返回
-
标题
Migration Manager for AD 8.15 Cumulative Update (Update_20240228) -
说明
About this update
This update adds enhancements and resolves issues as described in New in this update section. The minimum version required for installing this update is 8.15.
For complete product information, please refer to the Quest Migration Manager for Active Directory product documentation.
-
解决办法
New in this update
This update is focused on enhancements to Resource Processing, as well as changes to the Directory Migration Agent to keep pace with Microsoft updates.
Note that changes introduced the previous update require Microsoft .NET framework 4.7.2 or higher. Ensure that your target operating systems are compatible with .NET Framework 4.7.2 or higher.Migration Manager for AD 8.15 Cumulative Update (Update_20230914) (4373410) (quest.com)
Description Issue ID Directory Migration Agent (DMA) Changes to accomodate deprecation of Microsoft Exchange Online Remote PowerShell App ID (a.k.a. MFA App ID)
Symptom: DMA matching failure. Note: It may be necessary to regrant permissions after taking this update.MMAD 472827 Deprecation of Remote PowerShell (RPS) Protocol in Exchange Online
Microsoft has replaced Remote PowerShell (RPS) with the more secure REST-based v3 PowerShell module. You can read more about the reasons for this change on the Exchange Team blog.
DMA has been updated to use Exchange Online Management (EXO) v3.1 (or later) and Microsoft Graph instead of RPS. After installing this update, use of DMA requires removing the old EXO modules, if any, and installing the current EXO update. To do so, take the following actions using Windows PowerShell (64-bit version) in Administrator mode:Uninstall-Module -Name ExchangeOnlineManagement
Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.1.0
Get-InstalledModule -Name "ExchangeOnlineManagement"MMAD 404299 DMA 8.15.8.2: Migration not updating membership, nor setting group owner
Whether attempting to merge with an existing group or migrate a newly created group with all mappings from source to cloud, the Group was created, but Group Membership was not populated and the Owner attribute was not set.MMAD 460375 Change in naming convention of user's Name parameter Exchange Online
Microsoft has changed to a more robust way of generating the Name parameter associated with a recipient within a tenant in Exchange Online. The new method ensures uniqueness in the system. You can read more about the reasons for this change on the Exchange Team blog.
DMA has been updated to work with this change.MMAD 365474 Cached Credential Utility (CCU) CCU logging is improved for better readability. It adds version information and other details for troubleshooting. MMAD 258005 SERVICE_LOG_FILEandUI_LOG_FILEcan optionally be added to the update_msi.cmd. These parameters modify the local log path used to store the logs (service + UI). Note that the paths must include the complete file name as well as the target folder. For example:
cscript update_msi.js //Nologo "setup.msi" "SERVICE_LOG_FILE" "%ALLUSERSPROFILE%\Application Data\Quest Software\CacheCred\myservice.log"
cscript update_msi.js //Nologo "setup.msi" "UI_LOG_FILE" "%ALLUSERSPROFILE%\Application Data\Quest Software\CacheCred\myui.log"MMAD 355197 Changed the event loop between the CCU Service and CCU UI to prevent timeout issues. The 30 second timeout is eliminated. This solves a problem where a password input was ignored and CCU entered a loop. MMAD 411542 A change introduced by recent Windows updates overrode the changes CCU makes to address Windows store apps (a.k.a. "Metro apps"). CCU post-reboot processing was enhanced to make additional adjustments. MMAD 421940 Created a configuration wizard to configure the installation MSI for the CCU. This is an alternative to editing update_msi.cmd. The wizard supports the new CCU configuration parameters described above. The wizard is available inside the Cached Credentials Utility zip file. MMAD 356889 RUM / Vmover Automatic archive of the RUM Controller log, and start of a fresh log file, upon reaching a preset size. Two new optional registry keys are added under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QsRUMController\Config\:- LogArchivePath
- Relative to the location of the ResourceUpdating executables. If not specified, defaults to "
.\LogArchive\". If a different path is provided, you must ensure that the RUM controller has write permissions to the provided path.
- Relative to the location of the ResourceUpdating executables. If not specified, defaults to "
- LogFileSize
- Size at which to archive the log, specified in hexadecimal. If not specified, defaults to 10MB.
MMAD 260375 Reset TPM (Trusted Platform Module) permissions upon first login of the processed user.
This is done via a scheduled task. Due to the nature of the Windows task scheduler, this task will be triggered on every subsequent login on but the script itself detects that it has been run before and does nothing on subsequent logins. This is recorded via the script creating a file in "%UserProfile%\AppData\Roaming\Quest\tpmfix\tasktriggered.txt" to indicate that the script has already been started at least once.
Note: Associated scripts were updated with minor changes for version 8.15.8.3, and also digitally signed.MMAD 285636
MMAD 471940Added processing of local OneDrive permissions to Vmover.
This is done by repermissioning all of the reparse points that are marked with a cloud reparse point tag. (These files were previously skipped.)MMAD 392406 Added details to the Vmover log to report on untouched/unprocessed users, along with the associated reason(s).
The log message appears as follows:{user} has not been processed because {reason}MMAD 234507 Updated the logic of Vmover to account for drives attached to cluster nodes while checking which drives are valid for processing. MMAD 375803 Addressed a reported path vulnerability in QsReportUpdatingAgent by fully quoting the Service Path in the Windows registry. MMAD 333068 Exporting RUM collection data: Added previously missing 'Scripting' and 'Rename' tasks to the export. MMAD 397252 Suppress RUM warnings when processing WaaS registry keys for Windows 10.
Vmover no longer logs an error when unable to gain access to the WaaS registry keys for Windows 10. These keys are related to Windows update process and are expected to be inaccessible to Vmover. The error reported in the logs previously was:Registry Error 5 Access is denied. SYSTEM\WaaS\Upfc (RegCreateKeyEx)MMAD 234538 Corrected a typo in Computer History > Status. MMAD 256191 - LogArchivePath
-
附件