Release Date 26 November 2018.
Support for ILLiad 8.6 ends 28 February 2019
Support for ILLiad 8.7 ends 31 December 2019
Important Update Information
ILLiad 9.0 now uses the .NET 4.6.2 (or higher) framework for both the ILLiad server and the ILLiad client. Your ILLiad server and all desktops that run the ILLiad client will need to update to .NET 4.6.2 framework or higher. Your server and client machines may need to be restarted after installation to apply the changes. This also resolves issues that some institutions have experienced when connecting to web servers that have explicitly disabled TLS 1.0. Note: ILLiad supports the recommended protocol TLS 1.2 for .NET 4.6.2.
Windows Server 2008 R2 SP1 and Windows 7 (client) is the minimum supported for ILLiad 9.
All patron users with ILLiad auth types of ILLiad, ILLiadExclusive, or PatronAPI will be required to reset their password upon the first login after ILLiad 9 update. This does not affect RemoteAuth or LDAP users.
All staff will need to change their ILLiad client password upon login after the update.
Bug fixes and new features are added periodically as point releases:
- 01 March 2019 (9.0.3) Client Release
- 08 May 2019 (9.0.2) DLL Release
- 02 September 2020 (9.0.4) Client Release
- 03 January 2022 (9.0.3) Web DLL Release
- 01 March 2022 Server, Client (9.0.5) and SQL Alias Manager (1.3.2) Release
For a list of current known issues, see UserVoice.
Considerations Before You Update
Updating During Normal Working Hours
Please consider running updates and installations during standard support hours 8 am - 5 pm eastern time (business days Monday - Friday) so that help is readily available if any issues are encountered.
Checking the WebAuthtype Key
Sites who have set the RemoteAuthSupport customization key to Yes will need to set the WebAuthType key to RemoteAuth in the Customization Manager prior to the ILLiad 9.0 update.
- If the WebAuthType key is not set to RemoteAuth, the user will be prompted to change their password after the update even if the RemoteAuthSupport key is set to Yes. This is because the new password enhancements use the WebAuthType to determine which sites require the password changes.
- During the update, if the UpgradeAdvisor detects the RemoteAuthSupport customization key is set to Yes and WebAuthType is not set to RemoteAuth then a warning will appear.
Checking the SharedServerSupport Key
Sites who have a Shared Server will need to set the SharedServerSupport key to Yes for all NVTGCS (including ILL).
- When the SharedServerSupport key is set to Yes, then a SQL views script is automatically run during the update. If the key is set to No, then the script doesn't automatically run and it could prevent patrons from accessing their ILLiad accounts after the update.
Un-Checking the ILLiad Authentication Box on the Users Form
If you are using RemoteAuth or LDAP, please ensure that patrons using your Default AuthType have the ILLiad Authentication box Unchecked in their User form. Please see Checking the Patron AuthType for more information. If you find that you have a lot of user records where the AuthType is set to ILLiad instead of to Default, if you contact Support at support@atlas-sys.com, they can have the user records changed via a SQL Query.
Sites that have more than one PC
After ILLiad has updated, any user who has successfully logged in and changed their password in either the ILLiad 9.0 Client or ILLiad 9.0 Staff Manager will not be able to log into another workstation whose Client still operates under version 8.7.2. This is because the username has been updated with the new hashing methods which are not recognized in previous versions. Instead, download the ILLiad 9.0 Client Installer and run as an administrator on that machine. Once the Client has updated to version 9.0, then any staff member will be able to successfully log in on that workstation.
Adding the FORMSTATE Tag
Add the FORMSTATE tag to the ChangePassword.html pages. For more information, please read the FORMSTATE Tag article.
ILLiad Highlights
The following new features and enhancements have been added to ILLiad version 9.0.
FIPS Compliance | OCLC Requests | Appearance | Password Security | Miscellaneous
FIPS Compliance
FIPS (Federal Information Processing Standards) can now be enabled for ILLiad.
