Error-Handling During Forced Password Resets on Next Logon
This fix allows AD users who are flagged to change their password on their next login to be detected using the 773 error code from AD. When detected, the broker can now send signals to prompt a password reset through BlockID.
Resolved a problem where the Broker DNCache was incorrectly storing queries with filters. This led to a gradual degradation in performance due to the cache being filled with incorrect queries and the broker spending time refreshing this erroneous cache.
Introduced a new feature that allows the Windows Broker to issue a certificate on behalf of the user without the need for an NDES server. This certificate is presented by the BlockID Credential Provider to authenticate a user at the time of Windows workstation login.
Introduced synthetic heartbeat that allows 1Kosmos to run a diagnostic in case of a connection fault between user management, Kafka, and broker. The heartbeat helps in identifying where a connection is dropped. The synthetic heartbeat also allows for measuring performance by providing insights into how much time it takes for a round-trip across user management, Kafka, and broker.
Added log rotation to prevent broker log size from growing indefinitely. Configuration settings are now available to manage:
logfilesizemb: The maximum size the log file can grow before rolling over to a new log. The default size is 10MB
logfilecount: The maximum number of log files that should be retained in the logs directory. When the count is reached, and a new log file needs to be created, the oldest log file in the directory will be deleted. The default count is 10