N-central 2022.7.1.44
2022.7 HF1 Release Notes (PDF)
Please be aware that the known issue KUIP-4432 still exists in N-central 2022.7 HF1. If you had the code drop applied for this already or use EDR integrated with N-central, please contact Support before upgrading to this release.
See the 2022.7 Release Notes for requirements and support details.
IMPORTANT – Security Improvements
N-central 2022.7 HF1 provides a major security enhancement which requires additional attention to your N-central network and client environments. Now, the N-central server will require a valid SSL/TLS certificate to be applied. This will include any certificate where the whole chain is validated to a root CA within the system trust store. To support these changes, there are updates to a few screens in the UI, such as the Network Setup page, as well as the Generate and Download certificate page. We also have modified the upgrade process so that if you don’t have a valid certificate in place before attempting this upgrade, you will receive an error message before any database changes are made. As a result, you can try the upgrade again without needing Support to remove a flag.
Agent and probe behavior is also part of the security enhancement in N-central 2022.7 HF1. Agents and probes will not attempt to upgrade to 2022.7 HF1 and beyond unless the operating system of that device recognizes N-central’s certificate as valid. We are also adding the FQDN from the Network Setup page to the top of the Server Address list on the Communication Settings page. This list is still fully editable for individual devices and in the defaults if you desire to make changes afterward.
For new installations of N-central 2022.7 HF1, you will need to provide the FQDN for this N-central server on the initial login wizard page.
Before upgrading to 2022.7 HF1, we strongly recommend reviewing the following KB article to help prepare you for this upgrade. Checklist for upgrading your N-able N-central Server to 2022.7 HF1.
What’s new in N-central 2022.7
N-central 2022.7 is jam-packed with both fixes and new features! Please see below for more information on our new features, and the fixed items list for a list of bug fixes!
Device Management for Apple
N-central 2022.7 is the first to include N-able’s Device Management for Apple solution.
Note:
This is a new service to N-central is for Mac workstations only. The existing N-central MDM for iPhones and iPads is similar technology but a different back-end. The two services will co-exist for some time.
Here’s what Device Management for Apple includes in the 2022.7 release:
User-approved manual enrollment: To bring Mac workstations under management properly, Apple requires that enrollment into Device Management be approved by the user of the device. This cannot be scripted.
Enrollment Helper: to assist with manual enrollment, N-central provides an app that presents your brand – or a friendly name of your choosing – to users and asks them to initiate the process of installing the Enrollment Profile. This can be enabled/disabled across your entire fleet, or on a client by client basis, or one device at a time.
Multi-tenant push certificates: To get started with Device Management, N-central admins must send a CSR from N-central to the Apple Push Certificate portal to get a push cert. N-central includes support for creating a push cert for only specific customers, or globally for all devices. Enrollment Helper can be enabled/disabled with each cert. (Note: this is the same technology as the existing APNS cert in N-central’s MDM for iPads and iPhones – but it is being setup with a different back-end service.)
PPPC profiles for N-able products: once a Mac is enrolled in Device Management, our service automatically pushes Configuration Profiles that grant macOS Security & Privacy permissions for the N-central Mac Agent, Take Control, EDR, Backup and more. (The only one we can’t push is Screen Recording for Take Control because Apple doesn’t allow that permission to be controlled by any MDM, not just ours.) This further streamlines the installation process for new Macs because you don’t need to jump through all the hoops to grant Full Disk Access, Notifications, etc.
Custom Configuration Profiles: Once you have a push cert setup, and devices enrolled, you can upload thousands of configuration profiles – many samples are available in the N-able Automation Cookbook – and push those over the air to your Mac workstations. The configuration possibilities are virtually limitless.
As powerful as this is, it is a first release. Device Management for Apple has capacity for support for MDM Commands (like lock and wipe), support for iPads, iPhones, AppleTVs in addition to Macs, and support for Apple Business Manager and Apple School Manager automatic zero-touch enrollment. Future builds will round out a complete Device Management service for Apple devices. Those features are on their way to N-central in future releases.
