Extranet User Manager 2.6.5031.2

Version: 2.6.5031.2

​Release Details

New Features for SharePoint Site Tree:

  • Anonymous access to the sites is now included in the tree. These are indicated in yellow to differentiate from direct access granted via username or group membership. If you view the tree for a group in landing admin – it will only show the direct group access, not additional anonymous nodes

New Features for EZ-Login and HydraProvider:

  • Password expiration detection

    This is an optional feature that can be enabled manually for FBA users
    • Modifications to the ChangePassword.aspx page, allow for a new optional message, and skip button if the Password will be expiring soon
    • There is a new Landing Page: ForgotPass/ExpiredPassword.aspx that the user is redirected to if their password has expired. This allows the user to change their password before returning to the ezlogin page, to login again
  • The HydraProvider surfaces the Last Password Change Date and the Last Lockout Date from the underlying provider
  • The Disclaimer page can also be expired, which will cause the users to periodically review and re-accept the text of the disclaimer
    • The appsettings, in SharePoint or Landing web.config can be modified with:
      <add key="Login_Disclaimer_ExpiredDays" value="100" />
    • The value is an integer number of days, since the last acceptance of the disclaimer
    • The Disclaimer table in the ManageUsers database can hold multiple disclaimer acceptances for each user, and the latest of these is used to determine how long since the disclaimer was viewed and accepted
    • If it is Login_Disclaimer_ExpiredDays ago or more, then the disclaimer page is shown during the login process

New Features for Landing Admin:

  • New Help menu – provides links to the PDF documents as well as online resources
  • About info moved to the Help Menu from the home page, so it is available on all LandingAdmin pages
  • To close the About popup, you can click in the red header, the grey glass background, or use the Esc key

New Features for the Installer:

  • There is no more 2nd page for modifying the site URL
  • SAVEINI – is specified by default and writes out the user's input into a reusable INI file
    (the default is MyEUMSetting.ini from the InstallEUM.cmd)
  • READINI can be specified to read the settings back in from a previous SAVEINI
  • License files in \LandingAdmin\bin  as well as C:\Program Files\EnvisionIT\EUM\Console and C:\Logs  will now be preserved during an upgrade (previously they would get overwritten with the new temporary license)
  • RESX files in \LandingAdmin\bin and \Landing\bin are also preserved during an upgrade
  • During READINI errors that are detected will be shown in popup dialog boxes if possible
  • The Administrator installing EUM must NOT be one of the app pool accounts
  • The installer asks for LDAP strings with specific OUs – but this precluded other users in other OUs from logging on. So now the Specific OU LDAPs are only used in Landing and Landing admin. In any of the 3 SharePoint web.configs, both the Internal and Extranet LDAP connection strings will always point to the top of the AD tree. (i.e. the OU= and CN= are removed from the specified LDAP connection strings)
  • In a Multi-node farm the APP Server is now supported. The App server is one that does not have the Web Front End site on it, but it may have central admin, and probably the Security Token service.  When selecting the Web Application there is now an App Server button to continue the install without the SharePoint site. This also means there is no landing or landingadmin on an App Server. There is also no Email sent from the app server, so this is not configured.
  • When specifying the LDAP connection strings, a connectionUsername and connectionPassword can now be specified in the Installer GUI. It is optional. Normally the IIS app pool accounts are given access to Active Directory, and the username and password are left blank
    • The Test Connection button is used to validate the username/password pair when accessing Active Directory
    • The username specified must be in the same domain as the LDAP connection
    • Specifying the extra credentials, will cause any use of the EIT_AD_Providers to get additional connectionUsername and connectionPassword attributes in the various web.configs
    • If the attributes are added, the installer will leave the passwords as plain text. There is no Encryption applied to the web.configs where the passwords appear

Strong Naming

  • Strong Name and Code Signing on EIT_MembershipUserMaintenance.dll and supporting DLLs
  • Removal of  CustomExtension.dll (previously used when setting passwords, for external sync)