Release Notes

Introduction

Release notes for Admin By Request software.

Endpoint Privilege Management

Windows



Admin By Request 8.4 – August 26th 2024
  • Support for the new Secure Remote Access products (Remote Support and Unattended Access).

  • Major update to the "Network Adapters" tray tool applet to support multiple IP addresses.

  • Tray notifications for replies to Run As Admin  and Admin Session  requests are now shown in real-time.

  • Break Glass accounts are created and removed in real-time on the endpoint after issuing them in the portal.

  • Local Administrator accounts in the inventory details are also removed in real-time on the endpoint.


Admin By Request 8.3 – April 22nd 2024
  • New Tray Tool applet replacement for “Network Adapters” and “Uninstall Programs”. These now pop up the ABR interface which ensures users are restricted to the specific functionality.

  • Optional “subprocess blocking” for more granular lockdown. Disabled by default. Enabling this will restrict system files from spawning subprocesses.


Admin By Request 8.2 – January 15th 2024
  • Support for Remote Access in Server edition.

  • Break Glass account creation on servers is now instant.


Admin By Request 8.1 – July 3rd 2023
  • Support added for Amazon WorkSpaces in Workstation edition.

  • Functionality added which gives users the ability to delete shortcuts from the common desktop.

  • The PIN Code feature is now available for Multi-Factor Authentication when the endpoint is offline.

  • Improved support for Adobe installers added.

  • Support added for in-app updating of Microsoft Visual Studio.


Admin By Request 8.0 – December 12th 2022
  • Endpoint Single Sign-on / Multi-Factor Authentication support. All SAML based systems are supported, such as Office 365, Okta and Adfs. SSO can be selected as authentication under Endpoint Privilege Management > Settings > Windows Settings > Endpoint > UAC. Refer to this page for documentation.

  • Machine Learning auto-approvals: When an application has been approved a certain number of times, Machine Learning can automatically approve requests. Refer to this page for documentation.

  • AI auto-approvals: Safe applications can automatically be auto-approved. Refer to this page for documentation.

  • Intune Compliance lockdown setting similar to the Owner lock feature introduced in 7.4. If a computer is not Intune Compliant, any elevation can be prevented. Refer to this page for documentation.

  • Support for National Clouds (such as GCC High) with the Azure AD Connector for Azure Groups.

  • Blocked applications can have a custom message for the end user.

  • More inventory data collected: Intune compliancy and TPM status information.

  • Recursive (transitive) groups are collected for Azure AD for both inventory and sub settings use.

  • Support for different settings for “Deny System File Elevation” and “Deny PIN Code” for Run As Admin apps and Admin Sessions under Windows Settings -> Lockdown.


Admin By Request 7.4 – June 13th 2022
  • New Owner feature. You can block elevations for anyone but the first non-administrator that logs on to the computer under Endpoint Privilege Management > Settings > Windows Settings > Lockdown > OWNER.

  • Azure AD connector has a new setting to prefer Azure AD groups instead of domain groups for hybrid computers.

  • User interfaces are now also localized in Italian, Korean, Polish, Russian and Chinese.

  • Universal time is collected from endpoints to show a unified time in the portal.

  • Initial Windows OOBE user DefaultUserX is ignored for inventory.

  • When using Support Assist, Tray Tools now reflects the user performing the support and not the logged on user.

  • Diagnostics for technical support can be submitted from the inventory without accessing the endpoint. Support will instruct how to do this when needed.


Admin By Request 7.3 – January 21st 2022
  • New Break Glass feature based on the ideas of Microsoft LAPS. Please refer to Setting-up a Break Glass Account for more information.

  • True administrators (built-in administrator, domain admins, aad device/company administrators, etc) activity is logged to Auditlog in the same way as user elevations. These entries are marked with a red user text in the Auditlog.

  • Attempting to run blocked applications is now logged to online Events along with issuing of PIN codes to unlock.

  • Users and groups can now be removed the local administrators group from the Inventory. Go to an endpoint and click the “Local Admins” left menu and use the “Revoke rights” buttons that will appear after the endpoint is updated to 7.3+. Mass revoke can be done from the Local Admins report.

  • If users in the local admins group are disabled, this is shown in Inventory along with last log on time for local accounts to be able to determine, if they are in use or not.

  • Support for Dutch language. Currently supported languages are now: English, Spanish, French, German, Dutch, Danish, Swedish and Norwegian.

  • Support for Azure Virtual Desktop (Windows 10 multi-session). This no longer requires a server license. Licenses are consumed for this type by number of users. Machines will have a red Windows logo in the Inventory and multiple users will be listed and used for license counting.

  • Improved support for running Windows Store apps (such as Terminal) with admin rights.


Admin By Request 7.2 – September 6th 2021
  • Major events on endpoints are reported to the portal inventory under a new “Events” left tab, such as updating Admin By Request, tampering attempts and administrative logons.

  • Support for Microsoft KB5005652 that requires administrator rights to install printers.

  • Fixed some installer incompatibilities (such as Jabra Direct Updater and Java Updater).

  • Fixed an issue where the tray icon could appear irresponsive.


