IBM Support

Supplementary release notes for IBM Security Access Manager for Enterprise Single Sign-On 8.2.2

Question & Answer


Question

This document describes the different releases, issues, and limitations for IBM Security Access Manager for Enterprise Single Sign-On version 8.2.2.

Answer

2023-10: Web extension updates – Mozilla Firefox

Date Released: 30 October 2023
General defect fixes.

Mozilla Fire fox web extension
The following defect or issues are resolved:
  • Manifest version upgraded from V2 to V3.

For more information, see Mozilla Firefox web extension.

2023-10: Web extension updates – Google Chrome

Date Released: 30 October 2023
General defect fixes.

Google Chrome web extension
The following defect or issues are resolved:
  • Security vulnerability related to Jquery.js is addressed and the version is upgraded to the latest recommended version. Manifest version upgraded from V2 to V3.

For more information, see Google Chrome web extension.

2023-10: IMS Server Fix Pack 16

Date Released: 30 October 2023
IMS Server
 
Defect
    Security vulnerabilities related to json.jar were addressed and version was upgraded to latest recommended version.
For more information, see 8.2.2-ISS-SAMESSO-IMS-FP0016.

2023-06: Microsoft Windows 10 Version 22H2 support

Date Released: 30 June 2023
Compatibility support update:
  • Windows 10 Version 22H2
    Windows 10 Version 22H2 is now supported starting from AccessAgent Fix Pack 33, together with the latest web extensions.

2023-06: Web extension updates – Microsoft Edge (Chromium) and Mozilla Firefox

Date Released: 30 June 2023

General defect fixes.


Microsoft Edge Chromium web extension
The following defect or Security issues are resolved:
  • Security vulnerability related to Jquery.js is addressed and the version is upgraded to the latest recommended version and Manifest version upgrade from V2 to V3.

For more information, see Edge Chromium extension.

Mozilla Fire fox web extension
The following defect or issues are resolved:
  • Security vulnerability related to Jquery.js is addressed and the version is upgraded to the latest recommended version.

For more information, see Mozilla Firefox web extension.

2023-06: IMS Server Fix Pack 15

Date Released: 30 June 2023
IMS Server
 
Defect
    Security vulnerabilities related to xstream.jar, el-ri.jar, ognl.jar, spring-webflow.jar and log4j.jar were addressed and versions were upgraded to latest recommended version for all 5 vulnerabilities.
For more information, see 8.2.2-ISS-SAMESSO-IMS-FP0015.

2023-04: IMS Server Fix Pack 14

Date Released: 05 April 2023
IMS Server
 
Defect
    Security vulnerabilities related to commons-io, commons-collections and commons-fileupload were addressed and versions were upgraded to latest recommended version for all 3 vulnerabilities.
For more information, see 8.2.2-ISS-SAMESSO-IMS-FP0014.

2022-12: Version 8.2.2.35

Date Released: 30 December 2022
Defect
  • There were some files that retained the old signature, this issue is fixed in FP35 and now all the release artifacts (*.exe and *.dlls) have been digitally signed and stamped by Symantec with SHA 256

For more information, see 8.2.2-ISS-SAMESSO-AA-FP0035.

2022-12: Microsoft Windows 11 support

Date Released: 30 December 2022
Compatibility support update:
  • Windows 11
    Windows 11 is now supported starting from AccessAgent Fix Pack 33, together with the latest web extensions.
Note: Smart card is not certified with Microsoft Windows 11

2022-12: Web extension updates for Microsoft Edge (Chromium)

Date Released: 30 December 2022

The following APAR is resolved:

  • APAR IJ43881
    Added additional checks for “Negotiate” and “ntlm” authentication header scheme.
For more information, see Edge Chromium extension.

2022-06: Microsoft Windows 10 Version 21H2 support

Date Released: 30 June 2022
Compatibility support update:
  • Windows 10 Version 21H2
    Windows 10 Version 21H2 is now supported starting from AccessAgent Fix Pack 33, together with the latest web extensions.

