idu suite 5.7 - varonissupport.varonis.com/emails/attachements/idu_suite_5.7.27_release... · idu...

IDU Suite 5.7.27Release Notes

Publishing Information

Software version 5.7.27Document version 27Publication date October 2011; updated April 3, 2012

Copyright © 2005 - 2012 Varonis Systems Inc.

All rights reserved.

This information shall only be used in conjunction with services contractedfor with Varonis Systems, Inc. and shall not be used to the detriment ofVaronis Systems, Inc. in any manner. User agrees not to copy, reproduce,sell, license, or transfer this information without prior written consent ofVaronis Systems, Inc.

Other brands and products are trademarks of their respective holders.

IDU Suite 5.7.27 Release NotesIntroduction

Proprietary and Confidential of Varonis 1

Introduction

IDU Suite 5.7.27 introduces the following new functions and enhancementsto existing functions:

• DatAdvantage

• Configuration of DatAdvantage Lite - The ability to activateDatAdvantage such that it provides visibility into the customerenvironment according to user role

• Ability to configure global and personal flags, tags and notes

• Enhanced mechanism for defining a data retention policy

• 5.7.10 - Enhancements to log-related filters

• 5.7.10 - Auditing of Access Denied events

• DataPrivilege

• Creation of subfolders in DataPrivilege

• Ability to make a request for multiple users

• Authorization by a user's direct manager

• Ability to define "locations" for groups

• Enhancements to the Bulk Upload tool

• 5.7.10 - Support for Swedish throughout the user interface

• 5.7.20 - Ability to add groups as members of groups

• 5.7.20 - Ability to allow administrators to perform managementoperations

• 5.7.20 - Ability to filter objects according to Active Directory logicallocation

• 5.7.24 - Ability to set expiration date for direct membership requests

• 5.7.24 - Removal of deleted folders

• DCF

• 5.7.24 - Selection of temporary working directory

• Reports

• Wizard for defining report templates

• Non-real-time alerts

• Extended attributes in DataPrivilege reports

• 5.7.20 - Renamed columns

• 5.7.20 - New representation of derived group members

• New filters

• File system

• Discovery reports

• 5.7.20 - Log report

• 5.7.24 - Addition of filters to reports 2.a.01 and 2.d.01

• Customization of the dictionary for discovery reports (group 12)

IDU Suite 5.7.27 Release NotesIntroduction


• Additional file system attributes

• 5.7.20 - Ability to define display options in Report Viewer

• 5.7.20 - Change in report numbering

• DatAdvantage reports

• Top Unique Folder with Read Permissions

• Owned Unused Files

• Recommended Base Folders

• 5.7.10 - Activity by Users Other than the Mailbox Owner

• 5.7.10 - Permissions for Users and Groups Other than the MailboxOwner

• DataPrivilege reports

• Disabled/Deleted Owners and Authorizers

• Executive Summary

• Mail Auditing

• Managed Folder Permissions

• Core

• Support for probing the enterprise's directory services

• 5.7.1 - Automatic configuration of group policy objects

• 5.7.10 - New directory service object types

• 5.7.10 - New filters

• 5.7.10 - Object type name in the log display

• 5.7.10 - Changes in terminology

• 5.7.10 - Empty string for irrelevant properties

• 5.7.10 - Tree-level pager

• 5.7.10 - Disabled users icon

• 5.7.20 - Improved handling of computer accounts

• Enhancements to the Varonis FileWalk agent

• Enhancements to PullWalks

• Changes in the default job schedule

• New supported Linux configurations

• HP-NAS devices are now supported

• 5.7.10 - Support for Microsoft Exchange through the VaronisExchange agent

• 5.7.20 - Automatic detection of SharePoint Sites and domaincontrollers

• 5.7.20 - Filtering of false Open events

• 5.7.23 - Inclusion of the Microsoft Visual C++ 2005 RedistributablePackage in the Exchange MSI

• Upgrade

• Review of report subscriptions

• Recommendations for agent upgrades

• Reinstall agent when upgrading to Exchange 2010 SP2

• Upgrade flows

IDU Suite 5.7.27 Release NotesNew Enhancements


New Enhancements

DatAdvantage

DatAdvantage Lite

Varonis is pleased to introduce DatAdvantage Lite. DatAdvantage Lite allowscustomers to purchase only the specific user roles they need to gain visibilityinto their system, thereby matching DatAdvantage's capabilities with theirneeds. With DatAdvantage Lite users can be members of several differentview-based user roles at once, thus gaining access to the required views.Two additional roles - the Configuration user and the Commit/Edit user -must be appended to at least one of the view-based user roles.

While all roles can view entities in DatAdvantage, the following operationscan only be performed by certain roles:

• Configuration - Only available to Enterprise Managers, systemadministrators and the users specifically assigned the Configuration role

• Commit/Edit - Only available to Enterprise Managers, Power Users andthe users specifically assigned the Commit/Edit role

Flags, Tags and Notes

DatAdvantage's UI follow-up flags have been enhanced to enable fullcustomization of their name, color and scope. In addition, users can definecustom tags and notes on objects in the same manner. Flags, tags andnotes may all be set as available for global use or personal use only, andthey all may be used in various searches and filters. Only global flags maybe used in searches - personal flags are not supported for reports or logs.

When DatAdvantage is upgraded from 5.6 or lower to 5.7, flags are handledas follows:

• All personal flags in the lower version become global flags in 5.7.

• The names and colors of flags defined in the lower version aremaintained in 5.7.

Retention Policy Mechanism

DatAdvantage now provides more control over the definition of a dataretention policy. With this version, events and statistics can be both archivedand deleted. In addition, default dates for archiving and deletion can be set.

Log-Related Filters

5.7.10

The Event status filter was added, to support auditing of Access Deniedevents.



In addition, several filters in the Logs view were renamed:

Type of Log Old Filter New Filter

Simple Look onlyin theseresources:

Where didthe eventoccur?

What wasthe natureof theevent?

What typeof eventoccurred?

Whoaccessedthe object?

Whogeneratedthe event?

Advanced File systemobjects

Directoryobjects

Directoryname

Affectedobject name

Directorypath

Affectedobject path

Directorydepth

Affectedobject depth

User/groupobjects

Directoryserviceobjects

Auditing of Access Denied Events

5.7.10

With this version, DatAdvantage enables auditing events generated by userswho attempted to access objects to which they do not have permission.Information is collected regarding the time period and type of the actionbeing attempted.

Access Denied events are currently only audited for Windows and EMCCEPA file servers. They can be viewed in the log; they are automaticallyfiltered out of statistics and other reports.

DataPrivilege

Creation of Subfolders in DataPrivilege

This version introduces the ability to define subfolders directly inDataPrivilege. Until now, administrators had to define new folders in the filesystem and then add them to DataPrivilege. With this new feature, data andgroup owners can (with administrator permission) define new folders directlyin DataPrivilege.

A new report, Requests and Authorizations, provides data on the creation ofnew folders.



Requests for Multiple Users

With this version, DataPrivilege enables creating requests for multipleusers. This is supported in both permission requests and group membershiprequests.

Management Authorization

This version of DataPrivilege introduces management authorization. Beforea request of any sort is sent to the relevant authorizer, it is first sent to theuser's direct manager for approval. With this optional feature, the user'smanager (designated as Authorizer 0) may evaluate the necessity of therequested access to the user's work. If the manager deems such accessunnecessary, the manager can decline the request and the request's lifecycle is completed.

Group Locations

With this version, it is possible to define virtual "locations" for groupsin DataPrivilege. Like base folder locations, group locations enablea hierarchical view and can be created, moved and deleted (onlyadministrators can define group locations).