Admin By Request 7.1 – May 3rd 2021
  • User is notified in the system tray, when requests are approved or denied as a supplement to the email they also receive.

  • Some install programs that require administrator rights to install required the user to manually right-click and select “Run As Administrator”. This is no longer necessary.

  • New option for Tray Tools that is a submenu you can design when users click the tray icon.

  • Compatibility issues with a few specific applications fixed, such as CodeSys updater and Acronis installer.

  • New redesigned About screen with uninstall PIN code option. The PIN code can be found in the inventory.

  • Support for Windows 10 Enterprise for Virtual Desktops in server edition.

  • Inventory includes BitLocker flag.

  • Memory usage could be high with large Active Directories. Total memory consumption should now never exceed 100mb.

  • For further details, please refer to this blog.

Admin By Request 7.0 – November 16th 2020
  • Admin By Request 7 is a redesign of the user experience based on the feedback we have gotten from our customers. Please refer to this blog for full documentation.


Admin By Request 6.4 – August 17th 2020
  • Major performance improvement when using Run As Admin or starting Admin Sessions.

  • New Support Assist feature for your Help Desk to service your end users more effectively. Refer to Requesting Assistance (Support Assist) for more information.

  • If a computer is renamed or reinstalled, it will also be renamed in the inventory instead of consuming two licenses. This will also move existing auditlog entries to follow the new machine name.

  • If a hypervisor is present, revoked users are added to the Remote Desktop Users group to support Hyper-V Enhanced Mode sessions.

  • If Windows 10 Baseline Security or group policy settings are in effect in relation to UAC settings, these are overruled on-the-fly when running programs with administrative permissions.

  • Global scope works with Azure AD groups.

  • Improved support for proxy servers.

  • Extended event log logging.


Mac



Admin By Request 5.0 – September 6th 2024
  • Easier endpoint client installation. Installing the Admin By Request endpoint client is now more straightforward, allocating extensions and prompting for permission as required

  • More conventional app installs. As well as double-clicking .pkg files, apps can now be installed by simply dragging to the Applications folder.

  • Intuitive app updates. Pre-approved apps can now be updated when the apps themselves prompt for it on manufacturer release without the need for a full Admin Session.

  • Added feature Authentication via MFA. Multi-Factor Authentication is now available for macOS endpoint clients (Azure SSO required).

  • Added feature Support Assist capability. Admin By Request Mac 5.0 introduces Assistance to the feature set for macOS endpoint clients (Azure SSO required).

  • Added feature Local Admin Rights control from the portal. IT administrators can now easily clean up local admins on an endpoint by simply revoking their rights directly from the portal.

  • Added feature Administrator Audit. Auditable admin events are now fully logged in the Auditlog and/or the Events log, including sudo commands executed and steps taken to upgrade an app.


Admin By Request 4.2 – November 2nd 2023
  • New System Settings Lockdown feature added to control the access to specific System Settings in macOS by enabling or disabling access within the portal. Available in Settings > Workstation Settings > Mac Settings > Lockdown > System Settings.

  • Added Confirm Mode allowing users to elevate applications with a single button click rather than entering their credentials. Available under Workstation Settings > Mac Settings > Endpoint > Authentication.


Admin By Request 4.1 – June 19th 2023
  • New Owner feature. You can block elevations for anyone but the first non-administrator that logs on to the computer under Mac Settings -> Lockdown -> Owner.

  • Intune Compliance lockdown setting added. This feature is similar to the Owner lockdown feature; if a computer is not Intune Compliant, any elevation can be prevented. Refer to this page for documentation.


Admin By Request 4.0 – January 9th 2023
  • Support for installation of application files by dragging them to the Admin By Request dock icon. Previously there was only support for .pkg files.

  • Support for pre-approving applications based on vendor or checksum.

  • Support for Azure AD groups for subsettings based on the Azure AD Connector configured under Authentication in settings. The connector configuration is shared between Windows, Mac and Linux and does not need to be re-configured for Mac, if already set up for Windows.

  • Machine Learning auto-approvals: When an application has been approved a certain number of times, Machine Learning can automatically approve requests. Refer to this page for documentation.


Admin By Request 3.2 – July 1st 2022
  • New Break Glass feature based on the ideas of Microsoft LAPS. Please refer to Setting-up a Break Glass Account for more information.

  • Major events on endpoints are reported to the portal inventory under a new “Events” left tab, such as updating Admin By Request, tampering attempts and administrative logons.

  • New malware detection based on OPSWAT MetaDefender. Click here for more information.

  • Blocking of applications works again, now with the addition of blocking based on vendor.

  • Universal time is collected from endpoints to show a unified time in the portal.

  • Diagnostics for technical support can be submitted from the inventory without accessing the endpoint. Support will instruct how to do this when needed.


Admin By Request 3.1 – March 17th 2022

Fixed compatibility issues with Monterey v12.3. Monterey 12.3 broke a series of software, including Dropbox and OneDrive, as explained on the official Apple Release Notes here.

When computer is renamed, it will also rename in Inventory.

Various performance improvements and minor bugfixes.