2022-03: IMS Server Fix Pack 13

Date Released: 30 March 2022
IMS Server

Defect
  • Security vulnerabilities related to log4j were addressed and log4j 1.x versions were upgraded to latest recommended version for log4j 2.x.
For more information, see 8.2.2-ISS-SAMESSO-IMS-FP0013.

2022-01: Web extension updates - Microsoft Edge Chromium and Google Chrome

Date Released: 11 January 2022
General defect fixes.

Microsoft Edge Chromium web extension
The following defect or APAR is resolved:
  • APAR IJ36262, IJ36263
Broker exits after a while due to network error between web extension and broker.

For more information, see Edge Chromium extension.

Google Chrome web extension
The following defect or APAR is resolved
  • APAR IJ36262, IJ36263
Broker exits after a while due to network error between web extension and broker.

For more information, see Google Chrome web extension.

2022-01: IMS Server Fix Pack 12


Date Released: 11 January 2022
IMS Server

Security related fixes in Authentication, Session Management, enhanced security using HTTP security headers were addressed and fixed as listed below:
  • Session fixation issue for AccessAdmin.
  • Enhanced HTTP security headers (Clickjacking, Missing Security Headers, Missing Cookie Attributes, Cacheable HTTPS Response, HTTP Headers Information Disclosure) for AccessAdmin and webconf.
  • Guidelines for Password Policy.
  • Cross-Site Request Forgery.
  • Host Header Injection.
Defect
  • Security vulnerabilities related to log4j are addressed and fixed.
For more information, see 8.2.2-ISS-SAMESSO-IMS-FP0012 Readme.

2021-12: IMS Server Interim Fix IF0011

Date Released: 15 December 2021
IMS Server
Defect 
  • Fix for Critical PVR0310118: Global threat CVE: Log4j -CVE-2021-44228 (Publicly disclosed vulnerability).

2021-09: Version 8.2.2.33

Date Released: 30 September 2021
Enhancements
 
AccessAgent
 
Compatibility Update
  • Windows 10 Version 21H1
    Windows 10 Version 21H1 is now supported starting from AccessAgent Fix Pack 32, together with the latest web extensions.
  • Firefox web extension
    Mozilla Firefox ESR 91 is now supported.
 
The following defects or APARs are resolved:
 
AccessAgent
  • APAR IJ34960
    Problem in credential injection handling for AngularJS application in IE with FP 32.
  • Digital signing is modified for time stamp server and Sha1 removal.
For more information, see the 8.2.2-ISS-SAMESSO-AA-FP0033.

2021-08: Web extension updates - Microsoft Edge Chromium Extension Update

Date Released: 16 August 2021

The following defect or APARs are resolved:

  • APAR IJ33486
    After clicking OK on the SSO user selection screen, the original screen does not return.
  • Digital signature added for files .vbs and .ps, and Edge Chromium-extension.uninstaller.exe.

2021-06: Web extension updates - Microsoft Edge Chromium and Google Chrome

Date Released: 30 June 2021

General defect fixes.

Microsoft Edge Chromium web extension
The following defect or APAR is resolved:

  • APAR IJ33252
    Auto injection of credential does not work for web application requiring NTLM authentication.

For more information, see Edge Chromium extension.

Google Chrome web extension
The following defect or APAR is resolved

  • APAR IJ33253
    Single sign-on does not work if the password contains special characters other than ASCII.
  • APAR IJ30830
    Garbled characters display when a profile is created on a webpage having characters other than ASCII.

For Google Chrome, see Edge Chromium extension.

2021-03: SAP GUI 7.6 and Microsoft Windows 10 Version 20H2 support

Date Released: 31 March 2021

Compatibility support updates

The following APAR is fixed:

  • Windows 10 Version 20H2
    Windows 10 Version 20H2 is now supported starting from AccessAgent Fix Pack 32, together with the latest web extensions.
  • SAP GUI 7.6 support
    The SAP GUI AccessProfile is now updated and optimized for SAP GUI 7.6.
    For more information, see the AccessProfile Library.

2021-03: Edge Chromium extension update

Date Released: 1 March 2021

Extensions

The following APAR is fixed:

  • APAR IJ30830
    Garbled characters are displayed when an AccessProfile is created on a web page having characters other than ASCII values.
For more information, see Edge Chromium extension.

