custom scripts in business rules. You can use this to completely abort operations or update field values (like additional field value). Find the feature at Admin >> Organization Details >> Business Rules. Click here to know more.
• SDF-31605 , SDF-62977 , SDF-63517 : Request status is given under business rule criteria.
• SDF-61713 , SDF-61890 , SDF-62294 , SDF-63690 : Business view: Option to view and manage the saved relationship maps of CIs from one place.

  Find the feature in CMDB > Business view. Click here to know more.

• SDF-68798 : Chat enhancements: Option to interact easily with fellow technicians using the inbuilt chat. Click here to learn more.
• SDF-65490 : User merge tool : Option to merge duplicate requesters. Find the feature at Admin >> Users >> Requesters. Click here to learn more.
• SDF-65398 : Task custom filter: Option to create custom task filters.
• SDF-51449 : Additional fields for Projects: Capture different types of alphanumeric information about your projects by adding different types of fields
• SDF-71757 : Project Dashboard: Get projects related key information displayed in the dashboards page. Include project related widgets to display key information on the dashboard page. Click here to know more.
• SDF-71758 : Enhanced comments for projects/milestones/tasks: Notify users in comments by using '@ mentions'; For e.g., use @John to notify John. Click here to know more.
• SDF-49791 : Global search for projects: Find projects easily by using keywords, and also column fields, such as Priority, Owner, and other column heads in the global search.
• SDF-50361 : Multiple associations between projects and changes: Streamline the change or project process by associating multiple changes to a project and multiple projects to a change. Click here to know more.
• SDF-50266 : Project template creation made easy: Create project templates from already existing projects, saving the redundant effort involved in creating a project template similar to an existing template.
• SDF-55327 : Notifications for comments: Option to have bell icon notifications for comments added on projects.
• SDF-56887 : Option to customize projects list view to display the projects important to you by default. Mark filters as favorites and change the order of the filters as per your requirement.Click here to know more.
• SDF-63244 : "Estimated Effort" column included in the custom report for Tasks.
• SDF-23878 :Created time for tasks: Option to view the created time of tasks.
• SDF-63515 : Personalized task filters will remain specific to each module (Homepage, requests, changes, problems, and projects).
• SDF-63674 , SDF-63961 : Purchase order enhancements: Option to create a purchase order for non-asset purchases such as training and services. Find the feature at Admin >> Purchase/Contract Management >> Vendor Services. Click here to know more.
• SDF-28658 : Resource state enhancements - Option to add custom asset state with the ability to enable/disable scan for assets in those states. Option to enable ownership for assets in these custom states. Find the feature at Admin >> Asset Management >> Asset State. Click here to know more.
• SDF-70727 : Collapsible tabs introduced in header and sub-header of the application to avoid unnecessary scrolling.
• SDF-71169 : Support for 'Lithuanian' language in ServiceDesk Plus.
• SDF-70397 : Support for 'Greek' language in ServiceDesk Plus.
• SDF-70722 : Community page inside the application sports a new look.
• SDF-71948 : Desktop Central Integration : "Tools" introduced under Actions menu of requests for performing operations such as "Lock", "Hibernate", "Shutdown", "Restart" etc., on target machines remotely from SDP.

