Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.11.11

Improvements

• ssh:

  • Allow use of pamUser record credentials

• LastPass import:

  • Improved error-handling/reporting

Fixes

• find-duplicate --scope=enterprise:

  • Deleted records now excluded from the report

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.11.10

Improvements / Fixes

• security-audit-report

  • Misc. fixes and improvements

• Fix for bug with log-in process using SMS 2FA

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.11.6

Improvements / Bug Fixes

• security-audit-report

  • Fix for incorrect summary scores calculations due to failed decryption of security-data of unexpected size

• breachwatch report

  • Now shows updated summary scores

• security-audit sync

  • Added options to perform sync without being prompted for confirmation (non-interactive mode) and with minimal screen output (no Security Audit Report shown on sync)

• Fix for SCIM-assigned role not displaying in various enterprise reporting commands (e.g. user-report, enterprise-info --roles )

Please click on the navigation to the left in order to view the release notes.

Releases

The latest Keeper Commander release can be found on GitHub.

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.11.4

Fixes

• Bug-fix for login with SMS 2FA

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.11.3

Improvements / Bug Fixes

• security-audit-report

  • Added detailed error reporting to facilitate troubleshooting security audit data issues

• SSO Login

  • Fixed app hanging when browser fails to launch

• audit-alert

  • Added support for enabling alerts

• KeePass Export

  • Added support for Pleasant Password TOTP fields

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.11.7

Bug Fix

• security-audit-report / breachwatch report

  • Fix for decryption error when enterprise key size is 2047 bits

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.11.8

Improvements / Bug Fixes

• security-audit-report

  • Improved decoding error-reporting

• aging-report

  • Fix for pre-mature command exit when neither --period nor --cutoff-date are specified

• import --format json

  • Imported record schema now ignored if record-type exists

Find the release on GitHub:

New Features

• trash- now supports viewing deleted shared records and share folders

• security-audit-report - now supports fixing corrupted vault-calculated security-audit data by resetting summary scores and forcing security-audit data re-calculation and update for affected vaults

Improvements / Fixes

• transform-folder- share permissions now removed from share folders prior to transformation / deletion

• enterprise-role

  • bug-fix for inability to set role enforcement policy RESTRICT_MOBILE_ACCESS

  • added support for executing the command in non-interactive mode (for batch-script usage)

Find the release on GitHub: Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.11.2

Improvements

• login-flow refactor to allow custom UI integration (with sample implementation)

• ssh-agent: minimum key size requirement adjusted to accommodate smallest valid ed25519 private key

• audit-alert: added support for

  • alert enabling/disabling

  • custom alert messages

Find the release on GitHub:

Improvements

• pam rotation new

  • Added --on-demand switch for scheduling password rotation on demand

  • Default password complexity rules now applied if not previously set

• import --format keepass

  • added support for Pleasant Password plug-in TOTP fields

• get, trash get

  • added support for referencing records by path/title (including root-folder records)

Bug Fixes

• Minor bug fixes and improvements for the following:

  • share-record

  • share-folder

  • Security score updates

  • Compliance reporting

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.10.13

Bug Fixes

• Minor bug fix forimport

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.11.0

Bug Fixes

• share-permissions fix for owned records

• LastPass imported bank record title fix

• roles via team-membership now included in output of the following commands:

  • user-report

  • enterprise-info --users

  • enterprise-user

• share-folder: fixed erroneous assignment of users/teams/records of 1 shared-folder to others when updating permissions for current users/teams/records of multiple shared-folders

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.6.12

Improvements

SSO Login

SSO login for Commander has been greatly improved. Now when logging into Commander with SSO, you will be prompted to open a webpage to login to Keeper SSO connect. Once logged in, you are shown a button which will copy the authentication token when clicked. This token is then pasted into Commander to complete SSO login.

Audit Log Improvement

Raw type audit logs are no longer limited to 1000 rows. By adding a --limit <NUMBER> flag with any number, that number of rows will be returned.