2020-12: IMS Server Fix Pack 10

Date Released: 30 Dec 2020

IMS Server

  • TAMESSOIMSKeyStore certificate conversion from SHA1 to SHA2 is now supported.
The following APAR is fixed:
  • APAR IJ24922
    Content Security Policy (CSP) is not implemented.
For more information, see 8.2.2-ISS-SAMESSO-IMS-FP0010 Readme.

2020-09: Microsoft Windows 10, Version 2004 support 

Date Released: 30 September 2020

Compatibility update

Windows 10 Version 2004 is now supported, starting from AccessAgent Fix Pack 32, together with the latest web extensions.

Note: Smart card authentication is validated on Microsoft Windows 10 2004 with the following environment:
  • Microsoft Active Directory 2019
  • WebSphere Application Server 8.5.5.17 on Windows Server 2019

2020-09: AccessStudio Fix Pack 6 and web extensions update

Date Released: 30 September 2020

Compatibility update

AccessStudio

The following defects or APARs are resolved: 
  • Unable to highlight the XPath signature on the Firefox browser when the XPath signature contains a carriage return.
For more information, see 8.2.2-ISS-SAMESSO-AS-FP0006.
Web extensions
The following defects or APARs are resolved:
  • APAR IJ26869: Cannot drag and drop file on Microsoft SharePoint if ISAM ESSO web extension is installed.
    Applies to Microsoft Edge , Microsoft Edge Chromium, and Mozilla Firefox web extensions. 
  • Compatibility update: For the Mozilla Firefox web extension, Mozilla Firefox ESR 78 is now supported.
For more information, see Web extensions.

2020-06: IMS Server Fix Pack 9

Date Released: 30 June 2020

Compatibility update

IMS Server

  • Microsoft Windows Server Server 2019 is now supported. +
  • Microsoft Active Directory 2019 is now supported. +
+ Authentication using smart cards are not validated on Microsoft Windows Server 2019 and Microsoft Active Directory 2019.
AccessAgent 8.2.2 Fix Pack 32 is now supported on Microsoft Windows Server 2019.
Note: For Windows Server 2019 support, WebSphere Application Server requires a minimum maintenance level of 8.5.5.16.
For more information see the updated Software Product Compatibility Report.
The following APARs and defects are fixed:
  • Defect
    Software update for the security vulnerabilities
  • APAR IJ04064
    Changing AD Controller primary host fully qualified domain name in the enterprise directory editing configuration causes host.
  • APAR IJ24921
    Password type input with auto-complete enabled.
    Note: Browser should support autocomplete='off' for login fields.
  • APAR IJ24925
    Application error message.
  • APAR IJ24924
    Error message on page.
For more information, see 8.2.2-ISS-SAMESSO-IMS-FP0009 Readme.

2020-06: AccessStudio Fix Pack 5 and Web Extensions Update

Date Released: 30 June 2020
AccessStudio
Enhanced support for capturing web signatures with the Chromium-based Microsoft Edge browser.
Web Extensions
Microsoft Edge Chromium Web extension

New in this release.

See Microsoft Edge Chromium web extension.

Google Chrome web extension
The following defect or APARs are resolved:
  • APAR IJ25121
    Unnecessary credential capture pop-up in case of 'bearer' authentication scheme.
  • Code signing of installer and uninstaller executables.

See Google Chrome web extension.

Mozilla Firefox web extension
The following defect or APARs are resolved:
  • APAR IJ25121
    Unnecessary credential capture pop-up in case of 'bearer' authentication scheme.
  • Code signing of installer and uninstaller executables.

See Mozilla Firefox web extension.

2020-06: Microsoft Edge Extension Update

Date Released: 12 June 2020
The following defect or APARs are resolved:
  • APAR IJ25121
    Unnecessary credential capture pop-up in case of 'bearer' authentication scheme.
  • Code signing of installer and uninstaller executables.

For more information, see Microsoft Edge Web Extension.

