- Unimus-release-banner-250.png (157.98 KiB) Viewed 5548 times
Unimus 2.5.0 is being released today! 2.5 has been in development for 8 months, and brings many new major features and improvements, new device support, fixes for various bugs and issues, and security improvements.
We have published a Release Overview on our blog, please check it out for a summary of what is new.
If you want to see the full list of what is new, you can also check out the full Changelog below.
Release highlights:
- New Custom Backup Flows feature
- NetBox support in NMS Sync
- New Object Access Policies and improvements to user management
- User provisioning (automatic new user creation)
- Added Ownership for Tags and Zones
- Over 20 other minor features and improvements
- Support for 12 new device types
- Fixes for 20+ various issues and bugs
- Security improvements
Links at https://unimus.net/download have been updated with the newest version.
Full Changelog:
Finally, are a couple minor known issues to be aware of:= Version 2.5.0 =
Features:
Device Tags have been renamed to just Tags, since they can be used on many more objects than just Devices now
Tags can now be edited, allowing for change of Name or Owner (more on Ownership later)
Changed default job concurrency (max number of parallel jobs) to 50
When deleting a Zone, you can now choose to move devices to any other Zone you have access to before deleting the Zone
Added an option to create a new Credential directly in the Credential Binding window
Updated NetXMS client library to latest version (5.0.3)
Added a Zone ID column to "Backups > Devices" table
Added a link to open the last failed job details to the "Device > Info" window
Added a notification banner to "Backup Filters" when user doesn't see all filters due to Access Policy restrictions
Added a notification banner when tyring to edit a Backup Filter when you don't have access to all devices covered by that filter
Added a better message when a user with the "None" role attempts to log in
Added additional "Used by..." columns to the Tags table showing usage of Tags across Unimus
Added an option to not show Unmanaged devices in results of Config Search
Added an icon for credentials in High Security Mode to all relevant tables
Added an option to specify your own Pushover API Key in Pushover settings
Added an option to select the color scheme of diffs sent by notifications
Added a help popup to "Notifications > Show FQDN"
Fixed various small UI / UX issues and UI element misalignment and sizing issues
Changed Cisco ASA multi-context driver to only attempt backing up contexts when switching to the "system" context is possible
Added support for offer prompts when a device offers multiple corrective options for invalid commands
Improved handling of Nokia SROS / TimOS devices, fixing multiple issues in the process
Improved support for Raisecom RAX / ISCOM devices (more device types now supported)
Added new "Custom Backup Flows" feature:
- you can now create presets that specify what commands are sent to Devices during Backup
- you can also specify pre-backup commands, post-backup commands, and what is consumed as the backup content
- if a Custom Flow exists for a Device, it will be used instead of the built-in flow in the Device Driver
- you can target devices by Tag, Vendor, Type, etc.
- more info at: https://blog.unimus.net/custom-backup-f ... nimus-2-5/
Added support for NetBox in NMS Sync:
- you can now sync your NetBox inventory into Unimus
- import filtering based on "role", "tag", "location" and "field" (Custom Fields) is available
- the "status" field in NetBox is used to set the Managed flag in Unimus
- more info at: https://wiki.unimus.net/display/UNPUB/NetBox+importer
Prefixes for filters in NMS Sync were replaced by a key-value system
- until this release, entries in Sync Rules needed prefixes, with each prefix meaning something different
- this was inconsistent across different Sync Connectors, and also quite confusing (you had to read docs every time on what prefix does what)
- we replaced prefixes with a Key=Value system (for example "id=123", "group=routers", etc.)