Find the release on GitHub:

Improvements

• transform-folder - new flag: --clear-sharesto transform all sub-folders (and root folder if shared-folder subfolder) into user-folders

Bug Fixes

• create-user: fixed issue where full name was not being set

• Minor bug fixes and improvements

Find the release on GitHub: 12

Improvements

• audit-report

  • added support for filtering report rows by arbitrary string

  • --report-type switch now optional

• ssh

  • added support for "pamMachine" record-type credentials

Bug Fixes

• Minor bug fixes and improvements for the following:

  • import --format=thycotic

  • list

Find the release on GitHub:

Bug Fixes

• Minor bug fixes and improvements for the following:

  • compliance stats

  • compliance record-access-report

  • ls -R

  • audit-alert

  • import --format=lastpass1

  • transform-folder

Find the release on GitHub:

Improvements / Bug Fixes

• security-audit-report

  • Improved error-reporting output w/ more detailed data

• aging-report

  • Added support for filtering by cut-off date explicitly

• import

  • Misc. bug-fixes, including for LastPass import

• Misc. bug-fixes related to MSP / MC / Account context-switching and using enterprise commands

Find the release on GitHub:

Bug Fixes

• Minor bug fixes and improvements for the following:

  • compliance summary-report

  • automator

  • transform-folder

  • ssh-agent

Find the release on GitHub:

Additions

• Time-limited access

• Self-destructing records

Bug Fixes

• rm

  • Now removes app and file records

• record-type

  • Fixed record-type validation bug

• sync-down

  • Now updates client-side account summary data for current user

• Minor bug fixes and improvements for the following:

  • compliance stats

  • action-report

Find the release on GitHub:

Improvements / Bug Fixes

• KeePass import/export: added support for exporting to / importing from entry.otp field (widely used by KDBX-compatible apps for generating one-time codes)

• enterprise-role

  • Improved error-handling

  • --cascade: respect request for sub-nodes even if redundant for parent

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.10.1

Improvements

• compliance record-access-report - added record type column

• automator edit - preserve enabled flag when editing settings

• scim push - now supports pagination

Bug Fixes

• Minor bug fixes and improvements

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.10.7

Bug Fixes

• download-membership from Thycotic bug-fix

• Minor bug fixes and improvements

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.10.6

Improvements

• compliance summary-report: now adds empty vaults to report

Bug Fixes

• Minor bug fixes and improvements

Find the release on GitHub:

Improvements

• rndir, mkdir, ls - now supports folder colors

• automator create - now warns if automator is already created for a node to prevent having multiple automators per a single node

Bug Fixes

• import - fixed switch --dry-run so it does not create folder structure

• Minor bug fixes and improvements

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.10.4

Improvements

• added breachwatch report alias for security-audit report --breachwatch

• compliance stats: added column for total records (shared + owned) in vault

• find-duplicate --merge: added flag for ignoring share permissions when matching duplicates for merging

Bug Fixes

• share-folder: record-level share permissions can now be updated for shared folders containing arbitrarily large number of records

• Minor bug fixes and improvements

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.10.0

New Features

• enterprise-role - now supports the following granular sharing enforcement policies:

  • RESTRICT_SHARING_ENTERPRISE_INCOMING

  • RESTRICT_SHARING_ENTERPRISE_OUTGOING

  • RESTRICT_SHARING_ALL_INCOMING

  • RESTRICT_SHARING_OUT_INCOMING

Improvements

• compliance record-access-report - added support for displaying additional record-data columns, current vault-content overview for multiple users

• compliance-report - added record deleted-status filter options, additional report columns

• automator - switch log now display settings when no logs found

• export - now supports storing kdbx files as attachment on a record with switch --store-in-vault

Bug Fixes

• Minor bug fixes and improvements

For older releases, see the Keeper Commander GitHub page

Features and Improvements

Automator

• Added commands

General Improvements

• Ability to copy uid in clipboard-copy command by add flag --copy-uid

• Improved totp command output by adding --details flag

• Various bug fixes and improvements

Features and Improvements

• Server switching w/ out exiting Commander. Just type logout and then server US/EU/AU/GOV, once switched to a new region just login with the account that is registered there.

