Products
Products
Support
Support
Contact
Contact
Sitemap
Sitemap
 
Home
Solutions
Products
Licenses
Download
Manuals
Support
News
SignOn Solutions 2012
SignOn Solutions 2008
SignOn Solutions 2006

Success Stories
My.Comtarsia

     



Build History
Build History

Build History SignOn Solutions 2008



Bundle Version 33 (September 4th, 2012)

Management Console5.1.22.21
Logon Client5.1.23.31
SignOn Proxy5.1.12.51
SignOn Agent for Active Directory5.1.13.41
SignOn Agent for LDAP5.1.1.42


  Logon Client

Bug Fix:

• A workstation unlock error message has ignored the language setting and the English message was displayed.






Bundle Version 32 (August 29th, 2012)

Management Console5.1.22.21
Logon Client5.1.22.31
SignOn Proxy5.1.12.51
SignOn Agent for Active Directory5.1.13.41
SignOn Agent for LDAP5.1.1.42


  Logon Client

Bug Fix:

• Mulitple Smart Card Reader Support.






Bundle Version 31 (August 20th, 2012)

Management Console5.1.22.21
Logon Client5.1.21.31
SignOn Proxy5.1.12.51
SignOn Agent for Active Directory5.1.13.41
SignOn Agent for LDAP5.1.1.42


  Management Console

New Features and/or Functional Changes:

• The new option „allowEmptySource“ was added to the variable manager. Is this option is activated, variable mapping will be performed even if the source resolves to empty.


  SignOn Proxy

New Features and/or Functional Changes:

• Extended the variable manager to allow receiving variables from the SignOn Agent.


  SignOn Agent for Active Direcory

New Features and/or Functional Changes:

• Each synchronization request has now a unique SyncID.
• Policy errors while setting the user password are now written to the log with the detailed error code.
• The new option „allowEmptySource“ was added to the variable manager. Is this option is activated, variable mapping will be performed even if the source resolves to empty.
• The “After sync” variable mapping point was added.
• The agent can now send variables back to the SignOn Proxy.


Bug Fix:

• The agent no longer triggers a replication if only the user description has been changed.
• Missing logtransactions have been added.
• Fixed a bug in the “disableUserOnSyncError”-function, which has lead to the user being removed from all his group in addition to being disabled.






Bundle Version 30 (July 19th, 2012)

Management Console5.1.21.21
Logon Client5.1.21.31
SignOn Proxy5.1.11.51
SignOn Agent for Active Directory5.1.12.41
SignOn Agent for LDAP5.1.1.42


  Logon Client

New Features and/or Functional Changes:

• Smartcard Logon via Comtarsia SignOn Proxy

Bug Fix:

• In local usermode the replacement of the %USERNAME% variable replacement had a case sensitive fault.
• In PKI local user mode the Replacement of the Variable %USERNAME% did not work in the homedirectory- and profile-path.
• In PKI-Mode by Credential Provider focus deselect missing PIN-field clear.






Bundle Version 27 (20th February, 2012)

Management Console5.1.20.21
Logon Client5.1.19.31
SignOn Proxy5.1.10.51
SignOn Agent for Active Directory5.1.12.41
SignOn Agent for LDAP5.1.1.42


  Management Console

New Features and/or Functional Changes:
• Configuration Parameter "ForcePasswordChange" was added.


  Logon Client

New Features and/or Functional Changes:

• Each synchronization request has now a unique SyncID.

• ForcePAsswordChange function:
The previous fix-defined LDAP user attribute "clcForcePasswordChange" can now be defined using the following parameters: REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LDAP\__LDAPSERVER__\forcePasswordChangeAttribute =1 (Default:"").
In Proxy Authentication mode is the on the proxy defined LDAP attribute evaluated and reset.

• The password change within a logon session in domain logon mode is processed over the domain controller instead by the SignOn Agent.
With the Parameter DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonClient\PasswordchangeMode = 1 (default: 2)
the previous mode is set (password change by SignOn Proxy).
• The session unlock is processed primarily via the Windows user.
In case the password of the currently logged on user was changed by a another workstation, the session unlock will also works with this the new password and the new credentials will be applied to the current session.
With the parameter
DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonClient\PasswordUnlockMode = 1 (default: 2)
the previous mode is set (unlock only with the logon password).



