Neu Option for target configuration: SSH connection
Target chains: for implementing admin jump hosts (which can be additionally secured with JEA) – and much more.
Predefined target connections
to Exchange Online with EXO V2 (ExchangeOnlineManagement Module)
to teams with MicrosoftTeams
custom cloud service connections with custom PowerShell connect and disconnect code
New Script parameters
[PSCustomObject]: for transferring PSCustomObject objects from a Query result to a Script
[Hashtable]: for transferring Hashtable objects from a Query result to a script
[System.Management.Automation.Runspaces.PSSession]: to build a ready-to-use PSSession to a target instance
[Microsoft.Management.Infrastructure.CimSession]: to build a ready-to-use CimSession to a target instance
Improved security for [PSCredential] parameters: can no longer be selected via the execution wizard, but must be defined a priori via the Action configuration
New API for Microsoft Flow and Azure Logic Apps: ScriptRunner/api2/StartAction API for Microsoft Flow and Azure Logic Apps and option to export the corresponding OpenAPI files (aka Swagger) from the Admin app
Experimental features: Hyper-V, container and CimSession target connections
Actions: The Action wizard ignores LIB-tagged scripts because they are not intended for Actions anyway
Action configuration: Specification of multiple targets for an Action as well as the possibility for an executing user (also for Delegate App users) to interactively select the desired target for execution from this list.
New -force parameter to skip version check
User AppData path shortened for temporary local files
The ScriptRunner Service can now be configured for HTTPS.
Side-by-side HTTPS support: second IP port, for HTTPS and/or AD FS support, facilitating migration to HTTPS (Set-AsrSTSOptions).
Implicit PowerShell Remoting
Target configuration supports implicit PowerShell remoting, by importing commands from the target into the local session (c.f. Import-PSSession).
Actions can be configured to selectively import specific modules or cmdlets (with *).
Azure AD 2.0 support in Office 365: supporting Office 365 service endpoints for Directory, Exchange Online, SharePoint Online and Skype4Business Online.
Enhanced Security settings:
available in setup
added to Set-ASRUri PowerShell cmdlet
CallASRWebSvcConnector.ps1 DEMOscript: improved to cope with multi-target execution and with non-ASCII values.
Get-ASRLicense cmdlet: now has an -AsObject switch parameter to return the current license status info as an easy to evaluate hashmap object.
Extended handling of scheduled Action execution to prevent flooding execution resources
Powershell execution timeout: controls the abort for longer running scripts, e.g. reporting scripts, if they threaten to run into an endless loop.
Advanced execution options for Actions
local execution modes:
Thread impersonation mode
Simple RunAs process mode
Local WSMAN process mode
Processing options for container target systems:
Parallel execution on all target systems in the container
Sequential execution on all target systems of the container, one after the other
Random selection of a target system from the container with round-robin
Selection of a target system as long as it can be reached, otherwise change to another one
Synchronization of script processing
New target: Azure Resource Manager (AzureRM).
Library for function scripts organize related PowerShell code in single script files, as a collection of functions
Support for Edge Browser
Password Server Connector for retrieving credentials from a password server. Supports the following:
Pleasant Password Server (APIv4)
Thycotic Secret Server
CyberArk Password Vault (AIM Central Credential Provider API)
Web Service Connector: Scripts can now provide structured result data by writing a JSON string to $SRXEnv.ResultObjectJSON.
SQL Report/Audit Database: Exporting the execution reports is now possible with an impersonated AD account, in addition to explicit SQL user access and Windows Integrated access using the ScriptRunner host machine account.
Email inbound connector:
Update to MailKit 1.20.0. Note that -UseTLS may now be required for SMTP login
Test-ASREmailNotificationConnector cmdlet has been extended to send a test email, and to log more information on error
Now using .NET SMTP client.
Live-output in script execution report: shows increasing script reports while executing
New Data type:
[DateTime], via date picker
[SecureString] or [Parameter(HelpMessage=”ASRDisplay(Password)”)], for password mode
Option for multi-line text input with [Parameter(HelpMessage=”ASRDisplay(Multiline)”)]
Auto-show interactive query field for larger query results
Re-load the last Action input values, for repeated execution of an Action
New Action list view: sorted by next schedule
Multiple selection of entries from a (Query or ValidateSet) dropdown, using the CTRL key
Basic ScriptRunner settings have been moved to a new settings page (main navigation > gear-wheel entry “Settings”.)
To clarify the use cases for authorization and connectors, the menu nodes have been renamed to “Delegation” and “Automation”. Connectors that did not match the “Automation” idea have been moved to the new settings page.
New Action details view, showing the whole tree of elements that are used for an Action. Editing and running the Action, and even editing used elements, is possible directly from the new view
Table tag filters in element tables have been replaced by a global tag filter, allowing focussing views on a certain topic (represented by the specified tags).
Script wizard now shows the actions and queries that use this script
Wizards now have an extra “Used by” card, to e.g. answer “where do I use these credentials?”
Script referencing errors now propagate from the script to the Action and query table, wherever the respective script is in use
Customization options for UI
New Action list view
Allows splitting long parameter lists to multiple pages