- existing Sync Rule configuration will be automatically migrated to the new system
Device Access was reworked into Object Access Policies:
- you can now create complex Object Access policies which specify where a user should have access to
- Object Access Policies can then be assigned to users to limit object access across Unimus
- existing Device Access rules will be migrated to new Object Access Policies automatically
- more info at: https://blog.unimus.net/user-management ... nimus-2-5/
Added an option to create user accounts for users successfully authenticated by an external auth system:
- this allows provisioning of users on first successful login to Unimus when using Radius / LDAP auth
- using this system, you no longer need to create user accounts in Unimus for external AAA users before they can log in
- both Role and Object Access Policy for automatically created accounts are configurable
- more info at: https://blog.unimus.net/user-management ... nimus-2-5/
Object Ownership system has been extended to Tags and Zones:
- Tags and Zones now have an "Owner" attribute, same as Devices
- access to these objects can now be gained by being their Owner, separately from Object Access Policies
- ownership has precedent over Object Access Policies - owners always have access to objects owned by them
You can now see all Objects owned by a User in User Management:
- new "Show object ownership" button was added in User management
- this will show all Objects, as well as their types owned by this User
- you can also remove ownership of Objects from this User in this window
Improvements to APIv2 / APIv3:
- added the zoneId attribute to all Devices and Diff APIv2 endpoints
- added the zoneId attribute to multiple response objects in APIv3 where it was missing
Added support for:
- Cisco IOL (IOS on Linux) switches
- Cisco IOL (IOS on Linux) routers
- CheckPoint Gaia running on bare metal
- CheckPoint QLS (Quantum Light Speed)
- CheckPoint TE series
- iS5 IMX devices
- iS5 iES devices
- Netonix WS3 switches
- Racom RAy
- Raisecom REAP OS devices
- Ruckus vSZ-H
- SONiC OS
Fixes:
Fixed Config Change notifications would not apply Backup Filters in the notification diff when a new changepoint was generated
Fixed importing valid .csv files with formatting errors could result in a stuck Import job
Fixed "Export Diff" ignored the "Only changed lines" checkbox, and always sent only changes
Fixed selection model breaking in the Credentials table after editing a Credential
Fixed issues when changing large amount of objects (2000+) in a single operation when using MSSQL
Fixed multiple other object manipulation failures when using MSSQL (Device Zone change, etc.)
Fixed selected Zone disappearing from the Zone selection dropdown in "Basic import" after a successful import
Fixed config change notifications even when nothing changed on PA PanOS when managed by Panorama
Fixed issue in API with Zones which had a NetXMS Agent selected as their Connection method
Fixed Mass Config Push > Advanced Settings allowed setting an empty value for Override Timeouts
Fixed live updates there were missing in multiple screens, tables, and "used by" counters
Fixed many various minor UI and UX issues and inconsistencies
Fixed wrong / extraneous logging during the database upgrade stage when updating
Fixed OPNSense jobs failing when device presented a menu after switching to root
Fixed discovery failing on Ericsson SGSN in specific cases
Fixed multi-context backup failing on Ericsson IPOS in specific cases
Fixed a few specific Cisco router models being identified as switches
Fixed backup failing on Cisco routers that were incorrectly identified as switches
Fixed discovery could fail on Nokia SROS / TimOS devices on specific version
Fixed backup and Config Push could fail on Nokia SROS / TimOS devices on specific version
Fixed backup and Config Push could on specific version of NetElastic vBGN
Fixed Cisco ASA backup failing when logging into a context without the ability to switch into the "system" context
Fixed more cases when jobs could fail on Checkpoint Gaia devices
Security fixes:
Only Administrator-level users can now change Notification settings
Only Administrator-level users can now change Retention settings
Only Administrator-level users can now change Advanced System Settings
NMS Sync Presets where "Device Action policy" is set to "Move from All Zones" are now read-only for Users who do not have access to all Zones
Users who do not have access to all Zones can not select the "Move from All Zones" in "Device Action policy" when creating a new NMS Sync Preset
Users will not see an NMS Sync Rule if they don't have access to the Zone selected for that Rule
For Presets using Tags (Config Push, Backup Filters, etc.), only Users with access to all Devices under that Tag can manage the Preset
Users can no longer edit Credentials that are used on Devices they don't have access to
Users can no longer edit CLI Mode Change Passwords used on Devices they don't have access to
If a User doesn't have access to all Devices in Unimus, they can no longer change the Default Schedule
Users can no longer delete a Schedule if they don't have access to all Devices that use that Schedule
Fixed cases where Users could see Backup Filters even for Devices they did not have access to
Fixed Users could still see and modify Targets in Config Push if Object ownership was modified concurrently
Let us know if you have any feedback / questions on this release, or if you run into any issues!Known issues:
ISSUE: "Re-discover affected devices when Ports or Connectors change" Advanced Settings option does not work
WORKAROUND: none
STATUS: issue scheduled for fixing
ISSUE: Some screens in Unimus show time in server's time zone, others in client's (browser's) time zone
WORKAROUND: none, issue only relevant if client has different time zone than server
STATUS: we are debating on how to fix this - will likely create a setting to select which TZ should be used