When a group is added to DataPrivilege, its location can be selected.Additionally, group locations can be used in searches.

The group location hierarchy is stored only in the DataPrivilege database. Itdoes not affect the enterprise user directory in any way.

Bulk Upload Tool

The Bulk Upload Tool has been enhanced in a number of ways:

• Adding and configuring permissions types is now supported

• Adding authorizer levels is now supported

• Folders can be set as protected

• The DataPrivilege configuration can be exported to the Bulk Upload Toolformat

• A summary screen has been added

• A new sheet enables uploading permissions in bulk

• A new sheet enables uploading the Excluded Groups list

• The general look and feel has been enhanced to reflect the Varonisbrand

Multi-Language Support

5.7.10

DataPrivilege now supports the following languages throughout the userinterface:

• Swedish

Groups as Group Members



5.7.20

DataPrivilege now enables adding groups as members of other groupsthroughout the user interface. This ability is controlled by a new configurationkey, Allow adding a group to a group, in the Authorizer and Owner Rightscategory.

Administrators and Management Operations

5.7.20

With this version, the Administrator role can perform operations on theDirectory and Group Management screens. This ability is controlled by anew configuration key, Allow administrators to view and edit managementscreens, in the General category.

Filtering Objects by Location

5.7.20

DataPrivilege now enables defining logical locations, or hierarchical trees inwhich folders are grouped according to the selected criteria. Once locationsare defined, it is possible to filter the view presented to users according tolocation, so that users see only those folders that are relevant to them.

This filtering is controlled by two new configuration keys in the Domainscategory:

• Filter objects by location

• Locations to be displayed

Request Expiration Dates

5.7.24

With this version, DataPrivilege enables setting an expiration date on directmembership requests.

DCF

Configuration of Temporary Working Folder

5.7.24

The DCF now enables selecting the temporary working folder. This versionincludes a new key, "TempDirectory," that enables configuring the requiredfolder. If the key is blank, the temp directory used is %temp%\__temp_dcf\. If the key is not blank and represents a directory, this directory is used:TempDirectory\__temp_dcf\.

When the DCF starts, it checks whether the TempDirectory exists. If thedirectory does not exist, the service exits with an error.



Reports

Report Templates

This version introduces the ability to define templates for DatAdvantagereports that can easily be reused to produce the most useful reports. Userscan define many report elements:

• Displayed columns

• Column grouping and sorting options

• Column order and visibility

• General look and feel

• More

5.7.20

With the release of 5.7.20, the above display options can be defined in theReport Viewer (in addition, they can also be defined through the ReportTemplate Wizard).

Non-Real-Time Alerts

In this version, two new report templates have been added and severalothers enhanced to enable alerting users to changes made in the monitoredenvironment. The two new reports are subsets of the log/history report:

• Changes in User/Group Repository report - This report template providesinformation about changes that have occurred in user repositories, basedon the history of differences.

• Changes in Folders/Permissions report - This report template providesinformation about changes that have occurred on the monitoredresources, based on the history of differences.

In addition, filters and operands have been added to existing reports tosupport their use as alerts.

New Filters

File System Filters

A number of new filters related to the file system are available. These filterscan be used in searches, in report generation and in setting the scope ofDCF rules.

• Number of nested folders

• Number of nested files

• Total number of nested objects

• Number of files in subfolders

• Size of this folder only (in MB)

• Size of nested folders (in MB)



Discovery Report Filters

The following new filters are available for use with the Discovery reports(group 12):

• Group name

• User name

• SAM account name

• Permissions

• Parent group name

• Group SAM account name

• Domain filter

5.7.20 - Log Filters

The following filter is now available for use with the Log report (1.a.01):

• Acting object type

5.7.24 - Event Count Filters

The following filters are now available for use in reports 2.a.01 and 2.d.01:

• Event count

• Event count on subdirectories

Customization of the Dictionary for Discovery Reports

The Discovery reports (group 12) provide information on potential problems,such as suspicious access to folders, administrators in non-admin groups,empty security groups, etc. These reports are generated according to adictionary of terms. With this version, the dictionary can be customized asnecessary.

Extended Attributes in DataPrivilege Reports

To boost the value of DataPrivilege reports and increase their similarity withthose of DatAdvantage, this version enables defining extended propertiesfor use with reports. The ability to add up to four extended properties to anyreport gives users access to information that is not necessarily returned bythe default report.

In addition, the Reports search and the Subscription Filters panes have beenredesigned to more closely resemble those of DatAdvantage. The Data-Driven Reports Configuration and the regular Reports Configuration windowshave been combined.

New Reports in This Version

DatAdvantage

The following reports are new in this version of DatAdvantage:

• Changes in User/Group Repository report - A subset of the Log report(category 1), this report template (1b, or 1.a.02) provides informationabout changes that have occurred in user repositories, based on thehistory of differences.



• Changes in Folders/Permissions report - A subset of the Log report(category 1), this report template (1c, or 1.a.03) provides informationabout changes that have occurred on the monitored resources, based onthe history of differences.

• Top Unique Permitted Folder - This report (4l, or 4.l.01) shows, per user,the highest-level folder having unique permissions in the file system.

• Owned Unused Files - This report (10c, or 10.c.01) indicates the specialfiles that have not been accessed in a defined number of days.

• Recommended Base Folders - These reports (12m and 12n, or 12.m.01and 12.m.02) suggest good candidates to become base folders inDataPrivilege. They use an algorithm based on the permissions of non-administrative groups. For further instructions, see IDU Suite ReportsGuide.

5.7.10 - DatAdvantage

The following reports were added in 5.7.10 along with support for Exchangeservers:

• Activity by Users Other than the Mailbox Owner - This report (2d, or2.d.01) summarizes the events created on mailboxes and mailbox foldersby users other than the owner of the mailbox.

• Permissions for Users and Groups Other than the Mailbox Owner - Thisreport (4m, or 4.m.01) displays a list of permitted users on specifiedmailboxes and mailbox folders, who are not the owners of the mailbox.

DataPrivilege

The following reports are new in this version of DataPrivilege:

• Disabled and Deleted Owners and Authorizers report - This reportindicates users who are defined as owners or authorizers but who weredeleted or disabled in the enterprise directory.

• Executive Summary report - This report presents an executive overviewof the managed DataPrivilege environment, including information aboutowners and owned entities, as well as requests and their status.

• Mail Auditing report - This report provides full auditing of all the email sentfrom DataPrivilege.

• Managed Folder Permissions report - This report provides informationabout managed folders that are nested within other folders on the filesystem.

Report Numbering

5.7.20

Reports have been entirely renumbered, to enable adding report templatesto existing categories and saving customized templates with the appropriatenumbering. Subscriptions that were created with the old numbering areautomatically adjusted upon upgrade. However, this process can be time-consuming. Customers who want to defer it to a later time, after the rest ofthe upgrade is complete, can do so as described in Upgrade and ReportSubscriptions.

Renamed Columns



5.7.20

The following column names have been changed:

Report Old ColumnName

NewColumnName

Report3.a.01,GroupMembers

SAMAccountName

MemberSAMAccountName

Report3.b.01, Useror GroupParents

SAMAccountName

Group SAMAccountName

Report3.e.01,HistoricalGroupMembership

SAMAccountName

Group SAMAccountName

Subscriptions created with the old column names are automatically adjustedupon upgrade.

Representation of Group Members

5.7.20

The way in which the hierarchy of derived group members (that is, childrenof members) is displayed has been updated for the following reports:

• Report 3.a.01, Group Members

• Report 3.b.01, User or Group Parents

• Report 3.e.01, Historical Group Membership

Before the update, all child members of a group were listed, includingderived members. Now, only immediate members are listed (not theirderived children).

