Skip to main content
Release 698 (2024-08-12)
A
Written by Arick Disilva
Updated over 2 months ago

New Features

My Account: Ability to View All Servers Associated with an Instance (Cloud)

Sometimes, Teramind may add additional servers to your Cloud instance for better performance and load balancing. However, previously the My Account > Server & Port tab would only show the primary server.

We have made changes so that it will now show all the attached servers:

This will help you configure firewalls properly.

Settings: Options to Configure Daily Digest/Snapshot Email Alerts

By default, the Daily Digest/Snapshot email comes with several sections:

  • Behavior Alerts

  • Emails

  • Instant Messages

  • Printing

  • Websites

  • Productivity

  • New Users

You can configure which of these sections will be included in the email from the Settings > Daily Digest Alerts screen:

Note that if no section is selected the email will not be sent.

Settings/Other: Consent Agreement During Login

This is a feature on request only. Please contact your customer service representative to activate the feature on your instance.

We have added an option, USER CONSENT AGREEMENT TEXT to the Settings > Login Screen. This will allow you to specify any text with formatting and styles:

The text will be then displayed on the login screen:

The user will have to accept the agreement before they are allowed to log into the Dashboard.

API: Ability to Get a User's Details Using Email Address

We have added a new API GET command to get a user's profile via their email address. The command is:

https://<instance>/tm-api/agent/<email|agent_id>?fileds=field1,field2...fieldN

Example 1 (Using Email Address):

https://acme.teramind.co/tm-api/agent/[email protected]?fileds=agent_id,first_name,last_name,department_id

Example 2 (Using Agent ID):

https://acme.teramind.co/tm-api/agent/49?fileds=first_name,last_name,department_id,email_address

If the fields variable isn't specified, the entire profile will be returned.

[Mac] Behavior Rules: Support for Files Content Sharing Rules

We are adding support for the Files Content Sharing rule type in Mac. With support for this rule type, you will be able to create a rule like the one below:

Note that:

  • Only the Content Data content and Content Type TEXT is supported.

  • All file operations such as Access, Write, Copy, etc. are supported.

Check out the Content Tab and Files sections under Content Sharing Rules: What Contents Trigger the Rules (Windows)? on the Rules Guide for more information.

[Mac] Behavior Rules: Support for the 'Private Mode' Rule Criterion (Safari)

We have added support for the Private Mode rule criterion on Webpages Activity Rules. You can now create a rule like the one below to detect private browsing:

Note that the feature is supported on the Safari browser only at the moment.

[Mac] Computers/Agent: Ability to View the Mac Permission from the Dashboard

This is a feature on request only. Please contact your customer service representative to activate the feature on your instance.

You will now be able to view what Mac permissions are enabled/disabled from the Computers > Computer's Details screen:

Note that the permissions information is only shown if you have an Agent version 24.15.xxxx or higher installed on the Mac. Otherwise, you will see an "old agent version" message.

Improvements

Dashboards: Better UI for the Online Employees Widget

We have updated the ONLINE EMPLOYEES dashboard widget so that it now properly displays all the information in a streamlined way. Previously, it had a wider Location column while other columns like the Time Worked and Activity were narrower.

Also fixed is how the Location column now displays information. Previously, if the city information was missing it would show an " /" at the end of the country name, For example, "Sweden /". Now, if the city is missing, it will show the country name properly without the extra " /".

BI Reports: Changes to the Productivity Overview Report Source

Previously, the Productivity > Overview report would source its own data. From now on, it will use the same data sources used by the BI reports. This will make it synchronized with the BI reports.

If you select today's date, it will show when the data was last synced:

BI/Monitoring Reports: Support for New LinkedIn API

LinkedIn recently changed its API causing the Agent unable to parse the posts. As a result, LinkedIn posts wouldn't be captured or displayed on reports like the BI Reports > Social Media or the Monitoring > Social Media.

We made changes so that the new API is supported and posts will appear as expected:

Session Player: Show Orange Border in Session Player when the Screen is Sleeping

The Session Player will now show an orange border around the video when the screen is sleeping on the monitored computer:

Note that the orange border will not be displayed for a RDP session.

System: Report Export Timeout

We have implemented a report export timeout to the System > Report Export screen. It will automatically cancel an export operation and mark it as 'Failed' if it takes too long:

This will ensure that the export operation runs smoothly without hanging any other tasks in the queue and help us better troubleshoot any export issues.

On-Premise customers will be able to set the timeout by adding the following line to the teramind.config file:

report_export_task_execution_time_limit = num_sec

Where num_sec is the duration in seconds. For example, 10, 30, etc.

Settings: Ability to Disable 2FA if SSO is Enabled (Cloud)

Previously, 2-Factor Authentication was always enforced on Cloud deployments.

Now, you can disable it if you enable the Single Sign On (SSO) authentication. You can configure them on the Settings > Security screen under the Dashboard authentication

section:

If you disable the SINGLE-SIGN-ON AUTHENTICATION and enable the BASIC USER/PASSWORD AUTHENTICATION then FORCE USERS TO LOG IN USING 2-FACTOR AUTHENTICATION will be automatically enabled.

Monitoring Settings: Changes to the File Types Options in File Transfers Monitoring Settings

Recently, we stopped the support for .doc and .xls files for Content-sharing rules. To reflect the change, the FILE TYPES TO TRACK option on the File Transfers monitoring settings was updated:

Settings: Support for Email-Based 2FA Authentication

We have introduced an option to support email-based 2-Factor Authentication. You can enable the feature by turning on the Settings > Security > ENABLE MFA VIA EMAIL option:

You can then enable/disable the email 2FA option from your profile:

For more information and step-by-step instructions, please follow this article.

