May 2016 Release Notes. Agiloft Version 6 R8.6

Number of Items:
Category :
Number of Items:
1561 Google Oauth2.0 SSO additional hotlink keys Google OAuth SSO 2.0 can now be accessed through a number of additional hotlink URLs which can open the KB in a specified state.

The syntax to open an OAuth 2.0 KB is:


To open the KB through hotlinks, the syntax will look like the following examples:

1572 Email templates now accept variable chains

When adding variables in email templates, the Formula wizard now allows the use of variables from a chain of linked records, which will resolve correctly in an email for a record in the current table.

A new drop-down has been added to the Fields tab of the Formula wizard, which displays all of the variable links in the current table.

Selecting a field from the drop-down will refresh the screen with the linked table's list of variables. The breadcrumb trail of links is shown at the top of the view. Variable names include the entire path of linked fields.

For example in the following image, $creator_login.company_account_rep.account_login contains the variable account_login from the Company table, linked through company_account_rep in the Person table, which is linked from creator_login in the Department table.

1626 Entity Set wizard rework

The Entity Set wizard, which can be accessed by navigating to Setup > Sync > New > Entity Set, has been updated to make it easier and faster to work with entity sets, particularly in large KBs.

The most common operations can now be performed with a single click with four new buttons:

  • Add All Entities: Adds all entities from the current KB to the entity set.
  • Add Empty Table: Opens the Entity Set import wizard, with a list of tables in the current KB. Selecting one will explicitly add the table with no fields or other entities to the current entity set.
  • Add Table and All Fields: Opens the Entity Set import wizard, with a list of tables in the current KB. Selecting one will explicitly add the table with its fields to the current entity set.
  • Add Table and All Entities: Opens the Entity Set import wizard, with a list of tables in the current KB. Selecting one will explicitly add the table, its fields, and other entities (e.g., saved searches) to the current entity set.

In the Tables section of the Entity Set wizard, clicking the Customize button next to a table opens the Customize Table Entities wizard. You can select all necessary fields from the list and click the Add Entities, Remove Entities, Make Explicit and Make Implicit buttons to change the fields accordingly.

The entities that are contained under the various sets, such as Choice Lists, ColorScheme Lists and so on, are collapsed by default. Clicking Show All/Collapse All will expand or collapse the list of entities in the set.

Multiple entities can be selected to perform the same operation on many of them at once. In addition, the list can be sorted by the Label, Status and Type columns by clicking the column header. If you select entities and then leave the wizard without performing an operation on them, a confirmation message will appear.

In addition, the Fields tab in the Table and Customize Table Entities wizard displays a Data Type column, and linked fields from the same set are now grouped together.

1627 Import and Export actions support SFTP

When configuring Import and Export actions, SFTP URLs are now supported.

In addition, the Destination tab of the Export wizard contains a Private key authentication option with User and Private key fields.

1629 JDK upgrade The Java Development Kit (JDK) was updated to the latest version of Java. This includes the Go Daddy G2 Secure Certificate Authority.
1637 Set user preferences by team

It is now possible for admin users to apply a set of default Preferences to Teams. Added a new Apply settings to Teams section at the bottom of Preferences tab, available in the left pane under Home > Preferences.

Once the preferences have been set in this window, select teams from the list and click Apply To. The preferences will be set for users whose primary team was one of the selected teams, and new users will inherit the primary team settings until the user saves over the defaults. Applying preferences to a team will not affect any users who have already set their preferences manually.

Note: The Apply To button does not save preferences for the acting user, it only applies the settings to teams. You must click Finish to save the user's preferences.

1639 Email hotlink are based on User's Authentication method

Different users of a single Agiloft knowledgebase (KB) can independently use one of the following SSO methods to log into Agiloft via email hotlinks:

  • CAS
  • SAML 2.0
  • OAUTH 2.0
Now, when the email processor composes the email, the system looks up the user and pulls in the user’s encrypted login and password, as well as their authentication method. Based on all this information, the email processor modifies the hotlink URL to the SSO URL if it is anything other than standard. This way, the hotlink contains the proper authentication method when the email is received.

