Okta Advanced Server Access release notes

Latest release
Past releases

Release: 1.51.3

Deployment date: March 23, 2021

Enhancements

Gateways:

Gateways now report the local disk storage in use or zero when using external storage. This change allows admins to determine whether gateway files are stored locally or externally, and how much storage is in use.

Server tools:

The server agent now validates changes to the sshd_config file. This prevents a malformed configuration file from disrupting connectivity.
The server agent now creates a backup of the sshd_config file before making changes to it. This ensures that a working configuration can be restored in the event of an invalid configuration file.
The default thread count for machines with a large number of processors has been reduced. This improves individual processor performance.

Fixes

Client tools:

Clients ignored the LogLevel option when printing server banners.

Server tools:

When on-demand users attempted to connect to a Windows server using RDP, their initial attempt would sometimes fail.

Release: 1.51.1

Deployment date: February 16, 2021

Features and enhancements

Client tools:

Use sft config edit to edit the Advanced Server Access client configuration file with your system's default editor.
The client now retries rate limited SSH authentication requests for up to five minutes before failing.

Gateways:

Gateways now include a sample config file.
Gateways now support agent forwarding.

Fixes

Server tools:

When servers running Red Hat Enterprise Linux were upgraded, sometimes their server entries in Advanced Server Access were duplicated.
When admins enabled or disabled Forward Client Trust for a project, it sometimes resulted in an invalid sshd configuration. (Early Access)

Release: 1.50.4

Deployment date: December 17, 2020

Fixes

Server tools:

Attempting to apply a Unix user ID (UID) change and a user deletion operation to the same user simultaneously sometimes caused the agent to crash.

Release: 1.50.3

Deployment date: November 17, 2020

Fixes

Server tools:

Users who were members of non-existent local Unix groups sometimes caused the agent to crash.
When the agent was freshly installed on Windows, the Remote Desktop Protocol (RDP) broker failed to start.

Release: 1.50.1

Deployment date: November 16, 2020

Features and enhancements

Client tools:

Reducing the frequency that the host key cache is cleared improved parallel client performance.

Early Access Features

Client tools:

Shared primary user group identifiers (GIDs) are now supported.

Fixes

Client tools:

Enabling Client Trust Forwarding broke agent forwarding during non-interactive sessions.

Release: 1.49.2

Deployment date: November 9, 2020

Early Access Features

Gateways

You can now install and use Advanced Server Access gateways. See Install an Advanced Server Access gateway.

Session capture

You can now enable session capture on a project to log all session data on a gateway. See Enable session capture on a project.

Release: 1.45.4

Deployment date: July 10, 2020

Fixes

Client tools

When using client trust forwarding, a panic could occur, causing the client to crash. (OKTA-312023)

Release: 1.45.3

Deployment date: June 16, 2020

Fixes

Client tools

When used on a client not enrolled in any teams, the output from the 'sft resolve -q' command wasn't quiet.
When running numerous 'sft' commands in parallel, it was possible to corrupt the internal 'known_hosts' file, which led to subsequent connection errors. (OKTA-292731)
The SecureCRT ssh client couldn't connect to servers when using the 'ProxyCommand' option. (OKTA-259170)

Server tools

Remote desktop protocol sessions weren't closed when a user was deactivated or deleted. (OKTA-294736)

Release: 1.44.6

Deployment date: April 20, 2020

Fixes

Server tools

The Linux agent had an issue where some user group memberships were not correctly added.

Release: 1.44.4

Deployment date: April 15, 2020

Features and enhancements

Server tools

Enhanced user and group attributes are now available. For more information, see Advanced Server Access user and group attributes.

Release: 1.44.2

Deployment date: March 24, 2020

Features and enhancements

Client tools

The macOS client now supports Royal TSX for RDP.
The title bar of the Windows RDP client now displays the destination hostname.
ssh_config now supports true and false for Boolean SSH configurations, in addition to yes and no.

Server tools

The unix client can update customer user attributes, including shell, home directory, and account comment.
The RSA certificate ID part of SSH logs is now parsed.

Fixes

Client tools

The macOS client had a pathing issue in sft list-servers-rjson
When multiple login attempts were made concurrently from the command line, the system didn't wait for the first to complete.

Server tools

When sudo entitlements were renamed on unix, there was an issue.
Improved error handling when loading TLS certificates.
File permissions on sshd_config were sometimes altered when changing the file.

Release: 1.41.0

Deployment date: November 13, 2019

Features and enhancements

Server tools

Reduced event hook logging.

Fixes

Server tools

When migrating a server to a different project, there were sometimes user sync issues.