- 140-2 compliant encryption algorithms
- Activated via the Windows group policy
- FIPS compliance will be supported with ILLiad after the hashing customization keys are set in the Customization Manager with a numerical value (see StaffPasswordHashingIterations and WebPasswordHashingIterations customization keys for more information).
If you need to utilize FIPS on your system after the update, you must update ALL passwords for staff members prior to activating it, or FIPS checking will prevent the system from running for the respective Staff user.
OCLC Requests
Connection Manager will automatically retry once after 15 seconds for most errors encountered when retrieving requests.
Appearance
Updated client and staff interface look and feel with multiple different skins to choose from. For more information, please see Theme Selector.
![]() |
Password Security
ILLiad Basic Authentication, Staff, and Lending Web security updates for passwords.
- Hashing Methods
- Password Expiration
- Password Complexity
- Increased password field character sizes
- Expired password notifications for patrons
- And many more...
Miscellaneous
Lots of bug fixes and underlying component updates!
ILLiad 9.0 Features & Fixes
For any questions on the ILLiad 9.0 features & fixes, please see the ILLiad 9.0 FAQ. For all other questions, please contact support.
Addons | Admin Tools | Authentication | Database | Docline | Email | ILLiad Client | Notifications | OCLC | Web Pages | Web Platform
Addons
New | The Chromium Browser is now available for ILLiad 9.0 and higher. Please see Chromium Browser and Chromium WebBrowser for more information. |
Admin Tools
New | Added StaffPasswordHashingIterations, a hashing customization key to set the number of hash iterations when storing a staff password. The iterations store the hashed passwords as an algorithm for increased security. Default hash iterations 156,000. If you wish to change the default iterations, it is highly recommended to contact support for the number of iterations that work best for the speed of your computer and the hash algorithm. Generally, hash iterations should not be set to less than 100,000. |
---|---|
New | Added capability to enable staff password expiration and set default dates for expiration through "StaffPasswordExpirationEnabled" and StaffPasswordExpirationDays" customization keys. |
New | Added the ability to enforce staff password complexity requirements through the 'StaffPasswordComplexity' customization key under System/General. Staff administrators have the option to override password requirements when creating new staff accounts with initial password. |
New | Added WebPasswordHashingIterations, a hashing customization key to set the number of hash iterations when storing a user password. The iterations store the hashed passwords as an algorithm for increased security. |
New | Added Web Interface notifications for invalid user passwords through the customization keys "SLUserPasswordExpired" and "SLPasswordDoesNotMeetHistoryRequirement". |
New | Added capability to enable user password expiration and set default dates for expiration through "UserPasswordExpirationEnabled" and "UserPasswordExpirationDays" customization keys. For more information on user expirations, please see User Expiration Date. |
New | Added the ability to not set an expiration date for new users. |
New | Added capability to enable LWeb password expiration and set default dates for expiration through "LWebPasswordExpirationEnabled" and "LWebPasswordExpirationDays" customization keys. |
New | Added a "Required" field to the WebValidation table. If the box is checked as required, those fields will require a value equal to the expression noted in the validation field unless the validation is .+. For example, if Fieldname Password1 is required and the validation is set to ^.{10,}$ then the password value is required to have 10 characters. |
Changed | UserNotification records will be deleted for deleted users. |
Changed | Added the title "Alert" to any alert popups that do not currently have a title. This will help users easily identify what type of popup message they are receiving. |
Fixed |
The default customization key value for SLShowRequest has been updated to say 'Enter the information below and press the Submit Request button to send." |
Authentication
New |
When using SymphonyAPI authentication, users can successfully authenticate into the SIRSI Symphony catalog system through ILLiad. See Symphony API for more information. |