2020-04: Version 8.2.2.32

Date Released: 20 April 2020
Enhancement
Enhanced single sign-on support for Angular web extensions.
This fix pack corrects the following issues that are found in IBM Security Access Manager for Enterprise Single Sign-On 8.2.2:
Defect
  • APAR IJ16130
    Sometimes log files are not created in configured location

For more information, see 8.2.2-ISS-SAMESSO-AA-FP0032 Readme.

2020-03: Web extension update

Date Released: 27 March 2020
Microsoft Edge web extension
Enhanced single sign-on support for Angular web extensions.
The following defects or APARs are resolved:
  • APAR IJ23705 Edge Extension Performance issue has been resolved.
  • APAR IJ23706: Microsoft Edge extension updated to support latest Visual C++ Redistributable Package.
Google Chrome web extension
Enhanced single sign-on support for Angular web extensions.
Microsoft Firefox web extension
Enhanced single sign-on support for Angular web extensions.

For more information, see Web extensions.

2020-03: IMS Server Fix Pack 8

Date Released: 27 March 2020
Microsoft SQL Server 2019 is now supported starting from IMS Server Fix Pack 8.
Defect
  • Addressed and fixed some security vulnerabilities.

For more information, see 8.2.2-ISS-SAMESSO-IMS-FP0008 Readme.

2020-01: IMS Server Fix Pack 7

Date Released: 20 January 2020
Oracle 12c is now supported starting from IMS Server Fix Pack 7.

For more information, see 8.2.2-ISS-SAMESSO-IMS-FP0007 Readme.

2019-12: Windows 10, Version 1909 support

Date Released: 20 December 2019
Windows 10 Version 1909 is now supported, starting from AccessAgent Fix Pack 30, together with the latest web extensions.

If you already have the latest web extensions and fix packs, no additional installation is required.

2019-10: IMS Server Fix Pack 6

Date Released: 10 October 2019
Audit log enhancements
  • Added support for logging of audit data to files. Earlier versions supported logging to syslog and database only.
  • Added configuration options for audit file logging parameters in the IMS Configuration Utility.

This enhancement includes changes to existing topics that might not be available in the available product documentation. Instead, the changes are described in Documentation update: Forwarding audit log records to audit log files.

For more information, see 8.2.2-ISS-SAMESSO-IMS-FP0006 Readme.

2019-10: Microsoft Edge Single Sign-On Extension Update

Date Released: 02 October 2019
Fixed the following APAR: 

APAR IJ19846
Fixed Microsoft Edge extension digital signature expiration issue.

For more information, see Microsoft Edge Web Extension.

2019-08: IMS Server Fix Pack 5 and AccessStudio Fix Pack 3

Date Released: 20 August 2019

IMS Server

Some security vulnerabilities were addressed and fixed.

For more information, see the 8.2.2-ISS-SAMESSO-IMS-FP0005 Readme.

AccessStudio

Updated the prerequisites for AccessStudio installation from Microsoft .NET Framework 2.0 to Microsoft .NET Framework 3.5.

Fixed the following defect:

  • APAR IJ12224
    In some instances, you might face problems during XPath generation on Microsoft Edge.

For more information, see the 8.2.2-ISS-SAMESSO-AS-FP0003 Readme.

2019-07: Windows 10 Version 1903 support and Microsoft Edge Web Extension update

Date Released: 22 July 2019

AccessAgent

  • Windows 10 Version 1903 is now supported with AccessAgent Version 8.2.2.30
 

Web extensions

  • The Microsoft Edge web extension is updated to support Microsoft Windows 10, Version 1903.

For more information, see the Microsoft Edge Web Extension.

Back to top

2019-04: Version 8.2.2.30

Date Released: 30 April 2019

AccessAgent

  • IBM GSKit has been upgraded to version 8.0.55.3.
 

See the  8.2.2-ISS-SAMESSO-AA-FP0030 Readme .

Back to top

2019-03: AccessStudio Fix Pack 2 and Web Extensions update

Date Released: 29 March 2019

AccessStudio

  • Enhanced support for capturing web signatures with Google Chrome, Microsoft Edge, and Mozilla Firefox web browser.
 

See the  8.2.2-ISS-SAMESSO-AS-FP0002 Readme .

