Release Notes for AD Bridge CE 24.4(v3.5.0.1)

November 2024

AD Bridge 24.3(v3.5) includes features for bridging Microsoft Active Directory (AD) on Windows servers with Linux distributions both on premises and cloud to manage Linux client configurations using Group Policy Objects in the AD environment.

We designed this product in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs. You can post feedback in Open Text Forums, our online community that also includes product information, blogs, and links to helpful resources.

For managing policies and cloud agents through the Web console, refer to the Universal Policy Administrator release notes.

1.0 What’s New

The following sections outline the key features and functions in this release:

1.1 Support for Dark Theme UI

The UPA user interface now features a dark theme.

1.2 Support for Gold Standard Universal Policy

UPA now allows you to create a Gold Universal Policy that serves as a template for other universal policies. For more information, see

1.3 Support for RSoP Analysis and Planning Reports

UPA now allows you to view RSoP Analysis and Planning Reports for both Cloud and Domain OUs.

1.4 Support for Universal Policy Differences Report

 UPA now allows you to view the Universal Policy Differences report between the current version of a specific universal policy and the last checked-in version, the last approved version, any two versions, and the version present in the GPO in AD.

1.5 Support for Universal Policy Settings Report

UPA now allows you to view the Settings Report of the universal policies.

1.6 Support for Conflict Analysis Report

UPA now allows you to view a Conflict Analysis Report that shows any other Universal Policies that have the same settings as the selected Universal Policy, but have one or more values on that setting that differ.

1.7 Support for Silent Installation of Agents

AD Bridge now allows you to silently install an agent with a token that can be tied to a specific OU for the agent to land in.

1.8 Support for Agent Policy Push

AD Bridge now supports the Agent Policy Push feature, which ensures that any universal policy created for AD Bridge in the Universal Policy Administrator console is instantly available on the agent machine. For more information, see Agent Policy Push.

1.9 Upgrade Support for AD Bridge 3.5

AD Bridge now supports the upgrade from AD Bridge 3.3 to AD Bridge 3.5 in all supported platforms.

1.10 Support for SAML\OIDC Authentication

Universal Policy Administrator now supports SAML\OIDC authentication integration. For more information, see SAML Authentication.

2.0 System Requirements

For detailed information about hardware requirements and supported operating systems, see AD Bridge 3.5 System Requirements.

3.0 Installing and Upgrading This Version

The AD Bridge 3.5 installation involves multiple component installations to bridge the AD environment, Gateways and a Group Policy Management Console snap-in for the Windows domain. For detailed information about installing these components, see Installing AD Bridge.

4.0 Software Fixes

  • Resolved an issue where installing an Active Directory (AD)-joined agent using a Local Privileged Account (LPA) instead of a Domain Admin account would not allow for the creation of the computer account in Active Directory. (#636087)

  • Resolved an issue where logging into a Linux agent with a user account that is part of a built-in Active Directory group would fail. (#634129)

  • Resolved an issue where, upon installation of the UPA Gateway, it would start a job to collect AD User, Group, and Computer accounts, preventing the exclusion of specific account types. (#637031)

  • Resolved an issue where the UI did not refresh after a Synchronization Target UP was removed from the Source UP, causing the Target UP to incorrectly display as still being connected to the Source UP for synchronization. (#608297)

  • Resolved an issue where the UI did not display AD OUs from all managed domains when attempting to add an AD OU to a Delegation View. (#634166)

  • Resolved an issue where the Gateway job responsible for checking if Universal Policies (UPs) created from Group Policy Objects (GPOs) in AD were still in sync did not reflect the correct sync status. (#626226)

  • Resolved an issue where setting up delegation for a user or group to export UPs to an Organizational Unit (OU) of a specific AD was unclear. (#634162)

  • Resolved an issue where the Gateway's Repository Load job did not allow for AD Group Policy Objects (GPOs) from import into the UPA based on a specific naming convention. (#645010)

  • Resolved an issue where the Cloud OU RSoP Report was missing header and footer details. (#646260)