Bug Fix:

• In case of a password change triggered by the "Change after Reset" password policy message the user information were not readout completely.
• The cancelation of the password change dialog and subsequent call of the screen lock function causes under certain circumstances that the password change was displayed again.
• A error in the function WorkstationOUMove caused a CredentialProvider crash.
.




  SignOn Proxy

Bug Fix:

• The UserDN variable in „OUSearchList“ mode was not set.




Bundle Version 26 (January 31st, 2012)

Management Console5.1.19.21
Logon Client5.1.18.31
SignOn Proxy5.1.9.51
SignOn Agent for Active Directory5.1.12.41
SignOn Agent for LDAP5.1.1.42


  Logon Client

New Features and/or Functional Changes:

• As a Windows user account a trusted domain can be configured.
• New LDAP Server Type „OpenDirectory“ was added.

Bug Fix:

• An error in the function Groupmapping with case sensitive placeholders #Administrators, #Power Users und #Users was fixed.






Bundle Version 24 (23rd September, 2011)

Management Console5.1.17.21
Logon Client5.1.17.31
SignOn Proxy5.1.9.51
SignOn Agent for Active Directory5.1.11.41


  Management Console

New Features and/or Functional Changes:

• Configuration options that are not yet integrated in the product have been hidden.
• Configuration audits disabled

  Logon Client

Bug Fix:

• A logon via the function "Quick Logon" or via RDP session with autologon credentials causes an internal ComtRPCSrv services error.






Bundle Version 23 (7th September 2011)

Management Console5.1.16.21
Logon Client5.1.16.31
SignOn Proxy5.1.9.51
SignOn Agent for Active Directory5.1.11.41


  Management Console

Bug Fix:

• The variable template for LDAPUser-DN was changed to "LDAPUser:__DN__".





Bundle Version 22 (2nd September 2011)

Management Console5.1.15.21
Logon Client5.1.16.31
SignOn Proxy5.1.9.51
SignOn Agent for Active Directory5.1.11.41


  Management Console

Bug Fix:
• The comments of the variables will now be 'escaped' stored in the Registry.


  Logon Client

New Features and/or Functional Changes:

• The ComtRPCsrv readiness timeout has been increased from 120 to 180 seconds.


Bug Fix:

• For all Logon Client profiles the main profile SingOn Proxy configuration was used.
• The variable% USERNAME% in RDP sessions was not set correctly.




  SignOn Proxy

Bug Fix:

• The UserDN variable in „OUSearchList“ mode was not set.




Bundle Version 21 (27th July, 2011)

Management Console5.1.14.21
Logon Client5.1.15.31
SignOn Proxy5.1.8.51
SignOn Agent for Active Directory5.1.11.41


  SignOn Proxy

Bug Fix:
• An error in the variablemanager was fixed. The array operator was not cut off in the LDAP request






Bundle Version 20 (20th July, 2011)

Management Console5.1.14.21
Logon Client5.1.15.31
SignOn Proxy5.1.7.51
SignOn Agent for Active Directory5.1.11.41


  SignOn Proxy

New Features and/or Functional Changes:

• The internal variable %USERNAME% can now be used as alias for %user%.
• Support for Varialbes with the Regex-Formatter.


Bug Fix:
• An error in the default-variable-entry for LDAP-Groups was fixed.


  SignOn Agent for Active Direcory

New Features and/or Functional Changes:

• The internal variable %USERNAME% can now be used as alias for %user%.
• Support for Varialbes with the Regex-Formatter.






Bundle Version 19 (27th May, 2011)

Management Console5.1.13.21
Logon Client5.1.15.31
SignOn Proxy5.1.6.51
SignOn Agent for Active Directory5.1.10.41


  Logon Client

New Features and/or Functional Changes:

• In Proxy-Logon Mode the remote retrieve (= by proxy) of LDAP user attributes.
• Registry-Values can now be used directly in the variablemanager.
Variablen-Source syntax: %Registry:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 501\Log\logLevel%
• Environment-Values can now be used directly in the variablenmanager
Variablen-Source syntax: %ServiceEnv:PROCESSOR_ARCHITECTURE%
• %-Support: In order to define the character „%“ on the variablemanager, „%%“ must used now. This sequence is converted back to „%“ while the export.
• Variables can be exported as environment variables in user context.


