Additional admins can now log in only after the initial customer admin login.
User enable/disable status is now synced from Active Directory to miniOrange, ensuring consistent access control.
Improvements:
Group memberships are now validated for uniqueness, eliminating duplicate entries in LDAP queries.
Added support for configurable attributes to retrieve group names from AD, allowing users to specify which AD attribute to use.
Sync intervals can now be configured in minutes, instead of being limited to hourly frequency.
Increased the custom attribute limit from 20 to 50 for greater flexibility.
Vulnerability:
Persistence/Exclusion list now supports multiple user stores and correctly reflects deleted users from disabled stores during sync.
Group import continues even if a user store has an empty group search base. Invalid bases are skipped without interrupting the import process from other stores.
Upgraded Apache Tomcat to the latest version (9.0.104) to fix known vulnerabilities.