FileCloud Version 23.232 Release Notes

Server Version 23.232.0.24769

The January 2024 release of FileCloud (version 23.232) is now available.

New installation: Installing FileCloud Server         Upgrade Notes for FileCloud 23.232 
Note: A full system upgrade is required for all existing installations. 

Upgrade to access new and enhanced features. 

Latest SHA256 release checksums

  • filecloudupdate.zip  d027150bb62b927f0e1cc1e4408d922a8d0d2240c643e2c87fadd2c51fe52b02
  • FileCloudSetup.exe  d485bb6bb523dbb9021de6802002df632de7a9a470344f1c8681ff9e583e2a60



Security Advisories

  • PDPL Compliance added to Compliance Center - Saudi-based Personal Data Protection Law (PDPL) compliance has been added to the Compliance Center.
  • NIST 800-171 Compliance added to Compliance Center - The Department of Defense's National Institute of Standards 800-171, which must be met by defense contractors and other federal agencies who handle controlled unclassified information (CUI), has been added to the Compliance Center.
  • Secure Web Viewer (Beta version) - File shares that require Digital Rights Management (DRM) can now be created from the Share Link window by choosing the permission option "Allow anyone with Secure Web Viewer link and a password." When a share recipient clicks the link, they are shown the file in FileCloud's new Secure Web Viewer which has DRM capabilities.
  • Smart Classification has a new simpler user interface that includes an AI classifier that enables content matching using broader categories.
  • Advanced Telemetry (collection of product usage data) - On FileCloud installation and update, admins can now agree to share product usage data with FileCloud.

PDPL Compliance Added to Compliance Center

With Version 23.232, FileCloud adds Saudi Personal Data Protection Law (PDPL) to the list of regulations that can be monitored and configured in the Compliance Center. The Saudi PDPL became active in September, and includes a set of rules that must be followed to protect personal data processed and transferred by Saudi companies or companies handling Saudi data.


NIST 800-171 Compliance Support

In addition, FileCloud has added NIST 800-171 compliance to the regulations covered by the Compliance Center. NIST 800-171 is a US compliance that regulates how controlled unclassified information (such as personally identifiable information and proprietary business information) is shared, and what details must be made available to subjects about their personal information.




Secure Web Viewer (Beta version)

FileCloud introduces its Secure Web Viewer which enables users to publicly share files while ensuring they are DRM-protected. When a user shares a jpg, png, pdf, docx, or pptx file, a new sharing permission, Allow anyone with Secure Web Viewer link and a password, now appears in the Share Link screen. When a user chooses this permission, a share link that accesses the Secure Web Viewer is created along with a password for opening the shared file in the Viewer. If Enable Protected View was checked when the share was created, small portions of the screen can only be viewed at a time using a moveable lens.


Secure Web Viewer option in Share link dialog box. 


Viewing a file in the Secure Web Viewer in protected view.

Updated Smart Classification User Interface with AI Classifier

The new Smart Classification user interface includes a code-free three-step wizard that makes it fast and easy to create a rule. In addition, a new AI classifier has been added for finding broader ranges of results.

New Smart Classification user interface with AI Classifier selected.

The new Smart Classification interface also includes a testing function that enables you to test if your classifier can successfully match patterns.
 


Advanced Telemetry (collection of product usage data)

FileCloud is now collecting product usage data for FileCloud Online trial deployments. Admins also have the option of sending product usage data to FileCloud during Server trial deployments, and after conversion of Online and Server trial licenses to product licenses. 


On initial admin portal login to FileCloud Online trial deployments, only the first screen below appears. On initial admin portal login to FileCloud Server trial deployments and after conversion of all trial licenses to product licenses, the two screens below appear as a wizard in the admin portal, and enable admins to opt in or opt out of sending product usage data to FileCloud.

Product usage data helps FileCloud improve the product and enhance it to meet current users' needs, and includes information such as features enabled and number of users and shares.





UI Changes in FileCloud 23.232

User Portal

  • If viewing through the Secure Web Viewer is available and enabled, when jpg, png, pdf, docx, and pptx files are shared, the Share Link dialog box now includes the permission option Allow anyone with Secure Web Viewer link and a password.


  • In Automated workflows, the Share Event trigger now displays the new option If a share is created or updated or share content modified.


  • In Automated Workflows, condition queries no longer display the Var option until the user has added a Workflow variable.


Admin Portal

  • On the Settings > Misc > General tab, the Enable WebDRM checkbox now appears at the bottom of the page. When enabled, users have the option of sharing files only with users who have the share link and the Secure Web Viewer password.


  • On the Settings > Server  tab, there is now now a setting for disabling and enabling the collection of usage data for rich telemetry analysis.