Web extensions

Microsoft Edge Web Extension
Enhanced capture of web signatures with the Microsoft Edge web  extension.
The following APAR is resolved:
  • APAR IJ12224
    Web signature generation issue for iframes.
Google Chrome Web Extension
Enhanced capture of web signatures with the Google Chrome web extension.
Mozilla Firefox Web Extension
Enhanced capture of web signatures with the  Mozilla Firefox web extension.

Back to top

2019-01: Version 8.2.2.29 and IMS Server Fix Pack 4

Date Released: 11 January 2019

AccessAgent

  • Added support for BIO-key Biometric Service Provider 1.13.
  • Added support for Windows 10, Version 1809.
  • Added support for VMware Horizon Version 7.6.0.

The following defect is resolved:

  • Defect
    AccessAgent fails to start when AccessAgent is used as a published app in VMware Horizon.

See the  8.2.2-ISS-SAMESSO-AA-FP0029 Readme .

IMS Server

  • Added support for BIO-key Biometric Service Provider 1.13.

See the  8.2.2-ISS-SAMESSO-IMS-FP0004 Readme .

Back to top

2018-11: AccessStudio Fix Pack 1 and Web Extension update

Date Released: 30 November 2018

AccessStudio

For more information, see the  8.2.2-ISS-SAMESSO-AS-FP0001 Readme .

Web extensions

Microsoft Edge web extension

You can now capture web signatures with the Microsoft Edge web extension.

The following defects are resolved:

  • Defect
    Crash observed in the web extension when closing the browser with one tab left.
  • Defect
    Fixed an issue for silent installations where a prompt would display and interrupt the silent installation process.

For more information, see the Microsoft Edge web extension .

Back to top

2018-11: IMS Server Fix Pack 3

Date Released: 23 November 2018

The following defects are resolved:

  • Defect
    With an Enterprise Directory setup, "_" cannot be distinguished from “.” in the login name of a user. This defect causes the user to be logged in with wrong username.
  • Defect
    Cross-site request forgery on the feedback page.
  • Defect
    Cacheable SSL page found. Pages which contain sensitive data such as personal information about the user are cacheable.
  • Defect
    XML External Entity injection vulnerability on the download service.

For more information, see the 8.2.2-ISS-SAMESSO-IMS-FP0003 Readme .

Back to top

2018-10: Version 8.2.2.27

Date Released: 2 October 2018

Compatibility update

  • Citrix XenApp and XenDesktop 7.18 is now supported.

For more information, see the updated Software Product Compatibility Report .

The following defect is resolved:

  • Citrix Server automatic login fails on Virtual Channel standard mode.

For more information, see 8.2.2-ISS-ISAMESSO-AA-FP0027 Readme .

Back to top

2018-07: Version 8.2.2.25 and Web Extensions Updates

Compatibility update

  • AccessAgent
    • Web browser: Mozilla Firefox ESR 60 is now supported.
    • Operating Systems: Windows 10, Version 1803 is now supported.

For more information, see the updated Software Product Compatibility Report .

Web extensions

Date Released: 31 July 2018

  • Microsoft Edge web extension now supports Microsoft Windows 10, Version 1803.
     

The following defect is resolved:

  • Installation and uninstallation issue with Google Chrome, Mozilla Firefox, and Microsoft Edge web extensions when AccessAgent is not installed in the default installation directory.

See Extensions .

AccessAgent

Date Released: 31 July 2018

The following defect is now resolved:

  • Terminal Server Virtual Channel Lightweight mode fails on Windows 10 client computers.

For more information, see 8.2.2-ISS-ISAMESSO-AA-FP0025 Readme .

Back to top

2018-07: Updates

Compatibility update

  • IMS Server
    • Database: IBM Db2 11.1
    • Web browsers: Microsoft Edge and Google Chrome web browsers are now supported for management consoles.
    • LDAP: Microsoft Active Directory 2016
  • AccessAgent 8.2.2 Fixpack 21 is supported on Microsoft Windows Server 2016

For more information, see the updated Software Product Compatibility Report .

IMS Server Fix Pack 2

Date Released: 2 July 2018

IMPORTANT: The license file is updated. Refer to the license file in the fix pack package.

