This article covers the following topics relating to the release of Front Office 9.6:
- Enhancements
- Bug Fixes
- System Configuration Setting Amendments
- Access Rights Amendments
- Installation/Upgrade Considerations
Enhancements to the product this release
The Front Office Help Centre provides an ever-increasing set of self-help resources, including knowledge base articles, FAQs, videos, adapters, and templates to download. Support calls can be logged online at https://frontofficehelp.biomni.com/.
Forgot Password Update
Reference: 3379
The Forgot Password process has been rewritten so that a user’s account is no longer locked during the password reset workflow, and a reset password link is emailed as an alternative to a temporary password. As part of this update, a new system configuration value has been created:
- Reset Password Link Expiry: When a user triggers the forgot password routine, this value will determine the number of minutes the reset password link is valid.
- Default: 30
- System configuration code: PWD_RESET_LINK_VALIDITY
Password Security – Account Locking and Retries
Reference: 3386
This feature further enhances the options available for protecting users accounts by allowing an administrator to set the following system configuration values:
- Password Attempts Duration: ‘Password Attempts Duration’ is used to define the number of minutes in which consecutive incorrect passwords must occur for the account to be locked. If zero is entered then the account will be locked after 'Password Attempts Allowed' consecutive attempts, regardless of the timeframe.
- Default: 0
- System configuration code: PWD_RESET_ACCOUNT_LOCK_COUNTER_AFTER
- Account Lock Duration: ‘Account Lock Duration’ is used to define the number of minutes an account is locked after an incorrect password is entered using the rules defined by ‘Password Attempts Duration’ and 'Password Attempts Allowed'. Enter zero to permanently lock an account.
- Initial installation default: 60
- Upgrade default: 0 (replicate existing functionality)
- System configuration code: PWD_ACCOUNT_LOCK_DURATION
- Password Attempts Allowed: ‘Password Attempts Allowed’ is used in combination with 'Password Attempts Duration' to define how many times a user can consecutively enter an incorrect password in a specific timeframe before their account is locked (see ‘Account Lock Duration’). Enter zero to disable this check, meaning a user can continually enter an incorrect password without their account becoming locked – this is not recommended.
- Initial installation default: 3
- Upgrade default: Previously set values for PWD_RETRIES (now removed) will be migrated to this new configuration setting.
- System configuration code: PWD_ATTEMPTS_ALLOWED
We strongly recommend that you review the new password settings on the System Configuration page, including the associated descriptions, and update them to meet your own internal security guidelines.
Custom JavaScript for Request Types
Reference: 3739
Request Types now have a new ‘Custom JavaScript’ tab, allowing users to enter JavaScript specific to a selected form. The new custom JavaScript will be outputted in addition to the Global JavaScript, allowing forms to utilize global JavaScript functions (for example).
In addition to request types, the custom JavaScript is also stored and used with request type variants.
Allow External Listbox field to trigger rules
Reference: 3738
The capabilities of the External Listbox field has been extended so that it can now trigger rules using a named column, utilizing standard string operators such as ‘is’, ‘is not’, ‘contains’, ‘does not contain’, ‘starts with’, and ‘ends with’.
Ability to Activate and Deactivate a User via the Directa API
Reference: 3740
Two new Directa API methods have been added, enabling authenticated API users to either get or set a user’s status, therefore allowing them to activate and deactivate users:
- GetUserStatus
- SetUserStatus
There is more information about the new API methods in the SDK documentation installed here:
-
<install location>\SDK\Biomni.FrontOffice.Sdk.chm
Add Multilingual Support for User Group Names
Reference: 2931
User Group Names now support the ‘Edit Other Languages’ functionality, meaning that within a multi-lingual system you can translate User Group Names and give them a descriptive name that can be understood by all users; this is especially helpful within the approval section.
Allow a URL Link Option Within the Service Catalog
Reference: 3096
There is a new option within the Service Catalog that will allow you to enter a URL as an alternative to service requests. This means you can link to other pages and send your users either to an external website or to another page within Front Office, utilizing Front Office variables, with the added ability to open the link within the same window or open a new one.