Issue Fixed in 9412

• SD-66006 : Vulnerability in the storage of private key for scanning Linux devices is fixed.
• SD-67623 : Insecure storage of passwords in credential library.
• SD-65170 : Business Rule's 'description' criteria such as "ends with" and " contains" does not work for requests with description size greater than the one configured in GlobalConfig DESCPSIZE. This issue occurs in requests added or updated through mail.
• SD-70875 : Unable to save new content in scribble pad. An internal error also occurs while trying to close the scribble pad.
• SD-22280 : When a ROBO Template is invoked through API, it does not perform the password reset function automatically. This issue is fixed in V3 API.
• SD-24532 :Null pointer exception occurs while trying to open a survey without any answers.
• SD-46249 : When a user submits a survey but fails to close the confirmation message and hits the back button, the user is not able to submit the survey the second time. A null pointer exception is thrown.
• SD-56821 : On clicking Associate Project Button, the links for Project Title, Tasks, Milestones are present in the pop-up.
• SD-61872 : Unable to save a password with special characters in credentials library.
• SD-67496 : Chat module : Technician online/offline status is not considered when a chat is initiated to a technician.
• SD-70325 : In /ProjectAction.do URL, the parameter 'form' is passed twice.
• SD-70380 : Technician with request and project edit permission is unable to detach an associated project from a request.
• SD-70600 : Private / Public filter icon is not displayed in the custom filters list view.
• SD-71029 : After 9409, AD import doesn't start if more than 300 OU's are selected.
• SD-71351 : Unable to access the technician availability chart and calendar from 'Quick Actions' menu.
• SD-71713: With Zoho reports integrated, the application fails to start when internet connectivity is disabled.

9411

(Released on 28, June, 2018)

Issue Fixed in 9411

• SD-71715: Sometimes, when multiple threads or multiple users access Incident/Service templates or the Service Catalog simultaneously, the application may fail to create corresponding cache for the operations and crash.

9410

(Released on 20, June, 2018)

Issues Fixed in 9410

• SD-70610 : XSS vulnerability in add new request form's 'insert image' section is fixed.
• SD-71186 : If PM tasks are created using templates with service catalog additional fields, then the back up (with 9404 data in particular) and restore operations on a fresh installation fails.
• SD-70749 : Scheduled tasks are not getting triggered in certain environments after the latest framework update.

9409

(Released on 24, May, 2018)

Issues Fixed in 9409

• SD-71092 : An inappropriate message is displayed when a technician (with permission to view the group requests) reassigns a request to a different group.
• SD-70972 : In some scenarios, a few business rules and custom triggers couldn't be accessed or executed. Also, the dashboard isn't loaded for some technicians.
• SD-70978 : Non-login approval link isn't opened when another user has logged in to the application in the same browser of a system.
• SD-71105 : Unable to create a group under Assets.
• SD-70538 : In the MS SQL setup, when you upgrade a build to 9400 or above, service requests created using custom templates can't be archived or removed from trash.

9408

(Released on 14, May, 2018)

Issues Fixed in 9408

• SD-71056 : After entering a requester's name in the new request page, the requester's details are not fetched.
• SD-70885 : Logged-in approver is not able to download attachments from the approval page.
• SD-71098 : Blank page appears while accessing Gantt view under any project.
• SD-71006 : Custom trigger's executor type is saved as "script" even when we have selected the executor type as "class".

9407

(Released on 07, May, 2018)

Behavior Changes

• SD-69982 : Beyond the Submission stage of a change, the Change Owner will no longer be allowed to globally edit the fields.
• From the Approvals stage of a change, any global edit made by the Change Manager will be notified to all Change Roles associated. You can disable this under the Change Notification Rules.

New feature in 9407

• SDF-67777 : Option to choose the US/EU data centres for Zoho Reports under Advanced Analytics Configuration Wizard.

Issues fixed in 9407

Vulnerability

• SD-69155 : Information exposure vulnerability in change notes.
• SD-68759 : XSS Vulnerability in change stage status.
• SD-68232 : XSS Vulnerability in problem's details page.
• SD-68092 : XSS Vulnerability in problem's history tab.
• SD-67954 : XSS vulnerability in custom reports.
• SD-67928 : Information exposure vulnerability in change and status.
• SD-67891 : XSS Vulnerability in scheduled reports.
• SD-67786 : XSS Vulnerability in custom report's folder name.
• SD-70829 : Privilege escalation vulnerability of generating requests.
• SD-67696, SD-67693, SD-67692 : Information exposure vulnerability in change roles.
• SD-67317 : Privilege escalation vulnerability in change dashboard.
• SD-67373 : Privilege escalation vulnerability during a request merge.
• SD-67142 : XSS vulnerability in "Manage Folder" section of reports.
• SD-63223 : CSRF vulnerability in password reset form.
• SD-70451, SD-70247: Privilege escalation vulnerability in custom reports.
• SD-69912 : Privilege escalation vulnerability in change reports.
• SD-69611 : SQL injection in query report.
• SD-69261 : Privilege escalation vulnerability in change modules' non-login pages.
• SD-70605 : CSRF Vulnerability while adding and updating the technician details.
• SD-68568 : Privilege escalation vulnerability in the incident to service request conversion.