  • The Settings > Policies > User Policy tab now shows the settings Require Admin Approval for Device Authentication and Enforce Session Timeout for Devices as grayed out (disabled) unless the previous setting, Enable Code Based Device Authentication is set to YES, since they cannot function unless it is enabled.


  • The Settings > Third Party Integrations tab now includes an AI sub-tab for enabling and configuring use of AI in Smart Classification.



  • When admins add an S3 Compatible Bucket type of Network Folder, they now have the option of choosing whether to use the IAM Role or the S3 Key and S3 Secret to connect to S3 bucket.


    A checkbox for changing the option is also available now in the edit dialog box for S3 Network Folders from the Manage Network Folders screen, and from the Storage > My Files screen when S3 Compatible storage is configured.

  • A Disable Notifications setting for S3 Network Folders has been added to the edit dialog box.
     

  • In the admin portal, on the Settings > Misc > General page, an Enable WebSocket checkbox now appears. When enabled, push messaging occurs if the service is enabled for FileCloud Server users.
 

Client apps

  • A Comments field now appears in FileCloud for Office:

Information for Admins

  • DocIQ is no longer supported in FileCloud; instead, FileCloud for Office, which replaces DocIQ, is supported. Prior users of DocIQ can continue to use it in FileCloud Sync and FileCloud Drive, and still have the option of upgrading Sync and Drive with DocIQ.
    DocIQ will be fully deprecated and become unavailable within the next year.
  • Beginning with new installations of version 23.232, the terms of service link has changed. The default terms of service are automatically changed for new installations. Although the prior link will automatically be directed to the new page in earlier installations and upgrades, if you are upgrading from a version of FileCloud prior to 23.2, we recommend that you change change the Terms of Service link to: https://www.filecloud.com/eula/

  • If you have folder-level security (granular folder permissions) enabled in Settings > Misc > General, changes in functionality will significantly impact the way existing share behavior works when you upgrade from versions below 23.1 to FileCloud 23.x and higher. If you have granular folder permissions set, please contact FileCloud Support before upgrading to FileCloud 23.x and higher to avoid share and file access issues.
  • If you are upgrading from an environment using Solr or Solr+OCR, you must perform additional steps after upgrade. See Upgrade Notes for FileCloud 23.232 or Later for instructions on adding these steps. 
  • If your system runs on RHEL9, depending on the state of the operating system, the OpenSSL workaround configuration that prevents licensing and log-in issues may be removed after upgrading the system. After upgrade please verify that your workaround code still appears in the openssl.cnf file, and if necessary, add it to the file again. For information about the workaround code and where it should appear in the openssl.cnf file, see Known Issues.
  • If you are using native LDAP for authentication and using non-TLS connections set the LDAP Host value to ldap://hostname. Older FileCloud versions supported host value without the protocol definition ldap://

 

Enhancements

Reference Number

AreaFeature Notes
Server


CL-14063AuditFileCloud Desktop has been added as an agent that audit logs can be filtered on.
CL-13319AuthenticationTo reduce possibility of user enumeration,  all authentication failure messages (except 2FA) have now been standardized as "Invalid Username or Password. Password is Case Sensitive." 
CL-13130Automated workflowsA new workflow trigger, "If a share is created or updated or share content modified," has been added to enable users to send shares back for approval if the file shared is modified.
CL-12973Automated workflowsFor clarity, variable names for the user who started the event are now prefixed with "Started by User" instead of "User."
CL-13017Automated workflowsNow, when a share approval workflow is active and a share is created, if Send Email is checked for an invited user the email is sent after the share is approved, not when the share is created. In addition, if the share creator attempts to send an email when editing the share, a notification indicates that the message cannot be sent.
CL-13687DownloadWhen downloading multiple files as a zip file, the zip file name and its text file contained the word "FileCloud." Now "FileCloud" is replaced with the value in Settings > Service > Server Name.
CL-13108PreviewsThree new values are available for including in watermark previews: ^SHARE_OWNER^, ^FILE_OWNER^, and ^OWNER^, where ^OWNER^ is the user who shared the file if the file is shared, or the owner of the file if the file is not shared.



CL-13112SearchSome searches and reports were taking too long to process. Their speed has been improved.
CL-13967SearchA new setting enables user interface searches to begin from the current path shown on the screen but also give users the option of performing a global search.
CL-13637SettingsAn admin portal setting has been added to Misc > General settings for enabling or disabling push messaging.
CL-13766SharesIn share emails, a share owner can now check a box in the advanced Customize Email screen to send themself a copy of the email.
CL-13494Team Folders, Share emailsFor added security, when an admin shares a Team Folder with a user, the admin can no longer add or edit From, Reply to, and BCC fields in the email.
CL-13146WorkflowsThe "If a new user is created" workflow now includes an optional flag to automatically mark email verification as complete so users can log in immediately.
CL-13179WorkflowA new workflow has been added that performs a specified action on user accounts created before a certain date. Parameters considering users who are inside or outside of a certain domain have also been added to this workflow and to the "if a user's last login is older than" workflow.
Drive/Drive for Mac 


CL-131102FAWhen users logged in to Drive using 2FA, then logged out and logged in again, they were not required to enter a 2FA code. Now users are required to enter a new 2FA code on re-login.
Drive for Mac


CL-13897macOSDrive for Mac now supports macOS 14 (Sonoma).
FileCloud for Office


CL-13757CommentsThe ability to add comments to a file has been added to FileCloud for Office.