Database
New | Added "PasswordChangedDate" column to Staff table in accommodation of the staff password expiration keys. When a staff member updates their password, the PasswordChangedDate field will reflect the date and time of the update. |
---|---|
New | Added "PasswordChangedDate" column to Users table in accommodation of the user password expiration keys. When a user updates their password, the PasswordChangedDate field will reflect the date and time of the update. |
New | Added "WebPasswordChangedDate" column to LenderAddresses table in accommodation of the LWeb password expiration keys. When the LWeb password is updated, the PasswordChangedDate field will reflect the date and time of the update. |
New | A force reset checkbox has been added next to the login in both the Staff Manager and the Client. |
New |
Added new work form mappings: Seed Data:
Update:
|
Changed | Increased the length of the Symbol field in the EMST and ElecDelAddresses to 40 characters. |
Changed | Increased the ESPBillTo and ESPShipTo fields in the LenderAddresses table to be 500 characters from 255. |
Changed | Increased the WebPassword field length in the LenderAddress table to 255 characters to accommodate the new password hashing customization keys. |
Changed | ReasonForCancellation field length in the Transactions table is now 150 characters. |
Changed | Merged SLUsernameNotInDatabase and SLPasswordIncorrect into SLLoginFailed |
Changed | RequestType check constraint removed from the database. |
Changed | When ConnectionManager retrieves OCLC requests for importing or updating, a subsequent retry attempt will be made if an error occurs to allow for situations where there is a temporary network outage or the OCLC record is locked. |
Docline
Fixed | Lender selection now opens selected Lender for Docline. |
New |
The<#Special.UserDisavowalReason> field is now available to be used as a tag in Email templates. This allows sites to add a custom prefix to the reset link. For example, the RelativePasswordResetLInk will be illiad.dll?Action=10&Form=85&Value=XYZ1234 for the PasswordResetLink http://illiad.library.edu/illiad/illiad.dll?Action=10&Form=85&Value=XYZ1234. |
ILLiad Client
Changed | Undo Shipped is not allowed when there are IFM billing charges associated with the request. |
---|---|
Changed | Removed link to community portal. |
Changed | MarkFound process validation errors will now display to the end user. |
Changed | On the Update Stacks Search Results page, if the OCLC status comes back as anything other than CONSIDERING or CONDITIONS_ACCEPTED, the field will be highlighted yellow and a warning indicator placed for emphasis. |
Changed | Added Customization Key 'CopyZ3950BibInfo' to control the default behavior of the 'Copy Info' button on Z39.50 searches which is now split button. The default will include bibliographic information (Title and Author), while drop down option will only import call number and location. |
Changed | On the Check-In from Lending Library form, if a transaction has no lender string, a search box appears (in place of the radio buttons to select the lender) allowing staff to search for the lender. The search button becomes enabled after something is typed in the text search field. |
Fixed | Client form refresh now refreshes all tabs, not just the selected one. |
Fixed | Cloning a request in the staff client now correctly copies the RequestType. |
Fixed | Fixed a problem where changing the layout of tabbed groups caused an error when they were un-grouped. |
Fixed | Fixed a problem where invalid characters in OCLC request cause an error. |
Fixed | Fixed issue preventing routing rules from being applied when creating new LOCL requests. |
Fixed | Removed unsupported search types from OCLC Statuses page |
Fixed | Fixed MRU Unicode issues that would occur when attempting to edit dropdown values in the client that had Unicode values. Mostly noted when modifying Z39.50 search queries. |
Notifications
Changed | Modified processing of SMS notification timers. |
---|---|
Fixed | Fixed borrowing overdue letter templates with salutation Dear User_LastName User_LastName to say Dear User_FirstName User_LastName |
Fixed | Carriage returns are now stripped out of tag data. |
OCLC
Fixed | Update Received will import Lending info. |
Fixed | OCLC Received updates removed from the ESPUpdate table if the item status is already set to 'Received' or is 'Not Found' |
