Okta Preview Sandbox – Release 2016.29 Skip to main content
https://support.okta.com/help/oktaarticledetailpage?childcateg=&id=ka0f0000000mcngka0&source=documentation&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fdocumentation%2fknowledge_article%2fokta-preview-sandbox-release-2016-29
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Okta Preview Sandbox – Release 2016.29
Published: Jul 19, 2016   -   Updated: Jun 22, 2018

Okta Production Release 2016.29 began deployment on July 20. For the latest information on our release schedule, see Current Release Status.

Check the version number at the bottom of your Okta Administrator page to see your current version. Clicking the version number takes you directly to the folder containing the release notes.

User-added image

Version numbers indicate the year and week of the year that releases are pushed to orgs. For example, release 2016.02 was pushed the second week of 2016. The week numbers follow the ISO Week Date convention. 

Important Notice for AD Integrations Using Federated Profiles

If your Okta Active Directory (AD) integration uses Federated Profiles, you should update to the latest GA version of the Okta AD agent. Beginning April 21, 2016, Okta automatically migrated all orgs that use the Federated Profiles option to the Okta enhanced AD integration, which requires agent version 3.0.8 or higher. If your Okta AD agent is earlier than version 3.0.8, following the migration your organization may experience inconsistent behavior, including loss of groups and group memberships.

To identify orgs running Federated Profiles, see Determining Your AD Integration Type.

For download and installation instructions, see Installing and Configuring the Active Directory Agent.

Note: If you run multiple Okta AD agents, upgrade all agents on your domain servers to the same version. Running different versions of the AD agent can cause all of them to function at the level of your oldest agent.

What's New

Unless otherwise noted, these features are available for all organizations with release 2016.29.

  • Okta Mobility Management (OMM) now supports the MacOS (OS X) platform. OMM for MacOS enables customers to apply lightweight management and security controls on MacOS devices with easy self-enrollment for end users.

    For a matrix of features supported by each platform including MacOS, see Okta Mobility Management Features Matrix. For enablement and enrollment information, see OMM – MacOS Management.

    User-added image

    This is an Early Access (EA) feature; contact Okta Support to enable it.

  • We have improved how Apple Push Notification Service (APNS) certificates for OMM are managed. Once the certificate expires, you can't send commands to currently enrolled devices, and new devices can't enroll. To reduce the likelihood of a certificate expiring, we now:

    • Expose the certificate expiration date when you first create the certificate.

      User-added image

    • Create an admin task to remind you to renew the certificate. The task remains until you renew or create a new certificate.

      User-added image

    • Send you an email notification 30 days, then 7 days, before expiration.

    • Add an error icon to the Apple Certificate Setup button on the Mobile Policy page when the certificate is within 30 days of expiration.

    For more information, see Renewing Apple Push Notification Service Certificates and Configuring Okta Mobility Management.

  • We now support Device Identity Certificate renewal for iOS/MacOS (OS X) devices. During enrollment to OMM, we provision devices with an Identity Certificate, issued by Okta, and valid for two years. We now renew this certificate silently, 60 days before expiry, without any impact on you or your end users.

  • We have extended the number of orgs that can benefit from the Import Safeguard feature. Orgs with a minimum of 100 app assignments can now take advantage of the safeguard. Previously, Okta required at least 1000 app assignments before a warning could be triggered.

  • We have enhanced our Netsuite integration to support the following:

    • Netsuite as Profile Master

    • Token-based Authentication

    • Universal Directory

    These are Early Access (EA) features; contact Okta Support to enable them.

    For more details, see the Netsuite Provisioning Guide

  • We have enhanced our JIRA integration to support Import Groups and Memberships.

  • We have enhanced the BambooHR integration to allow authentication and provisioning of non-employees using the Bamboo API.

Platform Release Notes

Changes to the platform for this release are published in the Platform Release Notes on http://developer.okta.com.

Incremental Features Summary

There are no incremental features to announce this week.

Browser Support

On July 1, 2016 Okta discontinued support for Microsoft IE 9 as well as all versions of Compatibility View that represent IE9. Okta Support will no longer investigate issues related to IE9. For more information about supported browsers, see Platforms, Browser, and OS Support.

Application Updates

We've implemented SAML for the following Okta Verified applications:

  • Directly (OKTA-94261)

  • Wake (OKTA-86175)

  • Zinc (OKTA-92161)

  • Zscaler Private Access (OKTA-92750)

We've implemented SAML for the following Community Created application:

  • Confer (OKTA-93105)

 

We've implemented SWA for the following Okta Verified applications:

  • Unitrax by L&T Infotech (OKTA-94909)

  • Zapier Wizard (OKTA-95412)

We've added the following Mobile applications for use with Okta Mobility Management (OMM):

  • AxurePortal (OKTA-76597)

  • Pivotal Tracker (OKTA-95249)

We've changed Signature/Digest algorithms from SHA1 to SHA256 for the following SAML apps:

  • BlueJeans (OKTA-94761)

  • Clarizen (OKTA-94637)

  • DocuSign (OKTA-95063)

  • Egnyte (OKTA-95065)

  • Expensify (OKTA-94643)

  • GoToMeeting (OKTA-95068)

  • Join.Me (OKTA-95381)

  • OpenDNS (OKTA-94639)

  • Salesforce Customer Portal (OKTA-95091)

  • Sugar CRM (OKTA-94653)

  • ThousandEyes (OKTA-94674)

  • Veeva (OKTA-95482)

  • Xactly (OKTA-94661)

  • ZScaler (OKTA-95053)

Bug Fixes

Bug numbers ending with an H are hotfixes. Hotfixes are generally deployed after the initial release.

Product Bug Fixes

The following issues are fixed:

  • OKTA-82555 – Provisioning task errors for Veeva Vault could not be cleared from the Okta Dashboard.
  • OKTA-90247 – In the Okta EMEA environment, the Suggest a Feature link at the bottom of the admin Dashboard redirected users to the Support page on okta.com instead of okta-emea.com.
  • OKTA-90726 – We have improved the OMM enrollment flow for iOS devices by introducing throttling between enrollment and when profiles are sent out.
  • OKTA-91151 – In SP-initiated flows, app names that contain an ampersand (&) were missing or truncated on the Okta Sign In page in orgs with the New Okta Sign-In Experience enabled.
  • OKTA-93837 – JIT provisioning fails in AD when the change password at next login option is set for the user.
  • OKTA-94471 – The Network Zones feature inadvertently disabled the ability to configure Delegated Authentication settings. This only occurred for orgs that had Desktop Single Sign-On configured.
  • OKTA-95030 – Mobile apps could not be secured on Apple devices running iOS 9.3.2.
  • OKTA-95436 – Users were unable to see the complete list of Network Zones when more than 20 zones were added to the configuration.

App Integrations Fixes

The following SWA apps were not working correctly and are now fixed:

  • BioCentury (OKTA-94894)

  • Bullhorn (OKTA-95301)

  • IBM MaaS360 (OKTA-93935)

  • IBM MaaS360 (OKTA-95373)

  • Pivotal Tracker (OKTA-94926)

  • Promapp (OKTA-95620)

  • Twitter Developer (OKTA-95140)