Netsweeper 7.2.4 EA is now available for early adopters with major improvements to stability, security and advancements made for the Active-Active WebAdmin. Customers running 7.2 should upgrade to the 7.2.4 release as we continue to fix major defects and finalize features.
The Netsweeper 7.2 release is available on both EL6 and EL8. Over the course of the 7.2 release cycle, we will be finalizing the EL8 release. Moving forward to Netsweeper 8 releases, we will no longer be releasing new features for the EL6 builds. Netsweeper will continue to provide security fixes to the EL6 builds but will not provide new features to the EL6 based release. Customers are expected to plan a migration to EL8 between now and 2023 if they desire the new features we are introducing.
Netsweeper 7.2.4 New Features
Active-Active WebAdmin Support
- Directory Sync can now be run on multiple Active-Active WebAdmin servers at the same time
- Per domain Directory Sync Interval or Timing and logging level added
- Directory Sync fields for Status, Sync Server, Sync Time, and Last Sync Date have been added to accommodate Multi Server Directory Sync
- WebAdmin Backup allows the selection of WebAdmin servers based on the WebAdmin URL in Security Labels
- Refactored to use the hostname of the server and not the IP Status
- Status window (EL 8) shows the version, current time, and CA Certificate information
Change Log 7.2.4
| Ticket | Type | Description |
| 21456 | FEATURE | For Directory Sync, per server or domain Directory Sync Interval or Timing and logging level have been added. |
| 21457 | FEATURE | DirSync is now able to run multiple syncs and have different domains sync at the same time. |
| 24576 | FEATURE | WebAdmin Backup now supports Active-Active WebAdmin and allows the selection of WebAdmin servers based on the WebAdmin URL in Security Labels. |
| 24965 | SECURITY | There is improved NGINX security based on the NGINX security report. |
| 25089 | SECURITY | To prevent time-based user enumeration, Account signup emails are always sent and, if signing up for a specified email, it is not allowed, and a special message is sent instead of a signup link. |
| 25116 | SECURITY | All logfile permissions are configured for CIS 4.2.3. |
| 25138 | SECURITY | Reflected Cross-Site Scripting is fixed for view report API. |
| 25140 | SECURITY | Time-Based SQL Injection is fixed for the Report API. |
| 25144 | FEATURE | Security Labels are now refactored to use the hostname of the server and not the IP. |
| 25145 | FEATURE | In El 8, the Administration > Status window now shows the version, current time, and CA Certificate information. |
| 25148 | FEATURE | DirSync functionality is now available for the Active-Active WebAdmin. |
| 25153 | FEATURE | Third party license file has been added to the release in /usr/local/netsweeper/etc/LICSENSE.MD. |
| 25162 | FEATURE | New fields: Status, Sync Server, Sync Time, and Last Sync Date have been added to accommodate Multi Server Directory Sync. |
| 25164 | SECURITY | Identical status codes and server responses have been implemented in the Reporter to prevent 'user enumeration'. |
| 25165 | SECURITY | A permission check has been added to the Deny Page Editor. |
| 25166 | SECURITY | The full path details are now hidden in Report error messages. |
| 25167 | SECURITY | The 'Send Report by email' has been improved and the webserver address for links in the email are now not sent. |
| 25168 | SECURITY | A security key check has been added to email reports to prevent unauthorized access. |
| 25169 | SECURITY | Users can now only receive links to their own Reports. |
| 25170 | SECURITY | Multiple limited reflected cross-site-scripting problems have been fixed. |
| 25180 | SECURITY | Report export now limits Reports to the ones owned by the users that they can see. |
| 25186 | BUG | Archived Log viewer for files would only show one kind of string from the whole file. |
| 25188 | BUG | CC and BCC email selections were not working when emailing Reports. |
| 25189 | FEATURE | NSProxy Client Filter compatibility fixes for SNMP library and OpenSSL 1.1 have been added. |
| 25202 | BUG | The list_entry_delete_bulk API was not working correctly for type and part filtering when specifying bulk delete by item. |
| 25210 | BUG | When the database password was wrong it caused a segfault. |
| 25212 | FEATURE | You can now set up Sync Interval, Log Level and DisabledUser for each domain for irectory Sync. The Settings button on the Directory Sync page has been removed and these settings can now be set when editing or adding a Search Base. |
| 25216 | DOCUMENTATION | ssl_gen_key description has been updated in NS Proxy configuration and in documentation. |
| 25224 | UPDATE | The Security Labels page has been updated to be clearer. |
| 25225 | BUG | The El 6 7.2.3 release would not display inline images in the Deny Page due to the Content Security Policy header directive. |
| 25235 | FEATURE | An error log has been added when failing to read directory entries from Azure or Google. |
| 25240 | BUG | The El 6 Request Logs view would stop updating after the first page is full and the Apache web server would crash. |
| 25241 | BUG | Memory leaks for the new Client fields have been fixed. |
| 25251 | BUG | Adding Groups with @org, when there are Accounts with "manage all organizations" permission, did not work properly. |