Example

Before the update, for A > B > C > D (where group B is a member of group Aand so on) the group hierarchy was displayed in the following way:

• A > B

• A > C

• A > D

• B > C

• B > D

• C > D

Now, the group hierarchy is displayed as follows:

• A > B

• B > C



• C > D

Core

Directory Service Probing

This version introduces an important new feature, the Directory ServiceProbe. The ability to probe an organization's directory service (such asActive Directory) and collect all the events occurring on the directoryrepresents a major step forward in gaining total insight into who is accessinga company's data.

Directory Service probing includes support for the following events:

• Creation and deletion of all objects

• Changes in group membership

• Changes in directory service object properties for any property

Note: Due to standard Microsoft behavior, Modify events may be recordedfor all the fields in a modified object, not only those that were changed; also,when an AD object is created, many Create and Modify events are recordedon the object's fields.

In this version, DatAdvantage support for directory service probing includesfull visibility in logs and history, as well as several reports. The DCF does notsupport directory service probing.

5.7.1 - Automatic Configuration of Group Policy Objects

With the release of 5.7.1, it is possible to configure group policy objects(GPO) automatically, through the Enterprise Installer. For this purpose,a user with domain admin credentials (or enterprise admin, for forests) isrequired.

5.7.10 - General Enhancements

With the release of 5.7.10, DatAdvantage provides the followingenhancements to directory service probing:

• Support for six new directory service object types, along with the ability todistinguish between a container and a generic directory service object:

• Printer

• Contact

• ForeignSecurityPrincipal

• GPO

• msExchDynamicDistributionList

• Shared Folder

• Entity Type filters in the Logs and Reports views.

• Addition of the object type name next to the object icon in the log display.

• Change in terminology from "AD" and "Active Directory" to "DS" and"directory service"

• Display of empty string for file system properties that have no relevant fordirectory service objects



• Display of multiple leaves under a single tree node - A pager has beenimplemented at the tree level to facilitate this

• Disabled users are displayed with the standard "disabled user" icon

• Change of filter name - The name of the User/Group filter (affectedobjects) filter was changed to User/Group (hist. of differences only)

• Change of menu option - The name of the Locate in OU structure menuoption was changed to Locate in DS structure

Computer Accounts

5.7.20

Events are frequently generated by computer accounts, not by humanusers (especially since the introduction of directory service probing). Thisversion includes a number of changes to better indicate events generated bycomputer accounts.

• The SAM account name for computer accounts includes a dollar sign ($),to clearly indicate that these are not human users.

• Computer accounts are not displayed in the Users and Groups panes,unless a directory is selected to which a computer account haspermission. Computer accounts that are members of groups are notdisplayed in those groups.

• Computer accounts can be added to the list of filtered users according toSID.

• Computer accounts cannot be selected in the Directory Service picker.Instead, a computer's name can be entered in place of a human user'sname to search for it in the log.

• Known issue: The permissions displayed for computer accounts arelimited in that they do not consider group inheritance.

• Known issue: Errors are not calculated for computer accounts.

FileWalk Agent Enhancements

In this version, the Varonis FileWalk Agent has been enhanced as follows:

• Installation

• The FileWalk Agent is installed by default and Varonis is set as theFileWalk method.

• If the method is changed to CIFS, the FileWalk Agent is not installed.

• Upgrade

• From a version below 5.7, the FileWalk Agent is not installed and theFileWalk method remains CIFS.

• Repair/Upgrade

• From 5.7 and higher, the File Walk Agent is installed or upgraded asrelevant.

• If the FileWalk method is set as CIFS, it remains CIFS.

• If the FileWalk method is changed from Varonis to CIFS, the user isprompted to remove the FileWalk Agent.

• If the method is changed from CIFS to Varonis, the Enterprise Installerinstalls the FileWalk Agent.



PullWalks Enhancements

In this version, the PullWalks job now runs only on shadow databases thatcontain fresh data. Furthermore, it has been separated into smaller jobs thatcan be scheduled to run according to separate schedules.

Pull Walk :: Processing

1. Resolve File Walks Data

a. Pull new FileWalk data from the Probe database totemporary tables on the shadow database.

b. Pull into TMP tables

2. Pull Directories And ACLs (affect only temporary tables)

a. Build derived relations.

b. Calculate SDT properties.

c. Update history tables.

d. Incrementally update user-derived relations.

e. Synchronize user commands.

f. Push DFS shares.

g. Run publish job.

Pull AD

1. Pull AD - Pull new ADWalk data.

2. Rebuild user-derived relations

3. Synchronize user commands.

4. Synchronize pulled domains with DataPrivilege.

AE1. Run AE.

2. Synchronize AE commands.

3. Synchronize AE with DataPrivilege.

Changes to Default Jobs

The default jobs have been set as follows:

• CIFS Events Archive - 12:05 AM

• Pull CIFS Events - 12:55 AM

• ADWalk - 10:00 PM (changed from 3:00 AM)

• FileWalk - 10:00 PM (changed from 11:00 PM)

• Pull AD - 12:00 AM

• Pull Walk :: Processing - Hourly (changed from 2:00 AM)

• Pull DCF - 6:00 AM (changed from 8:00 AM)

• AE - 8:00 AM on Sundays (once a week)

Supported Linux Configurations

This version provides support for the following Linux configurations:



• RedHat-RHEL5-SMP-2.6.18pae-x86-32

• RedHat-RHEL4-SMP-2.6.9-x86-64

Support for HP-NAS Devices

With this version, the IDU Suite enables complete auditing and visibility forHP-NAS devices. The following versions are supported:

ibrix_version -l

5.5.232(X9000_5_5)

Support for Microsoft Exchange

5.7.10

With the Varonis IDU Suite, organizations can gain actionable insight into theinformation residing on the Exchange platform. DatAdvantage now providescomplete visibility into Exchange Servers to facilitate:

• Efficient and effective permission management

• Auditing of mailbox events

• Ownership detection and assignment

• More

The Varonis Exchange agent supports the following versions of Exchange:

• Exchange 2003 Post-SP2

• Build 6.5.7653.33

• Build 6.5.7653.8

• Build 6.5.7654.4

• Build 6.5.7656.2

• Exchange 2007 SP3, build 8.3.x

• Exchange 2010 SP1, build 14.1.x

5.7.20• Exchange 2010 SP2, build 14.2.x

5.7.23

The Microsoft Visual C++ 2005 Redistributable Package (x64) and the VisualC++ 2005 Service Pack 1 Redistributable Package ATL Security Update arenow included in the MSI and need not be installed separately.

Automatic Detection of SharePoint Sites and Domain Controllers

5.7.20

This version enables automatic detection and monitoring of domaincontrollers (DCs) and SharePoint sites.

False Open Events



5.7.20

Open events may be triggered unintentionally for a variety of reasons,resulting in inaccurate analysis of file system access. With this version, theIDU Suite can be configured to filter such false Open events.

Upgrade

Upgrade and Report Subscriptions

With the introduction of report templates, report templates, the process ofupgrading to 5.7 requires reviewing existing report subscriptions to identifythe relevant template or create one if necessary. This process may be time-consuming and customers may want to defer it to a later stage to completethe upgrade quickly.

IMPORTANT: Reports and subscriptions cannot be used until this processis completed.

