Chat now with support
Chat with Support

IT Security Search 11.3.1 - Release Notes

Release Notes

Quest® IT Security Search 11.3.1

Release Notes

October 2017

These release notes provide information about the Quest® IT Security Search release.


About this release

IT Security Search provides IT administrators, IT managers and security teams with a way to navigate the expanse of information about the enterprise network.

New features

IT Security Search 11.3.1 adds the following features:

  • Support for new versions of associated products
    The following Quest product versions are supported in this release:
    • Change Auditor for Active Directory 6.9.4
    • Enterprise Reporter 3.0
    • Recovery Manager for Active Directory 8.8.1

New in IT Security Search 11.3

  • Active Roles integration
    IT Security Search now has a connector for Active Roles, giving you access to security audit and management history. Active Roles 7.1 and 7.0 are supported.
  • Saved searches
    The searches you perform on a regular basis can now be saved for future use. Even more usefully, specific terms in such searches can be turned into customizable parameters for easy tweaking.
  • Support for Windows Server 2016
    IT Security Search can be installed on Windows Server 2016.
  • Searching by effective permissions
    Smarter analysis of Enterprise Reporter data lets you search not only by direct permissions on files and folders but also by effective permissions that result from group membership.
  • Support for new versions of associated products
    The following Quest product versions are supported in this release:
    • InTrust 11.3
    • Change Auditor for Active Directory 6.9.3, 6.9.2, 6.9.1
    • Recovery Manager for Active Directory 8.8

  • Detailed documentation for all event fields
    Fields provided by all IT Security Search connectors are now documented in the IT Security Search User Guide. This helps you tailor your searches to suit your data analysis needs precisely.

See also:


IT Security Search11.3.1 contains the following enhancement:

There is now an easy way to fill in the list of repositories in InTrust connector settings. Use the Select all available repositories link instead of selecting repositories one by one.

Enhancements in IT Security Search 11.3

The following is a list of enhancements implemented in IT Security Search 11.3.

Table 1: General enhancements

Enhancement Issue ID

If an object is outside an operator's explicit scope, information about it should be hidden from the operator.


"Whom" field values should be context-sensitive like "Computer " and "Who" field values.


Make the "Result" field available for Change Auditor data.


Add a details page for events.


Improve documentation on SSL certificate requirements.


Make the "Organisational Unit" field clickable for computers.


Add fields for Office 365-related Change Auditor events.


Resolved issues

The following is a list of issues addressed in this release.

Table 2: General resolved issues

Resolved Issue Issue ID

If you change only the time range (but not the date range) after a search and try to search again, the new search does not start.


The Files and folders where this user has permissions (both direct and indirect) action link fails to take Deny permissions into account.


There is no "busy" animation on the Security tab to indicate activity.


Security vulnerability: if the results of a search contain JavaScript code instead of an attribute value, then this code is executed on the client side during result formatting.


If event has a file path in its description, this path is automatically converted to a hyperlink for convenience. However, in Change Auditor events this works only for files, not folders.


Resolved issues in IT Security Search 11.3 and Updates 1 and 2

Table 3: General resolved issues in IT Security Search 11.3 Updates 1 and 2

Resolved Issue Issue ID

If you specify a custom port instead of the default 8087 when you install the IT Security Search Warehouse API component, then the Active Roles connector will not be able to read Active Roles events. A symptom of this is the following error when you try the Test Connection link on the Active Roles connector configuration page:

Connection error: Data attendant last error 'An error occurred while sending the request.

To work around this issue, open the <IT_Security_Search_installation_path>\Connectors\ActiveRoles\ITSS.ARSConnector.dll.config file and change the port number as necessary in the following line:

<add key="WarehouseHttpPort" value="8087" />


The link to the demo screen for a currently disabled connector doesn't work, because IT Security Search tries to perform a real search instead.


If an Active Directory object has been deprovisioned by Active Roles, the link to details about such an object doesn't work.


The number shown in the "Results found:" label may not match the number of items actually shown in the grid.


The Who has direct or indirect access permissions on this file action link fails to take Deny permissions into account.


Clicking Rebuild Index before clicking Apply in Enterprise Reporter connector options causes an error.


The event page shows native field names where it should show display names.


After you apply a filter by Who, the results pane shows more results than it should.


If you are looking at event details and then follow a link to the details for some other record type, then the date range is reset.


The default time range should be 00:00 to 23:59.


When you select the date range in the calendar control, changing the month above either calendar half also changes the month in the other half.


Table 4: Resolved issues in IT Security Search 11.3

Resolved Issue Issue ID

The IT Security Search UI stops working if the authenticated user's display name contains non-ASCII characters.


If the account used for connecting to InTrust is denied the rights to log on interactively to the IT Security Search server, the InTrust connector does not work.


Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating