How can we help?

Netsweeper 7.2.3 EA

Follow

Netsweeper 7.2.3 EA is now available for early adopters with major improvements made for the Active-Active WebAdmin deployments. In addition, First Name and Last Name fields have been added to the WebAdmin Clients which are synchronized from Directory Sync allowing for Reports to be made using the users First Name and Last Name rather than the username.

The Netsweeper 7.2 release is available on both EL6 and EL8.

Over the course of the 7.2 release cycle, we will be finalizing the EL8 release. Moving forward to Netsweeper 8 releases, we will no longer be releasing new features for the EL6 builds. Netsweeper will continue to provide security fixes to the EL6 builds but will not provide new features to the EL6 based release. Customers are expected to plan a migration to EL8 between now and 2023 if they desire the new features we are introducing.

Netsweeper 7.2.3 New Features

Security

  • Improved security of the Netsweeper installed product for the EL8 installation has been added with improved security features for the EL8 based Netsweeper installation
  • OS level password reuse, expiry, and change requirements added

Clients

  • First Name, Last Name, and Email have been added for the Client functionality (WebDB, Policy Service, WAgent, DirSync, Import/Export

Logging

  • First Name, Last Name, Email, and Organization added to Logging and Reporting
  • Logging can now extract the organization part from the Client name or Group name

APIs

  • New arguments added to listmanager_add_list
  • client_add and client_modify now include firstname, lastname, email, comments, and workstation

Change Log 7.2.3

Ticket Type Description
23343 FEATURE When importing a List, entries which do not match the List's allowed Types and Parts will not be imported.
24759 FEATURE A new 'Comment' argument has been added to the listmanager_add_list API. This is a separator delimited list of comments or a single comment for all entries.
24845 BUG When listing entries with no limit using the listmanager_list API, if more than the Maximum results per page setting would be displayed, an error will be returned before trying to get the results. In addition, listmanager_list_count will no longer exhaust memory for requests with a large number of entries.
24870 FEATURE The listmanager_add_list API has a new 'ignorefail' argument that does not stop the list import due to duplicate entries. If ignore_fail is set, it will not stop and display an error if a failure occurs, all errors will be displayed at the end instead.
24937 SECURITY For CIS, excessive MySQL user privileges would allow Arbitrary File Read and potential RCE via SQL Injections.
25004 SECURITY Security related headers recommended by Mozilla Observatory have been added.
25011 FEATURE The firstname, lastname, and email have been added to the client table.
25012 FEATURE The 7.2.3 release for WebDB can now send the firstname, lastname, and email to the 7.2.3 releases and above.
25013 FEATURE The Policy Service can now load and handle the new firstname, lastname, and email for dbip, dbsubnet, and and dbclientname.
25014 FEATURE The new firstname, lastname, email, and orgid have been added to the logger, (protocol, and log files).
25015 FEATURE The Reporter can now process firstname, lastname, email, and orgid.
25016 FEATURE The Workstation Agent can now clone the firstname, lastname, and email attributes when the Group Lookup is based on 'Username'.
25018 FEATURE Directory Sync for AD, Azure, and Gsuite can now sync the FirstName, LastName, and Email attributes.
25019 FEATURE WebAdmin Client Import/Export now supports Firstname, Lastname, and Email.
25021 FEATURE client_add and client_modify API arguments now include firstname, lastname, email, comments, and workstation.
25022 FEATURE Logging can now extract the organization part from the Client name or Group name. Two new options have been added to the Policy Server configuration: orrgid_populate_from_clientname and orgid_populate_from_groupname.
25023 UPDATE Security Labels have been updated to work for multiple WebAdmins.
25031 BUG NSProxy was not trusting sites with multiple certs. Expired and invalid certs are now removed from the server when trying to complete the AIA download.
25051 FEATURE Syslog now has FirstName, LastName, Email and Organization ID.
25053 FEATURE The list_entry_delete_bulk API can now process either a list of ids or a listname, item, type, and part.
25072 SECURITY For CIS, systemd mount points have been created.
25073 SECURITY CIS 1.1.21 all world writable directories removed from our install to avoid setting sticky bit.
25074 SECURITY USB Storage has been disabled for CIS 1.1.23.
25076 SECURITY Sudo log files have been added in CIS 1.3.3.
25077 SECURITY For CIS, default system sysctl settings have been created for security.
25078 SECURITY For CIS, the iptables have been enabled by default in the EL 8 release with some default rules.
25079 SECURITY rsyslog default file permissions have been configured for CIS 4.2.1.3.
25080 SECURITY Permissions on all log files are configured and all log files are properly rotated.
25081 SECURITY SSH access is now limited to the admin user in CIS 5.2.2.
25082 SECURITY SSH max sessions is now set to 4 or less in CIS 5.2.19.
25084 SECURITY A new authselect profile, along with password length, age, and other requirements, has been configured.
25085 SECURITY For CIS, OS level password reuse requirements for the admin are now set and a new password cannot be the same as previous 5 passwords.
25086 SECURITY For CIS, the OS level password now must expire in 90 days and the admin cannot change it again within 7 days.
25087 SECURITY For CIS, the default user shell timeout is now 900 seconds or less.
25088 SECURITY For CIS, log files are now properly rotated.
25102 BUG The empty screenshot field contained corrupt data when added to syslog.
25106 BUG The remotereporter config did not load Up2Date settings.
25107 BUG The Account Permissions List showed the permissions as though the permission templates were applied in reverse order.
25125 BUG Stopping the Database service on a remote server in the WebAdmin would prevent remote admin authentication.
25127 BUG The 'Edit Config' link for the Up2Date service in the 'Services' page was not displaying. It now displays on all servers including the primary WebAdmin.
25129 BUG Removed database queries made by nsup2d modules so that all information is loaded using webdb for remote database setups. Fixed some php errors and added error logging.
25142 BUG Clicking the server name in the Services > Host window, opened the old 'Server Manager' page.
25147 UPDATE For remote databases, the WebAdmin service in EL 8 does not require mariadb.

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request