Settings: Ability to Always Use Email-Based 2FA

Previously, when you enabled the Settings > Security > FORCE USERS TO LOG IN USING 2-FACTOR AUTHENTICATION option only the Authenticator App option was shown to the user.

We have made changes so that when the Settings > Security > FORCE USERS TO LOG IN USING 2-FACTOR AUTHENTICATION and Settings > Security > ENABLE 2-FACTOR AUTHENTICATION VIA EMAIL options are enabled, the user will see both the Authenticator App and Email options to receive the authentication code:

Settings: Loading SSO Settings via the Metadata XML

From now on, the IDENTITY PROVIDER METADATA XML FILE under the Single Sign On Authentication section on the Settings > Security screen will only be used to load the SSO settings temporarily and not saved in the database. If the user edits any of the settings after loading them from the XML file, the user changes will be saved.

Agent: Support for the HTTP/2 Protocol

We have added support for the HTTP/2 Protocol. This will eliminate issues with non-working or partially loaded web pages that use the protocol:

Here are more examples where support of HTTP2 helps:

1. when you tried to access email layouts from the https://docs.google.com/email-layouts/ page, it would show a message, "Trying to connect" or "Reconnecting" and the page would never load:

2. When both the Agent and the Opera VPN Pro were running. The website would return a 403 (Forbidden) error:

At the moment, the HTTP/2 support is activated for a list of web resources. This list can be configured by Teramind Support. Contact them if you need to enable it for any sites.

Agent: Optimized CPU Usage on Non-Persistent VDI

We have made some changes to the input monitor module that's responsible for monitoring keystrokes and mouse input. The changes will improve the CPU usage (<4% - 8%) on a non-persistent VDI.

Agent: Improved System Performance when Registry not Monitored

We have made some changes to the File Driver (tmfsdrv2) that will help improve the performance of the overall system when registry monitoring isn't needed (e.g., when not using any WINDOWS LOG EVENT rules).

Agent: Improved Compatibility with Zscaler

We have made some changes to the Agent so for users of Zscaler this will remove OS performance issues and improve startup time.

Agent: Updated Agent Download Links (Cloud)

We have changed the Agent download links both on the Dashboard and the API.

For more information, please check out this article: How to Obtain the Agent Download Links (Cloud).

Other: Renaming Twitter to X

We have renamed Twitter to X and updated the icon. The changes will be applied to all the relevant reports/settings (e.g., Monitoring Reports, Monitoring Settings, etc.):

Other: Option to Enable a 2FA Trusted Device

We have added an option, Trust this device for 15 days to the 2-Factor Authentication screen. If the option is enabled, you will not be asked for a 2FA code for 15 days:

You will be able to use this option on multiple devices (each with its own time period) and for both Authenticator App and Email authentications.

Other: Changes to the CSP Header

We have made some changes to the Content Security Policy so that it will now block external iframes by default. If you are already using <iframe> somewhere on your website with our dashboard or want to use them in the future, please contact support, and we can add your hostname to the exclusion list.

Other/Settings: Display 2FA Enrollment Timeout

We have added a timeout feature on the 2FA enrollment screen. The user will have to set up the 2FA before this timeout expires:

The timeout value is taken from the Settings > Security > IDLE TIMEOUT field:

If the timeout is expired and the user hasn't set up the 2FA, they will be logged out. The event will be recorded in the System > System Log and the BI Reports > Audit reports as a Logout/Time left event:

Other/Server/Integration: Improved SIEM Load

Previously, the server would create SIEM events in the main “logic" threads but it could take some time and affect the server operations. Also, for example, if the SIEM server was offline or had network issues, the Teramind server could hang/crash.

For this reason, we have moved the SIEM events into their own threat thus reducing the load on the main thread.

Other/Server: Geolocation Improvements

City Detection Accuracy

Sometimes, the Geolocation feature would be unable to detect US cities from time to time. We have integrated new geofence data for cities increasing city name detection accuracy.

Extra Word in City Names

Due to a bug, sometimes some city names would have an additional word, "(balance)" in the city names. For example, Milford city (balance). This is fixed now so the additional word is removed.

Missing Country Names

Due to a bug, some cities would have missing countries:

The bug is fixed now.

Other/Server: Improved Database Connection

We have improved the mechanism of acquiring DB connections and use fewer number of DB connections avoiding performance penalties and potential deadlocks.

This will be especially useful for small customers with 1 allowed DB connection.

Other/Server: Optimized Database Connection During Authentication

We have optimized the DB connection usage time when getting the computer and agent information. Previously, due to the intensive processing during the authentication process, the connection would be held for an unreasonably long time.

Now, the connection will be released as soon as the required queries are executed. This will speed up the process.

[Mac] Agent: Moving Rule Checking from the Agent to the System Extension

We made improvements to how the Agent checks the behavior rules. Previously, it was implemented on the Agent side which in the future (when the Content Sharing rule is implemented) might require full disk access permission. To avoid that, the checking will now be done in the system extension. This will also improve the overall performance of the rules.

Bug Fixes

Time Tracking/Configure/Employees: Unable to Create Tasks Even with the Right RBAC Permission

Due to a bug, if you assigned the right RBAC permission (e.g., Admin) to an employee and then assigned some employees/departments as their targets, the privileged employee would be unable to create any task and assign it to the target employees/departments. It would throw a 404 (Not found/Invalid assignments) error:

The bug is fixed now.

