Introduction 

The Overt development team have been working hard on numerous improvements to our Shibboleth IdP Dashboard. Version 2.1.77 provides the greatest experience for our Overt IdP customers. Today, we're bringing you seven enhancements, including six new features and several general bug fixes, to our Shibboleth IdP Dashboard to help you get the most out of it! 

New Features 

1. Improved LDAP Connections Diagnostics 

A new LDAP connections page has been developed to help customers and Overt support employees diagnose LDAP connection difficulties. 

Dashboard administrators may view all of the configured LDAP servers in operation, as well as their status, on this page. The following are some examples of how this functionality may be put to use: 

1. Figure out why users are unable to log in. 
2. Verify that all your Overt AD Link tunnels are set up and operating properly. 
3. Double-check that you have at least one backup connection set up for added resilience. 
4. See what servers you currently have Overt AD Link setup on 
5. Check when the LDAPS certificates will expire. 

How to access LDAP Connections Diagnostics: Settings → LDAP Connections, with admin permissions needed. You will find something like this picture below. 

2. Support Portal Authentication 

We've introduced the option for Support Portal account owners to seamlessly enter their Overt IdP dashboard to make accessing your dashboard even easier. Once configured, you will find a new item in your Support Portal Client Area with a link to your Overt IdP dashboards as in the picture below.  

This feature is only accessible to the Support Portal account owner. Other users will still need to use manual dashboard accounts; however, the main account user may now manage them seamlessly. 

Account owners are highly recommended to enable Multi-Factor Authentication (MFA) in the Support Portal.  
 
How to enable MFA for account owner: Profile → Security Settings → enable “Two-Factor-Authentication". This MFA is different from the one that may now be set in the Overt IdP dashboard. 

3. Multi-Factor Authentication for Dashboard Admin Users 

Admin users of the Overt IdP dashboard can now set up multi-factor authentication for their accounts.  
 
How to enable MFA for admin users: Go to your profile once logged into the dashboard then click “Setup MFA”. Follow the instructions to set up a One Time Password (OTP) in your favourite apps such as Google Authenticator or your password manager. 

We recommend you enable MFA on all dashboard admin accounts except the Support Portal account owner. We propose that Support Portal account owners enable MFA in the portal itself instead, so they still benefit from seamless login into their dashboard whilst being protected by MFA. 

4. Added System Load Status 

Your IdP's system load is now visible. This can assist Overt Support staff and customers in identifying slowdowns and potential problems. It also provides an instant look at how your service is handling the rate of authentications and whether you need extra resources or load balancing enhancements. 

5. Shibboleth Configuration Backup 

Whilst we provide revision history on files changed with our “Raw Config Editor” feature and perform regular platform backups, we have added a simple way to back up your entire Shibboleth configuration with the click of a button. This will come in useful whenever you need to make a lot of adjustments at once 

Currently, restoring these files requires Overt support, but if we receive enough requests for this functionality, we may be able to restore them through the front end as well. 

How to access Shibboleth Configuration Backup: Settings → Backups, with admin permissions needed.

6. Ability to Force Synchronise Server Time

Identity Providers always need to have accurate clocks to ensure they function correctly with Service Providers. While we automatically sync our Cloud IdPs to a reliable source, our onsite customers occasionally have time synchronisation challenges, which are often caused by firewall blocking or out-of-sync time servers. The new time sync button allows an admin user to attempt a sync against an external NTP server. If this fails, it will attempt a sync against the customers' internal domain controller. The service time is displayed so you can also verify the time manually. 

How to access this feature: Settings → Language & Timezone, with admin permissions needed.

7. General Bug Fixes and Improvements 

The following are some of the general bugs and improvements that have been made: 

• Fixes to raw data extracts
• Fixes for graphs on ElasticSearch instances  
  
• Added 1 month and 3 months options to “Purge granular access log files” in Settings → Data Privacy 

Conclusion 

The Shibboleth IdP Dashboard version 2.1.77 has several new features and upgrades that are meant to improve the efficiency of your Shibboleth Dashboard operations. We are available to answer any questions and open to receiving feedback regarding both new and current Shibboleth Dashboard functionality. You can contact the Customer Success Team and we will gladly assist you! We are also open to fresh ideas for future features, so please let us know what you think! 

Those interested in learning more about the Shibboleth products we provide can do so by going here. 

You may also watch our client onboarding videos by clicking here. Do you need immediate support? Let our Customer Success Team help you!