  SignOn Proxy

New Features and/or Functional Changes:

• With the new parameter REG_DWORD:SignOnProxy\ allowClientAttributeRequests=1 can be controlled, whether the proxy obtains logon user attributes from LDAP and forwards it to the client. If required, these values can be overridden by a proxy variable mapping.
• The "expression" of a variable mapping can now even include variables (number of single values and value-manimal a multi-value value).
• Registry-values can now be used directly in the variablemanager.
Variablen-Source syntax: %Registry:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 501\Log\logLevel%
• Environment-values can now be used directly in the variablemanager.
Variablen-Source syntax: %ServiceEnv:PROCESSOR_ARCHITECTURE%
• %-Support: In order to define the character „%“ on the variablemanager, „%%“ must used now. This sequence is converted back to „%“ while the export.


  SignOn Agent for Active Direcory

New Features and/or Functional Changes:

• Registry-values can now be used directly in the variablemanager.
Variablen-Source syntax: %Registry:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 501\Log\logLevel%
• Environment-values can now be used directly in the variablemanager.
Variablen-Source syntax: %ServiceEnv:PROCESSOR_ARCHITECTURE%
• %-Support: In order to define the character „%“ on the variablemanager, „%%“ must used now. This sequence is converted back to „%“ while the export.


Bug Fix:
• An error in the function "waitForStartup"was fixed.






Bundle Version 18 (12th May, 2011)

Management Console5.1.12.21
Logon Client5.1.14.31
SignOn Proxy5.1.5.51
SignOn Agent for Active Directory5.1.9.41


  Logon Client

Bug Fix:

• A buffer error in the LDAP API was fixed. Response packets bigger 32KB caused the error (LDAP_SERVER_DOWN).






Bundle Version 17 (21st April 2011)

Management Console5.1.12.21
Logon Client5.1.13.31
SignOn Proxy5.1.5.51
SignOn Agent for Active Directory5.1.9.41


  Management Console

New Features and/or Functional Changes:

• The SignOn Agent parameter "waitForStartup" was added.
• The SignOn Agent parameter "usersToSync" was added.


  Logon Client

New Features and/or Functional Changes:

• Support „WorkstationLogonPolicy“ for Proxy-Logon-Mode
• Variable Manager Support for Groups


Bug Fix:

• A bug in SyncClient has been fixed: the wrong version number for SignOn Proxy has been transferred.
• A Variable Manager problem with transmit to proxy was fixed.

  SignOn Proxy

New Features and/or Functional Changes:

• The installer now creates variable manager-entries for the main LDAP attributes.
• The installer creates a default entry for a local SignOn Agent.


Bug Fix:

• An error in the SyncPolicy was corrected, so that only LDAP groups, but no other variables were used for the evaluation of the SyncPolicy.

  SignOn Agent for Active Direcory

New Features and/or Functional Changes:

• The parameter REG_DWORD:SignOnAgent\Modules\System\User\usersToSync controls whether the SignOn Agent synchronizes all users (0xF0000000) or only users who already have a user description starting with "SERV_TMP_USER" (0x1.)






Bundle Version 16 (1st April, 2011)

Management Console5.1.11.21
Logon Client5.1.12.31
SignOn Proxy5.1.4.51
SignOn Agent for Active Directory5.1.8.41


  Management Console

New Features and/or Functional Changes:

• Checking for updates is now done asynchronously so that the Management Console can respond more quickly.
• Muiltiple LDAP server support was enabled.
• The variables configuration page was enabled.


Bug Fix:

• A fault which was caused by an old configuration has been fixed.
• Improvments on the ListBox(AcceptList, AttributeBasedGroups) were made.


  Logon Client

New Features and/or Functional Changes:

• In the function „HwAdmin“ the parameter
REG_SZ:.\SOSProfile 001\Group\HwAdminSubOU was added. Is the Logon Client in mode „enableWkstLogonPolicy” enabled with the parameter[.\SOSProfile 001\LogonPolicy\enableWkstLogonPolicy= 1], the function „HwAdmin“ is executed only if the SubOU which is defined with HwAdminSubOU is selected as Logon Type. If the HwAdmin criteria (HwAdminGroup and HwAdminAtrribute) not match the logon attempt is terminated. • The interpretation of the parameter [.\SOSProfile 001\Group\HwAdminAttribute] was extended to Regular Expressions.
• In the Local User mode now is guaranteed that the automatically-managed local user gets the local user group membership if the group mapping results no another build-In group (power users or administrators).