BI Reports: Scheduled Exported BI Reports would be Empty

Due to a bug, sometimes a BI report exported through the BI Report > Export > Schedule Export option would come out as empty:

The bug is fixed now.

BI Reports: Data not Available on the Keyboard/Mouse Activity Widget

Due to a bug, the ACTIVITY (KEYBOARD/MOUSE) widget on reports like the BI Reports > Productivity wouldn't display any data. Instead, it would show an error, "Something went wrong":

The bug is fixed now.

BI Reports: Activities Tracked as "No Task"

Due to a bug, sometimes activities would be tracked as "No Task" while the employee was active. The activity would be shown under the Productive Time and the Input Rate columns on the BI Reports > Productivity report but it wouldn't be shown under the Work Time column:

BI Reports: The "View Classification Profile" Option on the BI Context Menu not Working

Due to a bug, the View Classification Profile option on the grid widget's context menu in the BI Reports > Applications & Websites report wouldn't work. Clicking the option wouldn't do anything:

The bug is fixed now so that clicking the option will display the productivity profile information:

BI Reports: BI Filter wouldn't be Saved

Due to a bug, if you applied any filter on the BI Reports, saved the report, and later refreshed/reloaded the report, it wouldn't persist the filters.

The bug is fixed now.

BI Reports: Time Worked Chart not Rendered Correctly

Due to a bug, the area chart on the TIME WORKED widget of the BI Reports > Productivity report would show dots (instead of an area) if you switched from a single day to multiple days:

The bug is fixed now.

BI/Monitoring Reports: Email Body would Show Unrecognized Text in Monitoring Reports

Due to a bug, sometimes the email body on reports like the BI Reports > Emails or Monitoring > Emailing would show unrecognized/garbled or missing text:

This seemed to happen mostly with Outlook but other email clients might be affected too.

The bug is fixed now.

BI/Monitoring Reports: Outlook Synchronization Log would Show Up on the Emails Report

Whenever Outlook fails to synchronize mail items, it generates a synchronization log.

Due to a bug, this log would be treated as an email event by the Agent and displayed on reports like the BI Reports > Emails, Monitoring > Emailing, etc.:

The bug is fixed now.

BI/Monitoring Reports: Incorrect Printer Name Shown on the Printing Reports

Due to a bug, the Printer Name column on reports like the BI Reports > Printing would show incorrect printer names. The Agent seemed to capture the Driver Name (as displayed on the Windows Print Management app) instead of the Printer Name:

The bug is fixed now.

BI/Monitoring Reports: Repeated Keystrokes not Detected Properly

Due to a bug, if a user held a key, it would be captured only once by the Agent and displayed accordingly on reports like the BI Reports > Keystrokes, Monitoring > Keystrokes, etc.

For the same reason, a rule like the one below to detect repeated keystrokes would fail to trigger:

The bug is fixed now.

BI Reports/Behavior Rules: Improved Time Display in the "Matched Triggers" Column

The Matched Triggers column in the grid widget of the BI Reports > Behavior Alerts report would display fractional time if you had a rule triggered like the one below:

We fixed it so that all times will now be shown as the nearest integers (without the decimal values).

Dashboards: Incorrect Time Zone Shown on the Online Employees Widget

Due to a bug, the ONLINE EMPLOYEES dashboard widget would show the incorrect time (when the mouse hovered over the Activity column). The time would be shown in the computer's local time zone instead of the server time zone (Settings > Localization > TIMEZONE):

The bug is fixed now so that the time will be shown in the server time zone.

Dashboards: Duplicate Employees Shown for RDP Sessions

Due to a bug, when users with the same username connected from different computers via RDP to a terminal server and then minimized or closed the RDP connection, the session wouldn't be closed properly, causing duplicate users to appear on the Dashboards > ONLINE EMPLOYEES widget:

The bug is fixed now.

Monitoring Reports: Instant Messaging Report not Showing Any Data

Due to a bug, the Monitoring > Instant Messaging report would show an error message, "There was an error while fetching data. Please try again later." and the browser console log would show an error 504 (Gateway Time-out):

The bug is fixed now.

Monitoring Reports: Clicking a Snapshot would Open the Session Player on an Incorrect Date

Due to a bug, if you clicked the first snapshot on the Monitoring > Screen Snapshots, it would open the Session Player on the next date:

The bug is fixed now.

Monitoring Reports: Columns on Exported Monitoring Reports wouldn't Translate Properly

Due to a bug, if you exported any of the non-BI reports such as Monitoring > Emailing, Monitoring > Console Commands, Productivity > Overview, etc., the resulting PDF/CSV file would have columns that weren't translated properly. For example, the Employee column would be shown as user_name, the Session Time would be shown as Session_total_time, etc.:

The bug is fixed now.

OMNI: The Date Range on OMNI wouldn't Change

Due to a bug, the report date range in OMNI wouldn't change when you changed it on other reports or vice versa. Also, sometimes the date range wouldn't show any data even though there should be data in that date range:

The bug is fixed now.

OMNI: Long Comments would Disrupt the UI Elements in OMNI

Due to a bug, if you created a long comment (e.g., more than 3,000 characters) in OMNI, it wouldn't render properly:

The bug is fixed now so that the comment box will resize the fit long comments.

OMNI: Some Buttons not Highlighted on Mouse Hover in OMNI

Due to a bug, some buttons like the Team Activity and Filters in OMNI wouldn't be highlighted when you hovered the mouse over them.