To defer this process and perform it later via the Repair/Upgrade flow (or theinternal Report Deployment tool):

• Before upgrading vrnsdomainDB:

update keyvalue set value = 'None' where [key] = 'rpcstate'

• Before running the Repair/Upgrade flow (or the Report Deployment tool):

update keyvalue set value = 'Installed' where [key] = 'rpcstate'

Agents to be Upgraded

The following enhancements and resolved issues affect the Varonis Agents:

IssueID

Description

23545 The maximum size of the event log is now 16 MB and it isno longer attached to notification emails by default.

25197 Two additional Linux configurations are supported:RedHat-RHEL4-SMP-2.6.9-x86-64 and RedHat-RHEL5-SMP-2.6.18pae-x86-32.

26627 When a folder was moved within the same Windowsvolume, the source and the destination were the same inthe Rename event that was recorded.

Given these changes, along with the robust features introduced in thisversion, Varonis recommends upgrading the following agents:

Agent Type UpgradeRecommendation

Windows Recommended

SharePoint Recommended



Agent Type UpgradeRecommendation

Unix/Linux Recommended

Reinstalling Agent for Exchange 2010 SP2

When upgrading to Exchange to 2010 SP2, the Exchange agent must beuninstalled and then reinstalled.

Upgrade Flows

Customers who want to upgrade the IDU Suite may do so as follows:

• Versions 5.5.x and higher may be upgraded directly to the currentversion.

• Versions lower than 5.0.6 must be upgraded first to 5.0.6, then to 5.5.Xand then to the current version.

• Versions 5.0.6 to 5.2 must be upgraded first to 5.5.X and then to thecurrent version

Noteworthy or Changed Behavior

The following issues are important for this release:

V5.7.27

N/A

V5.7.26

N/A

V5.7.25

N/A

V5.7.24

IssueID

Description

31670 The correct version of the Varonis logo was added to the UIand email templates.

34660 On the Group Membership screen for group owners,members are now sorted in ascending order.

34665 The uniqueness of a location name is only checked underspecific location parents; this implies that locations underdifferent levels can have identical names.

34849 The DCF now enables importing special files with aliasesfor file server names.

34973 The installation prerequisites check now ensures correctcredentials for Exchange.



V5.7.23IssueID

Description

30875 In DataPrivilege an organizational unit (OU) can now bedefined per file server.

V5.7.22

N/A

V5.7.21IssueID

Description

33038 The name of the "Acting description" category in theAdvanced Search and report filters was changed to "Eventdetails".

V5.7.20IssueID

Description

31558 When upgrading or repairing, the agent was not copied toHP NAS file servers.

31583 Before installation, upgrade or repair of DataPrivilege,Scheduler services that were not stopped successfully werenot killed.

31763 The BlueArc option in Add/Remove File Servers wasremoved.

31778 When the IDU was migrated to a different server, usersand groups did not appear in the Recommended Users andGroups pane.

32210 The Enterprise Installer now saves the setting forautomatically detecting and monitoring SharePoint sites.

32308 When installing on a Chinese operating system, buttonswere missing in the Domain Properties window.

V5.7.10IssueID

Description

23728 When reports are exported to CSV, columns now displaythe same friendly names as in the UI.

27378 Installation of the SharePoint agent caused errors in'DefaultAppPool'.

28091 Files that were added to a directory that had already beenscanned were not scanned.

28354 Report 10c is not available if any MS SQL 2005 instancesdo not have Service Pack 3 installed.



IssueID

Description

28361 The Enterprise Installer now verifies that the Server serviceis running before performing an upgrade.

28565 DatAdvantage now has the same patch notification featureas DataPrivilege.

28717 A message has been added clarifying that the classificationanalysis results may differ from those displayed in the WorkArea if a file has been modified or a dictionary has beenchanged.

31550 The default scheduling of the AE job has changed. Fora clean installation it is now scheduled for 8:00AM onSaturday, and for an upgrade it is scheduled for 4:00AMevery day.

V5.7.2

N/A

V5.7.1

N/A

V5.7

IssueID

Description

23638 The currently installed Windows Agent must be uninstalledbefore upgrading to release 5.7. This is performedautomatically by the Enterprise Installer. However, thecurrent Windows Agent must be manually uninstalled beforeperforming a manual upgrade.

23666 In SharePoint, only Open and Delete events are supportedfor attachments and inserted items.

23826 New SharePoint sites are added with the default auditmode, even when the file server's audit mode is set tomodified.

24331 The error message received when trying to retrieve useror group properties from an untrusted domain has beenclarified.

24572 Abstract groups are filtered implicitly and are not displayedin the IDU Analytics Exclude List.

24647 Data-driven subscriptions do not function if the IDU isinstalled on SQL 2008 R2 with Windows 2003.

24907 Abstract groups are now filtered implicitly and theircorresponding context menus do not include the Excludefrom Analysis option.



IssueID

Description

25032 When generating report 3c, group owners can now see bothdirect and nested members of the group, even if a nestedgroup has a different group owner.

25384 DataPrivilege reports that include subreports cannot displayextended properties.

25460 The report generation process freezes when right clickingthe Loading icon and then selecting Properties. The processcontinues once the Properties window is closed.

25664 When the values of the 'Delete CIFS after' and 'Deletestatistics after' are set to 0 (Tools > Configuration > ArchivePolicy), archived CIFS events and statistics are neverdeleted.

25805 Reports that use the new Varonis style (look and feel) canbe generated with the Report Template Wizard.

26122 Ownership cannot be managed through the Statistics viewfor directory service objects.

26124 In the Statistics view, jumping to other views from abstractgroups was not possible.

26215 Flag and tag names should not include special characters.

26399 If the Enterprise Installer is run by a user that never ran itbefore, the user is automatically added to the EnterpriseManager role.

26551 Information icons have been added to error messages toprovide additional information about the errors.

26746 Throughout the IDU Suite, the extended property 'Manager'returns the CN and not the display name.

26766 A configuration key has been added to enable or disable thestorage of email.

26907 When an extended Active Directory property is defined as acolumn in a report template but removed via the ExtendedProperties tab, the column must also be manually removedfrom the template.

26939 To enable directory service event collection, it is necessaryto manually configure a user that is authorized to manageauditing and security logs on each DC.

27003 Due to a Microsoft compatibility problem, in an environmentwith both Windows 2005 and 2008 SQL servers, the 2005server must have SP3 installed.

27163 Authorization rules defined for the same object must benamed uniquely.

27184 The scope of DCF rules cannot be configured to includeActive Directory containers.



IssueID

Description

27249 The DCF ignores SharePoint items whose name length ismore than 255 characters.

27283 When an Organizational Unit (OU) is double clicked, resultsare retrieved for all sibling OUs that start with same name(like operator), instead of just the OU that was clicked.

27288 In report 3a, the use of AD Properties filters now showparent groups even if they do not contain direct members.


27380 When the DataPrivilege Bulk Upload utility attempts toupload data to an unreachable domain, the utility keepstrying to connect to the domain until it is manually stopped.

27480 The following changes have been made to the ManageOwnership window: the OK and Apply buttons have beenremoved, the Cancel button has been changed to Close(window), and removing and adding owners is automaticallyupdated.

27607 When one SharePoint server is configured with multipleIP addresses (logically acting as multiple servers) and oneof the logical servers is removed from DatAdvantage, theSharePoint agent is remove from the machine.

27630 The DA_Audit SQL view is now available for the DA Auditscript.

27682 A warning is now displayed if a resource owner's SIDcannot be resolved during synchronization.

27693 The 'Owner name' filter in report 1a has been renamed to'Owner name (hist. of differences only)'.

27694 The 'Management status' filter in report 1a has beenrenamed to 'Management status (hist. of differences only)'.

27710 The DatAdvantage User and Groups panes use the ActiveDirectory display name for users, while the DataPrivilegeUser Details dialog box uses the Active Directory entityname.