In order to implement these changes we added a choice field to the Contacts table that indicates the SSO Authentication Method for the user. This field is required, and its default value is Standard.
Available values are:
  • CAS
  • OAUTH20
  • SAML20
Whenever a user logs in to Agiloft via SAML / OAUTH / CAS the system updates the field value automatically during the login process. If the user does not exist, and was created automatically via SAML, the SSO Authentication Method field contains the value SAML20.

When a user clicks an email hotlink, the system redirects user to the appropriate SSO URL.

1640 ClamAV can be downloaded during installation; updated daily signatures Agiloft can be used with ClamAV antivirus software to scan attached files. When installing Agiloft, it is now possible to download ClamAV.

The option may be selected during installation via the GUI or the command line. For command line installation the -V option is used to enable ClamAV.

JBoss uses the following parameters:
-DAntiVirusUtils.virus-detector-class=com.supportwizard.utils.av.clam.CommandLineVirusDetector -DCommandLineVirusDetector.command-line="D:/Agiloft/ClamAV/clamscan.exe" -DCommandLineVirusDetector.temp-dir="D:/Agiloft/tmp/av"

Note: This only applies to files attached to records from within Agiloft, and has no effect on the rest of the operating system.

In addition, ClamAV signatures are now updated daily at 8pm server time.

Note: The update will only happen when ClamAV is active in the Agiloft instance. The following variable must be defined:
1641 User provisioning through SAML in Agiloft It is now possible to create a user in Agiloft automatically in cases where the user was created in SAML, and logged into Agiloft via SAML.

To support this functionality, the following changes were made in SAML setup, which is available via  Setup > Access > Configure SAML 2.0 Single Sign-On:

Added new options to the General tab:

  • Create SAML IdP Authenticated user in Agiloft. 
  • Add the user to the Table/Subtable shown below:

Also, options were added for the system to check and update user attributes received in a successful SAML response. This will enable you to create new users in Agiloft automatically, and update user records on each login with the data provided with the SAML request. To configure these options, two new tabs were added to the SAML wizard: User Group Mapping and User Team Mapping.

The options in these tabs handle the setting of groups and teams for users who log in through SAML. Group membership may be either received from a SAML response and mapped to the Agiloft group according to the attributes, or the user may automatically be added to the defined default group. Primary Team and Team membership definitions have similar configuration options. Group and Team membership may be either updated or not on subsequent logins, depending on the configuration option.

Added a User Field(s) Mapping tab which defines how to map SAML attributes to Agiloft user fields. If a field is a linked field or choice field (such as Department, Manager Name, Employment Status), and the value mapped from SAML is not a valid value in Agiloft, the SAML value will be ignored.

1643 Changed buttons in the default action bar for new tables Changed the default action bar for newly created tables.

Now, the placement of the Quick Edit buttons Save All Changes and Cancel All Changes is next to Mass Edit in the default action bar for new tables, and their wording is changed to Save Changes and Cancel Changes. There were no changes in existing tables or the direct edit functionality.

1646 Optimized display for Link to single field Previously the display type "Multiple value box with pop-up search," used for a Link to single field, wasted too much space on the record screen if few or no options were selected.

Optimized the display to be limited to 2 rows high when between 0-2 items are selected.
1650 Multiple OAuth 2.0 profiles supported OAuth 2.0 SSO now supports multiple profiles per KB based on predefined roles. It is possible to create one profile per role in a KB. Currently the following roles are available:
  • Oauth20_SSO
  • Google_APPS
For a profile with the Oauth20_SSO role, Agiloft automatically authenticates login requests that are trusted by an OAuth 2.0 Identity /Auth Provider.
1653 Email hotlinks now support different login methods In order to improve email hotlink functionality we introduced a new Hotlink Type global variable, which is available in the staff interface via Setup > System > Manage Global Variables. Permitted values for this variable are:

  • CAS
  • SAML20
  • OAUTH20

The default value is STANDARD.