Enhancements

The following defects or APARs are resolved:

  • APAR IV99718
    Unable to update AD bind account password in IMS Configuration Utility if the failover domain controller is configured.
  • Defect
    Unable to reset secrets of IMS administration in IMS Web Workplace (AAWWP).

For more information, see 8.2.2-ISS-SAMESSO-IMS-FP0002 Readme

Back to top

2018-04: Version 8.2.2.21

Date Released: 20 April 2018

Compatibility update

AccessAgent

  • Operating Systems: Windows 10, Version 1709 is now supported.

For more information, see the updated Software Product Compatibility Report .

Enhancements


AccessAgent
The following defects or APARs are resolved:
  • APAR IJ04063
    Credentials might not be injected when many authentication services are configured in the system.
For more information, see 8.2.2-ISS-ISAMESSO-AA-FP0021 Readme .

IMS Server
Passport Advantage installer image for the IMS Server has been refreshed with Java 8, Windows Server 2016, and Microsoft Hyper-V Server 2016 support.
 
eImage Number Description
CNSF5ML IBM Security Access Manager for Enterprise Single Sign-On V8.2.2 Server Components with Fix Pack 1 for Windows, Multilingual (March 2018 Refresh)


If you are performing a new IMS Server installation and want Java 8, Windows Server 2016, or Microsoft Hyper-V Server 2016 support, use the refreshed image. See Download document .
 

Back to top

2017-10: Version 8.2.2.15

Date Released: 31 October 2017



Enhancements
The following enhancements are only applicable to IBM Security Privileged Identity Manager users:
AccessAgent
The following defects or APARs are resolved:
  • APAR IV99001
    User is unable to sign-up or login to AccessAgent due to restrictive DER encoding checks in the IMS Server.
  • APAR IV99864
    When a user remotely connects to a server with AccessAgent installed, the remote AccessAgent does not launch.

For IBM Security Privileged Identity Manager users, the following defects are resolved:
  • APAR IV98496
    During credential check-out, the targeted application might stop working.
  • APAR IV99068
    During the check-out process, consent window and credential selection window might appear behind Internet Explorer.
    Note: To resolve this, you must deploy this fix pack and the Common Components AccessProfile .
  • APAR IV99146
    Credential check-out and session recording might fail when TLS 1.1 and TLS 1.2 are enabled.
  • APAR IV99437
    In certain environments, session recording might produce empty (white color) recording frames for Internet Explorer.
 

Back to top

2017-07: Version 8.2.2.14 and IMS Server Fix Pack 1

Date Released: 31 July 2017



Windows 10, Version 1703
Windows 10, Version 1703 is now supported.

AccessAgent
The following defects or APARs are resolved:
  • VBScript/JScript API Runtime "runtime.GetHTMLDocument" in an AccessProfile returns incorrect HTML document.

For IBM Security Privileged Identity Manager users, the following defect is resolved:
  • In Windows 10, Session Recorder might not work for Remote Desktop Connection and checked-out credentials might be checked-in prematurely.
    Note: This fix requires applying both this fix pack and updating to the latest Remote Desktop Connection AccessProfile.
    See Remote Desktop AccessProfile .
IMS Server
The following enhancement is added:
  • IBM WebSphere SDK Java Technology Edition Version 8.0 support.
The following APARs or defects are resolved:
  • Defect
    Symptom: Machine policy template name is not shown properly in AccessAdmin if it contains any Unicode characters.
  • APAR IV85194
    IMS Server is not able to assign the right machine policy template based on the computer's Active Directory group.
  • APAR IV87276
    Unable to configure reset password from AccessAssistant/Web Workplace when using non-SSL Active Directory.

For more information, see the following READMEs:

 

Back to top

2017-06: Version 8.2.2.13

Date Released: 30 June 2017

 
  • Internet Explorer 11 Enhanced Protected Mode
    Internet Explorer 11 Enhanced Protected Mode is now supported without requiring any separate extensions.
  • Multi-monitor screen recording playback (IBM Security Privileged Identity Manager only)
    Screen-based session recording playbacks for multi-monitor work environments are now clearer.
  • AccessProfiles
    AccessProfile for Internet Explorer has been updated with fixes for basic authentication. See Internet Explorer AccessProfile .
  • Extensions
The following defects or APARs are resolved:
  • APAR IV96031
    ESSO Credential Provider does not appear when AccessAgent is installed with a custom installation path.
  • APAR IV94942 ( IBM Security Privileged Identity Manager only)
    No audit log is sent to the IBM Security Privileged Identity Manager server when the lease has expired on the checked out credential.