27757 To upgrade the Windows agent manually (MSI Installer), thecurrent version must be removed before the new versioncan be installed.

27806 Due to an SQL Server 2005 SP2 limitation, report 10c(Owned Unused Files) must be run with SP3 or laterinstalled.

27882 When a domain that is unmonitored in DatAdvantage butmonitored in DataPrivilege is set as monitored again inDatAdvantage, its current status in both applications is usedfor the synchronization.



Resolved Issues

The following issues have been resolved:

V5.7.27

IssueID

Description

36287 When a data-driven subscription ran for more than 10minutes, errors appeared in the data-driven event log.

36303 Due to an issue with the Probe's pattern filter, failuresrelated to Open and Access Denied events occurred.

36375 The Probe failed during detection of NetApp 8.1RC3 due toa change in NetApp's naming format.

36376 Event caching failed on the Probe in certain unusualcircumstances.

V5.7.26

IssueID

Description

35271 PullWalks failed if the total amount of data on a volumeexceeded 4 TB.

35463 Uninstalling the Varonis Exchange agent did not removethe Varonis Event log and left Varonis-related entries in theregistry.

35976 Owners received subscription notifications that includedinformation they were not authorized to see.

V5.7.25

IssueID

Description

35934 Errors occurred when the search and filter functions wereused in the Work Area.

V5.7.24

IssueID

Description

32635 The functionality of the NOT operator was corrected insome reports.

32766 An error occurred during folder creation in DataPrivilege.

33869 The commit process failed in removing negative permissionmasks.

34279 Modify and Restore operations in SharePoint sometimesfailed when run from the command line.



IssueID

Description

34582 The directory tree expanded much more slowly for ownersthan for non-owners.

34810 In Modify mode, the index was not created on the AuditDatatable.

34913 An error occurred when several messages were moved inbulk from an Inbox subfolder to a folder in a PST file.

34983 PullAD failed after migration of the IDU server.

34989 A timeout occurred while adding a domain to anenvironment with a distributed Probe and high latency.

35096 Report deployment used an incorrect version ofVrnsCrypto.dll.

35101 A timeout occurred while changing a file server'sconfiguration through the UI.

35103 ADWalk performance was improved on SharePoint bysetting the RetrieveAllRoles property to True.

35121 The Create Folder screen buttons were hidden at aresolution of 1024x768.

35462 An error occurred while removing the OWA agent thatcaused OWA to function incorrectly.

V5.7.23

IssueID

Description

32739 Version validation has been added to the Bulk Upload utility.

32991 Email notifications are no longer sent for invalid requests.

34021 The Entitlement Review informational message, number1148, was mistakenly considered an error message thatfailed the EntitlementReviewInstanceCreator job.

34148 The Permissions wizard mistakenly took into account ACLsflagged with this folder only when calculating effectivepermissions.

34159 Remotely starting the FileWalk failed on a Windows 2008R2 server.

34298 When using the User/Group filter, results were returned forall directory services (DS) objects with the same displayname.

34309 Part of the Add/Remove Domain window was hidden whenthe screen resolution was set to 1024 X 768.

34340 The Enterprise Installer did not verify that the FileWalk userwas a user and not a computer account.



IssueID

Description

34386 After performing a migration, the Synchronization config fileconnection string was incorrectly changed.

34448 In the Reports view, there was no scroll bar when thescreen was set to a resolution of 1024 X 768.

34537 When protection was removed from a folder that is also ashare, the ACL was broken.

34540 The scroll bar disappeared after dragging the Add/RemoveDomain window when the screen resolution was set to 1024X 768.

34575 DatAdvantage tried to contact the Synchronization serviceeven when it was not installed.

V5.7.22

IssueID

Description

32679 No error was returned when an attempt was made toperform commit using claims-based authentication.

33737 During repair/upgrade of the Probe proxy, a warning waserroneously returned that the installation package was notsupported on the proxy server.

33871 The warning given by the Enterprise Installer when therequired group membership for the installation user is notfound has been improved.

33879 An error occurred during clean installation of DatAdvantageon a standalone server in a workgroup.

33941 The DCF did not deleted its own temporary archive filesafter extracting them if their paths were more than 260characters.

33943 A primary key violation occurred when a database key wasupdated simultaneously from several shadows.

33959 A general failure occurred when printing to debug view afterthe False Read filter was enabled.

33984 When a domain was edited through the Enterprise Installer,the proxy agent could not be set for existing DCs.

33985 During upgrade, the old Exchange agent files were notreplaced by the new ones, causing the upgrade to fail.

34005 The Varonis logo always appeared in email requests even ifthe logo in the template was changed.

34013 Duplicate Create and Modify events were recorded for thedirectory service.

34025 The description of the Manage Ownership was improved.



IssueID

Description

34033 Duplicate Create and Modify events were recorded for thedirectory service.

34067 The same DC was displayed more than once in the ActiveDirectory domain - Directory Services configuration area.

34223 Connectivity issues occurred during directory serviceprobing, using a proxy with a non-admin user.

34292 The default value of the FilterLocationsByProps waschanged to False, so that the relevant location isautomatically expanded.

V5.7.21

IssueID

Description

32623 During repair/upgrade, the dynamic port auto-detectionfeature appended a port number to a server instance evenwhen one was not needed.

32778 A separate calendar window opened each time the calendaricon was clicked, even if one was already open.

32817 Email notifications from DataPrivilege now refer users totheir system administrators and not to Varonis Support.

32818 The operators in the Edit Rule window were not translatedcorrectly into localized languages.

32885 Due to a SQL Server 2005 issue, a hint was added toprevent failure in all places where CLR is used.

33008 Custom permissions could not be created with the 'Applythese permissions to objects and/or containers within thiscontainer only' flag.

33052 FileWalk marked all folders with broken ACLs asHResult=1340 AclProtected=0 AclUnique=1.

33063 An error occurred in the reporting services on non-Englishoperating systems, for languages in which the decimal pointis not represented by a period (.).

33076 Active Directory users with type=0 were displayed without adomain name.

33320 In the Enterprise Installer, the "Add or remove file server"option on the Add/Remove Components page was changedto "Configure file servers".

33337 Hub and Edge servers appeared in the list of servers in theExchange Auditing window.

33350 The OWA agent did not remove all relevant files duringuninstallation.



IssueID

Description

33352 The explanatory text on the Exchange Auditing screen hasbeen corrected.

33407 The data types of extended Active Directory properties didnot match across tables.

33477 An error occurred in the Enterprise Installer during additionof an Exchange file server when the system had thedecimal symbol set to a comma (,) and not a period (.).

33686 When multiple Exchange Servers were defined in the samedomain, the Windows Permissions window was openedfollowing SIDclick instead of the Exchange Permissionswindow.

V5.7.20

IssueID

Description

26999 When there were too many objects in the first five levels ofthe file system hierarchy, IDU Analytics failed to analyzethese objects correctly.

28289 Licenses could not be re-registered when accounts weremoved from one SE to another.

28450 Reports can now be grouped by columns in the Reportsview.

29353 A new Data Classification Framework (DCF) option enablesusers to decide if folders that have never been scanned arequeued before previously scanned folders.

29730 A database error occurred sorting criteria were set on theAdvanced Search screen.

29798 Computer names are now displayed in the UI, instead ofunresolved SIDs, for computer generated events.

30571 DataPrivilege permissions and membership requests cannow be filtered by location.

30632 In the Shadows table of the DataPrivilege Domaindatabase, the length of the username and password fieldshave been increased to 256 characters.

30693 The new Application Settings > Authorizer and OwnerRights > "Allow authorizers to modify authorizer list" setting,allows authorizers to set other users as authorizers.

