Adaptive SSO, Adaptive MFA, Lifecycle, Mobile & Endpoint Security

• Custom portal login banner: Customization feature to display custom pre-login message to the user logging into the Idaptive user portal.
• Connector/Browser Extension Branding for Idaptive: Rebranding of existing Centrify Browser extension to Idaptive for all currently supported browsers.
• ADFS 3.0 MFA Plugin available on Idaptive Github: MFA plugin for ADFS 3.0 available through Idaptive Github. https://github.com/idaptive/mfa-adfs-plugin
• Partner Federation: Relay State support for SAML for auto-launch of apps without landing on the SP portal.
• Better visibility into users by type: User count type by user, OAuth2, Computer, Service types.

Frictionless Trial and Onboarding

• New Getting Started Wizard
• Frictionless Trial: updated system emails

The following list records issues resolved in this release and behavior changes.

• It is now possible for users who either logged into the portal before their password expired, or who use IWA or certificates to login, to change their password once it has expired (CC-64966, CC-65063).
• Devices marked as personal can now successfully be imported to be corporate-owned (CC-64777).
• Android for Work mobile app deployment and auto-install once again work as documented (CC-60982, CC-63610, CC-63684).
• Reapply policy no longer removes bookmarks from the home screen on Android devices using Android 7 or earlier (CC-64498).
• Options to unenroll a device are now not shown if the selected device was enrolled via device-owner mode (CC-63779, CC-63372).
• In device-owner mode the delete command now wipes the selected device rather than unenrolling it (CC-63994).
• Where Partner Management has been configured between an external IdP (i.e. one that is not Centrify) and the cloud service, and a user has IdP single-signed on to the cloud service via Partner Management, it is now possible to launch SAML apps without the User Portal being visible during the launch / sign-on (CC-64706).
• Administrators now have the ability to assign a Windows machine to a user on the Endpoints page. A “Set User” command will be displayed if the Windows machine is not currently assigned to any user (CC-64748).
• Administrators can now create a custom login banner for the User Portal. Banners can be created in plain text in multiple languages, and once configured will be shown to users on login until the button is clicked on the dialog. An event is logged when the user clicks the button (CC-64330, CC-64850).
• Administrators and users can now choose a default view for apps, choosing between grid or grouped, large or small icons, with/without titles (CC-64471).
• Privilege Access Service limited view users are no longer able to view database accounts if they do not have view permissions on the database (CC-64022).
• Windows sessions being audited through the Privilege Access Service portal no longer show as disconnected in the audit analyzer (CC-64439).

The following apps have been updated:

• PollEverywhere (User / Password)
• LinkedIn (User / Password)