Behobene Fehler:

• An error in the LDAP-Function „userObjectRequired“ has been fixed.
• An error in the uninstall function has been fixed.


  SignOn Proxy

New Features and/or Functional Changes:

• The SignOn Proxy supports now multiple LDAP servers. All LDAP configuration values can be defined for each LDAP server.

Bug Fix:

• An error in the Uninstall function has been fixed..
• An error in the function „WkstOUMove“ has been fixed.

  SignOn Agent for Active Direcory

Bug Fix:

• An error in the uninstall function has been fixed.





Bundle Version 14 (22nd January, 2011)

Management Console5.1.9.21
Logon Client5.1.10.31
SignOn Proxy5.1.3.51
SignOn Agent for Active Directory5.1.7.41


  Management Console

Bug Fix:

• A Problem with the Credential Provider registration was fixed.

  SignOn Agent for Active Directory

New Features and/or Functional Changes:

• During a new installation an entry for importing all SignOn Proxy variables is created automatically.





Bundle Version 13 (17th January, 2011)

Management Console5.1.8.21
Logon Client5.1.10.31
SignOn Proxy5.1.3.51
SignOn Agent for Active Directory5.1.6.41


  Logon Client

Bug Fix:

• An error with LDAP-authentication and the function „SearchForUser“/“FailoverOnUserNotFound“ was fixed. .





Bundle Version 12 (12th January, 2011)

Management Console5.1.8.21
Logon Client5.1.9.31
SignOn Proxy5.1.3.51
SignOn Agent for Active Directory5.1.6.41


  Management Console

New Features and/or Functional Changes:

• Logon Client Multiple LDAP Server support.
• If the LDAP server type changed to "Microsoft AD" a another Credential Provider is registered.
• Values of input fields are now also checked in Menu Events.


  Logon Client

New Features and/or Functional Changes:

• Extended Active Directory LDAP Support.
  - Authentication including support for password policy messages.
  - Password change; this requires a communication to the Active Directory over LDAPS. For this to work, in the AD domain the
     "Certificate Services " must be installed.
  - group memberships using the new group type 0x10.
  - Referrals Support. This can be controlled by the new configuration parameter: DWORD:„LDAPServer\followReferrals“=1.

ValueFunction
0x0  Referrals are not tracked
0x1  Referrals are tracked
0x20 CHASE_SUBORDINATE_REFERRALS
0x40 CHASE_SUBORDINATE_REFERRALS

• Muliple LDAP-Server configuration support for failover function. This allows a completely separate configuration for each ldap server.
The parameter DWORD:“LDAPServer\priority“=0 defines the priority of the servers. A small value defines a high priority. There must always be only one server with a specific priority value.
If only one LDAP server is defined, the value “failover host” can still be used for compatibility reasons.





Bundle Version 11 (16th December, 2010)

Management Console5.1.7.21
Logon Client5.1.8.31
SignOn Proxy5.1.3.51
SignOn Agent for Active Directory5.1.6.41


  Management Console

New Features and/or Functional Changes:

• The "SmartcardHandler" Logflag was added.
• The Logon Client PKI-profile SessionPasswordMode configuration was added.
• In PKI-Profiles the SecurePinEntryMode is configurable via „Logon Policy/PKI"

Bug Fix:

• An error with the assortment of the log flags was repaired.

  Logon Client

New Features and/or Functional Changes:

• A new session password mode was introduced, in which the session password is changed only in defined time intervals. This mode is compatible with the Comtarsia Logon Client 2006 session passwords mode (2). [.\SOSProfile *\LogonClient]
"smartCardSessionPasswordMode"=dword:00000000
// 0=single (password is generated for each login)
// 1=valid for
"smartCardSessionPasswordValidity"=dword:00000001
"smartCardSessionPasswordValidityUnits"=dword:00000000
//0=hours,
//1=days,
//2=weeks (not implemented!),
//3=months
"smartCardSessionPasswordValidityOffset"=dword:00000000
// in minutes

• Is a Smart Card Reader is detected by the Logon Client, it checks to see whether the „Secure PIN Entry“according to PC/SC V2 Part 10 is supported. The parameter "smartCardSecurePINEntryMode" controls how the reader is used for the PIN entry.