30694 The new Application Settings > General > "Allowadministrators to view and edit management screens"setting, allows administrators who are not owners to editManagement screens.

30896 "Deny" permissions were displayed as "allow" permissions.

30919 The ADWalk now retrieves the users' last logon time.



IssueID

Description

30922 The PullWalk ran even when the FileWalk failed.

30927 The Enterprise Installer no longer tries to configureunmonitored SharePoint sites.

30929 File server crawling now remains enabled even when theEnterprise Installer fails to monitor SharePoint sites.

30931 When a Probe was down, the Enterprise Installer rolledback file server installation even though it was beinginstalled on a different and functioning Probe.

30965 If permission types had the same mask but different flags,the Permission Requests page did not display both types.

31129 Reports 4m and 2d show permissions for owners of linkedmailboxes.

31246 In the prerequisites stage, the Enterprise Installernow verifies that the installation user has the requiredpermissions.

31422 The dual-protocol FileWalk (NFS and CIFS) did not returnthe index node number of folders with more than 2048 childobjects.

31435 When migrating to a different server, the IDU Server folderwas not moved to the correct location.

31473 DatAdvantage now supports Exchange 2003 Post SP2,version 6.5.7653.8.

31577 When there were no authorizers for a managed folder andemail notifications were configured to be sent to authorizersonly, the folder's owner did not receive an email when arequest was created for the folder.

31585 If several rules are set with the same scope and no globalscope, the Monitoring tab of the DCF displays duplicateentries.

31608 After upgrade from 5.5.568 to 5.7.10.144, the Probe proxydisconnected from NetApp.

31653 The Synchronization process did not ignore removed groupowners.

31721 Uploading owners from a CSV file failed if the file containeda Unicode special character.

31739 False Open events can now be filtered out.

31757 The FileWalk job failed when there were 2500 networkshares.

31759 The beta tag has been removed from the SharePointrecovery mode warning, which is displayed when aSharePoint file server is added and its databases are set tofull recovery.



IssueID

Description

31783 The Active Directory userAccountControl property was notretrieved correctly when selected in Tools > Configuration >Extended Properties.

31831 DatAdvantage can now automatically detect and monitorSharePoint sites and domain controllers (DCs).

31841 DCF worker threads stopped responding while extractingcompressed files.

31845 Users assigned Send on Behalf permissions (Exchange)could not be committed.

31849 In the Directories pane, objects in the Directory Servicestree were not visible by default when upgrading fromversion 5.7.2.

31868 The Data Classification Framework (DCF) did not delete theresults of disabled rules.

31910 The Columns tab in the Report Viewer pane has beenrenamed as Display.

31944 In the Tools > Classification > Edit Rule screen, the Regextext box was partially hidden.

32005 When a user existed in both current and historical tables,report 4k crashed.

32022 False Modify events were recorded for Write events madeby the memory manager after a user released his handlewith IRP_CLEANUP.

32041 The Enterprise Installer did not verify that that machinehas Visual Studio C++ 2005 Redistributable Package (x64)installed, which is required for Outlook Web App (OWA)2010.

32087 In the Log view, some controls were missing when thescreen resolution was set to 1024 x 768.

32588 Get-OrganizationConfig has been removed from thePowerShell installation scripts.

V5.7.10

IssueID

Description

26081 The Probe crashed after loading the Mscoree.dll file.

27121 The DataPrivilege advanced search did not include a filterfor execute requests.

27348 Information icons have been added to error messages toprovide additional information about the errors.

27570 New folders and permissions can no longer be definedwhile DataPrivilege is being synchronized.



IssueID

Description

27826 Domains can now be monitored in DataPrivilege if nocommit user is defined.

27852 A new keyvalue was added that enables displaying allrequests for administrators on the Summary screen.

27858 In Mail Configuration > Send Options, an option has beenadded to send email notifications to the requester.

27919 Data is now periodically deleted from theadvSearchSessions table.

28011 DataPrivilege HTML emails were not displayed correctly inplain text only email clients.

28156 When upgrading from 5.6.17 to 5.7, anNHibernate.StaleStateException error occurred.

28173 The "Inherited" column for follow-up flags has beenrenamed to "Inheritable".

28177 Excessive email notification was sent concerning thePullWalks publishing/processing mutex.

28190 Some email clients displayed emails incorrectly whenMailType was set to both (HTML and text).

28195 The new <Auth-sam_account_name> key placeholderenables the authorizer's SAM account name to be displayedin DataPrivilege email notifications.

28227 Statistics were not calculated if the PullCIFS job failed onthe license check.

28268 To solve performance related issues, importing specialfiles from an RSA Data Loss Prevention (DLP) database ishandled by the IDU server.

28295 When there were more than 65,365 users, theDatAdvantage Help > About dialog box displayed thenumber of users incorrectly.

28303 The Commit History did not include commits fromunmonitored domains.

28315 A fatal error occurred during installation when thespGetDomainsOUconfig stored procedure returned thesame domain twice and the Back button was clicked.

28317 DatAdvantage Lite configuration was not hidden by default.

28318 Products that are not installed were not hidden on thelicensing site.

28340 The number of days available for relative date filters hasbeen increased from 90 to 365.

28361 The Enterprise Installer now verifies that the Server serviceis running before performing an upgrade.



IssueID

Description

28372 Part of the Priorities tab was cut when viewed with specificscreen resolutions.

28410 AD probing containers were counted as file servers forlicensing purposes.

28473 The database has been enhanced to improve theprocessing speed of Probes that monitor file servers with alarge amount of special files per directory.

28500 A timeout occurred while validating a directory on a linkedserver.

28583 There were SQL performance issues when pruning users ina distributed environment.

28641 Reports did not contain aggregated data for groupedcolumns.

28679 Upgrade failed when the SA password contained anapostrophe (').

28681 Some services failed to start correctly because they did notreply to the Service Control Manager within a 30-secondtime limit.

28682 DFSWalk did not support fallback to ServerName resolvinglinks.

28712 The Enterprise Installer now verifies that all servers arereachable using IP addresses before upgrading.

28717 A message has been added clarifying that the classificationanalysis results may differ from those displayed in the WorkArea if a file has been modified or a dictionary has beenchanged.

28734 When using the Enterprise Installer to change the MaintainDatabase Password setting, the vrnsServices.config filewas not updated.

28751 Report deployment failed on 64-bit machines using SQL2008 Reporting Services.

28753 The BulkAccumulator UpdateData procedure failed due to aprimary key constraint.

28849 Links to requests in email notifications were invalid whenDataPrivilege was configured for Secure Sockets Layer(SSL).

28851 Commit changes failed when attempting to remove a groupmember in a child domain.

28866 The Enterprise Installer did not verify that the MicrosoftVisual C++ 2008 Redistributable Package was installed ona Windows 2008 R2 environment.



IssueID

Description

28867 The Enterprise Installer treated .Net 3.5 as a prerequisite forinstalling the MSI when only .Net 4.0 is required.

28909 The text in the Change Description column appeared withan unnecessary colon.

29108 After upgrading from version 5.6.18, the oMSyntax attributewas set to null.

29117 Entitlement Review email notification did not containrecipient tags, even when they were defined in the HTMLtemplate.

