Changelog: Release History

There are two parts to the deployment that are packaged together but are maintained and tracked separately.

Managed Application

The code that handles the deployment and the resources that are used (such as firewalling), provides the API and the web base user interface.

Virtual Machine (also referred to as the ‘service’)

The code used to run the virtual machines providing the RADIUS/RadSec service.

To determine the version of each that you are using, go to the managed application page and navigate the menu on the right Settings  Parameters and Outputs and listed at the bottom, under the ‘Outputs’ section, you will find the values for ‘versionManagedApplication’ and ‘versionVirtualMachine’. Use the first two numerical parts of those values to search for your version below.

Though these values resemble the ‘YYYYMMDD’ format, they are not meaningful as a date and used only as an incrementor.

Managed Application

Upcoming Release

Features

  • UI [GH#307]: Device configuration validation highlights which tab outstanding issues are present preventing submission of changes.

Fixes

  • UI [GH#306]: Tooltip hovers on table fields are no longer truncated making the full message available to read.

20260000-20260000

Features

  • General Availability (GA) release including tier support

    • You now will be billed.

  • New user interface replacing the now deprecated Azure Custom Resource Providers

  • Microsoft Entra ID (including MFA) integration and Microsoft GraphAPI access provisioned during deployment

    • RADNAC now requires an Application registration used for ddeployment that includes permissions to create applications and assign necessary permissions to operate

  • Improve load times of realm and device listings that use the same TLS configuration

  • Support for read-only, as well as read-write, access to RADNAC’s API by using RBAC role assigments to the managed application resource

  • Added support from the Marketplace web portal UI installer the option to control disk type and size used (support for ‘Standard HDD’ has been removed).

Fixes

  • Install: improve reliability by reducing race of RBAC roles taking effect for the User Assigned Managed Identity iddeployment used during the deployment

  • Compliance: rename more resources to match recommendations

  • Compliance (TrackingID#2506010040000591 over two years!): remove use of Azure Storage Shared Key access and move to Managed Identity access

  • Users: do not allow IANA special use domains which would lead to an invalid configuration that could not be loaded

    • Workaround: delete or rename user entity

  • Cost: disabled ‘Zone redundancy’ for the Azure Function as there are cost implications as as the function will no longer scale to zero

  • Fix issues that improve startup reliability whilst waiting for RBAC changes to propagate

Virtual Machine

Upcoming Release

Features

…​

Fixes

…​

20260000-20260003

Features

  • Authorization: use refreshTokensValidFromDateTime and signInSessionsValidFromDateTime for credential caching

    • lastPasswordChangeDateTime was always considered

  • Update of FreeRADIUS from 3.2.8 to 3.2.10

  • Fixed authorization policies when using EAP-(T)TLS resumption

    • By design, any configured MFA policy is skipped for TLS resumed sessions to avoid MFA fatigue

Fixes

  • Authorization: fix that lastPasswordChangeDateTime, refreshTokensValidFromDateTime, and signInSessionsValidFromDateTime can all be unset

  • Devices: improve multi-transport such as running both UDP and RadSec

  • Devices: improve CIDR support, in particularly for 0.0.0.0/0 and ::/0

  • Fix issues that improve deployment reliability whilst waiting for RBAC changes to propagate