Release 22.2


id: Release_Notes title: Latest Release Notes


Release Notes - Version 22.2.1#


New Features:#

Improved In-app Group Management UX
The in-app group management interface has been updated, allowing easier navigation between the managed groups and create group view. The left side of the in-app group management view provides a menu to navigate between managed groups, creation of a new MCE/UCMA group (dependant on which engines have in-app group management enabled) and the help page.

Improved Classification UX

Managed groups may also be searched by name and filtered with several parameters, including only UCMA/MCE groups, by group properties, for individual security contexts and leveraging regEx expressions.

Set-MceGroup
Administrators may now leverage the Set-MceGroup cmdlet to manage MCE groups through the MCE Admin PowerShell Module. Administration functionality include group name, description, privacy, members and managers.

More information can be found on the Set-MceGroup command page.

Group History Search improvements
Groups may now leverage more advanced search parameters to search message history. 22.2 brings date range searching and regex filtering to the search history interface, allowing users to search more effectively and accurately.

Allow simultaneous in-app MCE group management and External UCMA group management
Administrators may now configure where users can manage MCE and UCMA groups independently, allowing in-app MCE group management while providing External SfB group management.

In-app MCE group management no longer leverages the group management settings on the MindLink Anywhere tab of the management center. This section is now exclusively leveraged by UCMA, where in-app or external management can be set. (and admins may still opt to disable it here, too)
This section has been renamed in the management center interface accordingly.

MCE Group Management may be enabled with the debug key debug.mce.enableinappmcegroupmanagement, set to true. MCE will only leverage in-app group management.

Simultaneous UCMA and MCE in-app management remain supported, too.

Encryption COI client certificate validation against OCSP on server Added optional configurations to enable OCSP COI certificate checking. This allows the COI public key infrastructure to get verified against revocation lists before being used in the generation of new encryption keys, to guard against the unauthorized access of protected information.

Support specifying multiple COI certificate issuers 22.2.1 allows administrators to configure encrypted systems with multiple COI certificate issuers to ensure COIs with multiple providers can be configured. The debug key debug.encryption.publickeyrepository.cacertificates.thumbprint has been pluralised to allow multiple certificates to be configured.

More information can be found on the 22.2 Encryption Configuration page.

Allow user to hide private chats from LiveStream
Livestream favourites now provides a toggle for IM messages, allowing users to opt out of showing IM messages in their livestream.

Custom Brand Names : Tab Title
The tab title is now separately configurable from the application Brand Name. Administrators may use the debug key web.client.custombranding.tabtitle to specify a different title for the browser tab. The tab title configuration will not change the brand name displayed in-app, on the MLA home page.

New Classification UX
The classification picker has had some minor improvements to the layout. The workflow now leads with building the highest possible classification, allowing additional markings to be specified only if required by the users' initial selection.

Improved Classification UX

After picking the highest classification, the ... icon in the top right of the builder may be selectable, if additional markings are available based on the users selection, which will reveal the additional markings when clicked. This ensures more efficient attribute selection by focusing on the highest classification and following up with additional attributes if required, rather than starting with additional markings that may or may not be leveraged by the subsequently built maximum classification.

Optional Dock User Activity
Added a user preference setting to enable/disable dock user activity. Improved user activity was added in 22.1, enabled for all users, but now offers a user preference to keep it enabled or disable it.


Changes#

Some refinements to the encryption protocol will mean that existing encryption keys won’t be able to be imported anymore
a. Any existing keys will fail to import
b. Any messages encrypted with existing keys won’t decrypt
c. For cleaner testing of this release, we’d suggest you either start with a new MCE DB instance, or at the very least create some new MCE groups.
d. Note: Now that we’re considering this the production-ready build, this won’t happen anymore with subsequent releases.

COI membership attestation
Encryption Key creation flows now incorporate calls to sign (attest) the encryption key payload, and also verify those payloads by fetching corresponding public keys.

