Thursday, 22 October 2020

Studentnet Cloudwork V37 Release Notes: Account Provisioning - Improved Visibility and Control

Studentnet is pleased to advise that our latest version 37 is now available for release and deployment at schools.


V37 is a major new release delivering significant improvements to our existing account provisioning functionality. Our objective was to increase the visibility of the provisioning configuration to school IT administrators. At the same time we have aimed to increase the control of the provisioning process to those administrators.

Delivering V37 has improved the communication and control architecture between the on premises Cloudwork Identity Node(CwIN) and the Cloudwork Identity Manager(CwIM) located at Studentnet.

Please find below the V37 release notes.

V37 New Features

  • Account Provisioning Sync Profiles can now be created and controlled from the Dashboard
    • display existing data attribute from the management system account source to the network directories and services
    • edit and create new attribute mappings
    • manually execute provisioning process: in read only report and test modes as well as production modes
    • realtime updates to provisioning configuration
    • more flexible scheduling of provisioning processes
  • To create a new Active Directory sync profile follow this breadcrumb: Home>Sync Profiles>New Provisioning Sync Profile

V37 Bug Fixes

  • Fixed an issue affecting changing expired passwords
  • Fixed an issue that occasionally prevented logos and background images loading correctly
  • Improved user experience when editing Attribute Maps for SSO services
  • Changed cookie behaviour to enable Cloudwork to continue to work in iFrames under new browser policies
  • Other bugfixes and improvements
All new implementations of provisioning at schools will be on the V37 architecture. Schools utilising V36 account provisioning will need to schedule an upgrade. To do so please either lodge a support ticket or send an email to support@studentnet.net.

Thank You

The Studentnet Team
--
STUDENTNET® - ANZIA Awards 2011 Privacy Finalist
                            Highly Commended: Australian Privacy Awards 2008
Information Desk info@studentnet.id studentnet.id                Tel +61 2 9281 1626
Suite 1, 89 Jones St Ultimo NSW 2007 Australia                            NOC +61 2 9281 3905
ABN:90 001 966 892

_____________________________________________________________

q Reduce, Reuse, Recycle  | P Please consider the environment before printing this e-mail

Copyright © 2020 Studentnet®
Studentnet®, Cloudwork®, Make the Cloud yours®, The Studentnet® logo, and Isonet® are registered trade marks 796793, 1550282, 1480792, 799597, and 1022051, respectively, of Twin-K Computers Pty Ltd. All other trademarks, trade names or company names referenced herein are used for identification purposes only and are the property of their respective owners.
Studentnet is a wholly owned subsidiary of Twin-K Computers Pty Ltd, ABN 90 001 966 892
--
Thank you for your interest in Studentnet's Cloudwork and IdentiLab identity management solutions for school education.
 

Studentnet Cloudwork V36 Release Notes

Studentnet is pleased to advise that V36 has now completed internal testing and testing with our beta test schools. V36 is now available to be deployed at all schools.

Please find below a brief description of newly available improvements in our V36 release.

V36 New Features

  • Sync profile settings to allow more control of Organisational Units when importing users into Cloudwork
  • Allow password reset to use email if logging in with email is enabled
  • Password complexity rules when creating users, changing passwords in CloudworkID, resetting passwords etc. For more information, Please visit our Cloudwork wiki here: https://wiki.studentnet.net/index.php/Password_Complexity
  • Cloudwork will now respect password reuse rules in AD
  • Changing Theme settings will now show in reports
  • Hide users from the global contacts list in Google when suspended in Cloudwork if the setting is enabled
  • View Cloudwork status via Link in the Dashboard Help page
  • Google Classroom option to prevent deleting teachers
  • Added Deleted group actions to Group Sync Profiles

V36 Bug Fixes

  • Features like "Remember Me" and changes to log in theme did not work as expected
  • Unicode characters for different languages in message templates didn't work as expected
  • Longer welcome messages didn’t work as expected
  • Fixed a bug that prevented users from enabling MFA if recovery mobile has formatting
  • Other minor bug fixes and improvements

Wiki Updates

We have added documentation on the following topics to our wiki:

Also documentation for the following services has been added or improved:

A scheduled deployment program has commenced. Please advise if you have special deployment requirements.

Deploying to V36 involves a brief outage of 1-2minutes during which new sign ins are not completed. Existing signed in sessions are not affected by deployment.

To schedule a time for your school's instance upgrade please submit a support ticket or email your request to dlim@studentnet.id.

