Host Access Management and Security Server - Release Notes

December 2020

Management and Security Server (MSS) version 12.7 released December 2020.

1.0 What’s New

Management and Security Server 12.7 released with Host Access for the Cloud version 2.6.

All MSS releases are cumulative, and contain the features introduced in earlier releases. See what’s new since 12.6 SP1. For previous versions, see MSS Documentation.

1.1 Features

  • Assigned Sessions list. Users of Host Access for the Cloud, Reflection Desktop, InfoConnect Desktop, and Reflection for the Web can launch their sessions from an HTML-based portal (no Java required). (Introduced in 12.6.11; improved in 12.7)

    The Assigned Sessions portal replaces the Java-based links list. For more information, including the product version requirements, see Providing Access to Sessions in the MSS Administrative Console help.

  • Added ability to adjust SAML Service Provider settings: session timeout and assertion signing. (12.7)

  • Added support for accessing the MSS Administrative Console using Single Sign-on through IIS authentication. (12.6.12)

  • Applied multiple bug fixes and security updates.

1.2 Changes in Behavior and Usage

  • SAML. Beginning in MSS 12.6 SP1 Update 2 (12.6.12), the SAML callback address URL has been simplified to use only path parameters rather than query string parameters. This change provides greater compatibility with SAML providers going forward.

    When upgrading to MSS 12.6.12 or higher:

    • Existing deployments using SAML must re-import the service provider metadata file to update the callback address; otherwise SAML authentication will stop working.

    • Alternatively, the following property can be set in the MSS file to maintain the current URL syntax: saml.path.parameter.callback.url.enabled=false

      Be sure to restart the server.

  • Java-based Links List. (12.6.12)

    • The Java-based links list applet is disabled and has been replaced by the Assigned Sessions list.

    • Direct session links copied from the Java applet links list or Administrative Console from previous versions of MSS are re-directed to the new Assigned Sessions list.

    • Settings in the Administrative Console that uniquely pertained to the Java applet links list and Reflection for the Web have been removed.

  • Legacy emulators. (12.6.12) Support for managing Extra!, InfoConnect, Reflection 14, and Verastream sessions has been removed. If you need assistance, please contact Customer Support.

2.0 Known Issues

  • NTLM. Customers using Single Sign-on through Windows Authentication (NTLMv2) as their authentication method are subject to the “Netlogon Elevation of Privilege Vulnerability” (CVE 2020-1472).

    To mitigate this vulnerability use a different authentication method, such as LDAP, SAML, Single Sign-on through IIS, X.509, or SiteMinder. For more information see Knowledge Base Article 7024851.

If you encounter issues with Management and Security Server 12.7, contact Micro Focus Support.

3.0 Contacting Micro Focus

Check these online resources.

For specific product issues, contact Micro Focus Support.