NetIQ SecureLogin 8.5 Service Pack 3 (SP3) enhances the product capability and resolves several previous issues.
Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs. You can post feedback in the NetIQ SecureLogin forum on NetIQ Communities, our online community that also includes product information, blogs, and links to helpful resources.
The documentation for this product and the latest Release Notes are available on the NetIQ website in HTML and PDF formats on a page that does not require you to log in. If you have suggestions for documentation improvements, click comment on this topic at the bottom of any page in the HTML version of the documentation posted at the NetIQ SecureLogin documentation page. To download this product, see the NetIQ Downloads website.
This release includes the following:
This release includes the following software fixes:
Smart Card Pin Auto-fill Does Not Work For Second Application
Performance Issue During Smart Card Pin Auto-fill While Using .Net Applications
SLdotnetsso.exe Does Not Start Even When It Is Enabled In .Net Preference
Single Sign-on Fails Occasionally for the Applications that Use Oracle Forms with JRE 1.7
Windows Event Viewer Logs Display ElementNotAvailableException When Using .Net Application
Some Script Functions Do Not Work For 32-bit Applications Running On 64-bit Systems
Issue: Smart Card pin auto-fill does not for the second application. This issue occurs on Microsoft Office applications that require .Net Framework for single sign-on. (Bug 1054440)
Fix: With this release, WinSSO and DotNetSSO are modified to fix this issue.
Issue: The single sign-on for .Net based thick applications takes longer time when smart card pin is required. (Bug 1041731)
Fix: With this release, WinSSO and .Net worker are modified to reduce the single sign-on time.
Issue: SecureLogin does not detect any .Net application for single sign-on because SLdotnetsso.exe does not start.
It happens because SecureLogin always considers the value that is set in the DisableDotNetSSO registry setting. If the DisableDotNetSSO registry is set to 1, SLdotnetsso.exe will not start even if Start WindowsAutomation(DotNet) monitor/automation worker is set to Yes. (Bug 1047664)
Fix: From this release, SecureLogin considers the value set for Start WindowsAutomation(DotNet) monitor/automation worker irrespective of the DisableDotNetSSO registry setting.
Issue: Single sign-on fails to the applications that use Oracle forms with JRE 1.7+ client environments, for example while using Retiro application. This issue happens when application startup session is slow. (Bug 1043453)
Fix: With this release, JRE 1.7+ environment startup monitoring is improved to allow delay in case of security prompts and slow server responses. It facilitates reliable identification of Oracle forms desktop which notifies SecureLogin for window creation events to perform single sign-on.
Issue: When SLdotnetsso.exe is running, closing a .Net applications can generate the ElementNotAvailableException error in windows event viewer. It happens because SecureLogin keep processing the events of the application that was closed. (Bug 1041761)
Fix: From this release, when an application is closed, SecureLogin stops processing the events of that application.
Issue: When users log off, the slbroker main function clears data from BrokerAPI library. SLbroker.exe closes abruptly if the BrokerAPI library data is already cleared by other function. (Bug 1047667)
Fix: From this release, BrokerAPI library data objects are aligned to their specific functions. It ensures that a single instance is not maintained for a process and functions delete only their specific data objects.
Issue: SSONSVR.exe (Citrix single sign-on module) fails to start when SecureLogin is listed above Citrix Receiver in network provider order. SecureLogin is listed above Citrix Receiver in network provider when you install Citrix Receiver after SecureLogin. (Bug 1027767)
Fix: With this release, SLCredMan.dll is modified to write registry credentials in HKLM. After login SLbroker.exe will move the registry credentials from HKLM to HKCU. It ensures that SLCredMan.dll keeps working and does not conflict with Citrix single sign-on module.
Issue: Some re-named users are prompted for passphrase during login. (Bug 1038552)
Fix: With this release, the buffers that contains username and password are modified to fix this issue.
Issue: The GetCommandLine and ReadText script functions fail when used on a secured password field. This issue occurs for 32-bit applications running on 64-bit systems. (Bug 1057696)
Fix: From this release, WinSSO is modified to fix this issue.
For information about hardware requirements, supported operating systems, and browsers, see Prerequisites, NetIQ SecureLogin Quick Start Guide.
You can either upgrade from the previous versions of SecureLogin or perform a new installation. For information about how to install and how to upgrade, see NetIQ SecureLogin Installation Guide.
NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently researched. For release specific issues, see previous releases’ release notes. If you need further assistance with any issue, please contact Technical Support.
Issue: The following issues occur when Internet Explorer is opened in protected mode:
SecureLogin does not work properly when you switch between web pages that are in different security zones and require different protected mode settings. (Bug 1041750)
For example, when you open a web page in a new tab while a web page that belongs to a different security zone is already open, single sign-on to the new web page fails.
Internet Explorer stops working when you access web pages from different security zones. The Internet Explorer protected mode blocks Browser Helper Object when you open web pages from different security zones because zone based security is configured to allow only a few zones to operate in protected mode. (Bug 1041746)
Workaround: Make sure that you list all the web pages that you access in the Trusted Sites list of Internet Explorer. You can also specify IESSOBHO=0 to ignore protected mode rules.
Issue: When the existing data is encrypted using AES and multiple instances of SecureLogin are running then a warning message is displayed for each application before data migration. AES encrypts the data using first instance and by the time second instance starts encryption, the data is already migrated. The second instance considers the existing data as invalid and prompts users to confirm if they want to re-encrypt the existing data using AES. (Bug 1041755)
Workaround: Restart SecureLogin before you upgrade to make sure that only one instance of SecureLogin is running during upgrade.
Issue: Outlook takes longer time to open encrypted emails after initial start. It occurs because .Net takes longer time to respond to sldotnetsso.exe. (Bug 1042173)
Workaround: There is no workaround for this issue because SecureLogin cannot resolve .Net Framework limitations.
Issue: If SecureLogin is installed in standalone mode when local cache from a different mode exists, it fails to start. (Bug 1059191)
Workaround: Perform the following steps to workaround this issue:
Use the sltray /forceshutdown command to close SecureLogin.
Stop all the SecureLogin processes using Task Manager.
Delete the existing cache of previous SecureLogin installation.
Set the HKEY_CURRENT_USER\Software\Protocom\SecureLogin\SeamlessStandalone registry to 1.
Start SecureLogin using the sltray command.
For information about NetIQ legal notices, disclaimers, warranties, export and other use restrictions, U.S. Government restricted rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.
© 2017 NetIQ Corporation. All Rights Reserved.
For information about NetIQ trademarks, see https://www.netiq.com/company/legal/. All third-party trademarks are the property of their respective owners.