Request

• SD-67978 : In requests' Reply, Forward the Request and Email/SMS the Technician notifications, when you enter script tag in the Description field, the script is executed and an error message is thrown.
• SD-68584 : When XLS files of requests with the custom status Completed are imported, the Completed Date field takes the current date rather than the pre-set values.
• SD-70653 : Unable to add Service Requests from a requester login if the template has more than 24 single line additional fields with "Requester Allowed to Set" option unchecked.
• SD-70142 : When auto-closure is enabled and all the tasks of the request are resolved, then status changes are not captured in the history.
• SD-68996 : Values doesn't get displayed for the additional fields in the dependency list view of a request.
• SD-68989 : Support groups' sender mail address is getting displayed as from address for the request which is assigned to that support group. Issue occurs if the requester replies through portal.
• SD-68953 : Reply mail is triggered when pressing the enter key from subject column of the reply window.
• SD-25343 : Clicking on choose button in the Advanced Filtering section under Add custom views page displays a pop up window in smaller size.
• SD-69394 : Request description's edit history is not captured if the content is greater than the maximum limit.
• SD-69753, SD-70167 : Requesters are not able to search requests using request ids.
• SD-68778 : While printing a request of an actual half page content, it takes up two pages.
• SD-67445 : In request details page, clicking on monitor icon under the requester's name does not open up the requester's asset pop-up as expected in the center of the page. This issue occurs only in Chrome.
• SD-67527 : Unable to print in the Landscape mode while using Chrome after migrating to 9308.
• SD-70889 : Requests: In combined tasks list view, the estimated effort field's value is shown in minutes.
• SD-70929 : In request list view left side pane, task's subject has a bold font which is not pleasant.

Problem

• SD-69758 : Default size of the Add Notes window in problems' create/edit page has been increased.
• SD-68743 : Problem - While hovering over a problem in problems list view, associated incidents count is not shown even if there are associated incidents.
• SD-69884 : In a case, where the application server runs on Windows and has Linux as the client, problem attachments with special characters in their names aren't saved properly and therefore can't be downloaded.

Change

• SD-69474 : In 9323 and the following versions, Assets Involved field value is not added upon adding/updating a change using API.
• SD-69475 : When field names in change API contain forward or trailing space, the field values are not auto-populated in the change.
• SD-69903 : When the maximum number of assets are added to a change, only the key is displayed rather than the message itself.
• SD-69595 : When you create and associate a new change from within an incident or a problem, the assets associated with the incident/problem aren't added to the change.
• SD-70143 : After you associate incidents or problems to a change, the incidents/problems selection window fails to automatically close.
• SD-66044 : Error occurs while updating a Change through API when Group field is marked as mandatory.
• SD-66292 : 'Not associated to any site' option is listed in alphabetical order instead of at top of the list in the Site field under Change details page' edit section.
• SD-66868 : Unable to assign group for a change through API if the site is not provided along with the group.
• SD-61895 : While clicking 'Send for Recommendation' in approval section of a Change, the pop-up that appears has a misleading title ("Submit Change For Approval" is shown instead of "Submit for Recommendation").
• SD-70981 : Users not able to add approval comments using non-login URLs.
• SD-68370 : Change owner without the create change permission is not able to edit a change.
• SD-68708 : Change Additional Fields - Fields added using "Add new field" option in change template gets added to both the template and "Available Fields".
• SD-68814 : Change - HTML content is shown in the print preview page.
• SD-69132 : Change - Print view does not contain the Image attached in the 'Description' field of change in "Review" stage. The image's source is alone shown.
• SD-68632 : Invalid request (in planning stage) is displayed under archived request for SDAdmins.