Bug Fixes 

Reference NumberAreaDescription
Server

CL-141412FAThe setting "Enable Two Factor Authentication For Admin Logins" at Settings > Admin was not being honored for promoted admin users. This has been fixed. 
CL-13227ADWhen admins imported groups from AD, only the first 1000 groups appeared in the list and could be imported. This has been fixed.
CL-13170Audit logA problem causing the audit log to show two records for an action that occurred once has been fixed.
CL-13690Audit logAn issue preventing audit logs from being exported has been fixed.
CL-12994Auto-archiveWhen an error prevented a temporary audit-archive db collection from being deleted, auto archive failed because the new one couldn't be created. This has been fixed.
CL-13682Automated workflowsFor a File Approval workflow requiring approval for a new folder, the approval page attempted to show a preview of the folder which failed because folders cannot be previewed. This has been fixed; the page now displays the folder path instead of attempting to show a preview.
CL-12973Automated workflowsAlthough workflow variables existed for users who performed the action triggering the workflow, they were not properly labelled. The labels now begin with "Started by User . . ." instead of "User . . ." so they can be identified.
CL-13127CustomizationCustom code provided for headers and footers caused problems with the user interface. This has been fixed by adding new tabs for Custom Header and Custom Footer HTML in the Customization screen.
CL-13974Device authenticationIn Settings > Policies > User Policy, the settings Admin Approval Required for Code Based Authentication and Enforce Session Timeout for Devices are now only enabled if the setting Enable Code Based Device Authentication is set to YES since they only function if it is enabled.
CL-13478DownloadsSome single file shares of encrypted zip and mp4 files failed to download unless the default max execution time was increased. This was fixed, and these files now download within the default max execution time.
CL-13374DownloadsAn issue enabling users who only had preview permission for PDFs to download them has been fixed.
CL-13957EmailThe Secure Cookie Setting warning appeared in the Daily Admin Summary email. The warning has been removed from the email.
CL-13654EmailThe Daily Admin Summary email displayed "Mod Proxy HTTP Apache Check Failed" although the check did not fail. This has been fixed and the inaccurate failure warning no longer appears.
CL-13814FFOIn some builds, when Sync or Drive was updated and FFO was chosen, the option to enable FFO in the app did not appear. This has been fixed.
CL-13842File/Folder namesFile and folder names with tab characters in them were causing issues with syncing and other operations. To resolve the issue, tab characters are now replaced with blank characters.
CL-11938Folder moveWhile a large folder was being moved into another folder and another operation occurred on one of the folders, the operation could fail and data could be lost without warning. This has been fixed so that both processes are not performed simultaneously and an error message tells the user that the second operation cannot yet be performed.
CL-13801FoldersFolders with numerical names were allowed to have trailing spaces which caused file uploads to them to fail although they were noted as successful. To fix this, FileCloud now removes leading and trailing spaces from all folder names.
CL-13679LogsAn issue causing Linux server logs to fail to close has been fixed.
CL-13562ReportsReport generation of the "Get download files" report failed when there were a large number of files. This has been fixed.
CL-13500Recycle binWhen the user policy option "Enable Recycle Bin Clear Feature" was set to NO, although users should still have been able to delete files individually, they could not. This has been fixed.
CL-13966SearchThe user portal was not returning partial results as long running searches ran. This has been fixed.
CL-13140SharesEmails sent for public shares with passwords were missing the recipient name in the subject and incorrectly had an unsubscribe link at the bottom. These issues have been fixed.
CL-13820SharesA scenario in which groups but not users could be selected in a share has been fixed.
CL-13884SharesAdmins were unable to save a letter as upper-case when they changed a share link in the admin portal. This has been fixed.
CL-13776Shares, previewsOn view-only shares of PDFs, previews showed a print button that did not work. Now view-only shares of PDFs do not show a print button.
CL-13883Shares,
Team Folders
A problem causing the invite users and groups options to not appear in the share screen for Team Folders when "Disallow default share settings change" was set to "Yes" in the Team Folder policy has been fixed.
CL-13578Team FoldersWhen a user who shared files in a Team Folder had their access to the Team Folder revoked, all sharing details were not removed, so a share link with the same custom name could not be created. This has been fixed.
CL-14017Team FoldersFor Team Folders in the admin portal, the "Check Access" function did not show the correct permissions under certain conditions. This has been fixed.
CL-13663Team FoldersWhen users tried to upload multiple folders to Team Folders, only some of the folders were uploaded. This has been fixed.
CL-13657UploadUploads of empty folders were not successful. This has been fixed.
CL-13532User portal interfaceOn Google Chrome version 114.0.5735.91, the show password icon did not appear correctly. This has been fixed.
CL-13226User portal interfaceWhen a user selected a folder and edited its share and then clicked OK in the share link dialog box, although the details panel showed the folder's details it displayed the name of its parent folder. This has been fixed.
CL-14099User portal interfaceA problem causing the Security tab in the right panel to sometimes disappear has been fixed.
Security

