Privileged Account Manager 4.1 resolves several previous issues and contains improvements to existing features.
Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs. You can post feedback in the Privileged Account Manager Community Support Forum, our online community that also includes product information, blogs, and links to helpful resources.
The documentation for this product is available on the NetIQ website in HTML and PDF formats. If you have suggestions for documentation improvements, click the comment icon on any page in the HTML version of the documentation posted at the Privileged Account Manager Documentation website. To download this product, see the Software License and Download portal.
The following sections outline the key features and functions provided by this version, as well as issues resolved in this release:
This release introduces the following new features and enhancements:
Access Control is enhanced to support the below Resource Pools and respective Permissions:
LDAP Users/Groups from Advanced Authentication and RADIUS are supported in User Roles. For more information, see User Roles.
Database Users are supported in User Roles. For more information, see User Roles.
Database, Application and Key type resources are supported for Credential Checkouts in Resource Pools. For more information, see Components of Access Control.
Database and Application SSO resources are supported for Access in Resource Pools. For more information, see Database Servers and Application SSO.
Exceptions to block users' access on risky activities. For more information, see Configuring Exceptions.
For more information, see Access Control.
Privileged Account Manager has made several user experience improvements based on feedback from customers and users.
Database Connectors configuration is moved to Credential Vault in new administration interface. For more information, see Managing Database Connectors.
Settings from Reporting Console and Access Requests are migrated to the new administration interface. For more information, see Using Audit Settings, Using Encryption Settings, and Using Video Report Filter Settings.
The Access Requests setting has been moved to Settings > Server Settings from the Privileged Account Manager console. For more information, see Emergency Access Requests.
Filter options and Database selection on Audit Reports are supported in the new administration interface. For more information, see Creating Custom Reports.
SMTP and SysLog settings are migrated to the new administration interface. For more information, see Configuring SMTP Server Settings and Configuring Syslog Server Settings.
Change Password functionality is supported in the new administration interface. For more information, see Changing Password.
A new option is introduced to enable/disable Command Control. For more information, see Policy Engine.
RDP Direct is not accessible without a rule or permission created for any user and 'Troubleshooting user' option is added for RDP Direct for emergency situations. For more information, see Impact on Accessing Windows Resources on Which PAM Agent is Installed.
This release includes the following software fixes:
Component |
Bug ID |
Issue |
---|---|---|
User Interface |
316405 |
Users encounter the not authorized error message when switching between tabs in the Privileged Account Manager new user interface. |
Privileged Applications |
328145 |
Privileged applications do not work for certain non-Privileged Account Manager local users. |
Web RDP |
329221 |
The auto-disconnect session for command risk does not work with Web Agent RDP or Web Agentless RDP functionality. |
MyAccess Console |
327457 |
In certain configurations, an eDir user is unable to log in to Privileged Account Manager MyAccess Console after upgrading from 3.7 to 4.0. |
Reports |
321577 |
The All Sessions report does not display updated records at the top of the list and the Privileged Account Administrator has to use filter to view the latest records. |
Reports |
321626 |
While playing the audited agent-based sessions video, the video begins at a wrong starting point. |
Secondary Authentication |
327046 |
Enabling Bypass Secondary Authentication on externally mapped groups enforces the user to log in using second-factor authentication while logging in to the Privileged Account Manager console. |
Support for the following features is deprecated:
JNLP-Based SSH Relay Functionality: The Java Network Launch Protocol (JNLP) that enables an SSH application to be launched on a client desktop by using resources that are hosted on a remote web server will be deprecated in the future releases and only Web launch of SSH applications will be supported.
The Privileged Account Manager Reports console from the old user interface will be deprecated in future releases.
After installing Privileged Account Manager 4.1, download the software and the license from the Software License and Download portal. For information about how to download the product from this portal, watch the following video.
The following file is available with the Privileged Account Manager 4.1 release:
Table 1 File Available for Privileged Account Manager 4.1 Release
File/Folder name |
Description |
---|---|
netiq-npam-packages-4.1.0-0.tar.gz |
Contains Privileged Account Manager 4.1 .tar file. |
For information about hardware requirements, supported operating systems, and browsers, see Privileged Account Manager 4.1 System Requirements and Sizing Guidelines.
You can upgrade to Privileged Account Manager 4.1 from Privileged Account Manager 4.0 or later. When you upgrade to Privileged Account Manager 4.1, a rollback of packages to version 4.0 or an earlier version is not supported.
For information about upgrading to Privileged Account Manager 4.1, see Upgrading Privileged Account Manager
in the Privileged Account Manager Installation Guide.
Micro Focus strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact https://www.microfocus.com/support-and-services/.
Check-in Fails for ESXi Application with the Java Version 14
The SSH Web Relay Session Gets Disconnected When the Vault Is Configured with an OpenSSH Private Key
Enhanced Access Control Fails to Work on Solaris SPARC and HP-UX
Privileged Account Manager Does Not Recognize Double-byte Characters
Intermittent Issue Observed When RDP Direct Policy Is Invoked
License Summary Is Not Listed While Creating Database Vault for Monitoring
Issue: Check-in fails for the ESXi application with the Java version 14 when installed on Linux manager. (Bug ID: 184179)
Workaround: No workaround is available.
Use ssh-keygen -m pem format keys. (Bug ID: 189414)
Issue: MSI upgrade does not work with Privileged Account Manager 4.1. (Bug ID: 286190)
Workaround: Upgrade using Package Manager.
No workaround is available. (Bug ID: 305031)
No workaround is available. (Bug ID: 329152)
Issue: A Privileged Account Manager agent crashes and restarts multiple times displaying the error: Exception code: C0000005 ACCESS_VIOLATION. (Bug ID: 319098)
Resolution: Several changes have been made in Privileged Account Manager Windows agent to handle the synchronization of video processing, possible memory leaks, and general error cases which address the issue in most customer deployments. However, there could be instances where the issue might continue to occur with much lower frequency.
Workaround: Restart Privileged Account Manager service or reboot the Windows server.
Issue: An intermittent issue is observed when RDP Direct policy is invoked with Authorized No and a browser based application is launched for Web Application SSO. (Bug ID: 336035)
Workaround: No workaround is available.
Issue: Emergency access for Application SSO does not work and the administrator is unable to approve connected requests. (Bug ID: 338033)
Workaround: No workaround is available.
No workaround is available. (Bug ID: 348028)
For specific product issues, contact Micro Focus Support at https://www.microfocus.com/support-and-services/.
Additional technical information or advice is available from several sources:
Product documentation, Knowledge Base articles, and videos: https://www.microfocus.com/support-and-services/
The Micro Focus Community pages: https://www.microfocus.com/communities/
© Copyright 2021 Micro Focus or one of its affiliates.
The only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice.
For additional information, such as certification-related notices and trademarks, see http://www.microfocus.com/about/legal/.