support

More feedback from another customer in Australia: "I have uninstalled KB5009557, and the issue has been resolved. For completeness, I have installed the Out of Band update KB5010791 that fixed issues introduced by KB5009557, and the issue is still resolved." Regards, Click Studios.

Hello, Unfortunately there has been no progress on this, as there has not been any customers voting on this feature so far. Could you be specific about the data you wish to send across, and it what format? Thanks Click Studios

Hi Andrew, You must have one or more Password Lists configured in Passwordstate, that has the URL field selected for use. Please edit the properties of your Password Lists to select this field. Regards Click Studios

Hi Scott, Push notifications are not part of the standard for TOTP or HOTP, so unfortuantely this is not possible? Can we ask if you are also authenticating to Azure? If so, you can use our SAML Authentication integration for this, and then you could use the Push Notifications. Regards Click Studios

Hello Annop, You cannot point a newer insall of Passwordstate to an older database, otherwise it will try and upgrade the database when you do - and then you will not be able to use your production environment. I would suggest following the upgrade instructions again, and hopefully you should not have any issues - but please log a support ticket here if you do - https://www.clickstudios.com.au/support.aspx Regards Click Studios

Hello Anoop, Here is what you will need to do, if you want to connect to an existing DB: On your new server, disable the Passwordstate Windows Service for now - you do not want it to duplicate any processing that your production "primary" server will be doing You need to ensure you have the same build numbers installed. Check the file c:\inetpub\passwordstate\bin\passwordstate.exe, and this can tell you the build number. If you've installed the latest build, but production is on an earlier build, then you will need to first upgrade production to the same build - https://www.clickstudios.com.au/downloads/version9/Upgrade_Instructions.pdf Now on your production server, go to the screen Administration -> Authorised Web Servers, and add your new web server here - it will be another 'Primary' server Now from your production server, copy across the file c:\inetpub\passwordstate\web.config file, across to your new server. Before you do this, open this file and ensure the database connection string, and appSettings sections are not encrypted - you will need to decrypt them first if they are We hope this helps. Regards Click Studios

We've had feedback from another customer, that below is the list of updated they believe could cause this issue: Windows 11 - https://support.microsoft.com/en-us/topic/january-17-2022-kb5010795-os-build-22000-438-out-of-band-2d2b9310-d845-41c4-9907-aeea24f36a63 Windows Server 2022 - https://support.microsoft.com/en-us/topic/january-17-2022-kb5010796-os-build-20348-473-out-of-band-2e0408ba-10d4-4c68-9b3d-cc5fb8d6f4a8 Windows 10 version 20H2 till 21H2 and Windows Server 20H2 - https://support.microsoft.com/en-us/topic/january-17-2022-kb5010793-os-builds-19042-1469-19043-1469-and-19044-1469-out-of-band-f2d4f178-5b36-49cb-a6fd-4bf9857574f9 Windows 10 version 1909 - https://support.microsoft.com/en-us/topic/january-17-2022-kb5010792-os-build-18363-2039-out-of-band-631ef9bc-7b22-4932-aa7a-a0c2499bbf9a Windows Server 2019 (Addendum: Now released) - https://support.microsoft.com/en-us/topic/january-18-2022-kb5010791-os-build-17763-2458-out-of-band-43697313-d8e0-4918-b6df-7f64d4d9a8cd Windows 10 version 1607 and Windows Server 2016 - https://support.microsoft.com/en-us/topic/january-17-2022-kb5010790-os-build-14393-4889-out-of-band-567c392a-b10c-4dba-bed5-d3648af05164 Windows 10 version 1507 - https://support.microsoft.com/en-us/topic/january-17-2022-kb5010789-os-build-10240-19179-out-of-band-e99c8948-dadf-49e2-8ba3-479b80064c5f Windows Server 2012 - https://support.microsoft.com/en-us/topic/kb5010797-out-of-band-update-for-windows-server-2012-january-17-2022-1f14f497-8404-404d-8d78-0c962c9e486d Regards Click Studios

Hello, Unfortunately we have no way of restricted that - we only have the feature of controlling who can create each type of Password Lists directly beneath Passwords Home. Regards Click Studios

Hi Feek, The Passwordstate Windows Service is the tool that purges the recordings, so if this is not started, or there is some sort of exception in the Event Logs, then this may prevent the sessions from being deleted. Perhaps log a support call through our support page here: https://www.clickstudios.com.au/support.aspx When logging this, Could you please download and run the Powershell script in this forum post on your Passwordstate web server, and send us the results? https://forums.clickstudios.com.au/topic/2518-passwordstate-support-information-script/ Also, maybe try marking all the recordings as complete manually, as per screenshot below, and restart your Passwordstate service. Now monitor to see if the bad behaviour comes back? Regards, Support

