Release 4.9.5.1
Notable Improvements
API added to validate OTP without a PIN if required
Fixed a scenario in /authenticate where failed PIN attempts were not being logged
Built a new, modern installer for the Server
Key Fixes
Removed the reliance on the Audit table for branding updates
A database error no longer causes the Server to tell the Mobile App to delete users
Addressed an issue that caused fingerprint registration error messages for users with a valid enrollment
The stored Proc
getExpirePINNotificationnow behaves as expectedSecured app templates that are newly created no longer get deleted from the user's local cache upon initial manual sync
The PIN_History table PIN column data size no longer increases when the user's PIN is changed in MFA Client using FIDO token
Known Issues
Noted a C++ Redistributable for Visual Studio 2015, 2017, and 2019.
Note
This is not included in the RapidIdentity MFA installation process, and if it does not exist on the server it must be downloaded from Microsoft and installed for full functionality.
To check if this dependency is installed, open
Control Paneland go toControl Panel\Programs\Programs and Features. Search for Microsoft Visual C++ 2015-2019 Redistributable (x64).
Created a workaround for a known issue regarding downgrading from 4.9.5.1 to an older version of MFA Server on Radius enabled server only (ONESERVER-836 for reference only)
Uninstall 4.9.5.1.
Stop IIS and remove the 4.9.5.1 installed directory (
C:\Program Files\Identity Automation). Start the IIS again.Install the previous version (e.g., 4.9.4.6).
In IIS, navigate to SERVERNAME > Sites > API. Click on Advanced Settings and update the Physical Path to
C:\Program Files\2FA\ONE Server\apiand click OK.Navigate to ONE and click on Advanced Settings. Update the Physical Path to
C:\Program Files\2FA\ONE Server\websiteand click OK.Navigate to oneService and click on Advanced Settings. Update the Physical Path to
C:\Program Files\2FA\ONE Server\servicesiteand click OK.Navigate to RestServices and click on Advanced Settings. Update the Physical Path to
C:\Program Files\2FA\ONE Server\restservicesand click OK.Restart the IIS.
Created a workaround for a known issue preventing users from accessing Portal (ONESERVER-829)
After doing a clean installation of 4.9.5.1 server and the database tables are successfully built, update the
httpURL withhttpsfor the followingwebconfigfiles in order to access the Admin portal:Restservice
ServiceSite
Website
API
Created a workaround for a known issue after the installation of 4.9.5.1 that was preventing users from accessing Portal (ONESERVER-832 for reference):
For Radius-enabled server only - after doing a clean installation of 4.9.5.1 server:
Open
regeditand expand to the pathHKEY_LOCAL_MACHINE\SOFTWARE\2FA Technology\ONE Server\Radius\[PolicyName].Verify that the key
InstallPathexists at the above path, and if it does not, create it as a string type.Set value of this
InstallPathkey as the Install Directory path of MFA-server (e.g.,C:\Program Files\Identity Automation\RapidIdentity MFA).Expand to the path
HKEY_LOCAL_MACHINE\SOFTWARE\Identity Automation\RapidIdentity MFA.Select the
InstallPathkey from the list and double-click to edit the key. A popup will appear, and in the Value Data field, remove "\" from the end of the string if it exists and click OK. (e.g., UpdateC:\Program Files\Identity Automation\RapidIdentity MFA\toC:\Program Files\Identity Automation\RapidIdentity MFA)
For Non-Radius-enabled server only - After doing a clean installation of the 4.9.5.1 server:
Open
regeditand expand to the pathHKEY_LOCAL_MACHINE\SOFTWARE\Identity Automation\RapidIdentity MFA.Select the
InstallPathkey from the list and double-click to edit the key. A popup will appear, and in the Value Data field, remove "\" from the end of the string if it exists and click OK. (e.g., UpdateC:\Program Files\Identity Automation\RapidIdentity MFA\toC:\Program Files\Identity Automation\RapidIdentity MFA)