Duo Release Notes for November 9, 2018


Hello everyone! Here are the release notes for the most recent updates we’ve made to Duo.

You can subscribe to notifications for new release notes by following the process described here. If you have any questions about these changes, please comment below.

New and updated applications

Duo Authentication Proxy 2.11.0 released

  • Added support for channel binding validation during LDAP authentication over SSL\TLS on Windows Server. See Microsoft KB 4034879 for more information about the LDAP Enforce Channel Binding setting.
  • The connectivity troubleshooting tool now checks that the api_host in a [cloud] section is accessible.
  • Corrected an installation issue on Linux systems due to the PYTHON environment variable.
  • Reworded fail mode result messages to improve logging consistency.

Duo Network Gateway 1.4.2 released

  • Fixed a bug that would cause Duo Network Gateway to not correctly establish a successful SSH connection in some situations.
  • Fixed a Scripted Configuration bug that would cause Scripted Restore to fail in some cases.

Duo Mobile 3.23.2 for iOS released

  • Updated the account list display on Apple Watch to make it easier to read.
  • Added new service icons: Uber, Keeper, and Reddit.
  • Added a new splash screen when backgrounding the app.
  • Miscellaneous bug fixes and improvements for increased stability.

Duo Unix 1.11.0 released

  • Added configuration options for parsing the Duo username out of the GECOS field: “gecos_username_pos” and “gecos_delim”.

Duo Oracle Access Manager (OAM) Plugin 1.2.0 released

  • Now allows use of alternate identity store.

New features, enhancements, and other improvements

Policy Impact Report for Duo Access and Duo Beyond customers

Duo Admin Panel Security Key language update

  • When WebAuthn Credentials or U2F tokens are used as a second-factor authentication method, the Authentication Log in the Duo Admin Panel now displays “Security Key” as the authentication method with a dropdown showing which API was used. The credential/token ID is also shown.

Miscellaneous enhancements

  • Added the ability to implement an exclusion filter on the Authentication Log filter bar in the Duo Admin Panel.
  • Clarified the access and authentication device field names in the Authentication Log CSV/JSON export (via “2FA Device” and “Access Device” prefixes), and added authentication device location info, if present.

Bug fixes

  • Fixed a bug whereby the allowed length for an administrator name was longer for the browser input than in the database, causing the user-entered value to be truncated unexpectedly.
  • Fixed a bug causing a Duo Admin Panel user to be redirected to the Dashboard when editing an existing admin’s profile if the form had invalid data when submitted.
  • Microsoft Azure Active Directory can no longer be created through the Admin API, which resulted in a broken integration.