Version 2022.1.7.0 (February 15th 2022)

KNOWN ISSUE FOR USERS OF Windows 2012R2, PAIRED WITH AD AUTHENTICATION

The server erroneously reports that the DOMAIN FUNCTIONAL LEVEL is to low for binding our authentication, this will be fixed quickly.

Is there somewhere where we can get more detail on some of these changes? I'm particularly interested in some of the gateway changes.

we’re preparing a webinar, we’ll have a few videos by our amazing Yann, and Stephanie is writing up stuff for blogs

The IP vs host name was to force NTLM i believe (or prevent Kerberos)

The alternate host feature is to be able to use the same entry using both a principal AND alternate name, it’s useful especially for mobile workers that can use one name from within the internal network, and fallback to the alternate name when outside the network

just let me know what else you’d like to know

Yep, support for alternate hosts is a terrific enhancement. Your example is a good one (internal vs external), although as an extension to this, it would be great if alternate hosts could be set to use remote desktop gateway which isn't required for internal connections.

What's the inherited gateway option? We've had our Gateway set up on a folder level with all connections underneath inheriting since gateway was released and it's worked brilliantly. The only bug there is the "connect if unable to ping/scan" option doesn't work and just acts as though it's set to "always connect"

Where can I find more information about the PAM feature?

Thank you.

KNOWN ISSUE FOR USERS OF Windows 2012R2, PAIRED WITH AD AUTHENTICATION

The server erroneously reports that the DOMAIN FUNCTIONAL LEVEL is to low for binding our authentication, this will be fixed quickly.

Hi, we just updated our Domain Function Level to 2016, but Windows Authentication is still not working, are there any other adjustments that we have to make?

sebastian

@sjames

Indeed, we could a have blog just on this feature, it allows the admins of the solution to truly keep a single entry that corresponds to a single endpoint, and RDM can do its magic and :

1. hide the complexity
2. Improve productivity
3. elevate security

One sets up the gateway at the top of their hierarchy and sets desired entries to use the inherited settings. You can even modify your basic default settings to specify that option for all new entries.

One of the changes that the team felt was necessary was to trim down that dropdown when one chooses a gateway. Some choices were truly exclusive to VPNs and it caused confusion. The original "inherited' model was missing handling of the alternate host I believe.

@sebastianmair, we do have a few complaints in that area, its best to open a case at service@devolutions.net

@sjames,

Just to add a bit more information, here is the connection options that we support for Devolutions Gateway


So now, we support "Connect if unable to ping/port scan" and it should behave as expected. The connection will be a direct connection if you are locally and the Devolutions Gateway will be used if you are remote.

Don't hesitate if you have other questions

Best regards,

@jgamarra

• PAM - Azure AD Provider
  • Discover and manage Privileged Accounts (PA) in AzureAD (aka Office365). You can therefore have dedicated accounts that are task oriented, while also controlling access and having full visibility about their usage. (we feel that Azure's PIM is not the best solution for managing our own infrastructure, but I wont get into that for now)
• PAM - Local Windows Accounts Provider
  • Control LOCAL accounts for non-domain joined machines. Some of our customers have critical servers and/or public facing ones that are NOT joined to a domain. You can therefore create PAs and have the passwords totally managed by our solution.
• PAM - PAM Dashboard in Remote Desktop Manager
  • Long overdue, our own PAM was less exposed in RDM then others on the market. That new dashboard allows you to do most of your operations directly from within RDM. We intend to push this much further in the coming release.

That's it for the major additions, the rest are little improvements.

@all, our events page will be updated today, but our webinar for this release of DVLS is as follows

Devolutions Server 2022 Roadmap & New and Improved Features
Get tickets to Devolutions Server 2022 Roadmap & New and Improved Features, taking place 16/03/2022 to 16/03/2022.

@sjames,

Just to add a bit more information, here is the connection options that we support for Devolutions Gateway


So now, we support "Connect if unable to ping/port scan" and it should behave as expected. The connection will be a direct connection if you are locally and the Devolutions Gateway will be used if you are remote.

Don't hesitate if you have other questions

Best regards,

Thanks @François - we did the upgrade last night and have implemented the 'connect if unable to ping/port scan' option. This works brilliantly and has resulted in a significant performance boost for us as now only some connections need to route across the gateway instead of all of them.

Appreciate this feature a lot!

Hi Devolutions

Is there more Information how to use this improvement:

• Core - Initial OAuth support

I want to use AzureAD with OAuth to authenticate our users but can't find any documentation.

Kind regards

Hello,

The procedure is still the same as before (for now) to enable the authentication to O365 in DVLS: https://kb.devolutions.net/dps_azure_configuration_guide_365.html

The OAuth part is managed by DVLS and RDM, no additional configuration is needed on your end, except configuring the Access URI during the installation/upgrade to 2022.1: https://kb.devolutions.net/kb_dvls_accessuri.html

Best regards,

Hello,

A new version 2022.3.4.0 has been released last week. (https://forum.devolutions.net/topics/38326/version-2022340-november-10th-2022) What updates are you waiting for ?

Best regards,