NetIQ SecureLogin 8.8 enhances the product capability and resolves several previous issues.
Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs. You can post feedback in the SecureLogin forum on our community website that also includes product information, blogs, and links to helpful resources.
The documentation for this product and the latest Release Notes are available on the NetIQ website in HTML and PDF formats on a page that does not require you to log in. If you have suggestions for documentation improvements, click comment on this topic at the bottom of any page in the HTML version of the documentation posted at the NetIQ SecureLogin documentation page. To download this product, see the NetIQ Downloads website.
This release includes the following:
From SecureLogin 8.8, the SecureLogin and Advanced Authentication integration introduces following capabilities to enhance the user interface experience:
Option to customize the background image of the Kiosk window and the re-authentication login window
Option to customize the title of the Kiosk window and the re-authentication login window
Option to change the icon of the application that is launched for Kiosk or re-authentication
Support for all the Advanced Authentication methods.
For more information on how to configure these options, see Support for Advanced Authentication
in NetIQ SecureLogin Administration Guide.
From this release, SecureLogin supports HTML Basic Authentication using Single Sign-on Assistant 3.3. You can use Single Sign-on Assistant with Google Chrome and Mozilla Firefox browsers to use this feature.
For more information on how Single Sign-on provides HTML Basic Authentication, see Configuring HTML Basic Authentication for SecureLogin Using Single Sign-on Assistant
in SecureLogin Installation Guide.
From SecureLogin 8.8, you can use Java Single Sign-on (JSSO) APIs to perform the following configurations:
Provisioning of application credentials for a new user in SecureLogin
Linking the application credentials to a user and the application
Provisioning passphrase for a user
Removing the non-repudiation feature by encrypting users’ data using the new password without prompting for the passphrase answer
For more information on how to configure the APIs, see Using the Command Line to Configure the Java APIs
in SecureLogin 8.8 Java API Guide.
From SecureLogin 8.8, TLS 1.2 is utilized for secure communication over networks. Ensure the following key requirements before you install SecureLogin 8.8.
Some previous versions of Windows do not support TLS 1.2. It is recommended that you update your operating systems before you upgrade to SecureLogin 8.8. For more information on how to update your operating system to enable TLS 1.2, see Microsoft Support.
SecureLogin 8.8 can support TLS 1.1 only in the Lightweight Directory Access Protocol (LDAP) mode and the Active Directory Lightweight Directory Services (AD LDS) mode. It is not recommended to use TLS 1.1 because it is less secure than TLS 1.2 and it may open your deployment to security threats. However, if your environment does not allow you to use TLS 1.2, you can explore the following options.
To enable TLS 1.1 in the AD LDS mode, see Enabling TLS 1.1 In SecureLogin 8.8
in the SecureLogin Installation Guide.
To enable TLS 1.1 in LDAP mode, see Enabling TLS 1.1 In SecureLogin 8.8
in the SecureLogin Installation Guide.
From this release, the SecureLogin wizard can identify the dynamic controls and provide single sign-on. You are no longer required to write the single sign-on scripts to identify the dynamic controls. The commands like TextInput, ClickInput, and SelectOption provides better identification of UI elements or controls that can change location or order.
For more information on dynamic controls, see Support for Dynamic Controls
in NetIQ SecureLogin Application Definition Guide.