The bug is fixed now so that the buttons will be highlighted on mouse hover:

OMNI: Regular Employees Could Access the OMNI Dashboard

By default, the OMNI dashboard is accessible to the main Administrator only. However, due to a bug, if a regular employee was assigned full access control permissions, they would be able to view the OMNI dashboard too.

The bug is fixed now.

Behavior Rules: Unable to Track Dropbox Uploads

Due to some recent changes in how Dropbox handles uploads, the Agent would fail to track them. For this reason, file uploads through the Dropbox app or web wouldn't show up on the BI Reports > File Events, BI Reports > Web File Events, or the Monitoring > File Transfers Reports.

For the same reason, a rule like the one below wouldn't work either:

We made changes so that the Agent will now address the changes in Dropbox and continue to track file uploads.

Behavior Rules: Total Time Focused Rules not Working

Due to a bug, rules based on the Total Time Focused (min) criterion wouldn't trigger for either the Applications or Webpages categories:

In the case of the webpages, the rule would trigger immediately for any webpages. However, it wouldn't trigger for any applications.

The bug is fixed now.

Rules Based on Total Time Active/Idle/Focused wouldn't Work After Auto Update

Due to a bug, total time active/idle/focused counters wouldn't load on Agent startup after the auto-update. As a result, rules that rely on total active/idle/focused times wouldn't work as expected.

The bug is fixed now.

Behavior Rules: Rule Running on a Terminal Server would Stop Working After Some Time

Due to a bug, a rule like the one below would stop working after some time:

This could happen if one or more users exited the session causing the file and network driver to stop.

The bug is fixed now.

Behavior Rules: "Download File Size" Rule Conditions wouldn't Work Sometimes with Cloud Drives

When you download multiple files from cloud drives such as OneDrive or SharePoint, they will pack files into an archive and change the HTTP header. This behavior would make the Agent interpret the file as zero-sized.

This would cause a rule with the Download File Size condition like the one below not trigger:

We made changes to counter this type of behavior by the respective cloud drives so that the rule will trigger as expected.

Behavior Rules: Emails Content Rule not Triggered for the Email Body

Due to a bug, an Emails Content Sharing rule like the one below with a regular expression to detect content inside an email would only get triggered for the email subject but not the email body:

This seemed to affect the Gmail client, but other email clients might be affected too.

The bug is fixed now.

Behavior Rules: Clipboard Rule would Trigger Continuously on TeamViewer Session

Due to a bug, a Clipboard-based rule like the one below would trigger continuously on the client computer when the user copied/pasted any content inside the TeamViewer session window. Only when the user performed any activity on the host computer, the rule would stop triggering:

The bug is fixed now.

Behavior Rules: Clipboard Rule would Cause Paste Error in Excel for Large Data Sets

Due to a bug, when you used a Clipboard-based rule like the one below, it would cause an error when copying/pasting a large amount of data. Excel would show an error message, "The picture is too large and will be truncated.":

The bug is fixed now.

Behavior Rules: Unable to Turn Off Content Sharing Rules when Using Teramind Starter/UAM

Teramind trial license allows you to use all the features including the Content Sharing rules which are only available on Teramind DLP.

However, due to a bug, when you moved from a trial to a Teramind Starter or Teramind UAM subscription, you would be unable to disable any Content Sharing rules turned on during the trial period. You would see a "Not allowed" error message on the dashboard and a 402 error (Payment Required) message in the browser console:

The bug is fixed now so you will be able to turn off any rules irrespective of the subscription you are in. However, if you try to enable any Content Sharing rule while using a Teramind Starter or Teramind UAM license, you will see a "Not allowed" error message and an upgrade window:

Behavior Rules/Configure/Employees: Unable to Edit/Create Rules Even with the Right RBAC Permission

Due to a bug, if you assigned the right RBAC permission (e.g., Edit behavior and anomaly rules) to an employee and then assigned some employees/departments as their targets, the privileged employee would be unable to create/edit any rule and assign it to the target employees/departments (from the User tab). It would throw a 403 (Restricted) error:

The bug is fixed now.

Behavior Rules/Agent: Content Sharing Rules would Cause OneDrive to Stop Syncing Files

Due to a bug, if you had any Content Sharing rules active, it would cause OneDrive to stop syncing files.

The bug is fixed now.

Employees: LDAP Attributes/Groups not Shown on Employee's Profile

Due to a bug, even if the feature was enabled, the Employees > Employee Profile > PERSONAL INFO window wouldn't show LDAP Attributes and Groups information. The bug is fixed now:

Employees: Unable to Update the Employee Profile

Due to a bug, sometimes you might see an error, "Need confirmation with password to do that" when updating an employee's profile:

This could happen if the email address contained any uppercase letters.

The bug is fixed now.

Employees: RBAC without Any Target would Show the Loading Message Continuously

Due to a bug, if you applied an RBAC policy without assigning a target (empty GRANT ACCESS TO field), the user would see a continuous loading screen when visiting pages granted to them (e.g., Alerts, Computers, Monitoring Settings, etc.):

The bug is fixed now so that the user will be able to access to all specified permissions available under the RBAC policy. If they do not have certain permissions for a report or settings, they will see error messages/restrictions as applicable. For example:

  • No policies will be listed on the Behavior > Policies screen

  • "There is no data to display for the selected date range" message will be displayed on various reports (e.g., Alerts, Computers, etc.)

  • Will not be able to change monitoring settings if not allowed

  • etc.

Employees: Enable/Disable 2FA Option not Working

Due to a bug, clicking the ENABLE/DISABLE button on the AUTHENTICATION tab on the employee's profile wouldn't do anything:

The bug is fixed now so it will enable/disable the 2FA.