Admin By Request 3.0 – December 7th 2021
  • Run As Administrator for the Mac. Authenticate and install software without requiring a full admin session.

  • New, modern design like the Windows client with light/dark modes and reason dialog customization.

  • Uninstall using PIN code from Inventory.

  • Desktop notification of approved or denied session and elevation requests.

  • Option to use the policy file to hard-code user or computer groups and get sub-setting support on Macs without Active Directory or other directory service.

  • Uninstalled Macs are now removed from inventory and immediately freeing up a seat license.

  • Inventory includes firewall and FileVault status.

  • Submit diagnostics from About is not possible for easier technical support.

  • Software that required the “full admin access” setting in 2.x now work out of the box.


Admin By Request 2.10 – November 20th 2020
  • Support for Big Sur. Please upgrade the Admin By Request endpoint software before upgrading to Big Sur. Note that the kernel extension for blacklisting no longer works due to Apple no longer supporting these on Big Sur. Blacklisting will be re-implemented in a different way in next update.

  • Fixed issue with scanning Applications with recursive symbolic links.

  • Fixed issue with inventory missing on some endpoints.

  • Fixed issue with user groups on newer Jamf Connect clients.

  • Fixed issue with poor performance on large Active Directories.


Admin By Request 2.9 – August 17th 2020
  • Improved user group support on some third party Active Directory clients.

  • New sudo feature to allow sudo in terminals opened before admin session started.

  • Various bug-fixes relating to CPU and memory consumption.


Admin By Request 2.8 – April 21st 2020
  • Unrestricted admin mode for certain development and sysadmin tools (“Allow full admin access” under Lockdown -> Admin session in Mac settings).

  • Issues with Active Directory groups extraction fixed.

  • Issues with macOS upgrade installer rights fixed.

  • Conflict issues resolved on machines running both NoMAD and native Active Directory.


Admin By Request 2.7 – October 28th 2019
  • Support for Catalina.

  • Autoupdater over the internet for future versions. Can be enabled in your settings.

  • Alert message when an application is blocked blacklisting.

  • Improved Nomad support.

  • Uninstaller now works when run as root by deployment tools.


Linux



Admin By Request 3.1 – May 22nd 2024
  • Command Line Interface (CLI) support, enabling end users to use the Run as Admin and Admin Session features via the CLI without using the GUI.

  • Support for the Ubuntu 24.04 and Rocky9 distributions.


Admin By Request 3.0 – August 7th 2023
  • Run as Admin on sudo sessions

  • Support for pre-approved and blocked applications in sudo sessions

  • Revoke admin rights now automatically removes local admin groups from user accounts. You can disable this by using the “Excluded accounts” setting in your Admin Portal

  • Audit logging on programs executed in sudo sessions

  • Option for disabling interactive sudo sessions

  • Option for disabling the root account

  • Option for allowing or disallowing changing of the root password

  • Integration of identity management such as Active Directory, FreeIPA and LDAP domain using the SSSD client software

  • Compatible with Ubuntu 20.04, 22.04, and RHEL9


Admin By Request 2.2 – September 19th 2022
  • Support for Red Hat Enterprise Linux 9 (RHEL9)

  • Support for Fedora 36 Linux

  • Install and uninstall of RPM packages are now monitored.

  • Status notifications when start and ending sessions in the GUI.

  • The service configuration and policy files can now be split into several files, which makes it possible for customers to push out their own sub configuration.


Admin By Request 2.1 – July 18th 2022
  • Non-public bug fix release.


Admin By Request 2.0 – May 25th 2022
  • Support for Ubuntu 22.04 LTS.

  • Automatic upgrade from previous 20.04 LTS version when the OS is upgraded.

  • Possibility to allow sudo for non-sudoers configurable from the portal.

  • Improved proxy support.

  • DEB packages for both Ubuntu 20.04 LTS and 22.04 LTS are now correctly PGP / GPG signed.


Admin By Request 1.5 – February 17th 2022
  • Failback functionality added. When the ABR service isn’t working correctly, a failback function will make it possible to gaining administration privilege for some predefined users. The failback functionality is currently working for the sudo security subsystem.


Admin By Request 1.4 – February 8th 2022
  • GUI layout is updated to match the Windows platform and it is also possible to selected the light or dark themes in the web portal.


Admin By Request 1.3 – January 29th 2022
  • Support for communication through https proxy added. It is now possible to have several proxy configuration at the same time. The ABR for Linux will automatic retrieve the proxy configuration from both the user desktop environment, the user environment variables and the system configuration.

  • Support for uploading inventory from ABR clients added.


Admin By Request 1.2 – December 14th 2021
  • Support for monitoring installation, upgrade and removal of DEB packages added.


Admin By Request 1.1 – December 2nd 2021
  • Support for sudo security subsystem added. It is now possible to use the sudo command when gaining administration privilege through the ABR for Linux.


Admin By Request 1.0 – November 22nd 2021
  • Support for Ubuntu 20.04 LTS using the default Gnome desktop environment.

  • Basic functionality for gaining administration privilege by creating administrator session using the PolKit security subsystem.