Thank you

The Studentnet Team
--
STUDENTNET® - ANZIA Awards 2011 Privacy Finalist
                            Highly Commended: Australian Privacy Awards 2008
Information Desk info@studentnet.id studentnet.id                Tel +61 2 9281 1626
Suite 1, 89 Jones St Ultimo NSW 2007 Australia                            NOC +61 2 9281 3905
ABN:90 001 966 892

_____________________________________________________________

q Reduce, Reuse, Recycle  | P Please consider the environment before printing this e-mail

Copyright © 2020 Studentnet® ,  
Studentnet®, Cloudwork®, Make the Cloud yours®, The Studentnet® logo, and Isonet® are registered trade marks 796793, 1550282, 1480792, 799597, and 1022051, respectively, of Twin-K Computers Pty Ltd. All other trademarks, trade names or company names referenced herein are used for identification purposes only and are the property of their respective owners.
Studentnet is a wholly owned subsidiary of Twin-K Computers Pty Ltd, ABN 90 001 966 892

Privacy Notice: You have received this email because you or your school are users of NextMail or Studentnet services. If you wish to unsubscribe from this list you can do so by either replying to this email requesting to be unsubscribed or by visiting the link at the bottom of this email. Thank You.
--
Thank you for your interest in Studentnet's Cloudwork and IdentiLab identity management solutions for school education.

Thursday, 9 May 2019

Cloudwork V30 & V31 Release Notes

Welcome to Term 2 of the 2019 school year.

The Studentnet development team has been hard at work releasing two new releases for Cloudwork so far this year being V30 and V31. Our continued aim is to increase your degree of control of your network via new features and user experience improvements in the dashboard. Please find below a brief description of newly available improvements in our V30 and V31 releases.

V30 New Features
  • Deleted User Action has been added to email sync profiles. You can now delete or suspend users that existed in the previous CSV file this profile processed, but is not in this one
  • Added Compromised Password protection settings. It is now possible to prevent users from choosing new passwords that are known to be compromised.

    One of the most common sources of compromised accounts these days is password re-use across different services. The "Have I Been Pwned" project is an enormous aggregation of data collected from data breaches of all stripes. The database currently stands at 551,509,767 real passwords that have been exposed via data breaches, and Cloudwork can now take advantage of this data to help protect our users.

    When a user changes their password through CloudworkID or "I forgot my password", or an administrator changes it for a user through the Cloudwork Dashboard, the compromised passwords check will take the new password and compare it to a list of known compromised passwords, and return an error message informing the user that they have chosen an insecure password. This feature can be turned on or off via the Cloudwork Dashboard, and can be configured to use a threshold, and only reject passwords that show up in the compromised data more often than the configured threshold.
V31 New Features
  • Admin Roles can now be assigned to Groups in addition to being able to assign to individual accounts
  • Bulk Welcome Messages can now be sent to many users(groups, org units, email addresses matching a pattern etc) from the Cloudwork Dashboard
  • CloudworkID settings can now be customised per Org Unit. This includes:
    * CloudworkID Look and Feel settings can be configured per Org Unit
    * CloudworkID enabled features can be configured per Org Unit
  • Compromised Passwords settings can be configured per Org Unit
  • Password Reset email templates can now be customised per Org Unit
  • When uploading a User CSV file, an Org Unit can now be targetted for these uploaded users
User Experience Improvements
  • Reports are now more flexibly filtered when searching by users or events
  • Provisioning Reports can now be filtered by Sync Profile
  • Search form added to SSO Services view
  • Message Templates can now be deleted
  • From address can now be changed in SMS Templates
  • Various bug fixes:
    * Fixed a bug that prevented administrators from uploading new logos and background images
    * Fixed a bug where administrators could enable "send welcome messages" without selecting a message template
If you wish to access any of these new features, your Cloudwork instance will need to be updated to V31. We will be commencing individual instance upgrades starting in May, 2019. To schedule a time for your school's instance upgrade please submit a support ticket or email your request to support@studentnet.id.

Looking forward to working with you through 2019 - Thank you

The Studentnet Team
--
STUDENTNET® - ANZIA Awards 2011 Privacy Finalist
                            Highly Commended: Australian Privacy Awards 2008
Information Desk info@studentnet.id studentnet.id                Tel +61 2 9281 1626
Suite 1, 89 Jones St Ultimo NSW 2007 Australia                            NOC +61 2 9281 3905
ABN:90 001 966 892

_____________________________________________________________
q Reduce, Reuse, Recycle  | P Please consider the environment before printing this e-mail

Thank you for your interest in Studentnet's Cloudwork and IdentiLab identity management solutions for school education.
 
Studentnet®, Cloudwork®, Make the Cloud yours®, The Studentnet® logo, and Isonet® are registered trade marks 796793, 1550282, 1480792, 799597, and 1022051, respectively, of Studentnet(ABN 90 001 966 892).
All other trademarks, trade names or company names referenced herein are used for identification purposes only and are the property of their respective owners.

