Agent Release 1.8.0
Feature – CLSID support - giving you enhanced ability to approve/deny and build rules for system functions and not just installs. As an example, now elevation requests and notifications will be raised when a user requests to change the network adapter setting or wants to uninstall an application. Previous versions of the agent would simply allow the UAC to come up instead of dismissing and processing it when a UAC was referencing a CLSID (com object in the registry). Including CLSID support will now give greater visibility into activities that the user initiates that require elevated privileges.
Feature – Technician Mode Authentication now can be turned off/on or set to Auto - This feature will allow you to decide if going into Technician Mode should require authentication (‘On’), not require authentication (‘Off’), or should dynamically change based on the privilege level of the user logged in (‘Auto’). When set to ‘Auto’, authentication will not be required when the logged in user has Standard privileges but will be required when the user had Administrator privileges. This will simplify environments that use outsourced help desk services.
Refinement – Remote Desktop Support for active (non-console) session users. AutoElevate will now work for clients using the MSTSC / RDS client.
Refinement – All dialogs come to the top so that when numerous applications are open, dialogs don’t get buried and go un-noticed.
Refinement – Alert app notifications show up in the taskbar with an icon so that messages don’t go un-noticed.
Refinement – Main titles are now parsed from UAC dialogs and then displayed to the end user, and in the request. This gives a better description of what is being requested in many cases.
Refinement – Adjustments to help with error tracking.
Refinement – Logging refinements.
Refinement – Adjustment which increases the reliability of how certain approved applications proceed through installation or launch.
Bug Fix – System state is still reported on systems that do not use System Restore registry keys.
Bug Fix – Fixed issues with how the agent handled the system being ‘offline’.
Agent Release 1.7.3
Refinement – Agent now can parse arguments which were specified when the UAC was originally encountered and then relaunches the application with token elevation using the same arguments. This method improves the accuracy of how the applications are re-launched and ultimately improves the user experience. With this functionality the agent can now successfully handle the launch of more complex applications including many uninstallations.
Refinement – Functionality added so that when an MMC plugin is approved the plug in is specifically identified and launched as opposed to just the MMC console generically itself.
Refinement/Bug fix – Numerous improvements were made to the updater component. Fix for the problem that was found to occur in a small percentage of cases where the updater would fail part way through updating which would leave the AutoElevate program folder missing.
Refinement – Actions were added to the agent so that it has the ability to restart the AutoElevate Agent service and also the WMI computer service.
Bug Fix – Agent modified to read ticket number properly for Autotask and Kaseya plugins.
Bug Fix – Alternate methods of logged in user being identified have been incorporated to remedy certain situations where the user could not be displayed but instead would display “Unknown User”.
Agent Release 1.6.1
Refinement – “RuleApplied” event is now sent when approval is applied by a rule for password mode or for a network resource.
Refinement – Functionality has been added so that MSI files can be launched with token elevation by being identified and then launched using MSIEXEC.exe.
Bug Fix – Problem was resolved with interception of the Windows UAC for applications that included an “&” symbol.
Agent Release 1.5.0
Feature – Policy Mode – Policy mode is now added to the list of available agent modes (Audit, Policy, Live, Technician) and is designed to be functionally between Audit and Live modes. Policy mode will apply any defined rules to an agent but will NOT invoke the Real-Time evaluation process if a rule has not been defined but will instead allow the UAC to appear. Policy mode will allow an MSP to make and apply rules for key applications that have an immediate use case benefit but will not prompt the user or technician for evaluation of anything unknown. Policy mode will allow MSPs to immediately put standard user machines into Policy mode and to start deriving time savings and benefit while still evaluating user activity.
Bug Fix – Adjustments have been made to the startup sequence of the Agent service and the logic on what happens at startup. Previously on some systems during the boot-up process the AE agent would start up prior to the computer having access to the network and/or Internet. The AE Agent then would be offline for an interval of 5 minutes in which time a user on occasion would have time to login and launch something requiring admin privileges and in those circumstances the UAC would not be intercepted.
Bug Fix – Previously on Windows 7 workstations when technician mode would exit Windows would give a crash report that the program was ended which looked like an error. In version 1.5.0 this has been fixed.
Refinement – Now when a process has been launched that has an ‘approved’ rule, the default action will be for the process to be re-launched with elevated privileges automatically and no further dialog will be displayed stating that the application/process has been approved. Adjustments have been made to the agent so that the previous dialog box stating that the process is ‘approved’ can be turned on as a preference.
Refinement – Self updating agent – new features have been built into the agent which will allow the agent to be updated automatically. Further changes will be made to Admin Portal to address how updates will be rolled out and how change management is dealt with by the MSP.
Refinement – Technician mode timeout – Technician mode will now be set by default to go back to live mode automatically after 60 minutes. The agent has been adjusted so that this timeout interval can be adjusted by the MSP in preferences.
Refinement – Neutral language on alert dialog – a couple subtle changes have been made to words used on the dialog boxes so that they would make more sense to international users.
Refinement – Changes have been made to the Alert app so that other applications can be opened up on top with the intent that going forward the timed interval could be increased if desired without disrupting the end user’s work.
Refinement – Changes have been made to fine tune the performance of the Agent regarding data collection and transmission.
Refinement – Real-Time timer interval can now be adjusted according to the MSP’s preference. When set to ‘0’ a newly worded dialog box will come up in place of the timer letting the end user know that a ticket has been opened and that they will be notified when evaluation of their request has occurred.