For more information, see 8.2.2-ISS-SAMESSO-AA-FP0013 Readme .

Back to top

2017-04: Version 8.2.2.12

Date Released: 10 April 2017

 
  • Windows 10 Anniversary Update, version 1607
    Windows 10, version 1607, otherwise known as the Anniversary Update is now supported.
    • UI Automation actions
      The UI Automation extension is installed automatically. Two new UI Automation actions will be displayed in AccessStudio. The following actions are:
      • Get Element Text - UI Automation
      • Set Element Text - UI Automation
    • The Click a button - UI Automation action is now renamed to Click an element - UI Automation. No changes are required for existing AccessProfiles that use the Click a button - UI Automation action. See Windows UI Automation extension .

    • AccessProfiles
      AccessProfiles for standard Windows applications, such as Windows Explorer, Internet Explorer, and the Remote Desktop client have been updated to be fully compatible with Windows 10, version 1607.
  • Extensions
    Internet Explorer Enhanced Protected Mode Extension is updated with fixes for defects. See Internet Explorer Enhanced Protected Mode Extension .
    Firefox Extended Support Release 52 is now supported with the Mozilla Firefox Browser Extension. See Mozilla Firefox Browser Extension .
Removed the following limitation:
  • AccessAgent 8.2.2 is currently not fully compatible with Windows 10, version 1607.

For more information, see 8.2.2-ISS-SAMESSO-AA-FP0012 Readme .
For more information about Windows 10 support, see Issues and limitations .

Back to top

2016-12: Version 8.2.2.11

Date Released: 16 December 2016



Resolved the following defect for IBM Security Access Manager for Enterprise Single Sign-On users:
  • Single sign-on might not work for web applications that are using a modal window with Internet Explorer in a 32-bit environment.

Removed the following limitation for IBM Security Privileged Identity Manager users:
  • In a multiple display or multiple monitor configuration, session recordings are only supported when the extended display or extended monitor is to the right or bottom of the main display.

For more information, see 8.2.2-ISS-SAMESSO-AA-IF0011 Readme .

Back to top

2016-08: Version 8.2.2.9

Date Released: 16 August 2016

 
Resolved the following defects for IBM Security Privileged Identity Manager users:
  • Session Recording might fail to prompt the user for consent in certain scenarios. Therefore, the targeted application is not recorded.
  • Session Recorder fails with PuTTY 0.67. Download the updated PuTTY AccessProfile .

For more information, see 8.2.2-ISS-SAMESSO-AA-FP0009 Readme .

Back to top

Version 8.2.2.8

Date Released: 5 July 2016

  • Remote Desktop Connection (RDP) AccessProfile
  • Windows 10 for IBM Security Privileged Identity Manager: Added Windows 10 support for IBM Security Privileged Identity Manager users.

    Update: AccessAgent 8.2.2 is currently not fully compatible with Windows 10, version 1607. In Windows 10, version 1607, some Windows components and user interface elements have changed. AccessProfiles that involve PuTTY and the Windows Security dialog box, such as Remote Desktop Connection (RDP) will not function as expected. AccessAgent 8.2.2 continues to be fully compatible with Windows 10, version 1511.

This fix pack corrects the following issues that are found in the IBM Security Access Manager for Enterprise Single Sign-On, Version 8.2.2 release.
  • APAR IV83885
    Custom dialog box labels for an authentication service are not applied.

Resolved the following issues which affect only IBM Security Privileged Identity Manager users:
  • APAR IV82439
    Session Recorder might fail when mouse interactions occur during a recording.
  • APAR IV86044
    Users might experience slowness in applications that are monitored by the session recorder.

For more information, see 8.2.2-ISS-SAMESSO-AA-FP0008 Readme .
For the latest issues and limitations with Windows 10 support, see Issues and limitations .