Windows patching in January 2022 has caused logins into some Passwordstate instances to fail. Affected instances use Active Directory authentication options. We are getting reports that the LDAP / LDAPS protocol can be impacted. Associated KB Articles: KB5009557, KB5009546, KB5010790 and cumulative update (April 2022) KB5012596. https://support.microsoft.com/en-au/topic/january-11-2022-kb5009557-os-build-17763-2452-c3ee4073-1e7f-488b-86c9-d050672437ae Click Studios has tested the January 2022 patches in our Test Lab, Consisting of Windows Server 2016, 2019 and Server 2022, and have been unable to replicate the issues. We've tested with the web servers joined to an Active Directory domain, and when it only belongs to a local Workgroup. If customers are impacted they may need to consider rolling back or uninstalling the associated patches. Customers should fully consider any organizational risks before uninstalling Microsoft Patches. These patches would need to be uninstalled from your Passwordstate web server, until Microsoft can resolve the issue. We encourage any customers experiencing issues, or If they have additional information regarding this, to contact Click Studios Technical Support and we will update this forum post. Regards, Support.

Hi Alex, Yes, you can do this from the screen Administration -> Password Folders. Regards Click Studios

Hello Everyone, Today we have released build 9414. For full details, please refer to our changelog here https://www.clickstudios.com.au/passwordstate-changelog.aspx Regards Click Studios

Hi Jason, Unfortuantely we do not support those Password List authentication options within our API(s). To clarify some functionality you might be able to use: You can have per Password List API Keys - you do not need to create the System Wide API Key if you do not wish to use it You can enable Two-Factor Authentication for both of our API(s) - but this applies to all calls to the API(s) Or you can use our Windows Integrated API, as this does not use API Keys Hopefully one of these suggestions will help. Regards Click Studios

Thanks Alex. Could be a large number of FAQs if we do document changes to all the default settings For the next build, we've changed the wording for the popup tooltip to read "Exporting Passwords has been disabled for this Password List. Please edit Password List properties to re-enable if required." Regards Click Studios

Hi Alex, Can you edit the Propertites of this Password List, as there is an option at this level to disable this export feature. Does that help? Regards Click Studios

Thanks Tobias - we'll test with that. For these other applications, is it worth also logging a support ticket with them, asking them to honour the disabled status, just like we do? Regards Click Studios

As of build 9400, there is a new menu under the main Tools menu called "Import Passwords". All imports have been consolidated under this menu now. Regards Click Studios

Sure, thanks Tobias. We have tried in the past to replicate this issue, so we could add a notification, but we can never seem to get it to fail, even when the Priv Account is only in the Domain Users security group. Regards Click Studios

Hello Tobias, This synchronization process has not changed for a long time, so we do not believe the upgrade is related in any way. As it's failing because it does not have permission to an object, we would expect customers would want to know about this, instead of just ignoring the object. Regards Click Studios

Links provided to Click Studios from the customer who requested this can be seen below. Microsoft will be dropping support for Basic Authentication late 2022, which is what the current email settings use in Passwordstate: The full article about the deprecation of basic authentication by Microsoft: Deprecation of Basic authentication in Exchange Online | Microsoft Docs. They recommend to switch over to OAuth 2.0 authentication or Microsoft Graph API for alle messaging protocols used with Exchange Online Authenticate an IMAP, POP or SMTP connection using OAuth | Microsoft Docs. Microsoft regards something as basic authentication whenever the authentication credentials are saved on the server/client from which the authentication takes place. More links on modern authentication:” Announcing OAuth 2.0 support for IMAP and SMTP AUTH protocols in Exchange Online - Microsoft Tech Community New resources for moving to Modern Authentication - Microsoft Lifecycle | Microsoft Docs

Thanks Alex. We'll take a look to try and see why this is timing out, and provide a fix for it. We do have the database timout queries set to unlimited, so this might be in the web stack.

Hi Tobias, As we do not look at OU's at all for our synchronization process, and only Security Groups, we can only assume moving to a different OU is changing permissions on those Security Groups. For the Privileged Account Credential you are using in Passwordstate for the AD sync process, can you check what security groups it is in, and compare against permissions on the OU and Security Group you are synchronizing? It looks like Priv Account might not have enough permissions, and you will need to test elevating it's access i.e. try the Account Operators group, and if that does not work, test with the Domain Admins group - just as a test to prove if it's permission related or not. Regards Click Studios

Hi Alex, Could you also try the "Export to Excel (97 - 2003)" option to see if you run into the same problem? Thanks Click Studios