• Improved logging in binary version of Commander

Bug Fixes

• KC-290 Fix logging level when using "-lwsc=true"

• KC-285 Support register_device_in_region command.

• KC-290 --launched-with-shortcut parameter turns off info logging.

• Fixing this-device register

Features and Improvements

Secrets Manager (Beta)

• New KSM command to delete application

General Improvements

• Ability to manage record types enforcements

• allow cd command to navigate to folders with slash or quote in the title

• enterprise-info command to respect --node parameter

• Other bug fixes and improvements

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.3.3

Improvements

• create-user command

  • See documentation

• Import:

  • Skip V3 records with files that are too large (hot fix)

  • Strip URL for record audit

• Secrets Manager:

  • Show editable status of listed Applications

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.3.2

Improvements

• Fixed an issue with Secrets Manager device creation

Commander releases 16.2.0 - 16.2.3

New Features and Improvements

Edit Role Enforcements

• KC-272: Enterprise: Edit role enforcements

It is now possible to edit role enforcement policies in Commander. See the Documentation for details.

Import

• KC-229: Import/Export Records with Types

Records can now be imported with record types

• KC-286: Import LastPass' Shared Folders

Importing directly from LastPass now shares any shared folders with corresponding Keeper accounts. See the Documentation for details.

Secrets Manager (Beta)

• Secrets Manager: New format of One-Time token

• Secrets Manager: Added ability to generate config string in Json or Base64.

Other Improvements

• KC-122: Title/URL display options in audit-report

• KC-259: Fix some account restrictions: Expired Master Password, Accept Account Transfer

Commander releases 16.3.0 - 16.3.3

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.3.1

Improvements

• Printing versions of installed packages using version -v command while debug is on by

• KC-296 Add load/unload shared folder membership commands.

• load-membership: Fix program description

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.3.0

Improvements

• Support for cryptography 35.0.0 package

• Improved LastPass data import

  • See Documentation for details

Commander releases 16.4.0 - 16.4.9

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.4.8

Improvements

run-batch command

• Run commands sequentially from a provided file

• See Documentation

find-duplicate command

• Locate duplicate records in the Keeper Vault

• See Documentation

Import

• support for KeePass import using pykeepass

Find the release on GitHub:

Improvements

• export to Keepass now asks for Keepass password twice

• scim push: refactor command to match GCP function

• ls command supports --recursive argument

Bug Fixes

• msp-copy-role: ignore role enforcement errors. Proceed with copy

• Minor bug fixes and improvements

Find the release on GitHub:

Improvements

• General fixes and improvements

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.4.7

Improvements

convert command

• Convert legacy (V2/General) records to record-typed records

• See Documentation

transfer-user command

• Added support for mapping files

• See Documentation

General

• Support http and socks proxies

• Various bug fixes

See the Release in GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.4.1

Improvements

Import

• Fix for missing file attachments

• Prevent large records being duplicated

• Improved error handling when downloading attachments

Secrets Manager

• Automatically add a number to the end of Client names when multiple are created

General

• Fix for group commands in batch mode

• version command shows the Keeper Commander package directory

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.4.3

Improvements

Import

• Better handling of missing titles

Commander releases 16.5.1 - 16.5.18

See sub sections for information on individual releases

Find the release on GitHub:

Improvements

• Secrets Manager

  • Added ability to create a Kubernetes ready configuration

  • Fix for token returns

  • Bug fix for properly removing Applications

• Import

  • Large record fields will not be converted to file attachments

  • Updated command names

  • LastPass - support for file attachments

• General

  • Made record updates with Commander SOX compliant

  • Fix for incremental sync-down removing records from the Vault

  • this-device command respects "restrict persistent login" restriction

  • clipboard-copy command does not output password for record types

  • General cleanup and bug fixes

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.4.8

Improvements

Import

• LastPass - support for TOTP codes

Login

• SSO login support

• See Documentation

General

• Various bug fixes

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.5.17

New Commands

verify-shared-folders command

• verifies that records in shared folders have the correct data keys. Useful after some conversion actions