If the variable is added and customized, hotlinks in emails are generated for use with the selected single sign-on (SSO) login method. In other words, the user may now click the email hotlink and log in via Google SSO if the new variable has the value OAUTH20 and the OAuth 2.0 profile is properly configured for SSO.

Note: the Hotlink Authentication options in Setup > Access > Configure Hotlinks do not apply with OAUTH20 or SAML20, since the authentication is handled by third party Identity Providers (e.g. Google for OAUTH20).
1659 Import action options for emailing log files

A new option in the Import action wizard sets whether emailed import logs are sent as attachments or in the body of the email.

Note: The second option is preferable in cases where incoming emails with scheduled import logs are stored in a separate table.

The new option appears on the Data Source tab of the Import Action wizard, below the Email log file to field:

1661 Option for including attachments when forwarding discarded emails In the Access tab of the Inbound Email wizard, which can be accessed via Setup > Email > Configure Inbound Email > Create or edit an email account > Access tab, a new option was added: Include attachments when forwarding discarded emails.

When this option is selected, any attachments included with an email discarded by the system are sent with the discarded email to the forwarding address. Previously, attachments were stripped from discarded emails. This option is deselected by default.

1662 New Activity Log events Added two new events to the Activity Log:

1. Login Failed - track when the user tries to log in and it fails to create a seance due to password mismatch, LDAP returned failure, or any other issue.
2. Login Disabled - track when user's login is disabled due to repeated unsuccessful login attempts.

These events may be selected for recording via Setup > System > Configure Activity Log, then edit any rule or create a new one.
1664 Email option to disable inbound checking

In the Account tab of the Email wizard, accessed via Setup > Email and SMS > Configure Inbound Email > [Edit or create a new email account] > Account tab, a new Activity section was added. The options in this section set whether to actively poll the account for emails.

If the Disable this account option is selected, the system stops trying to log in to the account to retrieve emails. The inbound email for this account is turned off until it is manually turned back on. The option to disable email polling is especially useful in cases where the system is being configured, and a temporary account is being used.

1667 JSON export and import actions

Agiloft data export and import now supports the JavaScript Object Notation (JSON) format. To support this, changes were made in both the Import and Export wizard, and in Import and Export actions. For more information on JSON, see here.

Data can now be exported in the standard JSON format, as a set of name/value pairs consisting of the Field Name and Value. The value is a number for numeric fields and a string for text fields or choice values.

The order of the fields in the GUI is independent of the order in which the value pairs are returned. For example, if the following fields are selected:

  • ID
  • Assigned Person
  • Status
  • Type of Issue

The result might be:

{"id":"418","priority":"High","wfstate":"Closed","type_of_issue":"Question","assigned_person":"Christopher Caldwell"}

In addition to supporting the standard data format, it is also possible to export data using a custom format, which consists of key/value pairs with a colon separating each key from its value and a comma separating each key/value pair. Both the key and value can be formula expressions.

1669 Email Process Monitoring

In order to improve email processing, users can now configure notifications in cases where the status of Quartz changes. This new feature is available in the admin console via Setup > Mail Daemons.

Users can choose to send an alert to a specified email if Quartz fails or stops, at a defined hourly period. It is possible to select 'failed' or 'stopped' or both states.

The notification email will be sent directly, without going through the pool/queue.
Note: No notification is sent if no email address is entered.
1670 Support for Initial Here DocuSign tab When the print template contains a "$docusign:InitialHere::InternalSigner" string, where InternalSigner can be replaced with the role name of any recipient, DocuSign will create an Initial Here tab that automatically puts the recipient's initials into the document.

For more information on the Initial Here tab, see here.
1677 Replaced RC4 encryption algorithm The RC4 algorithm, used for encrypting and decrypting secure hotlinks in emails, has been replaced by RSA 4096 with AES 256 bit encryption.
To avoid service interruption, we introduced a new variable 'days_to_support_rc4_key'. This variable defines the number of days to continue support of RC4 key based decryption for hotlinks generated before the RSA migration. Its default value is 31 days.

