Version 2.6.2 Released 2023-07-12
New Features
-
[ADMS-177] Custom date formats
Enables custom date formats required for integration with the Ministry of Education's DI4OL project.
Custom date formats are available for the date type placeholders sent from KAMAR such as
datebirth
andstartingdate
Examples of supported formats can be found in the Help Center
Bug Fixes
-
[ADMS-178] Left staff users not disabled
v2.6.0 introduced a regression where by staff accounts were not being disabled due to a password not being present in the update request. This is now handled correctly and existing staff that have left and are still being sent by KAMAR will be processed as expected.
Any staff that have past stopped being sent by KAMAR will need to be disabled manually in Active Directory. They should be easily located in the Left OU.
-
Miscellaneous
- Revert regression introduced with v2.6.0 where some script parameters were supplied in a strange order
Version 2.6.0 Released 2023-04-04
Changes
-
[ADMS-174] KAMAR 2023 changes
Due to security improvements in KAMAR 2023.01, ADMS will now only receive a staff password when a KAMAR administrator or user has changed their password. If this password change event is missed, the AD password may become out of sync until a new password is set in KAMAR.
-
[ADMS-175] Lower case the
<emailaddress>
placeholder
In the name of consistency the placeholder and mail attribute in AD will be lowercased. A future update of ADMS will also lower case, userPrincipalName
and sAMAccountName
-
Miscellaneous
-
Update Admin Console title
-
Only update attributes when they are not null
Addresses an issue where an attribute will be cleared if the value from the request is null (i.e password missing). Only the placeholder can set a null value into an attribute.
-
Do not send the users password as a script argument.
This was a feature carried over from KDMS and could be used to retrieve a users password in plaintext. The script parameter order remains the same, with the password parameter set to an empty string.
-
Bug Fixes
-
[ADMS-162] Stop a user's groups from being processed if the user failed to update
-
[ADMS-163] Create and enable a user separately from setting their attributes
Changes the order of operations during account creation and update so that there is always an AD object created with the appropriate account flags before further processing, so that the user attributes can be updated independently of the password and account state.
New Features
-
[ADMS-171] Surface the student NSN field sent from KAMAR
The MoE relaxed the rules around NSN usage so we are adding it back. This will primarily help with SSO integration with NZQA and the MoE DI4OL Broker.
It is up to the school to manage the privacy of this information
-
[ADMS-172] Surface the custom fields fields sent from KAMAR
Custom Fields are now available as the following placeholders in an Attribute Mapping.
<custom1>
,<custom2>
,<custom3>
,<custom4>
,<custom5>
Placeholder length modifiers must now be separated by a semi-colon.
e.g
<username4>
must be updated to<username;4>
-
[ADMS-133] Return error to KAMAR when XML is invalid
-
[ADMS-166] Validate and trim script paths
Version 2.5.2 Released 2021-12-11
Changes
-
[ADMS-169] Add infourl and privacystatement to Check response
Comply with changes to KAMAR coming in Jan 2022
Version 2.5.1 Released 2021-01-24
Changes
-
[ADMS-164] - Only return limited success response to data requests
Comply with the new slimline response KAMAR now expects for data requests (full, part, photo etc).
Version 2.5.0 Released 2020-11-25
Changes
-
[ADMS-148] - New Look KAMAR Changes
Handle changes to data sent from New Look KAMAR and new 2021 requirements
-
[ADMS-149] - Update ADMS Certificate
Updated self-signed TLS certificate with extended expiry date
Bug Fixes
-
[ADMS-106] - Left Users are still processed once in LeftOU
Fixed an issue where Left users would still have their password validated and needlessly reset.
-
[ADMS-116] - sAMAccountName constraint is unclear
Fixed the current behaviour of taking the first 10 and last 10 characters from the username when trimming the sAMAccountName. New behaviour truncates the sAMAccountName to 20 characters.
Recommendation is to configure the username length limit in KAMAR first to avoid confusion.