• See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/misc-commands#verify-shared-folders-command

General

• General bug fixes and improvements

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.5.18

MSP Managed Company Creation and Deletion

It is now possible to create or remove Managed Companies using Commander

• msp-add command

  • Create new Managed Companies

  • See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/msp-management-commands#msp-add

• msp-remove command

  • Remove an existing Managed Company

  • See the Documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/msp-management-commands#msp-remove

Improvements

• automator command now supports Base64 and Environment Variables for configuration input

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.4.6

Improvements

• General fixes and improvements

Find the release on GitHub:

Improvements

convert

It is now possible to convert records that the logged-in account does not own. use the --ignore-ownership flag to perform

• see the documentation here:

Bug Fixes

transfer-user Command

• Fixed an issue that caused "can't concat str to bytes" error

list Command

• Previously showed untyped records as "general" type, now shows nothing in the type column when record is untyped

Find the release on GitHub:

Improvements

• General fixes and improvements

Find the release on GitHub:

Improvements

generate Command

• Generate secure passwords and copy them to the clipboard

• See the documentation here:

enterprise-role Command

• Roles can now be duplicated with or without automatically adding all the users of the original role

  • --copy to copy a role without users

  • --clone to duplicate a role and its users

• See the documentation here:

Find the release on GitHub:

Improvements

• Propagate permissions option to default shared folder permissions

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.5.9

Improvements

Convert Command

Convert records to any record type.

See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/record-type-commands#convert-command

Connect Command

The connect command has been removed and replaced with the following commands for each connection type:

• ssh

• rdp

• mysql

The connection process has been simplified and now supports typed records.

See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/making-connections

General

• password-aging-report script added to examples

• WebAuthN auth support for converter U2F keys

• Various bug fixes

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.5.13

Improvements

Import

• Added a script that can import records from HashiCorp KVP storage

  • Find the script in the custom folder: https://github.com/Keeper-Security/Commander/blob/master/keepercommander/custom/vault_dump_hvac.py

Bug Fixes

• Fixed an issue where record-permission command would result in an error

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.5.14

Improvements

Convert

• convert command can now handle more than 1,000 records in one call. Calls and results are paginated.

Export

• Updated export command to handle corrupted record data is null custom fields

  • This is a community improvement provided by contributor flybyray

  • https://github.com/Keeper-Security/Commander/commit/2066c8daf991e865481e3cdef1d795ea1b81b288

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.5.11

Improvements

Import

Commander now supports importing from MYKI

• see the documentation here: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/import-and-export-commands#import-command

generate Command

• Generated passwords and the password strength, and Breachwatch scan result can be output in json format

• See the Documentation here:

aging-report Command

• Generate a report of password changes and expired passwords per record

• See the documentation here: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/reporting-commands#aging-report-command

Find the release on GitHub:

Improvements

General

• Various bug fixes

Find the release on GitHub:

Improvements

connect command

• Now supports record typed records (V3 records)

• See

audit-report command

• New filters added

  • --geo-location

  • --device-type

• See

share-report command

• Added "Folder Location" column

• See

General

• Initial Vault load performance improved

• Various bug fixes

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.5.1

Improvements

General

• Support for multiple MFA logins (WebAuthN)

• Improvements for enterprise query command

• Various bug fixes

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.5.15

Improvements

shortcut Command

• Displays record links

this-device Command

• removed 30 day maximum logout timeout

ln and mv Commands

• now accept patterns to match record titles

verify-records Command

• fixes TOTP record fields when import causes record corruption

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.6.14

New Features

Skip records

You can now tell Commander to not load records when it initially opens. This is helpful when you need to do some administrative jobs that don't require records and don't want to wait for the initial sync-down.