CL-13864

Automated workflowsChecks for unsafe data in input fields in automated workflows were not rigorous enough. This has been fixed.

CL-13595

2FA

Admin 2FA codes were able to be used more than once. This has been fixed by invalidating codes after they are initially used.

CL-14168

ACLUsers without manage permissions for a folder were able to view the Security tab in the user portal and manage the ACL. This has been fixed by hiding the Security tab when the user does not have manage permission for the folder.
CL-13767BackupThe FileCloud version number was exposed in the file manifest file of the backup agent which could make FileCloud vulnerable to attacks. This has been fixed.

CL-13727

Folder renameA rename to a folder could be configured to create a popup notification that could cause an XSS vulnerability. This has been fixed.

CL-14024

LogoutActions were able to be performed in certain client apps after users logged out. This has been fixed.
Drive and 
Drive for Mac


CL-131802FAAfter logging into Drive, if a user enabled 2FA and then restarted Drive an error occurred. This has been fixed.
CL-13834AutoCADAttempts to import layout sheets in AutoCAD failed because the files did not appear in the Import Layout dialog box. This has been fixed.
CL-13543Certificate fileSSL certificate files in Drive have been updated to enable all users with valid certificates to log in.
CL-13962LoginUsers were unable to log in to Drive after updating their passwords from AD. This has been fixed.

CL-13707

Mass deploymentWhen Drive was installed with mass deployment, the maxdownloadsizeinmb parameter was not applied. This has been fixed.
CL-13651Opening filesAn issue causing Drive for Mac to crash when opening certain xlsx files has been fixed.
Sync

CL-13790ProxyWhen a user logged in to Sync with a proxy, some actions caused the application to freeze. This has been fixed.
CL-13789Sync Selected FoldersIf the Sync Selected Folders option was selected, when the Sync dashboard was opened and the Cloud Storage tab was clicked, the selected folders were not initially listed. This has been fixed.


Server-only Bug Fixes

Reference NumberAreaDescription
Server

CL-13872ICAPThe ICAP server was deleting files that caused 4xx and 5xx response codes even if the files were not infected. This has been fixed.
CL-13653Network FoldersAn S3 Network Folder named "0" did not show the correct content. This has been fixed.
CL-13662Network FoldersA problem causing the folders and files in Network Folders to all list January 1, 1970 as their modified date has been fixed.
CL-13611Network FoldersWhen shares were removed from the Shared by Me section in Network Shares, a refresh was required to remove the shares from the browser. This has been fixed so that the shares are no longer shown once they are removed.
CL-13708Push ServerWhen the Push Server failed to start, it continuously attempted to restart. This has been fixed so that after failure to start, the service ends and does not attempt to restart.
CL-13729S3 Network FoldersAn option to disable notifications for Amazon S3 Network Folders has been added.
CL-13593Search, Network FoldersAn issue causing searches in Network Folders with large numbers of indexed items to return no results has been fixed.
Security

CL-13748, CL-13859

OpenSSLDue to security issues with the installed OpenSSL versions, the version of OpenSSL has been updated.
ServerLink

CL-13844Path normalizationServerLink nodes were overriding the original normalization form for files and folder names, causing sync errors. This has been fixed so that ServerLink now synchronizes strings in their original normalized format.
Drive

CL-13841Modified datesAn issue causing different modified dates to appear for Network Folders in Drive than in the user and admin portals has been fixed.
CL-13007UNC Network FoldersTrailing slashes in path arguments caused renaming of folders to fail. This has been fixed.
FileCloud for Office
 
CL-13750Network FoldersIf the Network Folders Display Name was changed, when the user opened FFO, the system hung and displayed the error "Fetching file info." This has been fixed.
Sync, Drive
 

CL-13769

Port bindingPort 34540 was bound to all network interfaces, but should only have been bound to localhost (127.0.0.1). This has been fixed so that port 34540 is now bound only to localhost.
ServerSync

CL-14034NTFS permissionsWhen a user imported permissions using ServerSync from a subfolder in Windows with the NTFS permissions read, execute, and list to a Team Folder, it should only have imported read permission, but it added share and manage permissions also. This has been fixed.