In addition to Device Management, work continues on surfacing the benefits of our new Mac Agent. N-central 2022.7 includes a real-time Processes widget in the Overview tab of Mac workstations. And for the first time ever, Mac workstations get a Tools tab – it’s currently only populated with the same Processes table, but will be built out in future N-central releases.
Automation Manager 2.50
Automation Manager 2.50 is now available and included in N-central 2022.7. This version of Automation Manager focuses on bugfixes, including fixes that should help with certain errors in AMP-Based monitoring services in N-central once your agents have upgraded.
In the Designer, we’ve clarified the help articles to indicate SSHv2 is supported for Network Management objects, and we’ve adjusted the branding to match N-central’s default branding. Prompts from Automation Manager will now always be in the foreground, and appear in the center of the screen.
Upgrade paths and notes
IMPORTANT
After the upgrade to N-central version 2022.7, an additional restart of the Windows Agent Service, Windows Agent Maintenance Service, and Windows Software Probe Service (Manually or Scheduled Task) or a full device reboot (not hibernate or sleep) may be required on Windows devices with misconfigured AMP based services in order for them to go back to Normal state.
To upgrade to N-able N-central 2022.7, your N-able N-central server must be running one of the following versions:
View versions:
- N-able N-central 2021.1.0.32
- N-able N-central 2021.2.0.140+
- N-able N-central 2021.3.0.79+
- N-able N-central 2022.1.0.47+
- N-able N-central 2022.2.0.77+
- N-able N-central 2022.3.0.46+
- N-able N-central 2022.4.0.6+
- N-able N-central 2022.5.0.6+
- N-able N-central 2022.5.1.33
- N-able N-central 2022.5.2.35
- N-able N-central 2022.6.0.20+
- N-able N-central 2022.7.0.22+
Note the following when upgrading N-able N-central.
Scheduled Tasks may expire if the agent on an associated device is being upgraded when the task is scheduled to be completed. Agent upgrades are normally short in duration but may be delayed if a restart of the device is pending.
Important
If you are a Partner running N-central in Azure, review the following article to avoid any potential issues with the upgrade to this release. We have identified an issue that impacts our Azure hosted N-central partners. Fortunately, our team has steps to resolve the issue. Before upgrading your N-central server to any supported version, review the following article: How to Identify a Legacy Azure N-central Instance.
Fixed Issues in N-able N-central
Release 2022.7 HF1
| Category | Description | Item |
| Automation Manager | Automation Manager Validate TLS Certificates | AM-3330 |
| Core | Naupdater downloaded to wrong location during upgrade, causing upgrade failure | NCCF-101688 |
| Core | Ubuntu 16/18 Agent incorrectly reporting endpoint as part of SubmitCurrentlyLoggedInUser | NCCF-97372 |
| Core | Cannot find softwareType to upgrade applianceType [Agent] with osid [ubuntu20_64] when attempting to upgrade agent | NCCF-96011 |
| Core | Update N-central to Add Certificate Verification | NCCF-77020 |
| Core | Probe MSI upgrade no longer functional due to lack of credentials | NCCF-15093 |
Release 2022.7
| Category | Description | Bug |
| Automation Manager | AM Object: “Backup Registry”Input Parameters mistake in description | AM-2316 |
| Automation Manager | PolicyExecutionEngine logging to agent.log instead of PolicyExecutionEngine.log | AM-2669 |
| Automation Manager | Input Prompt object doesn’t allow to link input | AM-2677 |
| Automation Manager | Install Software from FTP doesn’t allow SFTP connections | AM-2730 |
| Automation Manager | Add FluentFTP assembly to NC Win Agent and Probe installers | AM-2745 |
| Automation Manager | Pre-Fill The AMP Name When Closing Automation Manager | AM-2749 |