Sync-MceGroupClassification
As part of changing the classification UX in this release we’ve had to change the way Highest Possible Classification data (classification tokens) are encoded on groups in the MCE DB.

You may find that after installing 22.2 that the Sync-MceGroupClassification cmdlet will find group classifications that require re-syncing.

Don’t be alarmed, the classification hasn’t changed, and the access control on the group won’t change either. We have simply removed some redundant information that can sometimes be encoded in the classification token, so the cmdlet is registering this as a change. Running the cmdlet will only remove this extra information that wasn’t used in the first place.

It is recommended to first run the cmdlet with the -WhatIf flag to confirm this. If it does find some groups then do run the cmdlet properly to clean up their tokens.

Classification and COI configurations remain active when IM is disabled
Both Classification and COI pages have been set to remain active and configurable if the IM modality is disabled in the management center. This ensures administrators are able to modify their security configuration even in cases where IM is disabled.

Improve Get-MceGroup commandlet output
Improvements have been made to the Get-MceGroup cmdlet results.

Improved styling for last seen info in dock
Some minor improvements have been made to the dock user activity, providing cleaner styling and more efficient spacing of information.


Improvements#

22.2 includes the following improvements:

IDDetailsProduct
FCF-9393Verify certificate chain for each COI certificate to get more immediate feedback about invalid certificatesMindLink Anywhere
FCF-9375Dock : Increase spacing between the name of a group and the time since the last postMindLink Anywhere
FCF-9349Turn on chat history date range searching for all groups MCE and SfBMindLink Anywhere
FCF-9337Clarifying dock title depending on whether groups or IMs are disabledMindLink Anywhere
FCF-9332Improve styling for last seen info in dockMindLink Anywhere
FCF-9329Clarify UX to indicate "To" date shouldn't be specified without "On/From" date in Encrypted HistoryMindLink Anywhere
FCF-9322Allow simultaneous SfB external group management and MCE in-app group managementMindLink Anywhere
FCF-9303Allow user activity in the dock to be optionalMindLink Anywhere
FCF-9294Allow user to hide private chats from LiveStreamMindLink Anywhere
FCF-9265Add IsEncrypted to data returned from GetMceGroup cmdletMCE Admin PowerShell
FCF-9190Show EDH headers for a group retrieved in PSMCE Admin PowerShell
FCF-9189Show more detailed classification information for a groupMCE Admin PowerShell
FCF-9167Settings buttons don't have tooltipsMindLink Anywhere
FCF-9146Allow the app title to be different to the product nameMindLink Anywhere
FCF-9090Check whether COI certificate is current before wrapping session keyMindLink Anywhere
FCF-8547Show length of time in presence state in contact listMindLink Anywhere

Bug Fixes#

22.2 includes the following bug fixes:

IDDetailsProduct
FCF-9475SfB-only users can still manage groups in-app when SfB group management is configured to be externalMindLink Anywhere
FCF-9416Catchup cursor is not always removed when explicit subscription is removedMindLink Anywhere
FCF-9414Some API samples cannot send messages with COIsMindLink API
FCF-9381Host InfoService status endpoint can return an OK response before the Host can successfully login an MCEMindLink Anywhere
FCF-9371Classification enable checkbox is not effectively disabled when IM is disabledManagement Center
FCF-9364Moussing over private dock nodes triggers user subscription requests unnecessarilyMindLink Anywhere
FCF-9355Management Center : Trusted Application Server settings are greyed out by default in SfB 2015MindLink Anywhere
FCF-9354SfB autoprovisioning gets initialized even when effectively disabledUCMA Connector
FCF-9253Group participants list is not scrollableMindLink Anywhere
FCF-9212Disabling instant messaging in management tool does not remove classifications from group creation capabilitiesManagement Center

Known limitations#

Audio calling between the MindLink client and the Skype Mobile app is currently not supported