Projects

• SD-66579 : Project title is displayed as undefined in the project gantt view when the project doesn't fall on the selected time span but any of the milestones/tasks fall in the selected time span.

Solutions

• SD-61821 : On hovering over 'All Solutions' under Topics section of Solution module, the scroll bar flickers and becomes immovable.

Admin

• SD-67899 : Error message is not shown properly while adding a duplicate Custom Triggers name with a script tag.
• SD-67541 : Admin>> Advanced Analytics: Clicking on texts near the radio button in configuration wizard also enables the radio button. Also, option provided to close images under Reports-->Advanced Analytics.

Reports

• SD-69615 : Print preview page in reports comes with large space between passages.
• SD-69454 : In CI History and Audit reports, when you miss out From/To date and update them, an untranslated error message with just the key in it is thrown.
• SD-35320 : Exception occurs when executing a query with ORDER BY clause under Reports--> New Query Report.
• SD-60523 : Custom report output containing boolean and date fields are right aligned.
• SD-67835 : Unable to generate "Audit History by Workstation" report.
• SD-68477 : Reports - In matrix reports, clicking on the currently selected tab changes the tab but not the content.
• SD-68512 : Reports - Exception occurs in custom report's filter if there is no value specified in the criteria's value field.
• SD-68511 : Reports - Exception occurs when same column name is given in "then group by" select options.

Others

• SD-70391 : Users could save reminders across the product with just entering some space (without text/numeric entry) in the Summary field.
• SD-70465 : Broadcast message option is displayed for requesters when the Quick Actions menu is enabled.
• SD-69583 : In problems and changes, the notes icon appears distorted in notes the list view.
• SD-70587 : The less privileged users are able to view the technician and the domain details.
• SD-69304 : NullPointerException occurs when you integrate Analytics Plus (version 3120 and earlier ones) with ServiceDesk Plus.
• SD-69327 : When one of the two technicians with the same login name in different domains executes a scheduled report, domain credentials of the other user (without the module/scheduled reports privilege) is loaded, at times, and an exception error is thrown.
• SD-69990 : When you delete service catalog additional fields, they aren't removed from Zoho Reports integrated with ServiceDesk Plus.
• SD-70123 : Performance issue due to high CPU usage.
• SD-65752 : While clicking on Dynamic View for any Data Models under Reports, an error message pops up and disappears automatically.
• SD-70496 : Issue in re-assigning category if subcategory is moved under another category.
• SD-68281 : Zoho Reports - Special characters are sent in encoded form while sending an initial success mail.
• SD-68317 : Zoho Reports - After saving zoho reports credentials, not able to change to Analytics plus as resetting the password is not possible.
• SD-68628 : Zoho Reports - Nullpointer exception occurs while parsing change.xml and adding it in zrmemodules.xml. Issue occurs if change.xml entries are already present in zrmemodules.xml
• SD-68954 : Incorrect 'Schedule Start' & 'Schedule End' time are shown in Change Calendar if the client and server time zone are different.
• SD-62367 : Import now button has been provided at the bottom of the AD import window to avoid unnecessary page scroll down.
• SD-68212 : Proxies will be skipped for locally installed Analytics Plus.
• SD-68272 : Zoho Reports - Edit option for the 'host' field in Analytics Plus configuration is provided.
• SD-70400 : Timer value is not shown properly for chats transferred to a different technician. Issue occurs if the technician to whom the chat was transferred hits refresh.
• SD-70807 : Unable to see the Announcement settings section since upgrading to the latest version.
• SD-70865 : Formatting in the chat box is not done properly.
• SD-70915 : Announcements order is not proper in the latest version.