Note: After applying the RSA migration patch, all members of the Admin Team will receive an email notification that support for old hotlinks created using RC4 algorithm will be active for a limited period of time.
1679 DocuSign Connections available through IIS Previously the DocuSign endpoint was not accessible for Agiloft instances with IIS integration. Now Docusign connects through IIS.
1680 Use a saved search to a related table within a print template Added the ability to apply a saved search to a related table within a print template.

Users can specify a related table name with a saved search in the print template, using the following format:


Category :
Number of Items:
105 Error when calculating working hours in conditions Fixed SoD error that could occur when saving records if a filter in an update action tried to calculate the team's (non)working hours and failed to do that because the Team's working hours were undefined.

Now, the system will prevent users from saving an invalid condition in if-then-else actions: an error message will appear stating that the selected team has no working hours defined.

Additionally, if an invalid filter is applied during an if-then action, the search will ignore the invalid condition. For instance, if a team previously had non-empty working hours and those working hours are later set to empty, then any rule based on the team's empty working hours is triggered as if the 'Limit by working hours' option is NOT selected.
1632 Improved sync conflict resolution Improved the sync conflict resolution logic in cases where the source and target KBs have fields with the same names but different types.

Now, transferred fields will correctly replace old fields in searches and rules, and references to obsolete fields are not kept. Old fields may be removed afterwards without any damage to the transferred rules and searches.
1633 Conversion error after Workflow State rename Resolved an error on conversion in cases where one of the workflow states was renamed, and the system failed to map the new state to a corresponding value on conversion.

Now, the new workflow state name is properly resolved and there are no errors during record conversions in the same table after a workflow state rename.
1634 Global variable: lock_expiration_time registry

Corrected registry information for the lock_expiration_time variable. Previously the 'seconds' definition was measured in 'Units', but the correct unit for this variable is 'minute'.

Now, the registry information for the lock_expiration_time variable uses 'Minutes'. For example, if a variable has value '60' then the record lock expires in 60 minutes, after which the record is released (if it has not already been released through a Save, Cancel, or close browser action).

1644 Fixed exception when adding entities to an entity set Fixed an error which appeared occasionally when adding entities to an entity set; some users experienced an SoD.
1648 Error when using Context in searches Fixed an error which occasionally appeared  in cases where the user performed a search in attached files and content with the Context option enabled.
1649 Diacritical characters in emails Corrected the distribution of reports and charts via email in cases where the report/chart contained diacritical characters.

Now diacritical text is translated correctly, without being converted into codes.
1651 Validation actions translation support Improved multi-language support for validation actions.

Now a validation action can display errors in the user's selected language. In other words, the same validation action may display an error in English for users logged into the English interface, and in French in cases where the user selected French.
1652 ADFS 2.0 support Agiloft SAML now supports Active Directory Federation Services (ADFS) version 2.0 and 3.0.

For more information about ADFS, click here.
1654 Error on Salesforce sync Fixed an error in Salesforce sync, which occurred when a mapped table name used an underscore character (_).
1656 Concat function for Choice fields Fixed incorrect choice value processing when using choice fields in the concat function.

Now formulas like concat($status," ",$priority) are correctly processed and parsed to display the correct text "Open Critical".
1681 Email processing in MSSQL Resolved a problem where email processing jobs were unregistered in MSSQL under some circumstances (in Quartz), which caused email processing to be prevented until JBoss restarted.
1683 Auto-accepting Tracked Changes Fixed the 'Accept the tracked changes for purposes of the comparison action' option so that any tracked changes present in the document for comparison will automatically be accepted before the comparison action is performed.
1684 Errors when modifying records and clicking action buttons Fixed a number of serialization problems and exceptions on record modification and action button clicks which occurred under certain circumstances.
1686 ESA support for locales which contain underscores Command-line ESA sync configuration and sync in general now works for locales which contains hyphens (e.g.,  en-US), and for locales containing underscores (for example, zh_HK, zh_TW and pt_BR).