Employees/System: 2FA Modifications not Captured in the System Log/Audit Reports

Due to a bug, if the user enabled/disabled the 2FA settings, the activity wouldn't be captured in the BI Reports > Audit or the System > System Log report.

The bug is fixed now:


​Computers: Error when Enabling Offline Notifications for All Computers

Due to a bug, if you selected all computers from the Computers screen and then tried to enable the offline notifications option (Computers Action Menu > Enable notify when offline), it would throw an error, "There was an error while fetching data. Please try again later.":

The bug is fixed now.

Computers: Batch Download in Remote Troubleshooting not Working

Due to a bug, when you tried to select multiple log files with the Select all objects that match filters option and then tried to download them, it would return an error:

The bug is fixed now.

Computers/Behavior Rules: User would Continue to Get Locked Out Even After Unlocking Them

If you locked out a user using the Lock command from the Employees screen, or through a rule's LOCK OUT USER action, and then unlocked the user using the Unlock command from the Employees screen, the user would still continue to get locked out and signed out of their computer.

This would happen because the lock status of the user wouldn't get updated when you unlocked it.

The bug is fixed now.

Configure: Switching from List to Role Access Policy would Cause an Error

This bug would appear in the following situations:

  1. Create a New policy button.

  2. Give the policy a name and add an employee to the policy APPLIES TO field.

  3. Change the policy type to ROLE ACCESS CONTROL POLICY and click the SAVE button.

  4. Click the Save changes button.

  5. A Bad Request error will pop up preventing you from saving the policy.

The bug is fixed now.

Configure: Unable to See Shared List Content

Due to a bug, if you started editing/creating a shared list from the Configure > Shared List screen, and then pressed the "back" button, the list would show as empty:

The bug is fixed now.

Configure/BI Reports/System: Changes to the Access Control Policy not Displayed in the Audit Logs

Due to a bug, if you made any changes to the access control policy (Configure > Access Control), the details of the changes wouldn't be displayed on reports like the BI Reports > Audit, or System > System Log report.

For example, if you created a new policy, and then clicked the Click here to view details, it would show an empty window:

The bug is fixed now so that the audit details will be displayed as expected:

Configure/Dashboards: User with the Right Access Control Policy would be Unable to Configure the LIVE MONTAGE Widget

Due to a bug, a user with the right access control policy (e.g., view the live montage widget, play live screen streams, view and create custom dashboards, etc.) would fail to change the MAX SCREENS COUNT IN A ROW setting on the LIVE MONTAGE dashboard widget. The current value wouldn't be loaded.

The bug is fixed now.

Configure/Employees: Issues with Access Control Permissions

Due to a bug, there would be several issues when using the access control permissions.

Unable to Change the User Avatars with the RBAC Permission

A user with the right RBAC permission (e.g., Configure agents, Edit agents avatar) wouldn't be able to change the avatar (profile picture) of a user. It would return an error message, "Error occurred":

Missing Newly Created RBAC Policies

When creating an RBAC policy, it would be created, but it wouldn't show up on the list of policies making it impossible to use it.

Unable to Edit Regular Access Control Policies

Any attempts to create/edit a Regular (List-type) access control policy would return a "Bad request. Some of assignments are wrong." error:

Configure/Employees: User Unable to Assign RBAC Targets

Due to a bug, a user with the right access control policy (e.g., Assign custom roles to agents) would fail to assign any RBAC targets from the employee's profile. No targets would be shown:

The bug is fixed now.

Configure/Employees: Unable to Edit/Create Productivity Profiles Even with the Right RBAC Permission

Due to a bug, if you assigned the right RBAC permission (e.g., Configure productivity profiles) to an employee and then assigned some employees/departments as their targets, the privileged employee would be unable to create/edit any productivity profiles and assign it to the target employees/departments. It would throw a 400 (Profile not found) error:

The bug is fixed now.

Configure/Employees: Privileged Users would Retain Some Permissions After Being Removed from RBAC

This could happen in the following scenario:

  1. Create a role-based access control policy and apply the Select all permissions option.

  2. Apply the policy to an employee from their profile's RBAC tab. The user should now be able to do virtually anything like an Administrator.

  3. Remove the RBAC permission from the user's profile. They should now be returned to a regular Employee status (i.e. no special permissions).

  4. However, due to a bug, the user would still retain some permissions such as adding new employees, changing the Agent default settings, changing alert settings, etc.

The bug is fixed now.

Configure/Employees: RBAC Permissions not Fully Granted to a Privileged User with Department Targets

If you applied the right RBAC permission (e.g., the ability to delete agents, change agent status, etc.) to a privileged user and included a department as the target, the privileged user wouldn't be able to perform all the authorized actions to users under the department. For example, some of the batch actions (e.g., Delete/Restore/Lock/Unlock options on the Action menu) on the Employees report wouldn't work:

The bug is fixed now.

Configure/Employees/Behavior: Privileged Users without the Right Permission Could Edit a Policy

Due to a bug, a privileged user who didn't have the right permission could still access a policy and edit it. This is how the bug worked:

1. The user is assigned a Role (RBAC)-permission, e.g., Configure alerts setting:

2. The user is excluded from a policy by the EXCLUDE FROM POLICY option:

3. The user is able to still access that policy by going directly to the policy link (for example, https://acme.teramind.co/#/behavior-policy/edit/55).

The bug is fixed now so that the user will no longer be able to access the policy either from the Dashboard or through the direct URL.