9406

(Released on 25, April, 2018)

New feature in 9406

• SDF-68872 : Auto delta scan: Automatic identification of hardware and software changes by the agent in the client machine and notify the application server to initiate the scan from the server.

Issues fixed in 9406:

Vulnerability

• SD-69461 : Privilege escalation vulnerability in attachments section of assets.
• SD-69294 : Privilege escalation vulnerability in default license types.
• SD-69460 : Privilege escalation vulnerability in associating workstations.
• SD-69302 : Privilege escalation vulnerability while editing the asset details page.
• SD-58456 : The SSL handshake failure occurs if the cipher suite algorithm used by the server is not supported by the windows agent.
• SD-66584 : Information exposure vulnerability in credentials library.
• SD-68070 : XSS vulnerability in purchase order list view search.
• SD-66403 : XSS vulnerability in add new contract page.
• SD-68516 : Privilege escalation vulnerability in associating child contracts.
• SD-56921 : Weak ciphers removed in Agent.
• SD-66409 : XSS vulnerability in the barcode's history page.

Dashboard

• SD-69056 & SD-67925 : Incorrect information is displayed in the asset dashboards' 2d bar graphs.

Request

• SD-70891 : Unread requests in the request list view are not bold enough.

Asset

• SD-68985 : SMBIOS information is not getting fetched while scanning a workstation.
• SD-68339 : Unable to fetch the "last logged in" user's information using script scanning in Linux machines.
• SD-68056 : Sound card information does not get updated even though it is present in scanned XML for all XML scans.
• SD-70119 : Distributed asset scan fails when the domain name contains space in the central server settings.
• SD-70555 : NullPointer Exception occurs when processing OS information scanned and pushed from ManageEngine Desktop Central.
• SD-66609 : Processor (CPU) changes are not reflected in the history tab during a scan.
• SD-67320 : Unable to fetch the "last logged in" user's information during Mac machines scan.
• SD-68136 : Based on the sysdescription, incorrect model names are assigned to snmp devices. Because of that unknown models are not listed in unknown OIDs list.
• SD-70590 : Agent upgrade is delayed in build versions with the latest framework change.
• SD-70606 : Able to configure the Windows agent by using the CSRF vulnerability.
• SD-66809 : Web remote session continues even after logging out of the application.
• SD-68137 : Permission Denied Error occurs while executing a linux script file for commands like "Dmidecode".
• SD-70772 : Web remote is not working in exe,https setups in recent builds.

CMDB

• SD-66317 : Business impact data is only partially shown in the drop-down in add new CI type page.
• SD-69531 : When you edit a child configuration item (an asset with OS unspecified) manually or through API, it is moved into the parent CI.
• SD-69541 : Users are not able to update requester's login name and domain name through CMDB API.

Software

• SD-69053 : NullPointer Exception occurs while allotting CAL for users.
• SD-67584 : Wrong warning message is shown while deleting software licenses.
• SD-53608 : Multi Line License additional fields are not shown in the Software License CSV import page.
• SD-67428 : Software suite is not getting deleted in a workstation's software list even if there are no software in the workstation.
• SD-69431 : Software license keys are limited to hundred characters.

