Known Issues
Access Control
Access control expiry functionality works only for Application access ACL
Access control expiry feature only works for Application access type access control but it is visible while creating other access control.
Access control priority functionality works only for EPS and Device ID type ACL
Access control priority feature only works for device ID and EPS ACL but is visible while creating other access control.
Local user group visible while creating Anonymous Group application access control
Local user group created in HySecure are incorrectly visible along with DEFAULT_ANONYMOUS_USER_GROUP while creating application access-based access control for anonymous user group.
Authentication & Authorization
SAML Application session not logging out user
User session from SAML application does not get logged out even when user logs out from Hysecure gateway when:
-
HySecure is configures as Identity provider for SAML apps: e.g. Office365, Salesforce published as SAML web apps through HyLite.
-
HySecure is configured as as Service Provider: User gets access to application by logging into SAML Identity provider such as Azure AD.
End-point Security
[Device ID Policy Restriction if related parameters are not selected]{.ul}
Message 'Login denied due to device restriction policy.' is displayed when device ID access control parameters are not configured. For e.g. if user is logging through browser and browser type & browser ID are not selected as device parameters then users may get above message while trying to login from approved browser.
Mac addresses list removal due to search filter
In MAC address-based host scan policy, if Administrator/Security officer searches MAC addresses from host scan sub policy and does not remove search keyword, then only the search results are saved in host scan policy. All other MAC addresses are deleted.
EPS remediation msg may not appear
In case of EPS failure, if a remediation message is configured for a host scan policy, then that remediation message may not appear to end user in case of EPS failure.
HA
Unable to switch user VIP if HySecure gateway is switched
If virtual IP address pool is configured for the user and HySecure gateway handling user session shuts down then in that case user session will be switched to another node but user's virtual IP would not be switched resulting into app access failure and user may have to login again.
Hybrid Mode
Forceful upgradation of HySecure client not working through HyBrid Mode
Force upgradation of HySecure client not working through Hybrid mode.
User may not be able to login in Hybrid mode if EPS/Device ID is enabled from Windows 8 devices
If EPS/Device Id is enabled, then user may not be able to login into Hybrid mode from some Windows 8 devices.
HyID
Incorrect error message when OTP token is entered without requesting OTP token
In this build, if user enters OTP token without requesting any OTP token then user will get incorrect error message 'Authentication failed.' Instead of 'Invalid OTP. Please try again.
HyID Desktop Agent(Windows) not working
In this version, HyID Desktop agent Windows will not work. However, Linux credential provider will be working fine.
Incorrect Client type in HyID log for Linux Credential Provider
If a user has logged into Linux credential provider, then in HyID log client type will be shown as "HyLite Portal".
HyLite
On Mac OS, Accops HyPrint pdf does not work
On MAC OS, HyPrint Pdf printer using HyLite will not work. Since this feature is only supported on Windows OS.
Incorrect Error msg. on HyLite Portal in case of allowed devices exhaustion
If device Id policy has been applied on user and user has already logged in from allowed number of devices and user tries to login from new device using HyLite portal, then user will get incorrect error message.
Incorrect msg: You are denied to login due to DEVICE Identification policy. Please contact your VPN administrator.
Generic error message on HyLite Portal when login denied due to EPS failure
If user tries to login from a device which does not fulfill EPS host scan policies, then a generic error msg would be shown to user.\ Error msg: "You are not allowed to login from this IP address".
Username more than 25 characters will not wrap in application page in HyLite Portal
Username with more than 25 characters will not wrap and due to which will not be completely visible in applications page (Left edge of screen) in HyLite portal.
Internationalization
Session expiry message due to idle timeout and force logout appears in English language on Japanese Client Machine
If a user is logged out of HyLite portal due to idle timeout or Force logout on Japanese desktop, then also user get session expiry message in English language.
Japanese characters not supported in HySecure management console
In HySecure gateway, Japanese characters will not be supported in following fields: Application name, Application group, Local user, Local user group, Authentication server Admin bind.
Logging & Reporting
HyLite log file download option not working from HySecure management console
In this release, option to download HyLite logs from the management page is not working. Administrator can download HyLite logs from backend using WINSCP tool.
Activity Log and HyId Log may not generate for ADS module in case of auth failure
While logging through ADS module, if a user either incorrect username or incorrect OTP or incorrect password then Activity log and HyID log may not generate.
Miscellaneous
Password policy getting bypassed when administrator user reset password from user profile
Password policy does not apply while administrator tries to set password from user profile.
PDF file downloads instead of print if PDF reader is not installed on local machine
If PDF reader is not installed on local machine, then using IE 11 browser PDF file will be downloaded instead of printing while giving print using HyLite Accops printer.
Print option not visible through Edge browser if PDF reader not installed on local machine
If PDF reader is not installed on local machine, then using Edge browser (v41), print option will not display while give print using Accops printer/Accops HyPrint.
Manual RMS configuration after applying upgrade patch
After applying upgrade patch, administrator needs to configure RMS file again. Administrator also needs to restart httpd service after configuring.
RMS not working in HySecure Version 5.2 SP2
In this build, RMS feature will not be working. To use RMS feature, it is recommended to use HySecure V5.3 .
User logged out from HySecure client when more than 160 applications are assigned
If user has more than 160 applications, HySecure windows client will automatically exit after login.
User session remains active on Hyworks if idle timeout is different
Idle timeout in Hyworks controller must be greater than Idle timeout at HySecure gateway. Login into HySecure as AD user and keep user idle for the defined time so that user session ends after idle timeout.
Expected Result: User session should end in both Hyworks and Hysecure and User machine. Actual Result: User session ended on user machine and HySecure gateway but remained active on Hyworks controller.
Application reconnect does not work with shell mode
If shell mode is enabled in connection profile page on HyWorks, HyLite does not support application reconnect in shell mode.
User unable to login if exists in 250 or more user groups
If an Active directory user exists in 250 or more than 250 user groups, then user will not be able to login into HySecure gateway.
SSO with HyWorks fails if user exist in 110 or more user groups
If an Active directory user exists in 110 or more than 110 user groups, then user will not be able to access Hyworks applications/VDI/SHD.
Unable to delete all IP address pool
If administrator selects all IP address pools, then only oldest one will be deleted. To delete all the pool, security officer has to repeat this process until all the pools are deleted.
Mac ID validation using External API not working
In this version, Mac ID validation for auto approval of device will not work.
Custom RDP resolution not being set
In RDP application published through HySecure gateway, custom resolution will not be set by the option provided while publishing RDP application. RDP application will work in maximum resolution in all cases.
Open Program in RDP application not working
Open Program option provided to open an application inside the RDP application published through HySecure gateway is not working in this version.
App IP address shown as null in case of My Desktop Fileshare type application
If user accessed My Desktop file share type application, then in Activity logs App IP address will be shown as null.
Internal server error expired local user account modification
Administrator/Security officer may get internal server error if tried to modify expired local user account.
Local user search based on UserID will not work
In this version, local user search by User ID filter will not be working.
Security officer user creation even if confirm password field is left blank
In this version, security officer user account will be created successfully even if confirm password field is left blank.
Single IP address and Port range TCP application may not work
If an application published with single IP address and port range, it may not work in this build.