AdminOnDemand 2.4 - Release Notes

Product released February 27, 2024 - Document updated February 26, 2024


Azure AD Caching

When Azure AD is reachable, users will be prompted to provide logon credentials every time a session or process elevation is started.

After successful authentication, logon information is cached locally on the endpoint.

When Azure AD is not reachable, the cached logon information will be used to determine if elevation is allowed.

This design prevents confusion between the built-in Azure AD cache functionality in Windows and the cache functionality in AdminOnDemand.

It also increases user awareness when elevating privileges, which is a key aspect of the NIS2 security guidelines.

Minor Improvements

The product has been improved with :

  • more logging with better descriptions

  • higher stability and better error handling

 

If your endpoints are hybrid-joined, we strongly recommend using on-prem AD groups for validation

Â