Release Notes 6.7.0
With the major release of ACMP 6.7.0, we aim to fulfill our quality standards and guarantee you a smooth workflow. The following new functions and improvements have been implemented:
ACMP Core
The ACMP Console now supports multi-factor authentication (MFA) using the TOTP (Time-based One-Time Password) method. This enables the use of applications such as Microsoft Authenticator, Google Authenticator and all other TOTP-compatible apps. Another new feature is that the MFA can be made mandatory in user groups. To make it easier to set up the MFA for the first time, you can store your own help texts to support the user during setup.
The option to deactivate the saving of passwords when logging in to the console has also been added. This can be found in the settings under ACMP Server -> General and thus offers an additional security measure.
The visualization of the password strength is another new feature. The password strength is now displayed when users are created or passwords are changed in the user administration. The password strength is also displayed when saving the password of a client command.
A function has been added to Quick Launch that allows client commands that are declared as Quick Commands to be used directly in Quick Launch. This improvement increases both the convenience and efficiency of your work.
ACMP license management
ACMP License Management can now import license data from the Microsoft 365 license portal and fully include it in the compliance calculation. During the import, products and licenses are created and missing contacts are created as license consumers. In addition, several Microsoft 365 license portals can be connected simultaneously. An additional filter makes it possible to display only used products, which increases user-friendliness.
ACMP Inventory
The new field "Defender is managed by ACMP" has been added to the field area in the inventory. This field can be used in queries and filters to check whether Microsoft Defender is managed by ACMP.
The new "Login history" function is used to record logins for both local logins and RDP logins. This function is deactivated by default for data protection reasons. A new client detail plugin can then display the user logins. This login data can be used to identify the main user. After a defined number of consecutive logins, by default after five logins, the main user is automatically linked to a client. The main user of a client can be reused in license management, for example.
Note: The login history can be very data-intensive, so the storage period (default: 90 days) should be reduced to the minimum necessary.
ACMP Container
The container structures in ACMP can now be exported and imported. This is particularly useful if new ACMP servers are regularly set up that are to be based on an identical basic structure. This function makes it possible to export the names, icons, filters, advanced SQL filters, user-defined fields and relative priorities. When importing, missing user-defined fields are created with a name conflict check to ensure that no duplicate entries are created. Please note that tree structure filters and vulnerability filters are not exported.
ACMP Helpdesk
To strengthen the helpdesk, two new features have been introduced based on frequent customer requests. Firstly, user-defined fields for quick editing of tickets can now be changed via the context menu function "Quick edit" in a ticket query. Secondly, custom fields can now be automatically populated or modified via helpdesk rules, e.g. when creating a ticket, to increase efficiency.
ACMP Security
An error occurred in the email configuration, particularly with OAuth2 authentication, if different top-level domains (TLDs) were used for login and sender. This problem has been fixed so that different TLDs are now processed correctly.
Furthermore, the "Save login data" function for Active Directory (AD) logins has been expanded, as this cannot currently be mapped using any secure procedure. A token-based system is now used for ACMP logins.
In addition, the OpenSSL version has been updated to 3.0.15 to improve the security of the system.
ACMP OS Deployment
OS Deployment in ACMP now also holds the KMS product keys for Windows Server 2025 Standard and Windows Server 2025 Datacenter. In addition, the build number detection in OS Deployment has been updated to support the latest Windows 11 versions (22H2, 23H3, 24H2).
ACMP CAWUM
An error that could lead to a downgrade when changing the update channel in Office 365 has been fixed. It is now ensured that the latest version of Office 365 is always installed.
Further changes
The ACL authorizations (Access Control Lists) for all elements have been revised. The previous "Execute" and "Visible" permissions have been merged and are now only called "Visible", which includes both displaying and executing an object. This change only affects users who previously only had visibility rights. After the update, they will no longer have this authorization. In addition, the internal handling of ACLs has been optimized to avoid deadlocks.
The ACMP server share now not only contains the Console.msi, but also the launcher.exe. The launcher.exe is to be preferred if increased user convenience is required for an ACMP console installation. Here, the Console.msi is started and executed with the parameters of the Setings.ini, further configuration steps after the console installation are thus reduced.
ACMP is now delivered with TeamViewer QS version 15.58.4.0 to enable assistance from Aagon Support.
The Built-in Administrator is always part of the Full Access group and cannot be included in other groups to ensure that their rights cannot be restricted.
Components to be updated
The ACMP Gateway and the Network Boot Service must be updated separately following the ACMP Server Update.
Changelog
Further details on the corrected and improved points can be found in our Changelog.