29134 A new key enables Floor Support personnel to view theRequests and Authorizations report.

29136 During DFS Walk, only the last resolved DFS root on aphysical server was stored in the database.

29194 The error message received when a user or group cannotbe located in the Work Area has been clarified.

29195 In reports 4h and 4j, the Share depth filter did not functioncorrectly.

29250 Navigation menus on the DataPrivilege user interface couldnot be hidden.

29269 During a clean install, a fatal error occurred and theEnterprise Installer closed.

29315 In the Work Area, duplicate objects appeared in theRecommended Users and Groups pane.

29325 The DCF Publish job failed because primary keys were notgenerated for entries in DCF tables.

29342 When upgrading, the the MailImages table was truncated.

29453 When cluster nodes and the IDU server were located ondifferent domains, the Enterprise Installer failed to resolvethe names of the nodes.

29473 DataPrivilege automatic rules failed when the results werelarger than 250 K.

29476 An error occurred when a subfolder was created insidea folder whose permissions had been changed andcommitted in DataPrivilege.

29489 The Probe did not send specific parameters to the NetAppproxy server.

29501 When a cluster's nodes were located on a different domainthan the IDUs, the Enterprise Installer failed to resolve theirnames from their IP addresses.

29503 The Exchange agent MSI failed if OWA did not exist on theCAS.



IssueID

Description

29505 On non-English SQL Servers, an error occurred during thePull AD FileWalk job.

29708 False AD events were retrieved when users could not becreated due to their password not meeting the domainpolicy (for Windows 2003, 2008, and 2008 R2).

29724 On the DataPrivilege Summary page, the EntitlementReview grid could not be sorted correctly.

29735 DataPrivilege used incorrect authentication when sendingan email via SMTP.

29741 Email notifications were sent stating that there are missingCIFS events, even when no domains were monitored.

29750 Some of the DCF's UI controls were not displayed correctlyat a screen resolution of 1024*768.

29811 The Pull CIFS Events jobs checked for missing CIFS eventson file servers where this event type is inapplicable, such asExchange and AD file servers.

29843 An extremely large debug file was created which causeddisk space problems.

29945 After a DataPrivilege evaluation license expired, theScheduler wrote a log message every two seconds.

29948 Although the license had already expired, the AboutDatAdvantage window showed that it was valid for onemore day.

30051 The Synchronization service was unnecessarily configuredwith a service dependency for the the DataPrivilegeScheduler.

30106 DFS shares existed after the file server was removed.

30119 The Enterprise Installer failed to find the relevant DomainController when installing Exchange file servers in a forest.

30182 Calls to the CoreSDK failed when running the DFSWalk(Root Management Window > Run Discovery Now).

30200 In the synchronization log, the same message was repeatedmany times.

30263 In the DatAdvantage User Guide, the listed old formatexample for uploading special files on Windows wasincorrect.

30274 When special files were uploaded with a CSV file, rowswithout date or hit count values were ignored, even thoughthese values are optional.

30328 When Reports Services 2005 was not installed on thedefault website, the Enterprise Installer failed to locate thereport server folder.



IssueID

Description

30500 The Enterprise Installer failed to find all domain controllersin a multiple-domain environment.

30539 The MAPI FileWalk crawled public folders of only one ClientAccess Server (CAS).

30540 AceSID was received by the ACL_<filerID> table with aformat of domain\user, which caused PullWalk to fail.

30570 The DatAdvantage GUI role user was not assigned selectpermissions for the DCF_Priorities table.

30782 The ampersand (&) character could not be used in reportsubscription names.

30790 The FileWalk and DCF jobs failed because theSP_SDT_4_DirID_ExtProperties table was not created bythe Enterprise Installer when upgrading.

30810 Moving a SharePoint file server to a different Probe failedafter upgrading to version 5.7.

30814 The Enterprise Installer did not copy required files to theAdWalk folder when the folder name used different lettercases.

30817 Due to a known NetApp issue, an error occurred when theFPolicy tried to communicate with the Probe.

30872 When there were more than 20,000 users and groups, atimeout error occurred on the DataPrivilege Group OwnerPage.

30918 Errors were printed in the vxchmonlog file.

30950 The Enterprise Installer treated .Net 3.5 as a prerequisite forinstalling the UI when only .Net 4.0 is required.

31070 The Manage Ownership date format did not correspond withthe system settings.

31146 Events were not collected for Unix file systems with an ID ofzero.

31173 DatAdvantage Users, Power Users, and SystemAdministrators could not see report subscriptions theycreated if the subscriptions were edited by EnterpriseManagers.

31188 In some situations, impersonation failed but the DCFfunctioned as if impersonation had succeeded.

31195 The relative date filter for DatAdvantage reports functionedincorrectly.

31211 When a new Data Classification Framework dictionary wasuploaded, the wrong notification message appeared.



IssueID

Description

31250 When directory services event collection was disabled fora file server, email notifications were still sent stating therewere no events.

31343 The Enterprise Installer failed to enumerate site collectionson a SharePoint file server.

31378 Access deny events were not logged correctly on Unixsystems.

V5.7.2

IssueID

Description

29648 Unnecessary error notifications were sent when trying to runthe PublishPullWalk job while the PullWalk job was running.

29660 On a non-English SQL server, an error occurred during thePullWalk job.

V5.7.1

IssueID

Description

24317 When the IDUs dialog box was accessed from the Toolsmenu, DatAdvantage stopped responding.

V5.7

IssueID

Description

19686 Times of scheduled jobs appear in 24-hour format in the DAJobs tab but in 12-hour format in the Schedule window.

23826 New SharePoint sites are added with the default auditmode, even when the file server's audit mode is set tomodified.

25459 On SharePoint servers, the FileWalk fails when thealternate access mapping (AAM) does not contain the fileserver URL configured in DatAdvantage.

19291 Irrelevant errors were returned for SharePoint root sites.

19494 The print screen failed to open when there was more than5000 lines in the Log\History tab.

19609 The Statistics tab print preview screen had missing datawhen strings were longer than 50 characters.

20603 When an entity owner removed the 'Allow directpermissions' option during the authorization cycle, assignedauthorizers who had already approved the request had theoption to decline it.



IssueID

Description

20653 In the Log view, the 'Operation By' column displayedincorrect data.

21201 A configuration key has been added to enable caching theDataPrivilege UI database until changes are made in thenavigational menus.

21614 An entitlement review message referring to multipleinheritance has been enhanced.

21808 A problem occurred when inserting text into the Decisionand Description field in the User's Level Permission view ofthe entitlement review.

22268 The logic for defining authorization levels for newauthorizers was corrected.

22269 Authorization level for new authorizer must have anotherlogic

22292 In the Request Details window, the Authorizers table wasnot sorted by date.

22357 When a request created by the 'Enforce Rule' option is nothandled, it is recreated everyday along with any associatedsub-requests.

22370 The ResolveFileWalksData job failed when an item's namecontained more than 256 characters.

22706 A problem in the spCalcAddedDerivedRelationTable storedprocedure was corrected.

23069 Access was denied to DataPrivilege after the applicationhad not been used for a certain amount of time (sessionexpired).

23227 Filewalk could not remove a folder that had been deletedfrom the file system due to an Access Denied error.

23382 The 'Added outside DataPrivilege' icon appearederroneously on the Permissions tab.

23783 The NFS volume was wrongly detected when no controlstation was defined.

25752 The Rule Name field is now limited to 256 characters.

25765 Changes were made to the logic of the 'Added outsideDataPrivilege' indicator.

25815 When no explanation is entered in an entitlement review,users can no longer move to another view.

25824 Warnings appeared in the SharePoint diagnostic trace file.

25979 'Added outside DataPrivilege' statistics are displayed ongroups set to bypass authorization even when they are notmonitored.