To use this feature, add the skip-records field to Commander's config file with a value of true

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.5.7

Improvements

Import

• Records can now be imported as any specified record type. Documentation.

• Corrupted LastPass record attachments will not cause the import to fail

delete-attachment

• Orphaned file attachments which have no associated records in the vault can be deleted. Documentation.

General

• Fixed an issue when using the list command when Keeper Secrets Manager applications exist

• Various bug fixes

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.6.13

Improvements

User report last login

You can now get a report of each the last time each user in the enterprise logged in with the user-report command. Use the new --last-login command to see this

• See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/reporting-commands#user-report-command

Add or remove admin privileges to roles

Administrative privileges can now be added or removed in Commander with the enterprise-role command. Add or remove the ability to run reports, manage nodes and more.

• See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/enterprise-management-commands#enterprise-role-command

ManageEngine Import

Import records from ManageEngine with Commander

• See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/import-and-export-commands

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.5.5​

Improvements

connect command

• Improved contextual help messaging

• See Documentation​

enterprise-info command

• Added the ability to display Enterprise nodes as a table

• Added the ability to see queued users

• See Documentation​

audit-report command

• Added ability to export in JSON format

• See Documentation

security-audit-report command

• Added ability to display Breachwatch report

• See Documentation

LastPass Import

• Fix for malformed or corrupted TOTP codes causing import to fail​

• See Documentation

General

• Display messaging when the user is not permitted to use Commander based on role permissions

• Various bug fixes

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.6.11

Improvements

Add Teams to Roles

• The enterprise-role command has been updated with the --add-team option which can add a team to the role.

  • See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/enterprise-management-commands#enterprise-role-command

• The enterprise-team command has been updated with the --add-role option which can add a role to the team

  • See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/enterprise-management-commands#enterprise-team-command

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.6.7

Features

Trash Command

• view, restore, or purge records in the Vault trash that have been deleted

• See the documentation here: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/record-commands#trash-command

Convert Enterprise Nodes to a Managed Company

• The msp-convert-node command can convert nodes into managed companies under the MSP

• See the Documentation here: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/msp-management-commands#msp-convert-node-command

Use Commander as your System's SSH Agent

• New ssh-agent command let's you start, stop, and see info about the SSH Agent

• See the documentation here: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/connection-to-hosts#ssh-agent-command

Improvements

• record-history command now supports typed records

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.5.6

Bug Fixes

• Commander creates teams with RSA private key encoded with PKCS8 instead of PKCS1 format

Find the releases for Commander version 16.6 in the nested pages

Find the release on GitHub:

New Features

Add and Edit Managed Companies in one Script

The msp-add command now sets the new managed company's ID as environment variable that can be used to access the managed company from within a script.

See the docs for more information and examples:

Export From a Folder

It is now possible to export a portion of the Vault be specifying a folder when using the export command. See the documentation for more details:

Bug Fixes and Improvements

• Fixed an issue causing Unicode parsing errors when outputting to CSV

• Made import command more robust when encountering null values

• re-instated connect command and gave it typed record compatibility

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.6.10

Improvements

Action Report Actions

Easily lock or delete user accounts that haven't logged in or edit records for some time, or have been locked for some time.

Use the action-report command to find users that haven't logged in in a given number of days, haven't edited a record in a given number of days or have been locked for a given number of days. Then have Commander automatically lock or delete all the accounts found.

See the documentation here: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/reporting-commands#action-report-command

Improved Password Generation

It is now possible to provide rules for password generation when creating and editing records using Commander. --generate-rules (-gr) and --generate-length (-gl) optional flags have been added to the edit and add commands.

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.6.1

Improvements

Importing

• import command now maintains the correct record type when used to update records

General

get command

• now shows the parent folder's UID

verify-shared-folders command

• updated to correct an issue when typed records are reverted to untyped

Find the release on GitHub:

Improvements

Masked Passwords

• The get and search commands now respect masked field settings. Passwords are no longer shown as plain text in command responses.