| Automation Manager | Get Events object not returning results for operational logs (e.g Setup) | AM-2808 |
| Automation Manager | Script check failing with error “Exception encountered System.Runtime.Serialization.SerializationException” then automatically resolves itself next check-in | AM-2809 |
| Automation Manager | Make AM able to work when FIPS mode is enabled | AM-2822 |
| Automation Manager | AutomationManager.log displays N-central agent version as 0.0 | AM-2826 |
| Automation Manager | Redesign the “Policy List” Window | AM-2830 |
| Automation Manager | Update The Colors In the Automation Manager Designer | AM-2832 |
| Automation Manager | Create AD user module in Automation Manager | AM-2833 |
| Automation Manager | Map network printer | AM-2836 |
| Automation Manager | Get OS Architecture AMP abnormal results | AM-2840 |
| Automation Manager | Set different AM log level from NC dashboard | AM-2843 |
| Automation Manager | Update the “Close Connection” Object To Support SSHv2 | AM-2846 |
| Automation Manager | Update the “Command Set” Object To Support SSHv2 | AM-2847 |
| Automation Manager | Update the “Enable (Cisco)” Object To Support SSHv2 | AM-2848 |
| Automation Manager | Update the “Get Connection Details” Object To Support SSHv2 | AM-2849 |
| Automation Manager | Update the “Open Session” Object To Support SSHv2 | AM-2850 |
| Automation Manager | Update the “Send Commands and Receive Response” Object To Support SSHv2 | AM-2851 |
| Automation Manager | Update the “Set Terminal Length” Object To Support SSHv2 | AM-2852 |
| Automation Manager | Large Number of Probe Log Files AutomationManager.ScriptRunner64-p[XXXX].log | AM-2853 |
| Automation Manager | M365 automations Failed execution on remote device | AM-2855 |
| Automation Manager | AM object – Get Environment Variable shows error message but it returns correct info | AM-2858 |
| Automation Manager | AM Run PowerShell Script object throws “Exception: Requested registry access is not allowed” | AM-2859 |
| Automation Manager | Improve AM PolicyExecutionEngine-p[%processid].log | AM-2880 |
| Automation Manager | AM prompts open at the top left of the screen | AM-2883 |
| Automation Manager | Automation Manager Agent Service crash when scheduled task run as logged on user | AM-2890 |
| Automation Manager | Fix AM initialization after Shutdown RPC call | AM-2898 |
| Automation Manager | Reboot Prompt Not working when Branding is used | AM-2912 |
| Automation Manager | Prompt improvements: Add check for prompt to always be on foreground | AM-2914 |
| Automation Manager | Script Check failing with Unknown Error (Exception encountered System.InvalidOperationException: There is an error in XML document (0, 0)….) | AM-2915 |
| Automation Manager | Incorrect status for UAC service | AM-2917 |
| Automation Manager | AM RPC server issue: No protocol sequences have been registered | AM-2923 |
| Automation Manager | Automation Manager Object: Reboot Prompt, Exceeded delay time but did not initiate reboot | AM-2927 |
| Automation Manager | Introduce RPC server’s fallback address functionality | AM-2960 |
| Automation Manager | Log cleanup: delete empty log files when log level is ERROR or FATAL | AM-2965 |
| Automation Manager | AM assemblies to 2.50 on NC 2022.7 | AM-2969 |
| Automation Manager | Fix ConfigurationSettings.xml file for thirdparty dll name | AM-2970 |
| Integrated AV | Soft-deleted records are not hard-deleted for a long time | IAV-1052 |
| Integrations | The user having ‘Read Only’ or ‘None’ permissions over DNS Filtering Integration can still deploy or remove the Roaming Client or select a profile in the deployment process | INT-1005 |
| Integrations | Empty profile name allowed | INT-657 |
| Integrations | The DNS Filtering Status remains reported as an active issue in N-central even after RC’s uninstallation (validated after 7 days of RC uninstallation from the client’s machine) | INT-849 |