-
[ADMS-142] - Left script never called
-
[ADMS-154] - Handle missing XML elements
New Features
-
[ADMS-141] - Mapping for MOE Type
The placeholder can now be used in an AttributeMapping (eg. RE = Regular Student)
Version 2.4.1 Released 2019-09-15
Bug Fixes
-
[ADMS-140] - The Home Drive dropdown displays the default drive letter and writes a number to the service config
Appeared in v2.4.0
Only effects ADMS when the Home Drive letter in the ADMS Admin Console was changed to correct the display issue after upgrade
ADMS will attempt to revert the incorrect drive letter back to the original specified
Version 2.4.0 Released 2019-09-01
New Features
-
[ADMS-138] - Update KAMAR Schema
ADMS can now utilise data from KAMAR that has become available since the last update.
Changes
-
[ADMS-107] - Remove special processing of profilePath
-
[ADMS-112] - Add detail to logging in OU state checks
-
[ADMS-114] - Migrate profilePath to an AttributeMapping
-
[ADMS-139] - Update Options returned to KAMAR
Bug Fixes
-
[ADMS-110] - Staff users orphaned when no classification from KAMAR
Fixed an issue with context validation that occurred when a staff user did not have a classification set in KAMAR. This prevented ADMS from updating the user until a classification was set and the user was manually moved into a sub OU.
-
[ADMS-113] - When the profilePath setting is empty, the AD attribute is cleared
ADMS no longer clears a user's profilePath if ADMS is not configured to update the profilePath and the profilePath was manually set.
-
[ADMS-117] - Staff photos are not processed
ADMS now handles the
staffphoto
request type
Version 2.3.0 Released 2017-06-19
New Features
-
[ADMS-98] - Sync KAMAR photos
ADMS can now save staff and student photos as a 96x96 thumbnail in the
thumbnailPhoto
andjpegPhoto
attributes and to the local disk or network location for use elsewhere. -
[ADMS-102] - Ability to use caregiver details
Caregiver names and email addresses are now available to use in Attribute Mapping as
<caregivernames>
and<caregiveremails>
. If there is more than one caregiver then the values will be comma separated.
Changes
-
[ADMS-96] - Remove NSN
In an upcoming KAMAR update the NSN will no longer be sent in the Directory Services data.
Impact:
-
The
<nsn>
placeholder has been removed and will no longer be parsed when used in an Attribute Mapping -
The order of the student script parameters order will not change and the value of the NSN parameter will now be an empty string.
-
-
[ADMS-101] - Ensure Directory Services XML is valid before processing
If the request data from KAMAR contains invalid XML ADMS will now return and log an error with the details instead of aborting without anything helpful.
-
[ADMS-103] - Migrate password hash into attribute mappings
The password hash location will be migrated into an Attribute Mapping for each user type (staff & student). The hash format is still set globally in the Service section of the Admin Console.
Resolves issues where a user's password hash is not set/updated when:
- the user's password is in sync
- the hash location is changed
- the hash type is changed
Bug Fixes
-
[ADMS-91] - INF and ERR logs for an invalid user location do not provide enough detail
-
[ADMS-92] - Removing left users group memberships unhandled exception
Worked around an issue where ADMS would occasionally throw an execption (that we didn't expect) when attempting to enumerate a user's group memberships.
-
[ADMS-93] - Left user group memberships not being removed
When a user is identified as left ADMS would clear the group memberships and then add the groups back during group processing.
Version 2.2.0 Released 2017-04-11
New Features
-
[ADMS-82] - Individual config for expire and change password
An Admin can now opt to have the Password Never Expires & Users cannot change password flags set on a user when password syncing from KAMAR is disabled.
-
[ADMS-86] - Add TeamViewer support session link in Admin Console
-
[ADMS-89] - Prompt admin to verify config after upgrade
ADMS now compares the current config version with the service version and will not process sync requests from KAMAR until the config is verified and saved after an upgrade
Improvements
-
[ADMS-54] - Improve request startup logging
-
[ADMS-73] - Use new startingdate element sent from KAMAR
In KAMAR v912.27 the teacher start date was added to Directory Services. ADMS can now use this value and the Starting Threshold to provision staff accounts before they start, rather than as soon as they appear in a sync request.