Value     Reader Class 1            Reader Class 2/3
0             PIN-Entry Keyboard      PIN-Entry Keyboard
1             PIN-Entry Keyboard      PIN-Entry PIN-Pad
2             N/A                                   PIN-Entry PIN-Pad

"smartCardSecurePINEntryMode"=dword:00000001
//0=disabled,
//1=allowed,
//2=required


Bug Fix:

• Wrong error message after wrong PIN input in the PKI Logon mode was corrected.
• A memory leak in module ComtRPCsrv.exe was solved.





Bundle Version 10 (29th November, 2010)

Management Console5.1.6.21
Logon Client5.1.7.31
SignOn Proxy5.1.3.51
SignOn Agent for Active Directory5.1.6.41


  Management Console

New Features and/or Functional Changes:

• Suport for PKI – Logon Mode
• Multiple Profile Mode

  Logon Client

New Features and/or Functional Changes:

• Smart Card / PKI – Logon Mode


  SignOn Agent for Active Directory

New Features and/or Functional Changes:

• the log messages have been extended.

Bug Fix:

• For creating a user in previous builds the "default group container" instead of the "default user container" were used.
• An error in the function domain Discover was fixed.





Bundle Version 8 (October, 1st 2010)

Management Console5.1.5.21
Logon Client5.1.5.31
SignOn Proxy5.1.3.51
SignOn Agent for Active Directory5.1.4.41


  SignOn Proxy

New Features and/or Functional Changes:

• The function “GetSessionPassword” and parameter “setSessionPasswordCondition”


  SignOn Agent for Active Directory

New Features and/or Functional Changes:

• The function ADS-Discover was adapted for the remote synchronization.

Bug Fix:

• Errors in the LDAP Directory Replicator with synchronization requests were solved.






Bundle Version 7 (September, 20th 2010)

Management Console5.1.4.21
Logon Client5.1.5.31
SignOn Proxy5.1.2.51
SignOn Agent for Active Direcory5.1.3.41

Initial Bundle Release






Comtarsia SignOn Solutions 2008
(June, 29th 2010)

Build 5.0.22.X

Bug Fix:

• A problem with the setting „LDAPGroupTypes“=ibm-allGroups (0x8) was solved.



Comtarsia SignOn Solutions 2008
(June, 18th 2010)

Build 5.0.21.X

Bug Fix:

• An error in the installation program of Build 5.0.20.4 was fixed!!

• The ComtRPC Service readiness timout has been increased from 40 to 90 seconds. On very slow computers at boot time the 40 seconds timeout was too short and caused this error message ” ComtRPCSrv" service ist not running!!”



Comtarsia SignOn Solutions 2008
(June, 15th 2010)

Build 5.0.20.X

New Features and/or Functional Changes:

• Function Quick Logon:
A login attempt with pre-defined credentials is performed through an additional selection option on the login dialog.
The parameter DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\EnableQuickLogon =1 (Default:0) enables the function.
The parameter REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\QuickLogonButtonCaption defines the alternative button caption.
The parameter REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\QuickLogonUser defines the user name.
The parameter REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\QuickLogonPassword defines the password.
The Parameter REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\QuickLogonDomain defines the Domain.
For logon with a pre-defined local user account the string "local" must be defined as QuickLogonDomain.


• Autologon with Winlogon Credentials:
In case Winlogon autologon credentials are defined by following paramters: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
DefaultUserName"="Name"
"DefaultPassword"="passwort"
"AutoAdminLogon"="1"
(optional key: "ForceAutoLogon"="1" to perform a autologon after logoff)
the Microsoft Credential Provider is not filtered out so that the Auto Logon function can perform.


• With the parameter REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Language (default:English)=“ Italian“ the logon clients switch to Language ID 0x10 = Italian.

Special Thanks for translation, Giovanni Sabatini - University of Perugia - Italy!



Comtarsia SignOn Solutions 2008
(May, 5th 2010)

Build 5.0.18.X

New Features and/or Functional Changes:

• The parameter DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LDAP\__LDAPSERVER__\ignoreNoUniqueUser=1 (Default:0) lets a user log on, even if they aren’t unique in the directory. The Logon Client will use the first DN of the search result. This option is only in effect if the “UserDN Mode”: “Search for User” is in use. It’s strongly recommended NOT to use this option.