Studentnet is a wholly owned subsidiary of Twin-K Computers Pty Ltd, ABN 90 001 966 892


Copyright © 2019 Studentnet®
---
You received this message because you are subscribed to the Google Groups "CloudBurst Newsletter" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cloudburst+unsubscribe@studentnet.net.
Visit this group at https://groups.google.com/a/studentnet.net/group/cloudburst/.
To view this discussion on the web visit https://groups.google.com/a/studentnet.net/d/msgid/cloudburst/0c995692-f2b3-de04-1372-5a89e9d32547%40studentnet.net.
For more options, visit https://groups.google.com/a/studentnet.net/d/optout.
--

Tuesday, 15 January 2019

Studentnet Cloudwork V29 Release Notes

The Cloudwork team welcomes you all to a New Year. We're sure that you are all preparing for your new 2019 enrolling year.
Our team has been hard at work introducing many new features and user experience improvements in the dashboard. Please find below a brief description of newly available improvements in our latest release - Version 29.
V29 New Features
  • Added a notification system to the dashboard screen enabling Studentnet to easily deliver important update information to Cloudwork Administrators
  • Contents of Password Reset SMS messages can now be controlled via Message Templates
  • "Require password change at next login" feature exposed on Password Change screen in admin
  • SMS-based Multi factor Authentication can now be enabled for a user from the Cloudwork Dashboard
  • Support SSL connections in Email Sync Profiles, meaning Email Sync Profiles can now connect to a wider range of in boxes
  • New configuration option in Email Sync Profiles enabling users to be placed into a specific Org Unit
  • Extra details are now available on the IdP Details page, allowing administrators to easily discover certificate fingerprints
User Experience Improvements
  • The "Download" button in Reports now handles the report generation asynchronously, allowing much larger reports to be successfully  generated
  • Cloudwork Dashboard will now show a red error message if a group sync is attempted with a bad LDAP search filter
  • Relaxed form processing rules for SSO Services that don't have signing certificates or logout URLs
  • Removed `required` tags from some form fields, to make editing SSO Services easier
  • Help page now links to the Wiki
  • Sidebar menu will stay in its current state between page transitions
  • The Login Theme form has been broken down into smaller, more easily managed forms
  • Various bug fixes
If you wish to access any of these new features, your Cloudwork instance will need to be updated to V29. We will be commencing individual instance upgrades starting in February, 2019. To schedule a time for your school's instance upgrade please submit a support ticket or email your request to support@studentnet.id.
Looking forward to working with you again in 2019 - Thank you

Thursday, 6 September 2018

Advisory: NTLM Abuse Mitigation

NT Lan Manager (NTLM) authentication is currently being abused to harvest user credentials, so CERT Australia has prepared a list of recommendations for techniques to mitigate NTLM abuse.

CERT Australia is now part of the Australian Cyber Security Centre(ACSC) of the Australian Signals Directorate(ASD) section of the Department of Defence.

Wednesday, 16 November 2016

Advanced User Upload Usage

The user upload feature is not new, it has been in operation many years. We have recently looked at it's capabilities and decided to update what it can do in our dashboard.

Let's look at what it currently does.


You can upload a CSV file to create or update multiple accounts at once.


Your CSV file must contain the following headings: 

Email,User Name,First Name,Last Name,Password,Role

For example:

Email,User Name,First Name,Last Name,Password,Role
principal@example.edu.au,principal,School,Principal,pri2009,teacher
joeblogs@example.edu.au,joeblogs,joe,blogs,joe2009,teacher
a.student@example.edu.au,SN1234,Alfred,Student,as2010,student
 
The following email accounts will be created:
  • Username: principal
    Password: pri2009
  • Username: joeblogs
    Password: joe2009
  • Username: SN1234
    Password: as2010
Valid roles must be chosen from the following list:
  • Student
  • Alum
  • Teacher
  • Parent
 

This has been pulled directly from the dashboard so no new information there.

All of these values are the same and remain required information.

The Let's look at the additional fields that we have added.

Recovery Phone

This is the phone number that is used in password reset. As with the other headings it must be put exactly as above. This field is not compulsory and may be left out if it is not required.

Recovery Email

 This is the email address that is used in the in password reset. As with the other headings it must be put exactly as above. This field is not compulsory and may be left out if it is not required.


Additional Attributes

This is where things can get a little more interesting. You can now add additional attributes to the import and will will import them into the Custom Attributes for the user. This can be useful when having to bring additional information for a user that needs to be sent to the service provider, but doesn't quite fit in the existing categories. For example StudentID, SynID etc

These are not compulsory and can be left blank for the users that do not have such a value.

If we look at what this might look like in a spreadsheet





This will create a record as normal with the below attibute
User Name: principal
Email: principal@example.edu.au
First Name: School
Last Name: Principal
Password: pri2009
Role: Teacher

With the new attributes this will also add

Password Reset Recovery Email: othermail@gmail.com
Password Reset Recovery Phone: 0412345678

Another attribute will be created:

SynID: 314159

Once the user logs in, all the normal attributes will be created and sent to the service provider, additionally this user will have SynID sent. NB Password reset information is NOT exposed to service providers.

So when the user is created all the information about the user is already there without need for further interaction.

Conclusion

Just to make things clear on these new attributes, they can be left blank for users that they do not apply, or just simply not included in the import.

Remember these imports can be run as scheduled imports through the sync profile interface.