  • Resolved an issue where UPA did not fully support Group Policy Object (GPO) Security Filtering. (#646286)

  • Resolved an issue where the Export Dialog for Universal Policies created from an Active Directory Group Policy Object automatically selected the original GPO for export. When the GPO picker was opened to select a new or different GPO, it would erroneously include the original GPO, resulting in duplicates and causing issues with the radio buttons. (#646286)

  • Resolved an issue where the database connection string provided during the Gatekeeper installation process could contain a password when Integrated Security was not used, leading to security concerns due to its storage in plain text within the configuration file (Web.config). (#647119)

  • Resolved an issue where the Audit Event View allowed searches based on event and user fields, but did not support searching by the comment field. (#658002)

  • Resolved an issue where the Audit Event View search results could span multiple pages, but the sharing functionality only shared the current page. (#656002)

  • Resolved an issue where, in a SAML or non-AD environment, logging out in the UI would cause it to remain on the page and display a loading spinner. (#670119)

5.0 Known Issues

We strive to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.

5.1 SAML Authentication not Supported for AD Bridge Upgrade

Issue: During the upgrade process, the SAML and Domain Admin Group dialogs do not populate as expected. (Defect #611093)

Workaround: Consider performing a fresh installation of the latest version instead of upgrading.

5.2 SSH Service Fails to Start

Issue:The SSH service on Big Sur fails to start on Mac Agent machines. (Defect #611097)

Workaround:Use the Execute a Command policy to run the command sudo /bin/launchctl load -w /System/Library/LaunchDaemons/ssh.plist to start the SSH service on Big Sur.

5.3 AD Bridge page not responding

Issue: Creating a Universal policy with a large number of settings may display a browser timeout.

Workaround: Consider adding fewer (no more than 50) settings to a single Universal Policy, or wait for the completion of the process. (Defect #602314)

5.4 Silent Installation Issue in Linux

Issue: Silent installation is not supported for adjoint option. (Defect #611271)

Workaround:No Workaround.

5.5 Realm Error on Ubuntu22 Server

Issue:Users encounter a realm error when attempting to install or uninstall the adjunct agent on Ubuntu 22 server. (Defect #593228)

Workaround: To install or uninstall the adjunct agent, use the respective script with sudo privileges: 'sudo ./install.sh' for installation and 'sudo ./uninstall.sh' for uninstallation.

5.6 Re-Install Agent with Hybrid Option Fails

Issue:Re-install agent with hybrid option fails on RHEL 9.x. (Defect #611272)

Workaround:

  • Open Active Directory Users and Computers.

  • Locate the existing AD object(s) for the machine by name. There may be multiple entries with different capitalizations (e.g., one all uppercase, one all lowercase).

  • Delete all existing AD entries for the machine.

  • Reinstall the agent.

5.7 Re-Installation Error

Issue:After uninstalling a Cloud Gateway or Hybrid, the subsequent installation encounters an error at the end of the process. (Defect #590482)

Workaround: No Workaround.

5.8 Inconsistent Spacing with Agent Custom Text and Number Settings

Issue:Agent Custom Text and Number settings do not consistently leave a space when no delimiter is used, with "TF" and "NY" options adding a space but "Text" and "Number" options are not adding a space. (Defect #604405)

Workaround: Use a Command policy with sed or a Deploy File policy.

5.9 Mac Agent Installer Stall Issue

Issue: Slapd compiled for Intel Macs, fails to start on Apple Silicon Macs if Rosetta 2 is not installed.

Workaround:Run the 'softwareupdate --install-rosetta --agree-to-license' command before (or during) the installation. (Defect #607242)

6.0 Contact Information

We want to hear your comments and suggestions about this book and the other documentation included with this product. You can use the comment on this topic link at the bottom of each page of the online documentation, or send an email to MFI-Documentation-Feedback@opentext.com.

For specific product issues, contact Open Text Support for Micro Focus products at https://www.microfocus.com/en-us/support.