Security Updates
Reference: 3676 & 3813
Several security updates have been made, as listed below:
- HTTP security header updates:
- ‘X-Content-Type’ – set to on by default.
- ‘X-XSS-Protection’ – set to off by default. Most modern browsers ignore this header now as having it on can introduce additional security issues.
- Support for the ‘Strict-Transport-Security’ HTTP header and ‘Secure’ cookie flag using a new Website Settings section in the Configurator.
Note: we recommend Enforce HTTPS is enabled for all securely hosted (HTTPS) installations
In addition to the above updates, new articles have been produced further explaining how to secure your Front Office installation and how to implement a custom virus scan plugin.
Optimize Front Office Installation Media
Reference: 3244 & 3388
Unused files and sample imagery have been removed from the installation media, optimizing the installation and upgrade process, and reducing the amount of disk space required to host Front Office.
Add Support for Windows Server 2022
Reference: 3759
Support for Windows Server 2022 has been added.
Bug Fixes
Description |
Reference |
Maximum decimal places validation check fails for boundary values |
3219 |
Unknown error when saving a Form via non-GB languages |
3331 |
Multiple password reset links issue |
3602 |
Deactivated/Dormant users become active using Forgot Password functionality |
3615 |
For Import User feature, values of “PwdLastChangedDate” and “SendEmailsWhilstOnHoliday” do not persist |
3698 |
German “Fulfilment” translations were not correct |
3952 & 4011 |
Save and OK buttons do not work correctly on Request Type page |
3879 |
Active Directory user import losing line manager information and failing with concurrency errors |
3736 |
All bug fixes published within Front Office 9.5 SP1 are included.
System Configuration Setting Amendments
A full list of System Settings is available in the Documentation folder and via the Admin > Support category in the website.
Deletions
- PWD_RETRIES: Password Retries Allowed
Additions
- PWD_ATTEMPTS_ALLOWED: Password Attempts Allowed
- Previously set values for PWD_RETRIES will be migrated to this new configuration setting.
- PWD_RESET_ACCOUNT_LOCK_COUNTER_AFTER: Password Attempts Duration
- PWD_ACCOUNT_LOCK_DURATION: Account Lock Duration
- PWD_RESET_LINK_VALIDITY: Reset Password Link Expiry
Access Right Amendments
A full list of access rights is available in the System Settings List, available in the Documentation folder, and via the Admin > Support category in the website.
Installation/Upgrade Considerations
The install and upgrade process, as well as the instructions for applying a service pack, is explained in more detail in the Front Office 9.6 Installation and Upgrade Guide. If upgrading, please also review this section within each Release Notes for intervening versions.
Please contact the support team via https://frontofficehelp.biomni.com/hc/en-us/requests/new if you have any questions
Prerequisite: .Net Framework 4.7.2
Front Office 9.6 requires .Net Framework 4.7.2 to be installed.
Role Privileges for Installation and Upgrade
The user who creates or upgrades the database should typically have the database ‘sysadmin’ role.
Prior to starting the process, a validation check warns if the user entered does not comply.
It is possible to run with reduced privileges. Details can be found in the Installation and Upgrade Guide:
- Installing and Upgrading Front Office 9.6 – Installing Database with reduced permission set.
SDK
The Front Office SDK can be found in <install location>/SDK
Software Requirements
It is recommended that the latest service pack should always be used for all software.
Server Operating System
The following operating systems are supported:
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
SQL Server
The following versions of SQL Server are supported:
- SQL Server 2014
- SQL Server 2016
- SQL Server 2017
- SQL Server 2019
- Azure SQL database
- Microsoft SQL Server on Amazon RDS
Client Browsers
The following client browsers are supported:
- Internet Explorer 11
- Edge
- Firefox
- Chrome
- Safari
Share this article
Comments
0 comments
Article is closed for comments.