• The parameter DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LDAP\__LDAPSERVER__\ignoreNoUniqueUser=1 (Default:0) specifies that, for a „UserDN Mode“: „Search for User“-configuration, the search will continue on the failover LDAP server if the LDAP user wasn’t found on the primary LDAP server. It’s strongly recommended NOT to use this option.


Bug Fix:

• In EnableWkstLogonPolicy=1 mode and OFFLINE logon the desktop unlock was not possible.



Comtarsia SignOn Solutions 2008
(April, 27th 2010)

Build 5.0.17.X

New Features and/or Functional Changes:

• Failover LDAP Server:
With the parameter REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LDAP\__LDAPSERVER__\failoverHost=““ a failover LDAP-Server are defined, which is used when the primary LDAP-Server is unreachable.

• Function Log to Syslog:
The parameter
REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Log\SysLog\host
defines the syslog server.

The parameter
DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Log\SysLog\facility (default:10 )
defines the syslog facility.

The parameter
DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Log\SysLog\logDetails (default:0)
Defines the log details:
logDetails = 0x0 = no log details (recommended for centralized logging)
logDetails = 0x1 = Date/Time
logDetails = 0x4 = Prozess and Thread IDs
logDetails = 0x8 = Source Postion
logDetails = 0xFFFFFFFF = All Details

The parameter
DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Log\SysLog\logLevel
defines the log level:
logLevel = 0x1 = Error (recommended for centralized logging)
logLevel = 0x2 = Exception + logLevel 0x1
logLevel = 0x3 = Warning + logLevel 0x2
logLevel = 0x4 = Information + logLevel 0x3
logLevel = 0x5 = Message + logLevel 0x4



The parameter
DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Log\SysLog\host\logMask
defines the log maks for addional detailed log messages:

logMask = 0x4000000 – Monitor (recommended for centralized logging)


Bug Fix:

• An error in the LDAP Posix groups has been fixed. The group search has used the full user DN instead of the UID.

• An Error in the „sambaLMPassword“-Algorithm has been fixed.



Comtarsia SignOn Solutions 2008
(April, 15th 2010)

Build 5.0.16.X

New Features and/or Functional Changes:

• On each successful LDAP authentication and LDAP password change the specific Samba user information (Samba password hash) can be set automatically.
The parameter DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LDAPSetPasswordAsSambaPassword (Default=0)
defines following Bit-mask
o 1: „sambaLMPassword“ is set
o 2: „sambaNTPassword“ is set
o 4: „sambaPwdLastSet“ is set

• User credentials (user and password) which are send with a RDP connection triggers a LDAP auto logon during the session establishment.
For RDP-Clients 6.0 or higher following parameters in the .rdp file are required:
enablecredsspsupport:i:0
prompt for credentials:i:1

• With the parameter REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Language (default:English)=“French“ the logon clients switch to Language ID 0x0c = French.

Special Thanks for translation, Didier Rogues, Limoges University, France!


Comtarsia SignOn Solutions 2008
(April, 14th 2010)

Build 5.0.15.X

Internal Build!


Comtarsia SignOn Solutions 2008
(March, 24th 2010)

Build 5.0.14.X

New Features and/or Functional Changes:

• The parameter REG_DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\MinPwdLen (default:0) defines the minimum passwort lenght for password change and LDAP Logon.

• With the registry setting REG_DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonClient\RemoveUser = 3 (0x1 User Account + 0x2 Profile)(default:0) the local user account and profile will be deleted during log-off. This option only affects local users which have been created by the Comtarsia Logon Client during an LDAP logon. (Those users have the user description set to "SERV_TEMP_USER".)
To have a similar functionality for domain users, the following Windows Policy can be used: REG_DWORD:HKLM\Software\Policies\Microsoft\Windows\System\DeleteRoamingCache = 1


Bug Fix:

• A logic error in the function „SearchForUser“ has been corrected. The object class „person“ instead of the defined user object class has been used.


