LogonBox SSPR 2.4.13 – Now Available

Posted on by Lee Painter
Windows two-factor authentication

Introduction

LogonBox is pleased to announce the immediate availability of LogonBox SSPR 2.4.13.

This release includes easier banned password checking, new user filter options and better notifications for low license counts.

The changelog at the bottom lists all new features and bugs fixed.

Always check Banned Passwords option

Previously, if you needed to check the local banned password dictionary, you needed to copy an existing Password Policy, edit that policy to turn off Allow Banned Passwords, and assign it to your users.

This could get very complicated in cases where several password policies are in play.

Therefore, we have added a new switch in Banned Passwords->Settings, called Always check Banned Passwords.
If you enable this, no password policy overrides need to be created, and LogonBox will always check the banned password list before checking the password policy.

 

User Filters

A new Filter has been added to the User Directory page to show locked user accounts (Users that are locked).
This will quickly show you which users are locked in AD. Note that this is different from Users who are suspended, which shows LogonBox’s temporary local lockouts.

It is now also possible to set a default filter in User Directory other than All Accounts. To do so, navigate to User Directory->User Table Filter, where you can now set this default.

 

License low email notifications

Previously, your LogonBox server would send you an email notification when your license seats have run out.
We have now added a new feature that allows the server to email you when the license count is low.

To configure this, navigate to Messages and edit the License Count Low template.
In the template, you can configure the threshold at which to send the notification (the default is 10 license seats remaining).

 

Upgrade Instructions

You can directly upgrade from the web UI or the operating system.

To upgrade from the web UI, log on to your admin account, navigate to Server Status from the main dashboard, and click Update. If you have Updates, Features & Licensing->Update Prompt turned on, you may also be prompted automatically upon login.

 

To upgrade from the operating system:

On Windows – download the new installer, run the installer, and follow the prompts.

 

On a LogonBox VM – from a shell, type in:

apt update
apt upgrade

 

If you are still running a version before 2.3, you will need to perform some extra steps from the OS, as detailed here:

https://docs.logonbox.com/app/manpage/en/article/6172513

Our support team will upgrade Cloud customers over the coming week.

 

Changes

Here is a summary of the changes in this release.

Features

  • Added a new option in Banned Passwords to ‘Always check banned passwords’.
  • Added a new Filter on the User Directory page for ‘Users that are locked’.
  • Added a new option to set a default Filter on the User Directory page.
  • Added a ‘License Count Low’ email notification.
  • Changed the MYSQL database connection type to use the MariaDB driver.
  • Passwords can now be changed from My Profile->Change Password by pressing enter to submit the form.
  • Added a property to Security Questions fields to stop password manager autocompletes when setting up a new profile.

Bugs

    • Corrected the description of the HTML field in message templates.
    • The built in Everyone Role can now longer be renamed as this can cause permissions issues.
    • Authentication Flow names now need to be unique to avoid potential conflicts.
    • When an admin sets a password containing a > character, the resulting email no longer gets truncated.
    • User selective 2FA profile completion now works as expected on cloud tenants when Google Auth is the first module selected.
    • Reconciles can now be run on demand as expected via a webhook.
    • Clicking copy password on new user creation dialog no longer closes the dialog.
    • User Selective 2FA’s Default Credential option no longer blocks saving other settings in the same menu.
    • If Proactive Password Checking and Administrative Reset are on, then passwords can be changed within the min password age as expected.
    • Fixed up permissions relating to granting admin access to viewing Secondary User accounts.
    • Fixed up permissions relating to granting admin access to resetting passwords on Secondary User accounts.
    • Webhook authentication now works as expected.
    • Account suspended email messages are working again.
    • Removed options to select deprecated database types (Postgres, MSSQL, Derby).
    • Removed deprecated ‘Ignore User’ option from the user Actions menu.