Configure/Employee/OMNI: Regular Employees Could Access the OMNI Dashboard

By default, the OMNI dashboard is accessible to the main Administrator only. However, due to a bug, if a regular employee was assigned full access control permissions, they would be able to view the OMNI dashboard too.

The bug is fixed now.

Session Player/Monitoring Reports: Session Player would Show SESSION LOCKED Even when It wasn't (Revealed Agent)

Due to a bug, the Session Player and the video thumbnails in reports and widgets (e.g., Monitoring > Screen Snapshots, LIVE MONTAGE widget, etc.) would display the "SESSION LOCKED" message even when the user was active:

The bug is fixed now.

Session Player/Monitoring Reports: Session Player would Show MONITOR OFF when the Screen Went to Sleep

Due to a bug, the Session Player and the video thumbnails in reports and widgets (e.g., Monitoring > Screen Snapshots, LIVE MONTAGE widget, etc.) would display the "MONITOR OFF" message when the monitor went to sleep:

The bug is fixed now.

System: Unable to Download Exported Videos

Due to a bug, some customers would be unable to download videos from the System > Video Export screen. It would show an HTTP error 404 (page can't be found):

The bug is fixed now.

My Account: Support PIN Tab Redirecting to the Dashboard

Due to a bug, if you clicked the My Account >SUPPORT PIN tab, you would be taken to the Dashboards screen:

The bug is fixed now.


Monitoring Settings: Error when Changing the Monitoring States

Due to a bug, if you were using Web version 24.2.1.23801 or earlier, you might see an error 400 (Bad Request) in the browser's console when trying to toggle monitoring on/off for an object:

The bug is fixed now.

Monitoring Settings: DELETE HISTORY AFTER Option not Working Properly

Due to a bug, if you set a value for the DELETE HISTORY AFTER (DAYS) option it wouldn't always work properly. This could happen especially if you had different values set in the Main monitoring profiles (monitoring profile created from the Monitoring Settings screen or the Default monitoring profile), Computer monitoring profile (from the Computers > Computer's Details > Computer's Setting window), and a Custom monitoring profile (MONITORING OPTIONS tab on the employee's profile):

The bug is fixed now so the profile priority will be used as follows:

  • Assignment on computers

  • User profile (including the Custom profile)

  • AD Group

  • Department

  • Default profile

Monitoring Settings/Session Player: Dynamic Blackout would be Delayed Sometimes

When you use any of the SUSPEND MONITORING… settings for any application or website, Teramind will automatically blackout the relevant application window with a black rectangle in the video recording or during the live view mode of the Session Player.

However, due to a bug, sometimes the black rectangle would appear a few seconds later exposing sensitive contents:

The bug is fixed now.

Monitoring Settings/Session Player: Dynamic Blackout wouldn't Work when Switching Windows

Due to a bug, when you switched windows using the ALT+Tab command, it would expose the blacked-out window in the background and the preview:

The bug is fixed now so the window and the preview will be blacked out properly.

Monitoring Settings/Session Player: Delayed Blackout Box when Switching Overlapping Windows

Due to a bug, the dynamic blackout box on the Session Player would be slightly delayed when the user switched from one window to another overlapping window. As a result, sensitive content would be exposed:

This would occur when any of the options under Monitoring Settings > Applications were used:

The bug is fixed now.

Monitoring Settings/Integrations: Monitoring Profile Changes not Sent to the SIEM

Due to a bug, changes to the Monitoring Settings > Monitoring Profile wouldn't be sent to the integrated SIEM solution.

The bug is fixed now.

Settings: Update Status wouldn't Change (On-Premise)

Due to a bug, when you clicked the Update button from Settings > About screen, the update process would start but the status would be stuck at the "Initializing" step:

The bug is fixed now so that the update status will change from "Initializing' to "Preparing", "Updating containers", "Updating databases", etc. as the update progresses.

Settings: Failed to Fetch LDAP Settings

Due to a bug, sometimes you may see an error message, "Wrong request parameters: ldap_port" and a 400 error (Bad Request) in the browser console when trying to fetch/import LDAP settings from the Settings > Active Directory screen:

The bug is fixed now.

Settings: Incorrect Time Zone Shown on the System Health Screen (On-Premise)

Due to a bug, the SERVER TIME on the Settings > System Health screen would show incorrect time. The time would be shown in the computer's local time zone instead of the server time zone (Settings > Localization > TIMEZONE):

The bug is fixed now so that the time will be shown in the server time zone.

Internal Server Error when Viewing the Activity Reports

Due to a bug, if you set the server time zone to some specific location (e.g., America/Ciudad_Juarez) it might cause the reports to not return any data and you would see an error 500 (Internal Server Error) in the browser's console log. This could happen if the internal reporting system didn't support such a time zone.

As a fix, any such time zones will be removed from the Settings > Localization > TIMZONE dropdown box:

Any non-supported, existing time zones will be mapped to the nearest time zones.

Settings: 2-Factor Authentication Changes (Cloud)

From now on, two-factor authentication (2FA) on all Teramind Cloud accounts will be enforced.

If you do not already have 2FA set up on your account, you'll be redirected automatically to set up 2FA once you input your username and password during login:

To learn how to set up the 2FA, check out this article.

Also, as part of the change, the FORCE USERS TO LOG IN USING 2-FACTOR AUTHENTICATION option under the Dashboard authentication section of the Settings > Security screen will no longer be available for Cloud deployments:

Settings: Password Confirmation Dialogue Box not Shown

Due to a bug, when you changed the CONFIRMATION METHOD FOR DASHBOARD CHANGES option on the Settings > Security to "Password", it would sometimes fail to show the password confirmation dialogue box when making sensitive changes to the Dashboard. Instead an error message, "Need password confirmation to do that" would be shown:

The bug is fixed now.