Purchase

• SD-69215 : When a PO is edited and the approval process is initiated for a second time, then the approval process faces a breakage.
• SD-69017 : If a Product's Name contains '_' while creating a PO from PR, then that name does not populated in the New PO Form.
• SD-68912 : In Purchase Requests's approval notification mail, values for udf-char variables are wrongly replaced.
• SD-68659 : While creating a purchase order, the cost center lists names instead of the codes.
• SD-68285 : If the default terms and conditions for purchase orders exceed 3500 characters, then the PO is not getting saved.
• SD-68534 : Purchase requests display the Cost centre Name instead of the Cost Centre Code.
• SD-67651 : Unable to approve the PR from the Approval tab if a comment is added with special characters.
• SD-69876 : Search function doesn't work while choosing a technician in a purhcase request.
• SD-69873 : '&' in a software name is replaced with 'amp' in purchase orders.
• SD-69216 : When you add a product through a purchase order, and then edit its vendor details under the Admin setup, the vendor details are not updated until you specify the Warranty Period.
• SD-69501 : Inline search doesn't work after searching a purchase order in the global search.
• SD-69483 : When technicians are deleted while being associated to purchase requests, they continue to list in the Technician drop-down of new purchase requests.
• SD-68662 : Unable to close the error message pop-up that appears when a purchase order is saved without filling the quantity field.

Contract

• SD-69067 : If a contract has special characters as values in its pick list fields then they are changed to empty values while editing.
• SD-68813 : Ampersand characters present in the description and support details fields of the add new contract form are not displayed properly.
• SD-69442 : Pick list additional field values containing space or special characters are not displayed when creating/editing a contract.
• SD-69632 : Users are able to add/remove assets to expired contracts after renewing them.

Admin

• SD-69082 : Incorrect error message is shown for duplicate key exception while editing the name of an asset.
• SD-69047 : Unable to delete workstations from the "Workstations failed during last scan" list view.
• SD-68947 : Asset Probe data is not deleted from the central server after a successful import of remote data.
• SD-68258 : Vendor names are not listed alphabetically in the Asset creation form and edit form.
• SD-67078 : Unable to search Russian user names in the 'Choose User' field of the Asset state pop-up.
• SD-65944 : Navigation message for the flexigrid view is not in I18N.
• SD-70604 : Able to add and update requester details by CSRF vulnerability.
• SD-70041 : When you remove assets from a static group, they are not detached until you refresh the page.
• SD-70738 : Robo technician functionality does not work in exe setups.
• SD-70743 : In IE 11, Impact page under Admin is not loaded properly.

Reports

• SD-70771 : Duplicate Fields are displayed in reports after the latest upgrade.

Others

• SD-70806: Default font in the application is changed after upgrading to 9404.

9405

(Released on 16, April, 2018)

Behavior Changes in 9405

• SD-70241: Ntlm log accumulation is cleared during server startup.

Issues fixed in 9405:

Vulnerability Issues:

• SD-70608: XSS vulnerability in the request list view is fixed.
• SD-70609: XSS vulnerability in distributed asset scan's list view.
• SD-70607: Able to add custom schedules by using the CSRF vulnerability.
• SD-69186: XSS vulnerability in request collaboration.
• SD-68638: Privilege escalation vulnerability in user roles.
• SD-68373: Privilege escalation vulnerability in logs.
• SD-69384: Information exposure vulnerability in log files.
• SD-68230: XSS vulnerability in merge request pop-up.
• SD-68214: XSS vulnerability in the logged-in technician pop-up.
• SD-68125: XSS vulnerability in solutions' topic.
• SD-68112: Privilege escalation vulnerability in archived requests attachments.
• SD-68007: XSS vulnerability in reply template.
• SD-67814: XSS vulnerability in importing projects.
• SD-67802: XSS vulnerability in imported solutions.
• SD-67533: Privilege escalation vulnerability in requester details.
• SD-70382: Privilege escalation vulnerability in password reset configurations.
• SD-69972: Privilege escalation vulnerability in generating API keys.
• SD-69491: Privilege escalation vulnerability in problem attachments.

Home:

• SD-68213: Characters ('<' and '>') are replaced by ('<' and '>') in the back up technician drop-down while a assigning back technician rule under Scheduler>>Back up Technician.
• SD-66615: Exceptions occurs while adding or viewing tasks from the home page.
• SD-70419: Error occurs while approving a request from the home page.
• SD-69817: Task Owner is not displayed when the edit icon is clicked from Comments/Work log/History tabs under Home-->Tasks.
• SD-70623: In the home page Scheduler, technicians with '&' in their names, when marked on leave continue to list in the backup technicians drop-down.