IssueID

Description

26037 In report 1a, the Directory name filter was ignored whenShow data was set to All or History of differences.

26196 Unix SID resolution on EMC Celerra machines (NT securitytype) has been updated.

26797 Recommendations were removed by the expiration logic.

26847 For SharePoint, the Probe was updated to delete events upuntil the time of the last Open event that was collected.

26870 DCF share sessions were not always closed.

26921 Shares and their parents appeared without the correctdecorators in the Review Area.

26983 Regular users could see reports when they should not havebeen able to.

27093 A display issue with an error message was corrected.


27494 SIDclick behavior was incorrect when switching permissiontypes while the branch of the Directories tree wasexpanded.

27599 An Access Denied error occurred when a user clicked a linkin a DataPrivilege notification email.

27706 Commit threads were changed to work as backgroundthreads.

27712 The synchronization service synchronized DatAdvantageowners who were local users.

27714 The date picker for date-related conditions did not work withthe system locale.

27716 A display issue with the Search dialog box was corrected.

27731 A synchronization security warning occurred during theRepair/Upgrade flow.

27739 Retries were added for error (1722) 'The RPC server isunavailable' for the MSI installation.

27748 A warning was displayed instead of an error if the IDUServer could not be installed.

27767 Deletion of a file server containing a very large number offolders ended in a timeout.

27778 A failure occurred during configuration of the SharePointaudit mode.

27783 A display issue concerning text color was fixed.

27789 The Merge Groups operation failed on renamed or custompermission types.



IssueID

Description

27797 The number of retries was reduced when the underlyingconnection was closed.

27809 The status of the CIFS Events archive table was unresolvedwhen the license was not checked.

27857 Use of the caret symbol (^) in filters with Like operatorsreturned incorrect results.

27902 Synchronization conflict resolution failed if domain names ofowners were defined with different name schemas.

27919 Data is now periodically deleted from theadvSearchSessions table.

27967 The Enterprise Installer stopped responding during fileserver detection.

28055 When a Work Area only user selected Tools > Configuration> DA Security > View All, all areas became available.

25832 When no explanation is entered in an entitlement review,users can no longer move to another view.

Known Issues

The following are the new known issues in the current version:

V5.7.27

IssueID

Description

36357 When a printer share is defined on a monitored Windowsmachine, FileWalk causes the printer to print an emptypage.

V5.7.26

IssueID

Description

36287 When a data-driven subscription runs for more than 10minutes, errors appear in the data-driven event log.

V5.7.25

N/A

V5.7.24

N/A

V5.7.23

N/A



V5.7.22

N/A

V5.7.21

N/A

V5.7.20

IssueID

Description

31490 Due to a Microsoft limitation, some empty columns mayappear as merged when reports are exported to Excel.

32255 The new Resource Detection feature for SharePoint sitemonitoring does not support alternate access mapping(AAM).

V5.7.10

IssueID

Description

24565 The directory name filter implicitly creates a backgroundfile server filter, meaning the results always come from thefile server on which the selected directory resides. Thebackground filter uses the equals operator, even when "notequals" is selected for a directory.

24580 When adding users to User Roles in DataPrivilege versionsfor right-to-left languages, the horizontal scroll bar returns toits default position if rows are sorted by clicking on a columnheader.



25220 When more than one version of Adobe IFilter is installed,the Data Classification Framework cannot classify PDFfiles.

25918 Events created by users with duplicate Exchange LegacyDistinguished Names (ExchangeLegacyDNs), cannot beresolved to a specific user. This scenario can only occurwhen there are two Exchange environments in differentforests monitored by the same IDU.

27830 The scope defined for a DCF rule is removed if the shortdate format in the rule is changed.

28271 DatAdvantage may not show all the tabs in the Propertieswindow for directory service objects.

28891 Rename Folder events reach the database without the oldfolder name.



IssueID

Description

29002 Incorrect data may be displayed for the FS property"Owner" on public folders.

29072 Receive events are not recorded on Outlook Web App(OWA) clients for Exchange 2010.

29086 The 'Who accessed the folder' filter does not identify someusers in SharePoint file servers.

29221 Neither the Exchange agent nor the CIFS agent supportWindows 2000.

29238 The Exchange agent does not support hundreds ofrecipients for an email.

30046 The Varonis Windows and Exchange agents cannot beinstalled on the same machine.

30376 The reports do not show events created by derivedmembers of distribution groups.

30398 Emails sent to a user who is not connected to Exchangeare not recorded as receive-message events when the userconnects.

30842 For Exchange 2007 Commit, the IDU Suite does notsupport adding groups as delegates.

31129 Reports 4m and 2d show permissions for owners of linkedmailboxes.

31585 If several rules are set with the same scope and no globalscope, the Monitoring tab of the DCF displays duplicateentries.

31608 After upgrade from 5.5.568 to 5.7.10.144, the Probe proxydisconnected from NetApp.

V5.7.2

IssueID

Description

29310 Report subscriptions that use the file system property Notefilter will fail after upgrading. This is because the filter hasbeen renamed to Notes.

V5.7.1

IssueID

Description

29066 The Enterprise Installer sets the Group Policy Object (GPO)incorrectly when the Active Directory Users and Computersutility and the Group Policy Management Console (GPMC)are not installed on the same machine.



V5.7

IssueID

Description

23666 In SharePoint, only Open and Delete events are supportedfor attachments and inserted items.



25384 DataPrivilege reports that include subreports cannot displayextended properties.

25460 The report generation process freezes when right clickingthe Loading icon and then selecting Properties. The processcontinues once the Properties window is closed.

25949 In reports, when an entry in the Note column does notcontain spaces, the line does not break.

26122 Ownership cannot be managed through the Statistics viewfor directory service objects.

26215 Flag and tag names should not include special characters.

26241 When analyzing the Active Directory (AD Probe), the FileCount filter refers to the number of objects that are notcontainers or Organizational Units.

26392 When using the Report Template Wizard, the bottom borderof the table might be missing when the table is spread overmultiple pages.

26746 Throughout the IDU Suite, the extended property 'Manager'returns the CN and not the display name.

26766 If the EnableMailAuditing key is set to False, the MailAuditing report displays only the data stored until the keywas changed.

26907 When an extended Active Directory property is defined as acolumn in a report template but removed via the ExtendedProperties tab, the column must also be manually removedfrom the template.

27003 Due to a Microsoft compatibility problem, in an environmentwith both Windows 2005 and 2008 SQL servers, the 2005server must have SP3 installed.

27283 When an Organizational Unit (OU) is double clicked, resultsare retrieved for all sibling OUs that start with same name(like operator), instead of just the OU that was clicked.

27380 When the DataPrivilege Bulk Upload utility attempts toupload data to an unreachable domain, the utility keepstrying to connect to the domain until it is manually stopped.



IssueID

Description

27607 When one SharePoint server is configured with multipleIP addresses (logically acting as multiple servers) and oneof the logical servers is removed from DatAdvantage, theSharePoint agent is remove from the machine.

27710 The DatAdvantage User and Groups panes use the ActiveDirectory display name for users, while the DataPrivilegeUser Details dialog box uses the Active Directory entityname.

27757 To upgrade the Windows agent manually (MSI Installer), thecurrent version must be removed before the new versioncan be installed.

27806 Due to an SQL Server 2005 SP2 limitation, report 10c(Owned Unused Files) must be run with SP3 or laterinstalled.

27882 When a domain that is unmonitored in DatAdvantage butmonitored in DataPrivilege is set as monitored again inDatAdvantage, its current status in both applications is usedfor the synchronization.

29352 A user that is removed and recreated in Active Directorywhile it still has a DatAdvantage role must also be removedand recreated in DatAdvantage in order to update its SID.

30666 Reports can only be exported without their defined groupingcriteria.

idu suite 5.7 - varonissupport.varonis.com/emails/attachements/idu_suite_5.7.27_release... · idu...

Documents