Password Policy Enforcer / Web
What's new in PPE/Web V7.11
- Added X-Frame-Options response header to protect against Clickjacking attacks.
- Added X-XSS-Protection response header to enable the cross-site scripting filter on supported web browsers.
- Interprets the \n escape sequence in Password Policy Enforcer messages.
- Compatible with Microsoft security updates KB3167679 and KB3177108. Password changes would fail with a system error when these updates were installed.
- Improved handling of password changes across domains and forests.
- Queries to Password Policy Enforcer use a new communications library with better performance and more options.
- Improved encryption of temporary data.
What's new in PPE/Web V7.0
- Displays a diagnostic message if Password Policy Enforcer does not respond to a request. This is likely to happen if a domain controller is not running PPE, or if a firewall is blocking access to the PPS port.
- Compatible with Windows Server 2012 and 2012 R2 (as well as Windows Server 2003, 2003 R2, 2008, and 2008 R2).
- Improved Setup Wizard to ensure that PPEWeb.dll is always added to the list of Web Service Extensions on Windows 2003 and 2003 R2 64-bit editions.
- Uses the Password Policy Enforcer V7.0 libraries for improved compatibility with new features in recent versions of PPE (disable PPE integration if using an older version of PPE).
- Configuration Console prompts for elevation to ensure that user has sufficient permissions to write configuration settings.
- Imports PPE/Web V6.x configuration settings.
What's new in PPE/Web V6.0
- Updated HTML templates allow customization of all user interface elements, including error messages.
- The Password Policy Enforcer policy message is now shown during password changes. This message was hard-coded in the HTML in earlier versions of PPE/Web.
- A Configuration console to configure system settings and install license keys.
- The Setup Wizard installs and configures PPE/Web without the manual setup steps from earlier versions.
- Compatible with Windows Server 2008 and 2008 R2 (as well as Windows Server 2003 and 2003 R2).
- Compatible with 64-bit and 32-bit Windows editions.
- Additional validation of all user input to improve security.
- Can get user and domain names from URL parameters.
- Uses the Password Policy Enforcer V6 libraries for improved compatibility with new features in recent versions of PPE (disable PPE integration if using an older version of PPE).
- Can be used without Password Policy Enforcer if PPE’s additional password policy controls are not needed.