Tasks:

• SD-70047, SD-70171 : Add worklog page is blank for requesters with add/view task permission.
• SD-69024, SD-70440 : Description content in the task notification is displayed without line breaks.
• SD-70720: Encoded characters are present in subject field of the task notification email.

Request:

• SD-69131: Under service request's resource questions if the answers have a colon(':') between numeric values (E.g,10:30), then it is not getting saved.
• SD-68115: Diff updates are not mentioned in the history tab if a resource section of a service template is updated multiple times.
• SD-66739: In some cases, diff updates related to checkbox questions in the resource field of a service template are not captured in history.
• SD-70454: Unable to create purchase request from service request when priority is High or Medium or Low.
• SD-70413: When the approval configuration 'Do not assign technician before Service Request is approved' is enabled, then the original technician is assigned via service template instead of backup technician after the service request is approved.
• SD-70385: When a signature variable is included in the 'Notifying for Approval' notification template through a non-login view, an approval notification is not send to next level approvers automatically after the current stage is approved.
• SD-70356: Unable to perform a column search in request list view with two parameters.
• SD-69880: Expand/Collapse option doesn't work in the History tab of any tasks under Requests.
• SD-70752: When technicians who are not SDAdmins add/edit resolutions to requests, they are unable to select and use resolution templates.
• SD-70741: When technicians who are not SDAdmins reply to requests, they are unable to select and use reply templates.
• SD-70521: When incoming emails with images are addressed to two custom groups with different aliases, they are created as two requests, but images appear only in one request.
• SD-70579: Requesters are able to delete approvers under the Approval tab of incident requests.
• SD-69279 : Text wrap is not applied for archived log's description in the work log list view.

Asset:

• SD-70717: When a software, initially with unspecified CI type is edited and saved, the CI type is set to null.

Reports:

• SD-66855: Task description field is missing in the custom reports for tasks.

Admin:

• SD-69050: Alternative email ids of the requesters listed in the CI info tab are encrypted twice.
• SD-68721: If any user group is saved without criteria, then user group specific service templates are not available for requesters.
• SD-68139: Mail fetching is stopped while receiving a push notification.
• SD-63913: If the TLS 1.0 is disabled in the mail server, then the mail fetching stops.
• SD-70442: Closure code and closure comment values for Resolved status are not maintained when the request is auto-closed.
• SD-70367: Support group's site ID in CI table of a referred site is updated as Null when default support group's site is updated.
• SD-69449: Unable to import users from AD if all the required OUs are selected.
• SD-69794: V1 GET_WORKLOGS API doesn't respond properly if the worklog field contains special characters.
• SD-70708: In privacy settings enabled builds, when users try to delete technician accounts accommodating special characters, the names appear broken in the anonymizing window.
• SD-70697: In privacy settings enabled builds, users are unable to delete technician accounts when their anonymous names hold the character, '%'.
• SD-70533: Mail fetching is ceased in large environments.

Others:

• SD-69436: While accessing AjaxServlet using an invalid argument, blank page with a 'null' text is displayed
• SD-70620: Users are able to upgrade the build to a higher version while running the server which results in a partial upgrade error.
• SD-70619: Users are able to proceed with the build upgrade after an exception error (for current and upgrade versions being the same) is thrown and this results in a partial upgrade error.

New Features in 9404 :

• GDPR
  • User privacy management : Handle personal data of users (both technicians and end users) in accordance with privacy regulations such as the GDPR. In the Request module, you can now mark out all fields that contain users' personally identifiable information (PII), making it easy for admins to identify what PII is collected and stored in ServiceDesk Plus. In addition, when users exercise their right to be forgotten, admins can anonymize the deleted users' names to random text and delete the associated PII from the application. Find this feature under Admin >> Privacy Settings. For more details, Click here.
• PM Tasks for Service Request - Plan your preventive maintenance tasks well in advance for service requests as well.