New Features

Compliance Reports

You can now query compliance reports with Commander. See the status of shared records across your Keeper enterprise account.

See the documentation:

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.6.3

New Commands

Create One-Time Sharing URLs

The new one-time-share command will be used to create one-time sharable links. See the docs for more details.

Reset-password Command

This new command can be used to reset the account's master password. See the docs for more details.

Improvements

• You can now use the --invite flag with the enterprise-user command to re-invite users that have already been invited to the enterprise

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.6.9

New Features

Action Report

Use the new action-report to identify any users that:

• haven't logged in

• haven't updated a record

• have been locked

For a given time period.

See the docs here: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/reporting-commands#action-report-command

Improvements

• Commander rotation plugins now support typed records and have improved usability

  • See the Commander rotation docs here: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/plugins

• Commander SSH Agent can now load private keys from attached files

  • See the docs here: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/connection-to-hosts#ssh-agent-command

• Improved handling of throttled requests

  • Commander will now wait for 10 seconds and re-perform any throttled commands

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.6.6

Features

Arrange-folders command

• new command moves shared folders into a sub folder

Improvements

• When adding a user to a team, shared folders can be hidden from the user by adding the --hide-shared-folders on option when using the enterprise-team --add-user command

• Display TOTP URLs with untyped records

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.7.3

Improvements

View Teams in Share Report

When records are shared to a team, the team can now be seen in the share-report.

Record Type Support for Keepass Export

Exporting records to Keepass now supports typed records.

New Features

SFTP Sync

Use credentials in the Keeper Vault to facilitate a connection to a SFTP server and download files to your machine.

See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/connection-commands/sftp-sync

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.7.1

Improvements

1Password Import

Commander now supports import of 1Password 1pux format files

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.7.8

Improvements

Transfer Accounts in Batch With the Action Report

• The action-report command now supports a new action "transfer" which transfers all matching user's vaults to a given account

• Automatically transfer users that haven't logged in or updated records

• Read the Documentation for more details: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/reporting-commands#action-report-command

Automate Managed Company Creation With a new Example Script

• A new script example in the GitHub repo shows off how to automate Managed Company creation with Python

  • Take a look in GitHub: https://github.com/Keeper-Security/Commander/blob/master/keepercommander/custom/create_mc.py

Plus General Bug Fixes and Improvements

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.6.0

Improvements

Import and Export

• import and export commands now support typed records

Password Rotation

• mysql password rotation plugin supports the latest PyMySQL package

Look and Feel

• New and improved Commander Logo

Find the release on GitHub:

Improvements

• Updated OpenSSL dependency to v3.0.7

  • Addresses security flaws in OpenSSL plugin. Learn more on the OpenSSL page:

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.7.6

Improvements

Compliance Report Updates

• New compliance team-report gives a view of team access to shared folder across the enterprise

  • See the documentation for more: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/reporting-commands/compliance-reports#compliance-team-report

Generate Dice-Ware Passwords

• The generate command can now be used to create passwords that consist of randomly selected words

  • See the documentation for more: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/misc-commands#generate-dice-roll-passwords

Copy MSP Roles

• new copy-msp-role command copies a role from the MSP to a managed company. Use this to easily onboard new MCs with common role settings and enforcements.

  • See the documentation for more: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/msp-management-commands#msp-copy-role-command

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.8.2

Improvements

Teams in Compliance Report

• Improved the view of teams in compliance report results

• See the docs for more information: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/reporting-commands/compliance-reports

Create User with Sharable Link

• The create-user command can be used to create new user vaults in an enterprise. The command creates a record in your vault with a link to a one time share.