Settings: Incorrect SSO URL

Due to a bug, the IDENTITY PROVIDER AUTHENTICATION URL field under Settings > Security > Single Sign On Authentication section would point to an incorrect URL:

This would happen because the system would read the URL from the metadata XML file (if present) ignoring the manual input by the user.

The bug is fixed now so that the field will use the input provided by the user and not the XML file.

Settings/Configure: Incorrect Processing of Deleted Departments in LDAP

Due to a bug, when syncing with LDAP, if a user's department was deleted before, their department information wouldn't get updated. As a result, these users wouldn't be assigned to any department:

Here's how the bug would materialize:

  1. Import users from a converted AD group (groups can be converted to departments via the Settings > Active Directory > GROUP TO OU ATTRIBUTE option).

  2. Create a custom department with the PRESERVE AGENTS DURING AD SYNCHRONIZATION option enabled.

  3. Assign users from the converted AD groups to the newly created department.

  4. Remove the newly created department.

  5. Do the AD import again.

  6. Due to the bug, users will not be assigned to the AD department.

The bug is fixed now so that users will be re-assigned to the proper AD department.

Agent/Monitoring: Unable to Capture Teams Instant Messages

Due to some recent changes in Microsoft Teams' communication protocol, the Agent would fail to intercept its messages. As a result, it wouldn't be able to show the IM conversations on the BI Reports > Instant Messages or the Monitoring > Instance Messages reports.

We made changes so that the Agent will now address the changes in Microsoft Teams and continue to track instant messages.

Agent/Monitoring: Ability to Detect File Uploads via Drag-and-Drop in WhatsApp

Previously, the Agent could only detect file uploads when you used the Upload (+) button. Now, it can also detect file uploads via drag-and-drop:

Agent/Computers: Support for the Remote Troubleshooting Feature in the Revealed Agent

You can use the Remote Troubleshooting feature with the Windows Revealed Agent now:

Previously, it was only available on the Windows Hidden Agent.

Agent/Monitoring: Windows would Become Unresponsive After Starting Zoom Meeting

In rare situations, the Windows might become unresponsive after 15-20 minutes of starting a Zoom meeting.

The bug is fixed now.

Agent: The Revealed Agent would Stop Tracking Tasks Sometimes

Due to a bug, the Revealed Agent would seldom stop tracking a currently active task. This could happen if you changed the focus from the Agent to other windows multiple times.

The bug is fixed now.

API: Updating LDAP Groups with the API on Separate Servers with the Same SID would Generate Unexpected Results

Due to a bug, updating (using the API command POST ldap/groups/content) one of the LDAP groups with the same SID on different servers would incorrectly set the is_monitored value or move the group from one server to another:

The bug is fixed now.

Other: Emails Not Sorted Properly on the Daily Snapshot Digest

Due to a bug, the EMAILS RECEIVED / SENT section on the Daily Snapshot Digest wouldn't be sorted properly:

The bug is fixed now so that the emails will be sorted by the top senders.

Other: Changes to the 2FA Verification Code Email

We have updated the 2FA verification code email to make it more concise:

Other: Inaccurate Data on the Daily Snapshot Digest

Due to a bug, the Daily Snapshot Digest would show incorrect data. For example, in the following scenario, the email counts for a user, "Lisa Holt" wouldn't match up with the BI Reports > Emails:

The bug is fixed now.

Other: Incorrect Download Link in the Automated Report Export Email

Due to a bug, the download link in the automated report export email (e.g., BI Reports > any BI report > Export > Schedule Export) would contain an incorrect URL. The https part would be repeated twice:

The bug is fixed now.

Other: Daily Snapshot/Digest Email not Formatted Properly

Due to some limitations in the Internet Message Format (IMF), the Daily Snapshot/Digest email would appear to be broken:

We have changed the underlying formatting of the email so that it will account for the IMF limitations and render it properly.

Other: Closing the Upgrade Windows would Take Two Clicks

When you were in a Teramind Starter or Teramind UAM license and wanted to turn on any of the Content Sharing rules, it would show you an upgrade message:

However, due to a bug, closing the upgrade windows would take more than one click on the window close (X) button.

The bug is fixed now.

Other: Expired Trials Would Let Employees View Reports but not Admins

Due to a bug, if your trial expired and you logged in as a normal employee, you would be able to access all the reports. However, if you logged in as an administrator you wouldn't be able to access any reports. Instead, you would see a "Your trial has expired :{" message.

We have fixed the bug and made changes so that both types of users will now see the trial expiry message but an admin will also see an "Upgrade subscription" option:

Other/Settings: User Asked to Change Their Password when Logging In via SSO

Due to a bug, a user who had the Settings > Security > BASIC USER/PASSWORD AUTHENTICATION option disabled and the SINGLE SIGN ON AUTHENTICATION option enabled, would be asked to change their password during login:

The bug is fixed now so that:

  • When the BASIC USER/PASSWORD AUTHENTICATION option is enabled, users will be forced to change their password after an administrator resets it, or after the time set in the PASSWORD EXPIRY TIME (DAYS) field.

  • When the BASIC USER/PASSWORD AUTHENTICATION option is disabled, users will not be forced to change their password when logging in with SSO or LDAP.

Other/Server: Mouse Wheel not Tracked

Due to a bug, scrolls and clicks from the mouse wheels wouldn't get registered. As a result various productivity metrics such as activity, idle time, etc. wouldn't be accurate.