Back to top

Version 8.2.2.3 GA Refresh

Date released: 31 March 2016


Windows 10: Windows 10 is supported.

Update: AccessAgent 8.2.2 is currently not fully compatible with Windows 10, Version 1607. In Windows 10, version 1607, some Windows components and user interface elements have changed. AccessProfiles involving the Windows Security dialog box, for example Remote Desktop Connection (RDP) will not function as expected. AccessAgent 8.2.2 continues to be fully compatible with Windows 10, version 1511.

For Windows 10 support, you must download and use only the following refreshed versions of the AccessAgent installers with Fix Pack 3 from Passport Advantage .
  • CNA2KML - IBM Security Access Manager for Enterprise Single Sign-On V8.2.2 with Fix Pack 3 for Windows on x86-32-bit, Multilingual
  • CNA2LML - IBM Security Access Manager for Enterprise Single Sign-On V8.2.2 with Fix Pack 3 for Windows on x86-64-bit, Multilingual

Earlier versions of AccessAgent installers are not supported on Windows 10.

This fix pack corrects the following issues that are found:.
  • APAR IV82470
    With RFID-only logon and Virtual Channel Connector configured, delay might be observed when you start an application.
  • APAR IV80081
    Web applications in Internet Explorer might lose focus when AccessAgent is running.
  • APAR IV80668
    With RFID-only logon enabled, the user is prompted to enter the Active Directory password each time the workstation is unlocked.


Fixed the following issues for IBM Security Privileged Identity Manager users:
  • The credential check-out selection window is not available when the window signature is incorrect, incomplete, or generic when profiled applications have a modal dialog box for the checkout process. For example, DB2 Data Studio.
  • The "Checkout Credentials" window might appear off-screen when an incorrect application window signature is specified in the AccessProfile.
  • Low-level integrity processes cannot log messages in the Recorder log file.

For more information about the features that are supported with Windows 10, see New in Version 8.2.2 .
For the latest issues and limitations with Windows 10 support, see Issues and limitations .

Back to top

Version 8.2.2.1

Date released: 29 February 2016



Fixed the following issue:
  • APAR IV81202
    ISAM ESSO Java Support libraries are not loaded into Java applications.

Fixed the following issues for IBM Security Privileged Identity Manager users:
  • APAR IV81598
    Shared credential check-out fails with error code 31 in 32-bit environments.
  • APAR IV81419
    In a multi-session environment, shared credential check-out might fail.

For more information, see 8.2.2-ISS-SAMESSO-AA-FP0001 Readme .

Back to top

Version 8.2.2 General Availability (GA) Release

Date Released: 10 December 2015


These are the features and enhancements that are added and supported:
  • Kerberos Authentication: Users can now log on to Windows Desktops by using any supported Windows authentication mechanism, including the default Credential Providers that are packaged with the Windows operating system. See Kerberos Authentication .
  • Windows Server 2012 and Windows Server 2012 R2 Standard or higher editions
  • WebSphere Application Server 8.5.5
  • IBM Security Directory Server 6.4
  • Mozilla Firefox Extended Support Release 38
  • BIO-key BSP 1.12
  • Citrix XenApp 7.6
  • Citrix XenDesktop 7.6

For more information, see New in Version 8.2.2 .

For updated system requirements and third-party product compatibility information, use the Software Product Compatibility Reports tool .

Back to top

Installation

Back to top

Documentation updates

Topic: Automatically assigning User Policy Templates to new users


Every time you change the User Policy Template assignments, you must restart WebSphere Application Server.
Services will be temporarily unavailable until the servers are restarted.

Back to top

Related links

For more information about the IBM Security Access Manager for Enterprise Single Sign-On, Version 8.2.2, see the following links:

Back to top

Previous versions

For more information on previous versions of IBM Security Access Manager for Enterprise Single Sign-On, see the following links:

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS9JLE","label":"IBM Security Access Manager for Enterprise Single Sign-On"},"Component":"","Platform":[{"code":"PF033","label":"Windows"}],"Version":"8.2.2","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
02 November 2023

UID

swg21970877

Page Feedback