UPDATE: 2.5.0 has been released, and this topic has been locked.
2.5.0 release announcement: viewtopic.php?f=3&t=1819
Unimus 2.5.0-Beta2 is being released today! This is a release of the 2.5 code branch intended for testing purposes. More info on what's to come next on the Roadmap.
The major features of 2.5 are an extensive rework of the AAA (Authentication, Authorization, Account) system, already here in Beta1; and Custom Backup Flows, which are coming in Beta3.
First there is the introduction of Object Access Policies, which replace previous Device Access rules. Since Tags can be used on many objects now (not just Devices), Object Access Policies provide more fine-grained access controls to any / all objects in Unimus. You can create as many policies as you like, and you then assign a Policy to a User, specifying their access.
Next up is the possibility to create Unimus accounts automatically for new users authenticated by external AAA systems (Radius and/or LDAP). Up until now, before a user could log in using external AAA, an account in Unimus had to be created manually. This system allows for automatic provisioning of new user accounts when using external AAA. No more manual account creation!
Builds are available for download here:
https://unimus.net/download-dev
Let us know if you have any feedback / questions on this release, or if you run into any issues!
[BETA] 2.5.0 beta release thread
We just pushed out 2.5.0-Beta2. The complete Changelog was updated in the first post. New since 2.5.0-Beta1:
Fixes for issues in Beta1 (none of these apply to current stable builds):Features:
Tags can now be edited, allowing for change of Name or Owner (more on Ownership later)
Changed Cisco ASA multi-context driver to only attempt backing up contexts when switching to the "system" context is possible
Added support for NetBox in NMS Sync:
- you can now sync your NetBox inventory into Unimus
- import filtering based on "role", "tag", "location" and "field" (Custom Fields) is available
- the "status" field in NetBox is used to set the Managed flag in Unimus
- more info at: https://wiki.unimus.net/display/UNPUB/NetBox+importer
Prefixes for filters in NMS Sync were replaced by a key-value system
- until this release, entries in Sync Rules needed prefixes, with each prefix meaning something different
- this was inconsistent across different Sync Connectors, and also quite confusing (you had to read docs every time on what prefix does what)
- we replaced prefixes with a Key=Value system (for example "id=123", "group=routers", etc.)
- existing Sync Rule configuration will be automatically migrated to the new system
Object Ownership system has been extended to Tags and Zones:
- Tags and Zones now have an "Owner" attribute, same as Devices
- access to these objects can now be gained by being their Owner, separately from Object Access Policies
- ownership has precedent over Object Access Policies - owners always have access to objects owned by them
You can now see all Objects owned by a User in User Management:
- new "Show object ownership" button was added in User management
- this will show all Objects, as well as their types owned by this User
- you can also remove ownership of Objects from this User in this window
Added support for:
- Cisco IOL (IOS on Linux) switches
- Cisco IOL (IOS on Linux) routers
- Netonix WS3 switches
- SONiC OS
Fixes:
Fixed selected Zone disappearing from the Zone selection dropdown in "Basic import" after a successful import
Fixed issue in API with Zones which had a NetXMS Agent selected as their Connection method
Fixed various minor UI and UX issues and inconsistencies
Fixed OPNSense jobs failing when device presented a menu after switching to root
Fixed Cisco ASA backup failing when logging into a context without the ability to switch into the "system" context
Security fixes:
Only Administrator-level users can now change Advanced System Settings
Users can no longer Edit Credentials that are used on Devices they don't have access to
Users can no longer Edit CLI Mode Change Passwords used on Devices they don't have access to
Fixed users could still see and modify Targets in Config Push if Object ownership was modified concurrently
Features:
Improved Device selection UX in Config Search (after changes in Beta1)
Fixes:
Fixed missing live updates in Object Access Policy window
Fixed backup not working on CheckPoint devices for which support was added in 2.5.0-Beta1
Fixed Administrator-level users being unable to manage their own permissions