The bug is fixed now.

Other/Server: Redis OVA Bug

Due to a bug, the Redis server was configured to operate in protected mode by. Redis would only allow connections from localhost by default. For this reason, it would be impossible to assemble multimode configuration with dedicated BI or App servers.

The bug is fixed now.

Other/Session Player/Server: Cannot Load Videos on Some AWS Deployments

Clients with an AWS-based deployment with RDS and S3 bucket would see a "Can't load video" error on the Session Player for some users:

The bug is fixed now.

Other/Session Player/Server: Video Frame Stuck

Due to a bug, the video on the Session Player would be stuck on a frame.

The bug is fixed now.

[Mac] BI/Monitoring Reports: Wrong Webpage Title Captured by the Agent

Sometimes the Agent would capture a webpage before it's fully loaded. Due to this bug, if the page title changed once the page was fully loaded, the Agent wouldn't be able to capture the updated title. This would lead to incorrect page titles or previous titles being reported on reports like the BI Reports > Applications & Websites and Monitoring > Web Pages & Applications reports:

For the same reason, Webpages rules like the one below wouldn't get triggered until the user switched focus to the particular tab later:

[Mac] BI/Monitoring Reports: Agent Background Processes would be Captured on the Monitoring Report

Due to a bug, Agent background processes (e.g., systemextensionsctl) would be captured on reports like the BI Reports > Applications & Websites and Monitoring > Web Pages & Applications:

The bug is fixed now so that Agent background processes will not be displayed on these reports.

[Mac] Behavior Rules: Webpage Block Action Unable to Close Browser Tab

Due to a bug, the Block action with a Webpages rule like the one below would fail to close the webpage tab/browser if more than one tab were open. The system would show a close window instead:

This would especially happen with the Opera browser.

The bug is fixed now so that the browser tab will be closed when the rule is triggered.

[Mac] Behavior Rules: Webpage Block Action not Working Properly

Due to a bug, a Block action with a Webpages rule like the one below wouldn't work as expected:

There were two issues:

  • If network monitoring was disabled, the rule would trigger, and close the tab. But the block message wouldn't be shown, and the rule violation wouldn't be registered on the BI Report > Behavior Alerts or the Behavior > Alerts report.

  • If network monitoring was enabled, the tab would be blocked, the block message would be displayed but the tab wouldn't be closed.

The bug is fixed now.

[Mac] Behavior Rules: Total Time Focused not Restored on Agent Restart

Due to a bug, the Total Time Focused would get reset every time the Agent got restarted. It would always set to zero each time the Agent started instead of resetting at the beginning of a new day. For this reason, an Applications rule like the one below wouldn't work properly:

In the above example, if you used the Agent for 20 minutes, quit it, and logged back after 10 minutes, the rule wouldn't trigger immediately as expected. Instead, you would have to wait another 30 minutes (1 hour in total) for the rule to trigger.

The bug is fixed now.

[Mac] Behavior Rules: Rule Trigger not Logged on the Behavior Alerts Reports

Due to a bug, if you created an Agent Schedule rule based on the Idle condition like the one below, it would trigger as expected however the rule violation alerts wouldn't show up on reports like the Behavior > Alerts or the BI Reports > Behavior Alerts:

The bug is fixed now.

[Mac] Behavior Rules: Total Time Active Condition Being Ignored

Due to a bug, if you had a Webpages rule like the one below, it would trigger immediately ignoring the Total Time Active condition:

The bug is fixed now.

[Mac] Behavior Rules: Idle Time Rules would Ignore the Mouse Movements

Usually, the Agent measures active and idle time for both the keyboard and mouse activity/inactivity. However, due to a bug, a rule like the one below would be triggered prematurely even when the user was using their mouse, thus ignoring the mouse activity:

The bug is fixed now.

[Mac] Behavior Rules: Files Rule for External Drives not Working Properly

Due to a bug, if you had a Files-based Activity rule with a Drive=All external drives condition, it would get triggered for all drives instead of just the external drives:

The bug is fixed now.

[Mac] Session Player: Session Time Mismatch with the User's Computer

Sometimes the local time displayed on the user's computer wouldn't match with the time displayed on the Session Player. Also, some parts of the screen wouldn't be updated:

The bug is fixed now.

[Mac] Monitoring Settings: Websites Monitoring not Working if Applications Monitoring was Disabled

Due to a bug, if you disabled Monitoring Settings > Applications, the Agent would stop capturing data for websites too resulting in no web activity data on reports like the Monitoring > Web Pages & Applications and BI Reports > Applications & Websites:

The bug is fixed now.

[Mac] Agent: The Update Window would be Shown for Too Long

Due to a bug, if you had a slow network, the update window might be shown for too long (e.g., 20 minutes or more):

The bug is fixed now.

[Mac] Agent: Slow Performance when Scrolling Chrome Bookmark Lists

Due to a bug, scrolling the Chrome bookmark lists would be slow when the Agent was running. The more the items in the bookmark list, the slower it would be the performance:

The bug is fixed now.

[Mac] Agent: The Agent would Crash During the Auto-Update Uninstall Process

Due to a bug, the Agent would crash/unexpectedly quit during the auto-update uninstall process:

The bug seems to affect Agent versions 24.06.4902 and 24.15.x but other versions might be affected too.

The bug is fixed now.

[Mac] Agent: Repeated Auto-Updates

Due to a bug, the Agent might be auto-updated several times to the already installed version when the cloud was under high load.

The bug is fixed now.

Did this answer your question?