Sorry. I thought of two more things.
It also has issues with Bitwarden.
When filling in the password, it leaves the field in plain text.
After that, the javascript that switches the field type between text and password breaks, and it doesn't remove the 8-character limit on the password.
I have a couple of feature and information requests.
Thanks
Uninstalling the 2025-03 Cumulative Update (KB5053596) (and 2025-04 [KB505519] to be able to remove the 2025-03 update) seems to have allowed the server to resume operating. Clients are checking in, the clients with PendingConfirmation status now show Provisioned, and manual inventory/checkin and instant modules are working.
Obviously, leaving these updates off long-term is not good for security, but this does confirm that the Windows update caused the issue.
Server is running Windows Server 2019 in a VM instance. Outside of these two updates, it's fully patched and has only Theopenem (and supporting software, e.g., MariaDB) installed.
The Crypto\RSA folder does still have 780k files in it. We will be watching to make sure that number is not growing.
We recently (I think about a month ago) started receiving notifications for low disk space on our server. In investigating the source of the usage, we found a very large number of files (millions) being generated in the following folder, quickly consuming all of the free space on the disk:
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-20
Although this link is for a different application, this appears to be the same issue (https://github.com/Pro/dkim-exchange/issues/91).
We've run a script (https://github.com/sntcz/Clear-MachineKeys) to clean this up (initially removing files older than 30 days, but eventually decreasing it to 10 days). Unfortunately, it takes a while to get the folder cleaned up. With web services still running, we actually reached 0 free space on the system, so we disabled the IIS/World Wide Web Publishing Service. After getting the folder cleaned up to a reasonable level yesterday (we had about 30 files remaining), we restarted services, and it looked like it was staying stable around 100 files. However, the number of files in the folder has grown to ~1.5 million since yesterday, consuming around 3 GB.
Following the restart, I had to increase the system's processor to get it to even be reasonably responsive. I'm not sure if this is a consequence of cleaning up the files or the system being slow/unstable, but we now have several clients in a PendingConfirmation status (some of these were new clients that we were just now able to approve; at least one is a client that I had to reset), and I'm unable to get clients to manually run inventory, check in, or run instant modules.
I'm not sure how to proceed now, but I think verifying how/why so many files are being generated and resolving that would allow us to verify if the performance and client check-in was also resolved. For the record, the system has been in place for approximately three years without issue. No other services or web instances run on this system.
I have a bug report and feature request for software inventory.
Currently, software inventory seems to (mostly) take unique combinations of the software name and version, and that entry is referenced for the computer software table.
Unfortunately, this often results in an incorrect uninstall string. In particular, any application that is installed per-user will just show the uninstall string from the first installation that was seen.
We often will want to replace a user-installed app with a system-installed app, so having the proper uninstall string is a good way to track those down (as well as being necessary to remove the user-installed version).
Thus, the uninstall string should be unique to a specific installation of the software.
As for the feature request, it would be very nice to have the Publisher and Installed On fields populated in the software inventory (Installed On also requires the software inventory to be per-instance).
It may also be important to note that a piece of software could be installed both per-user (or for multiple users on one computer) and system-installed and should thus be listed multiple times in inventory for the same computer.
It also has issues with Bitwarden.
When filling in the password, it leaves the field in plain text.
After that, the javascript that switches the field type between text and password breaks, and it doesn't remove the 8-character limit on the password.
Sorry. I thought of two more things.
I have a couple of feature and information requests.
Thanks
@theopenem_admin said in Issues in 1.5.0:
The generated QR code for MFA has non-working parameters. The URI shows period=60 and algorithm=SHA512, but I could only get it to validate after changing them to period=30 and algorithm=SHA1 (same as leaving them off). Otherwise, it gives an error "Could Not Verify Code.".
What authenticator are you using? I've tested with Google and Microsoft and both appear to work?
Neither of those support the period or algorithm parameters (see https://github.com/google/google-authenticator/wiki/Key-Uri-Format#algorithm for Google; I don't have a link for Microsoft, but I have previously verified that it doesn't support them), so they default to 30 and SHA1.
I've tested with both Aegis and AuthenticatorPro.
This was pretty minor overall, but our server CPU usage pegged out until most of the clients updated.
How many simultaneous connections to your com server do have set?
It's on the default of 0 / Unlimited.
We just upgraded our instance to 1.5.0, and we've found a couple of issues.
Application name LIKE Toec%
And Application version < 1.5.0.0
should return only the computers with Toec still on 1.4.5, but is returning all computers (with Toec).
Our dynamic groups based on computer model + bios version don't appear to be affected.
I've disabled our software deployment policies temporarily because they otherwise are targeting incorrect computers.
The generated QR code for MFA has non-working parameters. The URI shows period=60 and algorithm=SHA512, but I could only get it to validate after changing them to period=30 and algorithm=SHA1 (same as leaving them off). Otherwise, it gives an error "Could Not Verify Code.".
This was pretty minor overall, but our server CPU usage pegged out until most of the clients updated.
The first spike was from when I installed .NET 4.8 and rebooted the server (and can be safely ignored).
The big drop corresponds approximately to the time shortly after I ran the "Prepare Toec Updates"