| Integrations | DNS Filter Trial Experience | INT-854 |
| Integrations | Newly created profiles under NC System levels (SO / Customer / Site) cannot be edited (Content Filters / Block Pages selections) | INT-864 |
| Integrations | Add the DNSF service into Monitoring tab when the device is in Essential Mode | INT-941 |
| Ecosystem Framework | MS Intune integration icon shows enabled even when not being used – Dev Work | KUIP-2898 |
| Ecosystem Framework | Sentinel One agent is not being uninstalled when a Device with EDR enabled is being removed from N-Central | KUIP-2985 |
| Core | The agent version is displayed instead of the server version | CALM-1419 |
| Core | RemoteControlSSHConfigDataUtil.java references a Nable_Wrapper.pl option that does not exist | NCCF-14033 |
| Core | [FEATURE] Device Management for Apple | NCCF-14253 |
| Core | System Error When The System Is Out Of Licenses, And A Licensed Feature Is Added To The Device | NCCF-14388 |
| Core | Deprecate Support For Unsupported Versions of Linux and 32-bit Linux Installers | NCCF-14459 |
| Core | The UserAdd API Returns a “-1” When Password That Doesn’t Meet The Complexity Requirements Is Specified, Instead Of An Actionable Error Message | NCCF-14470 |
| Core | Domain User Management Re-Did A Global Password Reset For A Customer | NCCF-15022 |
| Core | Large amount of temp file in AM temp location cause agent startup delay | NCCF-15125 |
| Core | Deleting a probe does not delete record from device’s “discovering_wsp” | NCCF-15560 |
| Core | Show caps lock on for login password, instead of sending password in reverse case. | NCCF-15595 |
| Core | Locking the “MFA Not Required” Option Isn’t Being Saved | NCCF-15617 |
| Core | Dropdown Custom Property will remain on error state after two empty values | NCCF-16055 |
| Core | The Linux/Mac code sometimes returns 32-bit for 64-bit OSs | NCCF-16219 |
| Core | Incorrect repository capacity is being displayed | NCCF-16323 |
| Core | User cannot create reinstall agent task because probe not assigned | NCCF-16666 |
| Core | Probe HTTPS service: 1. Change X509ChainPolicy.RevocationFlag 2. Change validation logic ignoring error when global error ChainStatus is used for certificate validation | NCCF-17007 |
| Core | Custom Service (SNMP): change Service Identifier and/or Identifier options saves unexpected configuration. | NCCF-17038 |
| Core | Custom Service (SNMP): System Error | NCCF-17040 |
| Core | Settings not retained for Connectivity Service Details when SNMP enabled | NCCF-21344 |
| Core | Improve logging for all Google actions if missing | NCCF-21483 |
| Core | Google IdP Provider: remove the client-id from the error text displayed when NC is accessed by IP | NCCF-22664 |
| Core | Stop Building the Unsupported Agent Installers | NCCF-22822 |
| Core | Remove unsupported Installers From N-central | NCCF-22823 |
| Core | Ensure Existing Deprecated Agent Installers cannot be used to register and activate new appliances | NCCF-22825 |
| Core | Setting Up More than Two Services in a Template, The Service identifier is Not Transferred Correctly | NCCF-24478 |
| Core | Create sysaudit script to collect non-IdP user metrics | NCCF-24846 |
| Core | SSO Providers Google G-Suite – Robot Framework Test Suite Integration: N-central | NCCF-24907 |
| Core | N-Central DMfA Navigation UX | NCCF-26127 |
| Core | Allow sorting by SSO Column | NCCF-27272 |
| Core | 64 bit processes not showing DLLs used | NCCF-28092 |
| Core | Default Filter Created on Site Creation Causes System Errors | NCCF-28386 |
| Core | N-central – Send list of clients to Device Management for Apple (DMfA) UI in iframe | NCCF-29749 |
| Core | Update Permission Definitions and UI for DMfA | NCCF-29750 |
| Core | Create Release request for N-central DMfA for 22.7 | NCCF-29751 |
| Core | Send permission to DMfA for jwt | NCCF-29997 |
| Core | RF5 Fails on evaluation of python os.gettempdir | NCCF-30087 |