Web Pages
Changed |
Updated default web pages by wrapping navigation in a <nav> tag for accessibility. |
---|---|
Changed | Allow for renewals/cloning of OTH requests in Lending Web pages. |
Changed | Added alert roles to error status lines for accessibility. |
Changed | DLL will now support multiple cookies. |
Changed | Updated the ChangePassword.html, NewPassword.html, NewUserRegistration.html, LendingChangePassword.html, LendingNewPassword.html, and LendingNewUserRegistration.html default web pages by removing the <#PARAM> tags for any password fields so that data no longer persists when values are incorrect. |
Fixed | Fixed an issue where the DLL would not handle invalid OpenURLFieldValues with invalid tag syntax. ie. "<#rft.btitle" (missing closing bracket) |
Fixed | Fixed the closing brace in the include_head.html page to the proper tag syntax. The <![endif]--0 has been changed to ![endif]--> |
Fixed | Fixed issue of SCountry not working properly on the ChangeUserInformation and NewAuthRegistration pages. |
Fixed | Fixed Unicode issues where Unicode characters and diacritics were not handled properly in Lending Web DLL. |
Fixed | Fixed web display status issues for delivery locations. |
Fixed | Fixed an issue where some Unicode characters are not properly encoded on OpenURL submissions if the user must log in first. |
Fixed | Updated the default ReviewRequestHistory.html page by replacing 'History Requests' with 'Request History'. |
Web Platform
New | Added AllowInsecureWebPlatformRequests customization key to determine if the Web Platform requests require the use of SSL. Note: for Shared Servers, this key can't be set individually per site. |
---|---|
New | Added the ability to create users via the Web Platform API. See Web Platform API for more information. |
Changed | Added the .NET framework httpRuntime element to WebCirc which will determine various runtime parameters. For example, the session will expire after x minutes of inactivity. |
Fixed | Updated to .NET 4.6.2, which also resolves issues that some institutions have experienced when connecting to web servers that have explicitly disabled TLS 1.0. Note: ILLiad supports the recommended protocol TLS 1.2 for .NET 4.6.2. |
ILLiad 9.0 Point Release Notes
10 Dec 2018 (9.0.1) DLL Release
Fixed | Fixed a web validation issue with the debug DLL logs. |
02 February 2019 (9.0.3) System Manager Release
Fixed | Fixed an issue that caused a problem with server addons not working properly after the 9.0.2 Shared Component Release. |
02 March 2019 (9.0.3) Client Release
In support of the ILLiad and DOCLINE 6.1 integration, there have been many changes to the client including the following:
- New Home button available for navigation to main DOCLINE page
- Import from clipboard button is no longer available
- New lending buttons have been added (e.g., Import ALL Requests)
- The Manual Request & Fill (with Fill & Send) are now separate buttons
- Changes to the FieldTranslation.xml file
For more information on the update, please see the ILLiad and DOCLINE 6.1 FAQ and video tutorials.
Changed |
All knowledgebase links have been redirected to new support landing page https://support.atlas-sys.com. |
Changed |
Modified ILLiad to support Docline 6.1 integration. |
Changed |
Loansome Doc has been removed from the client as a result of NLM retiring Loansome Doc on 7/1/2019. |
Changed |
Upon startup, the client will now query for any updates prior to prompting for sign-in credentials. This will prevent the user from not being able to log into another workstation whose client still operates under the previous version. |
Fixed |
Fixed issue for changing passwords on shared server lender addresses. |
Fixed |
Fixed FormSystemInformationEmail so it does not expand beyond the window parameters. |
Fixed |
Fixed VersionClient customization key to match the updated version after a server update. |
11 April 2019 (9.0.1) Server Release
The server update is for sites who wish to change the value of their Odyssey address. For example, if you replace the default IP address value (e.g., 216.x x.xxx.xxx) for the OdysseySystemID key with your DNS value (e.g., yoursitename.hosts.atlas-sys.com). The update will allow you to put the old OdysseySystemID value (e.g., 216.x x.xxx.xxx) in the OdysseySystemIDAlt to ensure you receive any borrowing requests sent prior to the value change.
To update to 9.0.1, please use the ILLiad Server Automatic Updater.