-
[ADMS-87] - Display an alert when the license is about to expire
ADMS will now display an alert in the Admin Console if the license is due to expire within 7 days.
-
[ADMS-88] - Update password management interface
Bug Fixes
-
[ADMS-40] - Improve the log messages when a script timeout occurs
-
[ADMS-42] - Prevent scripts running indefinitely
To prevent long running user scripts from holding or blocking the script queue, a max timeout of 3600 seconds (1 hour) is now enforced. Script execution that exceeds this time will be terminated.
-
[ADMS-80] -
<empty>
placeholder does not work in the email format configuration -
[ADMS-83] - SMSData missing element types
The
<althomedrive>
and<altdescription>
placeholders are now available. -
[ADMS-85] - Staff Move and Disable Config
The staff "Move and Disable" configuration option was incorrectly linked to the student "Move and Disable" option.
Version 2.1.0 Released 2017-03-06
New Features
-
[ADMS-5] Provide placeholder for staff department list
The
<departments>
placeholder will output a comma separated list (CSV) of a staff user departments without Staff- or Dept- prependedFor example: A user with Staff-Teacher and Dept-English will output Teacher,English
-
[ADMS-12] Map KAMAR Placeholders to LDAP attributes
Admins can now specify a list of AD attributes and the values they should be set to, either based on data from the sync request or static strings
See the Attributes Mapping section on the Student & Staff config areas within the ADMS Admin Console
-
[ADMS-14] Config item to allow password resets
When ADMS is not syncing passwords (i.e only setting them on user creation) it will now obey a
Reset Password
request from KAMAR. This enables a teacher to easily reset the AD password for a student to the one defined in KAMARThe student will then be able to login and change their password as normal.
Password Resets do not apply when ADMS is syncing passwords because the AD password will always be the KAMAR password
-
[ADMS-34] Sync photocopy code from KAMAR
KAMAR is now sending the staff photocopierid field in a request. The
<photocopierid>
placeholder is now available for staff.A Photocopier ID can be set against a staff user in KAMAR under Main Menu > Setup > Users > Personal > Other
Improvements
-
[ADMS-60] Enable setting group email for each group type
Admins now have the option to enable setting an email address and specify a custom format for each type of group (year groups, subject & class groups, staff groups, etc).
ADMS will not update or clear an email address when the config option for a group type is disabled
-
[ADMS-67] Ability to have shortname placeholder for group emails
The
<shortname>
placeholder will shorten the Subject/Class and Staff group names.-
Dept-English will be shortened to English
-
Staff-Teacher will be shortened to Teacher
-
Subject301Eng will be shortened to 301Eng
-
Subject301EngClass1-1 will be shortened to 301Eng-1-1
For groups that don't have a shortname the output of
<groupname>
will be used -
-
[ADMS-68] Re-request license without service restart
Previously, when the license expired and is renewed while the service is running, a service restart was required before the service will start processing requests again
-
[ADMS-72] Only update user AD attributes if there is a config value specified
AD attributes for a user will now only be updated if they have a configured value. This allows special cases where an attribute may need to be manually set to a value that ADMS does not provide
For example: If the config value for
Logon Script
is empty, any value manually set in AD or previously set by ADMS will not be cleared.
Bug Fixes
-
[ADMS-61] Set OU description
ADMS will now set all Managed OU descriptions to ADMS managed Organizational Unit
-
[ADMS-64] Installer should not re-install service
In future versions, the MSI installer will skip service re-install if it is preforming an upgrade. This fixes an issue when the service is configured to run under an account other than
Local System
and was reset back toLocal System
Due to the way MSI works, this change only applies to future updates and the service account will have to be reconfigured after installing this version
-
[ADMS-66] Staff Set Password On Creation setting not persisting to config
ADMS Admin Console was attempting to save the bool to an invalid configuration option
-
[ADMS-70] Groups are processed for an invalid user
When an invalid user (users found in an unmanaged ADMS context) was located, they were correctly excluded from user processing; however their groups were still processed. This has been corrected and a user will be completely excluded when they are found outside the ADMS context