Imprivata Privileged Access Management Product Update 2.3.201903242218

March 24, 2019

PAM Update: adds font smoothing option for RDP sessions, LDAP heartbeat script, and Windows Scheduler tasks updates after password reset

This update adds support for controlling font smoothing for Windows Host sessions, adds support for updating Windows Scheduler after resetting account password, adds heartbeat script for LDAP accounts and adds a preference to optionally enable Ctrl-C/Ctrl-V hot keys to simplify clipboard operation.

Added support for controlling font smoothing option for Windows Host sessions

Font smoothing option in RDP sessions will produce nice font rendering during Windows connections at the expense of the increased network traffic.

Use System Preference Session RDP Font Smoothing to enable the option for the whole system or for individual users, or record type field named FontSmoothing for record level control

Added support for updating Windows Task Scheduler after resetting local or domain account password

Local or domain account password reset will invalidate dependent services and scheduled tasks run as the account involved in the password reset.

The new update brings task scheduler updates after password reset event for dependent tasks on the dependent computers to complement the already existing options to update dependent services.

Added heartbeat script for Active Directory and LDAP accounts

This update brings a check status heartbeat script for Active Directory and LDAP accounts to monitor password health and watch for unauthorized tempering with the user directory.

Added default system export configuration as a daily automatic export with a weekly retention time

This update enables system export configuration as a daily automatic export with a weekly retention time for all new deployments.

We would recommend enabling similar automatic export schedule for existing installations to allow recovery and break glass procedures

Added the option to enable application performance logging for troubleshooting purposes

The update introduces performance logging generating system environment log as well as periodic log messages about the system status and vital system parameters.

Performance analysis is important to understand the overall load on the system including details about components producing such load to decide about directions to extend or scale the system.

Performance logging could be enabled by adding xtam.perflog.enabled=true parameter to the system properties file.

After system restart, the performance logging will be generated in the perf.log file in the system logging folder. System environment dump upon the system startup could be enabled by xtam.perflog.dump_attributes=true parameter.