Released: Jun 4, 2026

Server and Console 2026.2.4.0 中的更新

特性

Server

• Core - Added a certificate-based Conditional Access Policy for certificate authentication.
• Core - Added a dedicated AI Assistant entry in DVLS.
• Core - Added a new credential mode to save and autofill social logins with the Password Manager extension.
• Core - Added in-app notifications when a new DVLS server version is available.
• Core - Added support for Microsoft Entra ID authentication using delegated permissions.
• Core - Added the ability to configure the number of simultaneous checkouts allowed for an entry.
• PAM - Added the ability to configure a default elevation group during checkout.
• PAM - Added the option to require MFA when checking out a PAM account.
• Web - Added Brandfetch auto-complete support when creating website entries.
• Core - Added a search bar in the user selection dialog when creating a new domain user, searchable by sAMAccountName, displayName and OU.
• Core - Added CVE vulnerability checks on the security dashboard with upgrade recommendations.
• Core - Added the ability to filter entries by connection type through the REST API.
• Core - Email notifications now use the user's configured language preference.
• Core - Improved contractor user management with a redesigned onboarding experience, automatic password generation, and clearer disabled user indicators.
• Core - Reduced the in-app trial period from 30 days to 14 days.
• PAM - Added a "Skip TLS validation" option for the Windows provider.
• PAM - Added support for using the provider account for SSH password heartbeat when target accounts have SSH access disabled.
• PAM - Enhanced password rotation scheduling with more flexible configuration options.
• PAM - Improved access requests to include the full hierarchy of linked connections.
• Web - Added a button to clear all user notifications.
• Web - Added a Convert button to the legacy website banner for faster entry conversion.
• Web - Added a notification in the Administration Dashboard when a new DVLS version is available.
• Web - Added vertical navigation in the Administration and Reports areas to make settings easier to find.
• Web - Extended user synchronizer support in the web interface.

Console

• The passwords file generated during a Basic Install now includes the SQL Express server/instance name for easier follow-up installs.

修补程序

Server

• Core - Fixed a missing translation when requesting access to available vaults.
• Core - Fixed a NullReferenceException that could occur when a deleted connection notification was processed.
• Core - Fixed a portable license error ("Invalid license: RDM") on first login.
• Core - Fixed a regression where Custom permissions behaved as Denied in web and RDM clients.
• Core - Fixed a regression where vault assignments were not applied during user group import.
• Core - Fixed a SQL timeout when renaming folders containing a large number of entries.
• Core - Fixed an Access Denied error when non-admin users tried to add an entry from a template.
• Core - Fixed an error when opening Duo MFA settings and improved invalid credential validation.
• Core - Fixed an error when starting a trial with an no email address.
• Core - Fixed an issue where duplicating a folder did not copy sub-entries.
• Core - Fixed an issue where entry types disappeared from Type Availability when the last selected vault was content-restricted.
• Core - Fixed an issue where removing an expired license incorrectly prompted for DVLS Free.
• Core - Fixed attachments being lost when moving entries to another vault.
• Core - Fixed DVLS being unable to connect to SQL Server on Linux when TLS encryption was enabled.
• Core - Fixed Entra App Proxy pre-authentication failing when the DVLS account had MFA enforced.
• Core - Fixed linked external vault information not being saved when linking an SSH key.
• Core - Fixed missing translation and username details in temporary access approval emails.
• Core - Fixed Syslog over TCP messages not being RFC 6587 compliant, preventing ingestion by some collectors.
• Core - Fixed the "Do not show again" option not working in the Clipboard Privacy warning dialog.
• Core - Fixed trailing spaces being saved in Tags and in Notification Subscription "Exact expression" parameters.
• Core - Fixed User Settings Vault and Global settings not working for non-admin users in RDM.
• Gateway - Fixed an issue where "Ping all Gateways" incorrectly reported failures.
• Gateway - Fixed an issue where Gateway vault security incorrectly applied to PAM providers.
• Gateway - Fixed GatewayManager creating a short-lived, undisposed HTTP client for every request, which could lead to socket exhaustion.
• Gateway - Fixed the Update button remaining disabled after deleting a configured Gateway.
• PAM - Fixed a regression where inherited OTP no longer worked on PAM accounts.
• PAM - Fixed an issue where admins appeared as approvers even when disabled in settings.
• PAM - Fixed an issue where approval through role/group permissions did not work.
• PAM - Fixed checkout approvers not appearing in the approvers list when no PAM license is assigned.
• PAM - Fixed having to scroll to access buttons in Reports > PAM Check-out requests.
• PAM - Fixed incorrect "license required" messages shown to licensed PAM users.
• PAM - Fixed PAM account details remaining visible while the account was checked out.
• PAM - Fixed the PAM scheduler hanging on local Windows account scans when the target stopped responding.
• PAM - Fixed the Windows Local Account provider template scan returning no results.
• Web - Fixed a toast notification incorrectly showing "Not found" when deleting entries.
• Web - Fixed a TypeError when opening Advanced Search as a user without a user vault.
• Web - Fixed RDP/VNC/ARD left mouse clicks triggering a right-click in the web client when running in Firefox.
• Web - Fixed the SSH web app not prompting for the private key passphrase when one was required.
• Web - Fixed unnecessary icon cache fetches caused by virtual scrolling.
• Web - Fixed web RDP sessions not invoking the KDC Proxy, causing Kerberos authentication to fall back to NTLM.
• Web - Made multiple UI fixes.

Console

• Core - Fixed additional access URIs not being editable in the Kestrel.
• PAM - Fixed an issue where account discovery results were not always re-encrypted after an encryption key change.