What’s New in Web Help Desk

Clickjacking protection

This release prevents malicious code from redirecting a hyperlink in the SolarWinds Web Help Desk^® software user interface to an unauthorized third-party website or resource.

Secure password reset logic

After you click “Forgot Password” on the login screen, Web Help Desk verifies your current email address and redirects you back to the application using a secure connection to reset your password.

Improved LDAP security

Web Help Desk software now prevents unauthorized LDAP client account users from logging into an LDAP tech account with an identical username. In version 12.5.1 and earlier, Web Help Desk used separate methods to provide LDAP authentication for techs and clients. After you install this release, the tech LDAP authentication functionality is removed. All techs who used this functionality will have their WHD password reset and receive an email with steps to log in to Web Help Desk.

See Unauthorized clients can log in to a Tech account using LDAP authentication for details.

Before you install this upgrade, ensure that all techs have client accounts (authenticated through LDAP) linked to their tech accounts. Also ensure that no tech usernames match any new or existing client usernames. After the upgrade, all techs must access their tech account using their client account or their WHD tech username and WHD password (which can be reset using the password reset logic).

Additional improvements:

• Tickets linked to a survey now close properly after you change the status to “Resolved”
• The Office 365 connector now supports subfolders
• Tickets restricted to a location group can no longer be accessed by users in another location group