This release includes the following software fixes:
Bug ID |
Issue |
---|---|
1127178 |
When SecureLogin is installed without the Desktop option, single sign-on to the Citrix published applications fails. The following error message is displayed. Error when starting slwinsso.exe. |
1068347 |
When a workstation running on Windows 10 is not connected to the network, SecureLogin does not prompt the user for credentials. It displays a blank screen and single sign-on fails. |
1152740 and 1149831 |
SecureLogin stops working after upgrading to a newer version. slbroker.exe is listed in the Faulting application name field of the logs. |
1137795 |
SecureLogin does not display the user names in the login selection window. This issue occurs when multiple logins are configured for an application or a web page. |
1114738 |
SecureLogin converts the German umlauts to question (?) marks while saving the passphrase questions and passphrase answers. |
1134025 |
SecureLogin fails to provide single sign-on to the Java applications. This issue occurred while running the 32-bit Java applications on a 64-bit operating system. |
1129229 |
Upgrading or modifying the SecureLogin installation using the responsefile.ini does not work. |
1137252 |
SecureLogin does not retain the Syslog server custom configuration while upgrading to a newer version. |
1126793 |
SecureLogin does not support the realm or domain authentication in Mozilla Firefox and Google Chrome. |
1039550 |
SecureLogin does not specify credentials correctly in the embedded browser forms and fails to provide the single sign-on. |
1140283 |
When SecureLogin Manager is configured to disable the SecureLogin single sign-on for a user and then if the user logs in and open Firefox, multiple error messages are displayed. This issue occurs when Single Sign-on Assistant is installed on Firefox. |
1129743 |
When using Single Sign-on Assistant, the SecureLogin wizard does not work in the user mode. This issue is now fixed with following capabilities:
|
For information about hardware requirements, supported operating systems, and browsers, see System Requirements for SecureLogin
in SecureLogin 8.8 Quick Start Guide.
You can either upgrade from the previous versions of SecureLogin or perform a new installation. For information about how to install and how to upgrade, see SecureLogin Installation Guide.
NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently researched. For release specific issues, see previous releases’ release notes. If you need further assistance with any issue, please contact Technical Support.
Issue: SecureLogin displays the The wrong chain selected error message while re-authenticating a user. This issue occurs when Advanced Authentication is configured to include a chain that is not enrolled for the user. SecureLogin does not redirect user to the enrollment page. (Bug 1145298)
Workaround: There is no workaround for this issue.
Issue: When SecureLogin is installed in the eDirectory Novell Client mode, accessing the SecureLogin manager displays the Error initializing LDAP error message. (Bug 1158965)
Workaround 1: Specify Fully Qualified Domain Name (FQDN) in the SecureLogin manager to connect in the eDirectory Novell Client mode.
Workaround 2: Perform the following steps to workaround this issue.
Click Start > Run to open the Run dialog box.
Specify regedit and click OK to open Registry Editor.
Navigate to HKEY_LOCAL_MACHINE > SOFTWARE > Protocom > SecureLogin > LDAP Settings.
Right click and click New > String Value.
Rename New Value to SSL Cert File.
Double click SSL Cert File and specify the LDAP CA certificate path in Value data:.
If HKEY_CURRENT_USER contains the following registries, delete these registries.
NonSecureLDAPPort"=dword:00000001
SSL Cert File"="C:\\Program Files\\NetIQ\\SecureLogin\\rootcert.der
Issue: The SecureLogin wizard fails to identify the Windows Security Dialog Box and displays following message. (Bug 1158037)
Selected screen does not belong to the wizard enabled application.
Workaround: There is no workaround for this issue.
Issue: The New Logon Notification Form configuration fails because SecureLogin does not highlight the login fields on web browsers. This issue occurs when Windows is installed in Traditional Chinese. (Bug 1151163)
Workaround: There is no workaround for this issue.
Issue: The multi-factor authentication window prompts does not differentiate between the LDAP password and the password. For example, if a user is configured to specify the LDAP password followed with another password, SecureLogin displays the Enter Password message twice. It can prompt the user to specify the same password twice. (Bug 1150245)
Workaround: There is no workaround for this issue.
Issue: SecureLogin stops working during cache refresh when LDAP connection is unavailable. It causes the subsequent single sign-on operations to fail. When the LDAP connection is re-established, SecureLogin and the single sign-on operations starts working again. (Bug 1119284)
Workaround: There is no workaround for this issue.
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.microfocus.com/about/legal/.
© Copyright 2019 Micro Focus or one of its affiliates.