  Find the feature in Admin >> Organizational Details >> Preventive Maintenance Tasks.

• Custom Trigger Enhancements
  • Execute custom trigger actions for requests that contain replies and for approved/rejected requests.
  • Groups defined under other sites are now listed under criteria.
  • Requester name, sites and technician will now be listed under criteria.
  • Create triggers without any criteria. By default, this option is disabled. To enable, follow the instructions from the link

  Find the feature under Admin >> Custom Trigger >> Execute Actions.

• Technician Homepage Enhancements - Customize technician's home page by adding/organizing widgets, and changing the layout and background color.

  Find the feature under Home >> Customize.

• Export Requests - Select and export requests right from the list view, in various formats.

  Find the feature under Requests >> Actions.

• Organize Request Catalog - Easily sequence the templates under the request catalog to suit your requirements.

  Find the feature in Admin >> Service Catalog >> Reorder.

• Scribble Pad - Make simple, hurried notes in a jiffy using the all-new inbuilt scribble pad.

  Find the feature at the top right corner of the header pane.

• HTML Editor Enhancements - Edit email notification content as HTML and use $ to add variables to the content.

  Find the feature at Admin >> Notification Rules >> Customize template >> Edit HTML.

• Health Meter - Assess your application's health metrics in just a glance from the community tab.

  Find the feature under Community >> Health Meter.

• Unified Notification Rules - Customize and configure notification rules across modules under a single roof.

  Find the feature under Admin >> Organization Details >> Notification Rules.

• Admin Search Enhancement - Experience the enhanced admin search functionality with the categorically listed searched items.

  Find the feature in the Admin section.

• AMS Renewal - Be notified of the subscription expiry and apply for its renewal, right from the application.

  Find the feature under Technician Profile >> Get your new AMS.

Issues Fixed in 9404 :

• SD-69036 : Custom triggers are not executed for duplicated requests.
• SD-64060 : Custom triggers are not executed on requests that are generated from preventive maintenance tasks.
• SD-61050 : XSS vulnerable "JQuery" framework version (1.8.3) has been upgraded to stable version (2.2.4)

New Features in 9403 :

• SDF-69258 : Support for 'Georgian' language.

Issues Fixed in 9403 :

• SD-69139 : XSS vulnerability in Request API.
• SD-70508 : AD authentication doesn't work in the mobile client context.
• SD-70395 : In recently upgraded setups, start server/ shutdown server shortcuts does not work properly.
• SD-70341 : Due to the API calls restriction to Zoho Reports, the SDP-Zoho Reports integration fails.
• SD-70211 : Under "Requests by" filter in the dashboard, we are not able to access open/onhold/overdue tickets of technicians with commas in their names.
• SD-70148 : Field and Form Rules configured to modify resource sections do not work on the request details page for inline edits.
• SD-70138 : When starting ServiceDesk Plus by using the desktop icon, the browser is not automatically invoked.
• SD-70065 : For non-English language requesters, the request ID search throws an authentication error.
• SD-70000 : When data related to requests are partially added in mssql database, archiving/deleting a request from trash is not possible.
• SD-69808 : Under Quick Create, if we select a requester name and select a change template for that requester, the requester name gets swapped with the logged-in technician's name.
• SD-69350 : While copying a service template's FAFR to another service template, incident templates associated to service categories are listed in the "Copy rules to template(s)" drop-down.
• SD-69145 : When multiple API calls are made simultaneously in the request module, issues occur.
• SD-68637 : Under workflow, the Notify stage change to users value is not set when you modify the Move to stage & status filter.
• SD-65128 : In some scenarios, custom trigger list view disappears when a new custom trigger is added.
• SD-70509 : Sending task notifications to groups takes a lot of time.