Comtarsia SignOn Solutions 2008
(March, 10th 2010)

Build 5.0.13.X

New Features and/or Functional Changes:

• With the regsitry setting REG_DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\language= „auto“ (default = “auto”), the logon client switches to the system-language automatically.
Is no language for the system-language available, the logon client switches to language-ID 0x9 = English.


Bug Fix:

• A logic error in the local group mapping function and in local user mode has been corrected.
In certain circumstances the local group mapping function has skipped the DefaultEveryoneGroup and DefaultNoGroup parameter.
In case of a password change process during the logon process, the local user has been removed from all local groups.



Comtarsia SignOn Solutions 2008
(March, 1st 2010)

Build 5.0.12.X

New Features and/or Functional Changes:

• The parameter REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\LogonInformationText defines an alternate text which appears when the user clicks on the 'Information'-Link on the logon screen. This can be used to provide information’s like the phone number of a support line, or procedures to follow, if the user can't log on. If this value is empty, a generic default text will be used.

• Starting from this build CAFLP license keys are supported.

• Extension of the function “Workstation Logon Policy“: Via the parameter, REG_DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\WkstLogonPolicyRetryTimer (default = 60 /1 Minute) the time interval (in seconds) for an automatically retry to retrieve the OU information’s from the AD domain controller can be set. This retry is done in background, and by success the Combo-Box in the logon dialog is refreshed automatically.

Bug Fix:

• A logic error has been corrected, which caused a sync request at local workstation unlock.

• A time-out problem in the module ComMSSO was fixed. At fist logon, the initializing of the user profile causes to a delay of some COM-classes registration which are used by the ComMSSO module. Error message: 80040154

• A Installer problem on 64 Bit Platforms was fixed.



Comtarsia SignOn Solutions 2008
(Jannuary, 7th 2010)

Build 5.0.11.X

New Features and/or Functional Changes:

• New function „HWADMIN“: The parameter REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Group\HWAdminAttribute defines the name of the LDAP users object attribute which is maintaining a list of computer names for which the HWAdmin right is possible.
The parameter REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Group\HWAdminGroup defines the LDAP group with which the user must be a memper, so that the HWAdmin is possible.
If both criteria are fulfilled, the Windows user becomes user member of the local administrators group. The name of the local administrators group must be defined over this parameter:REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Group\LocalAdminGroup

• If REG_DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Scripts\NoScriptByCachedCredLogon = 1 by cached credential logon (offline logon) the logon and logoff scripts are not executed.

• With the paramater REG_DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\EnableWkstLogonPolicy= 1 the function Workstation Logon Policy is enabled.
Each time on logon panel initialization the logon client tries to retrieve the OU in which the workstation is located from the Active Directory Domain controller.
The root-OU’s are defined in this parameterREG_SZ: HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\ (MULTI_SZ). The sub OU’s and parallel OU’s beneath of the defined root OU’s are offered to the user for selection in the logon panel. Is the workstation already located in one of the sub OU’s this sub OU is already preselected in the list-box.
In case the inquire is not possible, e.g. no Domian Comtroller is avialable, „offlinelogon“ (cached credentials) is preselected in the list-box.
This fuction requires SignOn Gate Build 1.2.15.4 or higher with enabled Workstation OU-Move function.

• SyncClient trigger on Workstation Unlock: The bit 0x8 in the bit maske REG_DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonClient\EnableSyncClient triggers a SyncClient reguest by workstation unlock. With the parameter REG_DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonClient\RefreshUnlockTimer = 720 the time interval in minutes since the last successful logon is definied, within which no SycnClient request is triggered.



Comtarsia SignOn Solutions 2008
(November, 30th 2009)

Build 5.0.10.X

New Features and/or Functional Changes:

• New function „GroupFilter“:
The groupfilter defines if a LDAP group is used or not.
The groupfilter works not together with the „ibm-allGroups“ groups-attributes.
By usage of the SignOn Gates LDAP counter check also this „GroupFilter“ must be defined. Example:
o „(useThisGroup=*)“: all groups with the attribute „useThisGroup“ are used.
o „(!(dontUseThisGroup=*))“: Groups with the attribute „dontUseThisGroup“ are not used.
o „(useGroup=1)“: Groups with the value “1” of the attribute „useGroup“ are used.
„(!(useGroup=1))“: Groups with the value “1” of the attribute „useGroup“ are not used.



