More Updates with LogonBox SSPR 2.3.17

Windows two-factor authentication


LogonBox is pleased to announce the immediate availability of LogonBox SSPR 2.3.17.
This release includes performance improvements for profile checking and Secure Nodes, as well as extended features for Password Expiring alerts and RDP support for the Credentials Provider.

Profile Checking improvements

Every 24 hours, your LogonBox server runs a profile update for all users, where it will check that all users have all the required information they need to perform a password reset.
These checks are part of the Profile Reminder feature, which can email all users who still have missing information to help your users get signed up with LogonBox.

Previously, these profile checks could take up to 12 hours to complete for large user counts and consume a large amount of CPU time.
These checks have had some performance improvements, which now run 20-100 times quicker during testing. Profile update checks are now complete within minutes.

New Password Expiring notification features

If you have a Secondary Directory configured and you have linked users from this Secondary to your Primary user directory, Password Expiring alerts can now run against these linked accounts.
To do this, turn on ‘Check linked accounts’ when you edit the Password Expiring message template.

LogonBox can now also run Password Expiring alerts for active users only. With this option turned on, accounts which will not be able to reset their passwords via the LogonBox server will not receive any emails. Or in other words, only accounts with complete or partially complete profiles will receive notifications.
To turn this feature on, enable ‘Only send to active users’ when you edit the Password Expiring message template.

Secure Node improvements

Secure Node now has a smaller memory footprint per open connection.
Secure Node clients will automatically update themselves when the server is updated to keep the versions current with the server code.
Note: For the automatic client updates to work, you may need to reinstall the 2.3.17 version of the Secure Node client software.

RDP support for the Desktop Credentials Provider

Multi-factor authentication now works when connecting to a server via RDP that has the Desktop Credentials Provider installed.

Upgrade Instructions

You can directly upgrade from the web UI or the operating system.

To upgrade from the web UI, log on with your admin account, navigate to Server Status from the main dashboard and click Update. You may also be prompted automatically on login if you have Updates, Features & Licensing->Update Prompt turned on.

To upgrade from the operating system:

On Windows – download the new installer, run the installer, and follow the prompts.

On a LogonBox VM – from a shell, type in:

apt update
apt upgrade

If you are still running a version before 2.3, you will need to perform some extra steps from the OS, as detailed here:

Our support team will upgrade Cloud customers over the coming week.


Here is a summary of the changes in this release.


  • Profile checks are now significantly quicker.
  • Password Expiring alerts can now run against linked accounts on a secondary directory.
  • Password Expiring alerts can also run for active users only.
  • Secure Node now has a smaller memory footprint per connection.


  • Users no longer get a JSON 404 error when the Password Server feature is enabled.
  • Fixed a memory leak in Secure Node on the server side.
  • Secure Node clients now automatically upgrade themselves again
  • Geo IP Restrictions now support a more extensive list of countries in a single rule (it was previously limited to around 52 countries)
  • The defaults for the database connection pool size are limited to a value which will not run out of connections to the underlying MariaDB database.