• See the docs for more information:

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.7.5

Improvements

Compliance Report Updates

• Added --team filter option to compliance-report command

• Added --record title filter for compliance-report command

Import Updates

• Added import support for NordPass

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.8.3

New Features

Import from Thycotic Secret Server

• Commander can now be used to import secrets from Thycotic Secrets Server right into Keeper

• Learn more about import in the docs: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/import-and-export-commands#import-command

Distributor commands

• New commands and features for distributors that manage several MSP accounts

Add and Update Typed Records Easily

• Added a command record-add a consolidate record add for v3 typed records

• Added a command record-update a consolidated record edit for v3 typed records

• Learn more in the docs: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/record-commands#record-add-and-record-update-commands

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.8.4

Improvements

clipboard-copy command

• Supported record history and TOTP codes

MSP commands

• Respect Distributor's restrictions

• MSP Admin to run audit-report commands for MCs

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.8.7

New Features

apply-membership command

• Applies team membership

Improvements

• windows password rotation plugin supports Active Directory accounts

• Thycotic Secret Server import folder query performance

Find the release on GitHub:

Improvements

• The number of PBKDF2 iterations performed on login has been increased from 100,000 to 1,000,000

• Commander can now apply email templates to

• The get command now masks hidden fields, such as passwords. Hidden fields with the new --unmask flag

• The Enterprise aging-report command using the -s flag

Bug Fixes

• Fixed a bug when importing records from LastPass with attachments

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.7.9

New Features and Improvements

Bitwarden Import

• Records can now be imported from Bitwarden

Create Users Without Invites

• User accounts can be provisioned with the create-user command without sending them an invite. Put new users into roles and teams without waiting for them to answer their email

General Improvements

Compliance Reports

• Usability and performance improvements

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.7.10

Improvements

Support for Share Admin

• Keeper Share Admin allows Keeper Administrators to manage permissions for any records in a shared folder, even if they are not the owner of that record or shared folder

• In Commander, share admins will be able to manage permissions with the existing permission command: share-folder

  • See the command in our docs: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/sharing-commands#share-folder-command

• Read more about Share Admin in our Docs: https://docs.keeper.io/enterprise-guide/share-admin

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.8.0

Improvements

Find Invited Users with Action Report

• Action Report can now find users that have been in the invited status for the given number of days

• See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/reporting-commands#action-report-command

Edit Transfer Enforcements with Enterprise Role Command

• The account transfer enforcement has been added to the available enforcement options for the enterprise-role command

• See the documentation: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/command-reference/enterprise-management-commands#enterprise-role-command

Improvements to Record Restore

• The record-history command updated to use the most recent record restoration API

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.8.6

Improvements

• help command sorts command list

• Use pyproject.toml for building Commander

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.8.9

Improvements

• Added the create-account command, which registers new Keeper accounts

Bug Fixes

• Improved handling of connection errors during Thycotic Secret Server import

• Fixed a bug where the share-record command could crash when given the uid of a shared folder

Find the release on GitHub:

Bug Fixes

• Fixed a bug where the record-permission command did not interact properly with admin permissions

• Fixed a bug with updating security score data

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.8.10

Improvements

• LastPass import will now ignore shared folders with no name

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.8.14

Improvements

• The user-report command now includes login_console event in last_login calculation

• The import command now supports the following:

  • --filter-folder switch now allows for 1Password vault selection

  • Thycotic private key/membership sharing enforcements

• Removed unnecessary warning outputs for the share-folder for the to share-folder output messages

• Improvements to the sync-down command

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.8.12

Improvements

• The import command now can filter by folder, only importing a single folder from the source vault

• The scim-view command can now output to stdout when running in batch mode

Bug Fixes

The enterprise-push command now correctly creates v3 records instead of v2 records

Find the release on GitHub: https://github.com/Keeper-Security/Commander/releases/tag/v16.8.13

Improvements

• Added support for the 'Maximum Record Size' enforcement

  • Example: enterprise-role <role> --enforcement MAXIMUM_RECORD_SIZE:<size>

  • Users in the role are prevented from creating records larger than the assigned size, in bytes

  • This new enforcement is not yet available in the console UI