Changed |
Added support for the OdysseySystemIDAlt customization key. |
08 May 2019 (9.0.2) DLL Release
- SymphonyAPICheckProfile
- SymphonyAPIAcceptedProfileTypes
- SLSymphonyAPIInvalidPatronProfile
New | Added support for Symphony authentication policy groups. For details see SymphonyAPI: Authentication Process. |
26 Sept 2019 (9.0.4) System Manager Release
New | Added a check for situations where addons may consume all available SQL connections. If this situation were to occur then the System Manager would shut down to free up those connections. In addition, Atlas service monitors would receive a notification to check the service shutdown and restart the System Manager. Before shutting the System Manager down, the check for available SQL connections will retry to connect 5 times at 30-second intervals. The default ConnectionTestTimerInterval (default 30-seconds) and ConnectionTestRetryAttemps (default 5) can be modified in the ILLiadSystemManager.exe.config file. |
2 September 2020 (9.0.4) Client Release
New |
The ILLiad Client can now automatically update the Docline scripts as new versions become available. The scripts will be installed in the new default location:
C:\ProgramData\ILLiad\Docline\. To enable this functionality, add the
DoclineAutoUpdateEnabled key. To automatically update the
FieldTranslation.xml and LendingFieldTranslation.xml pages when updating the Docline scripts, add the DoclineAutoUpdateFieldTranslations key. For configuration instructions, see Docline Automatic Update.
|
||
---|---|---|---|
Changed |
The following fields from the database have been made as optional fields to add to the Request Details form:
For details on adding these fields to the Client, see The Borrowing Request Form.
|
03 January 2022 (9.0.3) Web DLL Release
A new version of the ILLiad Web DLL (v9.0.3) will be available on Monday, January 3rd, to implement an important security fix.
Update Procedure
To install the latest DLL version, please run the ILLiad Server Updater located at C:\ILLiad\Admin\ILLiadUpdate.
Web DLL Changes (v9.0.3)
Fixed | Fixed a potential security vulnerability found during a web application scan. |
01 March 2022 Server, Client (9.0.5) and SQL Alias Manager (1.3.2) Release
Several ILLiad 9.0 server components and client applications have been updated to address a potential security vulnerability found in their external log4net component. The SQL Alias Manager has also been updated with new functionality in addition to the log4net update.
Note: The ILLiad Server must be updated to the latest version before beginning the ILLiad Client update process to ensure that the Billing Manager and Database Manager work properly after the update.
If you have updated the ILLiad client applications before your server update, you can resolve the issue by manually updating the values of the VersionBillingManager and VersionDatabaseManager customization keys in the ILLiad Customization Manager to 9.0.1.0. However, please note that changing the value of these keys will require all ILLiad users on your server to perform the client application update on their machines.
Update Procedure (These steps must be performed in this order)
- To install the latest ILLiad 9.0 server components, please run the ILLiad Server Updater located at C:\ILLiad\Admin\ILLiadUpdate if self-hosted, or request an update from your hosting provider. Atlas-hosted sites will be contacted by Atlas Support via email regarding their server update.
- Follow the Client Automatic Updater prompts within the ILLiad Client, or download and run the 9.0.5 Client Installer from the ILLiad Downloads page to install the new client applications and SQL Alias Manager.
- Download and run the 9.0.1 Database Manager Installer from the ILLiad Downloads page.
Server Component Updates
The ILLiad Server update includes the following new component versions:
- Database Manager v9.0.1
- Rapid Manager v9.0.1.0
- System Manager v9.0.5.0
- Web Circulation v9.0.1.0
- Web DLL v9.0.4.0
- Web Platform v9.0.2.0
- Web Reports v9.0.1.0
Fixed | Updated the log4net component used in each ILLiad component to the latest secure version (v2.0.14). |
Client Application Updates
Performing the ILLiad Client update process will install the following new application versions:
- Billing Manager v9.0.1
- Electronic Delivery Utility v9.0.1
- ILLiad Client v9.0.5.0
- ILLiad Customization Manager v9.0.4.0
- ILLiad Staff Manager v9.0.4.0
- SQL Alias Manager v1.3.2
Fixed | Updated the log4net component used in each application to the latest secure version (v2.0.14). |