| Core | Add missed statistics for event acknowledgement time | NCCF-30801 |
| Core | N-central – Inconsistent ApplicationDeviceId when requesting an DMfA profile | NCCF-30926 |
| Core | Pending events are not cleared out from queue when system gets into a throttle blocking state and eventing is turned off | NCCF-30977 |
| Core | Fix ROLES page when appledevicemanagement Flag is off | NCCF-31011 |
| Core | Scraping: Records are being dropped due to mandatory date fields that cannot be parsed | NCCF-31201 |
| Core | The assigned Variable in postbuils.sh is causing disruption to the URL | NCCF-31456 |
| Core | Database scraping has an issue where concurrent table processing happens and events overlap | NCCF-31458 |
| Core | Logging | Include protobuf event type | NCCF-31573 |
| Core | XMPP related issues | NCCF-32110 |
| Core | UI | Eventproduction | Only sys admin | NCCF-32195 |
| Core | UI | Analytics Splash Message Removal | NCCF-32474 |
| Core | SessionUtils.refreshExpiryForAppliance Triggering Against Eventing When It Does Not Need To | NCCF-32749 |
| Core | IR Stable Main – Devices – Verify System Warranty Service is Added – Fails | NCCF-32957 |
| Core | IR Stable Main: Devices – Verify Log File Is Not Accessible For User With Low Level Access – Fails | NCCF-32958 |
| Core | ElementClickInterceptedException caused by ‘Device Permissions’ Dialog warning “You do not have permission to configure devices. Please contact your administrator.” | NCCF-32980 |
| Core | Google SSO Provider – Create Google SSO Provider page is broken | NCCF-33150 |
| Core | Event controller should reset pending counts on restart | NCCF-33243 |
| Core | Acknowledgement controller should reset pending counts on restart | NCCF-33244 |
| Core | Catastrophic failure of event buffer termination should resetbuffer state and turn off eventing. | NCCF-33245 |
| Core | Batch sender not started error | NCCF-33483 |
| Core | AdvancedReportingUser is getting dropped due to missing role or customer group | NCCF-33484 |
| Core | Live eventing should not stop when backups occur | NCCF-33536 |
| Core | Records are being removed from bufferingEnabledTables variable and causing events to be permanently dropped | NCCF-33765 |
| Core | EventBufferController Can Cause High Garbage Collection | NCCF-33812 |
| Core | Upgrade certificates with proper clientId for NCOD to support DMfA | NCCF-33990 |
| Core | Left-hand menu for “Analytics” needs to show we are Beta. | NCCF-35263 |
| Core | Memory consumption is too high when buffering events | NCCF-35840 |
| Core | Ensure time series tables are not processed for scraping unless within 24h | NCCF-35851 |
| Core | Interrupt exception can cause event processing and/or acknowledgement processing to stop permanently and needs a watchdog | NCCF-36410 |
| Core | NULL pointer error while saving Device settings | NCCF-37224 |
| Core | Agent download labels incorrect | NCCF-38026 |
| Core | Agent installation fails | NCCF-38236 |
| Core | Parent level view – Permission evaluation is not performed for lower levels | NCCF-39485 |
| Core | ScriptDownloadURI’ Version Not Updating After Upgrading of N-central | NCCF-40053 |
| Patch Management CM | Include re-branded PME in the latest N-central | PMCM-715 |
Known Limitations
These items for the current version of the N-able N-central software is composed of material issues significantly impacting performance whose cause has been replicated by N-able and where a fix has not yet been released. The list is not exclusive and does not contain items that are under investigation. Any known limitations set forth herein may not impact every customer environment. The N-able N-central software is being provided as it operates today. Any potential modifications, including a specific bug fix or any potential delivery of the same, are not considered part of the current N-able N-central software and are not guaranteed.