Comtarsia SignOn Solutions 2008
(October, 1st 2009)

Build 5.0.9.X

New Features and/or Functional Changes:

• The Installer was adapted for Windows7.

Bug Fix:

• A timing problem in Event Service was fixed.



Comtarsia SignOn Solutions 2008
(September, 24th 2009)

Build 5.0.8.X

Neue Funktionen bzw. Funktionsänderungen:

• Windows7 Support


Comtarsia SignOn Solutions 2008
(September, 18th 2009)

Build 5.0.7.X

Neue Funktionen bzw. Funktionsänderungen:

• Function „LogonAllowGroups“:
Via the parameter REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\LogonAllowGroups (REG_SZ) could be a comma-separated list of the group names be defined, in which the user must be a member at least in one group in LDAP, so that a LDAP-login is possible.
If this parameter is empty or not defined (default), a LDAP-login will be performed without verification of the groups.
Via the parameter REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonPolicy\NegateLogonAllowGroups(REG_DWORD)= 1 could this list be negated, i.d. the user may be a member in none of the LDAP group from the list in LDAP. In this case is a LDAP-login possible.
Default = 0;

Function „DefaultEveryoneGroup“:
Via the parameter REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Group\DefaultEveryoneGroup (REG_SZ) could the name of the group be defined, which will be dynamically added to the group list by each LDAP login. Therewith is in the function „GroupMapping“ possible to perform a group mapping independently of the each LDAP group membership of the user.
Default = „#Everyone“

Function „DefaultNoGroup“:
Via the parameter REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\Group\DefaultNoGroup (REG_SZ) could the group name be defined, which is dynamically added to the group list by the LDAP login, when the user is not a member in any LDAP group. Therewith it is possible to performe a particular group mapping in this case in the function „GroupMapping“.
Default = „#NoGroup“

Function „SearchForUser“:
Via the parameter DWORD:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LDAP\SearchForUser:0
If this function is activated, the user will be seeked in LDAP before login under the BaseDN. The determined BaseDN is used then fort he login.

Function „AttributeBasedGroups“:
Via the parameter REG_MULTI_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LDAP\Servers\\AttributeBasedGroups=““
With this function could user groups be created dynamically from the content of user attributes.

Bug Fix:

A bug by reading of the paramenters REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\UserEnvironment\HomeDirDrive was fixed.



Comtarsia SignOn Solutions 2008
(August, 25th 2009)
Build 5.0.6.X

New Features and/or Functional Changes:

• Function „PanelBitmap“:
With the parameter REG_SZ:HKEY_LOCAL_MACHINE\SOFTWARE\Comtarsia\SOSProfile 001\LogonClient\ PanelBitmap=” C:\Program Files\Comtarsia\SignOn Solutions 2008\logon_tile.bmp“ can own Logon Client Kachel be loaded. Bitmap 128 x 128 pixel.



Comtarsia SignOn Solutions 2008
Build 5.0.5.X (April, 20th 2009)

New Features and/or Functional Changes:

• Diverse optimizations in domains performance and storage requirements
• Extended support for Novell eDirectory inclusive evaluation of the passwort policy

Bug Fix:

• A bug by LDAP passwort change was fixed, whereat the user received flase error notification due to false LDAP policy evaluation.
• A bug the SSO-functionality was fixed, whereby by the users that logged in for the first time, the SSO-process (ComtMSSO.exe) partially terminated after the startup by itself.



Comtarsia SignOn Solutions 2008
(February, 24th 2009)

Build 5.0.4.X

Bug Fix:
• A mistake by connection setup of inter-process-communication was fixed.
• The level of EventLog-entries was not set in some cases.


Comtarsia SignOn Solutions 2008
(February, 23rd 2009)

Build 5.0.3.X

• A support for the reading of the set IBM Directory Server Password Policy (IBM DS <= 6.0) as well as Effective Password Policy (IBM Ds >= 6.1) for the user object.

Bug Fix:

• A mistake by the setting of a new password after a „Change On Reset“ policy-warning was fixed.


Comtarsia SignOn Solutions 2008
(February, 3rd 2009)

Build 5.0.2.X

The first customer-build.





All product and company names mentioned herein are the trademarks of their respective owners. (c) 2001-2016 Comtarsia IT Services GmbH. |  Print  |  Impressum