Release 5.3

September 2019

Directory Server failover (AAAS-15941)

The Directory configuration now allows administrators to add multiple directory servers for failover in case a directory cannot be reached.

Note: For Enterprise Service Gateways prior to 5.3, only the first directory server in the list is used.

Resource rule evaluation (AAAS-18272)

The authentication Audit Details has been enhanced to include information on the resource rule used, risk level produced, risk points assessed, authenticators used, and if available, the result of the resource rule evaluation.

Export user directory attributes (AAAS-17583)

When you export users from the Users List page, you now have the option to export the Directory ID, Directory Object UUID, and the Directory Name.

Test ActiveSync connection (AAAS-16934)

The ActiveSync Access page includes a Test Connection button to test the connection to your Microsoft Office 365 server.

ForgeRock OIDC template (AAAS-17863)

A ForgeRock OIDC template is now available. Use this application template to quickly configure ForgeRock for IntelliTrust authentication.

User portal password change (AAAS-16376)

Users now have the ability to change their Active Directory password in the IntelliTrust User Portal. Users need a current password to be able to successfully change it to a new password.

Delete multiple reports (AAAS-18235)

The Reports page has been enhanced to allow deleting multiple reports simultaneously.

UI Enhancement (AAAS-16826)

The following enhancements have been made to the UI:

• The search experience has been enhanced for the Users, Reports, Audits, Grid Cards, and Hardware Tokens tables.
• User search has been enhanced to allow for the following:
• Users belonging to a group
• Users who have a specific role
• Users who have or do not have a specific authenticator

Changes to IntelliTrust APIs

The following have been changed in the IntelliTrust Administration APIs:

• New methods getAccountInfoUsingGET and updateAccountInfoUsingPUT that allow you to manage account information including the ability to update the account company name and legalAcknowledged flag
• New attribute defaultRole in the RoleUser object returned for each role returned by listSiteRolesUsingGET. This attribute indicates whether the role is a default system role.
• New attribute directoryObjectGUID in the User object returned by various user methods. This attribute contains the objectGUID of the user in the directory if that user was synchronized from a directory.
• New attribute lockedAuthenticatorTypes in the User object returned by various user methods. This attribute specifies which of a user’s authenticators are currently locked.
• New attribute directoryConnection is returned as part of Get directories call. This attribute lists the directory connections for a directory.