Active Issues
| Description | Bug |
|---|---|
| When exporting a large list of Active Issues items to PDF format at either the System or Service Organization level, the server may fail. Exporting to CSV format does not cause this problem. | 62860 |
Agents and Probes
| Description | Bug |
|---|---|
| Communication issues may be encountered for N-able N-central Probes installed on Windows servers that have multiple NICs. For more information, refer to “KBA20020: Configuring A Server With Multiple NICs” in the online Help. | 67778 |
Automation Manager
| Description | Bug |
|---|---|
| Running Automation Manager Policies created using Automation Manager 1.6 or earlier may result in Failed to create an EndDate … errors if the Policies are run on a computer using a different date format. This issue does not affect Policies created using Automation Manager 1.7 or later. | 65712 |
AV Defender and Backup Manager – D2D
| Description | Bug |
|---|---|
| The About Backup Manager dialog box no longer indicates if the Backup Manager software is licensed. | 68226 |
Custom Services
| Description | Bug |
|---|---|
| Custom services may appear as misconfigured when the system locale of the device is not set to English. For example, in Portuguese the default decimal in c#/.net is not a period, “.”, it is a comma, “,”. If you are having this issue, please contact N-able Technical Support. | 65288 |
Core Functionality
| Description | Bug |
|---|---|
| Installing N-able N-central on Servers that have an Nvidia Video Card Due to a bug in CentOS 7 with Nvidia’s “Nouveau” driver, installing N-able N-central on servers that have an Nvidia video card may result in the N-able N-central console showing a blank screen, or displaying an Anaconda Installer screen with an error message about the video card driver. | NCCF-11842 |
| HDM doesn’t not work with the “Last 5 Tickets” widget. | NCCF-10855 |
| Warranty information might be inaccurate when determining the warranty expiry dates of devices that are not located in the USA. | NCCF-3649 |
| URL with embedded username and password prompts for Java upgrade, logging in manually does not prompt. | NCCF-2415 |
| Chrome 42.x does not support NPAPI plugins which means that Java and Direct Connect will not function with that browser version. When attempting to open remote control connections in Chrome 42.x, users will be repeatedly prompted to install either Java or the NTRglobal plugin with no successful connections made. To resolve this issue, perform the following: 1. In the Chrome address bar, type chrome://flags/. 2. Under Enable NPAPI, click Enable. 3. Restart Chrome. | NCCF- 73359 |
Dashboards
| Description | Bug |
|---|---|
| Modifying a Dashboard that is associated with a large number of services may cause performance issues when using the Firefox browser. | 70326 |
PSA Integration
| Description | Bug |
|---|---|
| In some instances, tickets closed in PSAs are not being cleared in N-able N-central. This is likely because the ticketing recipient profile in N-able N-central has Do not change the Ticket Status selected (in order to manually configure tickets). Then, when the ticket is removed in the PSA, N-able N-central will not be able to update/resolve the ticket’s status and new tickets cannot be created for the same issue. Until a solution is available through the UI for this situation, the work around is to set a Return to Normal status and set a non-used status in the ‘updatable statuses’ section or set the same status as the return to normal one. This will cause N-able N-central to add a note to the ticket on return to normal but will not alter the ticket’s status. This will allow the stale ticket check to remove the ticket from the system. | 65620 |
UI
| Description | Bug |
|---|---|
| After re-naming, the Names of files or Registry entries may not be displayed properly in the File System window and the Registry window of the Tools tab when using Internet Explorer. | 68149 |
| The main N-central login page will fail to load when accessed from the Safari web browser. To work around this issue, please use a supported browser, such as Chrome, Edge or Firefox, or access N-central via https:///login. | NCCF-19768 |
User Access Management
| Description | Bug |
|---|---|
| Login window reappears when new tab is loaded. When already logged into N-central and a user opens a new tab and browses to N-central from this new tab, the login screen reappears yet the user is already logged in. The left hand navigation is functional. | NCCF-29648 |
Customer Support
Contact N-able to activate your N-able N-central server.
| Web Page: | http://www.n-able.com |
| Technical Support SelfService Portal: | https://success.n-able.com/ |
| Phone: | Toll Free (U.S./CAN): 1-866-302-4689 International: +800-6225-3000 Local: (613) 592-6676, select option 2 for support |
Download release notes
For a PDF version of the latest release notes, or to view historical release notes, please use the following link: