New features and improvements
Use .NET's built-in validator to do certificate revocation checks for OCES certificates
You can now use .NET's built-in revocation validator to validate OCES certificates. The following table shows what validator is used under various configuration:
|Certificate type||Use database certificate revocation checks||Certificate validation full offline mode enabled||Validator applied mode|
|Non-OCES certificate||True||False||Database validator|
|Non-OCES certificate||True||True||Database validator|
|Non-OCES certificate||False||False||.NET bult-in validator|
|Non-OCES certificate||False||True||.NET bult-in validator|
|OCES certificate||True||False||Database validator|
|OCES certificate||True||True||Database validator|
|OCES certificate||False||True||.NET bult-in validator with FullOffline mode|
|OCES certificate||False||False||.NET bult-in validator|
For troubleshooting purpose, debug logs can tell you what type of validator is used.
Show more information on Log viewers
You can see more details directly on the list view of the following Audit log viewers:
- Audit user request
- Audit user updated
- Audit user created
- Audit issued claim
- Audit deleted resource
- Audit user claim
Show more certificate details on the certificate list
You can see more many more details of a certificate directly on the certificate list view: Subject, Thumbprint, Valid from, Valid to, Issuer, Is valid. Addition, you can now search for certificates by Thumbprint (exact comparison) or Subject (contain comparison).
Import custom claim definitions using XML format
We have ported the feature to import custom claim definitions stored in an XML file from the old Admin interface to the new one.
This type of import allows you to select what claim sets to import.
Search by display name on the user list
You can now search for users by display name:
Please note that the Search functionality always looks for users from the whole dataset (aka server-side search), while the Filter functionality only applies to the current page (aka client-side search). We also updated labels of the data columns of the User list to make them consistent to the labels used on the User details page.
- Fixed: #92744 [DirectAD]
GAD.LoggingToolBox.Loggingthrows an exception about log4net
- Fixed: #93314 [SWAdmin] Leave? popup forces user to save changes after the initial login on Firefox browser.
- Fixed: #93332 [SWAdmin] The initial loading of certificate takes too long on certificate list and certificate selection dialog.
- Fixed: #96133 [SWAdmin] User can't update his application or identity provider when its certificate setting contains an expired certificate.