Agent Release 1.3.0
Refinement – Password Mode has been enhanced so that rules having password mode enabled will work when the Agent is offline, the additional dialog boxes were eliminated, and now the password is entered into the initial Windows UAC without initially dismissing it making for a more seamless experience. Now applications which are launched from a network share automatically use password mode to elevate privileges.
Refinement –MSI installer now allows installation of the agent in “Live”, “Audit”, or “Technician” mode by using a command line option or argument. Being able to force installation in the mode of your choice makes it possible to automate installation rules via GPO or with an RMM to ensure all new installations are in the correctly desired mode without having to manually change Agent status.
Refinement – The AESetup.msi file as well as all binaries that are unpacked and installed are now signed with AutoElevate digital certificate. This will help ensure the integrity of the application as well as prevent some antivirus systems from blocking installation based on that criteria.
Refinement – AEAdmin user is created at installation and then hidden from the login screen until after user logs in. It remains hidden when the system is in Audit and Technician mode, as well as when the user logs out. Having the AEAdmin user created and ready for use facilitates its expedited use during a privilege request.
Bug Fix –In certain circumstances and environments applications being launched from network shares would not to be intercepted or elevated due to network share permissions not allowing specific interaction over the network with the Windows system account. This issue was identified and fixed so that access to any network share is accomplished using the permission level of the logged in user as opposed to the machine system level privilege.
Bug Fix –On some systems the ‘technician mode’ link could not be accessed from an approval dialog box.
Bug Fix – Under certain circumstances if a user quickly cancelled out of the Windows UAC then additional UACs afterwards would not be intercepted until the Agent service was restarted.
Bug Fix – In some environments password policy complexity rules would prevent the AutoElevate admin user from being created and in some cases would then fail to install the agent. The AutoElevate password has been reduced to 127 characters.
Agent Release 1.2.0
Refinement –MSI installer now allows you to manually install the agent without preparing a special “reg” file or manually making registry entries. Basic options can be set during installation by the person doing the installation.
Refinement –MSI installer now allows all necessary agent settings to be set using command line options or arguments. Being able to specify the agent installation options in this way now makes it much easier to use a variety of RMM, GPO, scripted, or other deployment methods and options.
Please see “System Agent Installation” in our online Support documentation for additional details of installation options.
Agent Release 1.1.0
Feature – Ticketing numbers were added to client facing dialog boxes.
Feature – Added new logic giving end users notification when there is a duplicated request (i.e. the user repeatedly requests the same thing numerous time). We have also eliminated duplicate requests going to technicians when they are within the same 24-hour period. Each time a user makes additional request for something previously requested a note is added to the existing ticket in ConnectWise. If the original request was more than 24 hours ago the technician is notified again via the mobile app if the request is made again.
Bug Fix – Additional methods to enumerate user information were added.
Bug Fix – Resolved issue with UAC Trigger detection on Windows 10 machines which would fail due to having a tilde in the path.
Refinement – Adjusted Agent so that it can identify UAC that have source files originating from network locations.
Refinement – Ticket #2032 – additional logic built around successfully identifying source files which call other files launching from Temp file locations.
Refinement – Added new Events for the event logs of:
- “UAC_TRIPPED_TRIGGER_UNKNOWN” – this will help for future troubleshooting and analysis of the agent.
- “RULE_APPLIED” first steps which will allow us to further build in the ability to report on the number of times rules have been applied as well as other analysis of rules.
Refinement – Certain computer settings related to the agent have been encrypted and/or removed from the registry to help maintain security of the overall system and to remove potential for these settings to be exploited by someone with Admin access to the machine from carrying out a “man in the middle” style hack or other similar type exploits.
Refinement – Temp files used by Agent processes to store system state and other misc. information during UAC event and approval have been encrypted and/or removed to help maintain security of the overall system and to remove potential for these settings to be exploited by someone with Admin access to the machine from carrying out a “man in the middle” style hack or other similar type exploits.
Refinement – Change in routine of how agent determines its mode when being installed. Agent will retain the existing Agent Mode (Audit/Live/Technician) when installed as opposed to automatically reverting to Audit mode. Labtech scripts have been adjusted to no longer compensate for existing Agent Mode since it is now handled by the Agent itself.
Refinement – Changes have been made to fine tune the performance of the Agent regarding computer process data collection.
Refinement – Additional changes have been made to ensure consistency and integrity of Agents ability to identify UAC events and source files.
Refinement – Approval dialog boxes have a new look and are changed to allow for more control and interaction with other agent processes.
Refinement – Callback routine has been improved so that when a requested application has been approved, put into Password Mode, and then the client immediately re-requests the same application the agent won’t get caught in Password Mode or have an extra dialog box appear when the Callback process to the Agent happens.
Refinement – Agent has been modified so that if Windows file system fails to return file path information to the UAC dialog box our Agent will still remove the UAC and prompt the user to attempt execution of the app by right-clicking and running as Administrator.
Refinement – Agent has been modified so that on extremely slow Windows computers our application will only attempt to parse the UAC for 5 seconds before it removes the UAC and then prompts the user to attempt execution of the app by right-clicking and running as Administrator.
Refinement – Adjusted the dialog box when something is denied from a rule so that the text is not cut off on Windows 7 machines.