Release Notes: IBM Aspera Orchestrator 4.1.0
Release Notes Updated: March 10, 2026
This release of IBM Aspera Orchestrator 4.1.3 provides fixes, enhancements, and other changes listed below. In particular, the Breaking Changes section provides important information about modifications to the product that may require you to adjust your workflow, configuration, or usage. Additional sections cover system requirements and known problems.
4.1.3
Orchestrator#4376 - API authentication methods have changed for this release. For more information, refer to the API authentication guide section.
Orchestrator#4519 - A new set of plugins has been included as part of the release, for an updated list of supported plugins see the Supported plugins section.
Orchestrator#4448 - Updated the UI to make it clearer when selecting between Push and Pull for the Git configuration.
Orchestrator#4394 - Changes from a Git push are now trackable using the workflow's revision history.
Orchestrator#4351 - The workflow page is now paginated with 25 records per page by default.
Orchestrator#4271 - A new Clear Password button has been included in the plugin templates.
Orchestrator#4527 - Plugin search filters now accept spaces between words.
Orchestrator#4521 - New folders or workflows created within a folder are created in the workflow root instead of the selected location.
Orchestrator#4508 - The reset
password confirmation code is shown as invalid when it contains a "+"
symbol.
Orchestrator#4477 - Uppercase characters in the Execute Code block are converted to lowercase after saving or updating the step.
Orchestrator#4462 - Users are not able to edit a resource pool when its name includes characters from the Chinese standard (GB18030).
Orchestrator#4425 - Inline Journals portlet buttons (filter, expand, view by package) do not function as expected.
Orchestrator#4414 - Plugin icons that have been modified in the src/actions folder after performing an upgrade are not shown in the UI.
Orchestrator#4406 - When publishing a workflow with a "+" symbol in the
Map inputs tab, the "+" symbol becomes a space.
Orchestrator#4396 - Workstep pre-processing and post-processing settings are not saved after publishing a workflow.
Orchestrator#4384 - The Git push and pull options are now shown when searching for workflows.
Orchestrator#4342 - A persistent warning message is shown in the workflows page when trying to pull workflows from Bitbucket. This does not affect functionality and you can successfully perform the pull.
Orchestrator#4340 - When exporting and then reimporting a workflow with dependencies on a sub-workflow, you receive a server 500 error during the workflow constraint step.
Orchestrator#4510 - Improved request parameter validation to enhance application security
Orchestrator#4051 - Security improvement related to secure handling of sensitive request data.
Orchestrator#4049 - Security improvement related to HTTP request validation and header handling. For more information refer to the Fixing host header injection vulnerability in Nginx section.
Orchestrator#4437 - In Email Notifications,
entering <%=var%> in the message template is automatically changed to
<%=filename%> when the template is updated.
Orchestrator#4434 -
The Amazon SQS trigger plugin now supports multi-threaded batch polling for SQS
message retrieval to improve throughput and overcome single-request message
limits.
Orchestrator#4382 - Plugins that already have a refresh button should reload the template immediately.
Orchestrator#4380 - The CustomRuby and
CustomPython plugins now support Bitbucket.
Orchestrator#4377 - In SOAP Requests, when using a local WSDL file instead of a remote URI, the service selection dropdown displays an error and does not retrieve the list of services.
Orchestrator#4339 - If you
upgrade Orchestrator from version 4.0.1 to 4.1.0 or 4.1.1 and then to version 4.1.2, you will
receive a migration error when enabling the Timecode Manager plugin. You can ignore
the message since the actual plugin will be properly enabled despite the
error.
Orchestrator#4277 - The Node API Transfer Plugin exits early on
server-triggered retry instead of waiting for the Node API retry cycle.
Orchestrator#3490 -
When editing any action template for the ZencoderTranscoding plugin, any values
entered in preset parameters need to also be entered in the Map
inputs tab to successfully save the step.
4.1.2
Fixed issues
Orchestrator#4332 - When importing an exported workflow with remote node dependencies a 500 server error is shown.
Orchestrator#4273 - When deleting a step from the Workflow designer view, the deleted step template remains visible in the Change action template page.
Orchestrator#4241 - When configuring a workflow with an input parameter of type
password an error appears when selecting the Launch icon in
the workflows page.
Orchestrator#4209 - Users are not able to map inputs for duplicated action templates.
Orchestrator#4203 - When using a runtime input parameter the API Initiate a
workorder endpoint fails and shows an error.
Orchestrator#4194 - Upgrading from Orchestrator version 4.1.0 to 4.1.1 shows an error when using
an external database since the database.yml file is being overwritten while running
the rpm command.
Orchestrator#4159 - Sessions are not automatically cleared even after reaching the designated expiration date and time.
Orchestrator#4140 - When using BitBucket to push or pull workflows, selecting
the Update option triggers the Configuration updated, but unable to
reach hostname: bitbucket.org error.
DatabaseQuery and DatabaseTrigger
plugins include options for executing SQL queries on external databases (MySQL, Oracle, and other
ODBC-compatible systems). Due to current compatibility issues, Oracle and ODBC-compatible databases
are not supported in Orchestrator 4.1.0 and 4.1.1.Other changes
Orchestrator#4292 - A new set of plugins has been included as part of the release.
Orchestrator#4272 - Re-added the button to edit outputs in a workstep in the work order details pane.
- Mandatory fields are now clearly indicated with a red asterisk.
- Special characters are no longer allowed in usernames; you can still use email addresses for login.
- Password and confirmation fields now dynamically indicate whether the values match, without requiring the user to save.
- The Save and Update buttons remain disabled until all mandatory fields are completed.
Orchestrator#1278 - Added a new UI field within the SAML configuration screen to specify the return host directly in the UI. You will no longer need to manually edit configuration files or restart the server.
Orchestrator#4344 - The Git integration documentation section has been updated for this release.
4.1.1
Orchestrator#4023 - Added support for Red Hat and Rocky Linux 10.
Orchestrator#3991 - You can now import monitors that were originally created in 4.0.1 into version 4.1.1 and later.
Orchestrator#3961 - Removed the links to download PDF files from the help page. A link to the live Orchestrator documentation is still available.
Fixed issues
Orchestrator#4142 - Changes made in the Configuration page were not always reflected in the database.
Orchestrator#4103 - The Mailer configuration does not work when authentication is set to open and the SMTP username field is left empty.
Orchestrator#4070 - Attempting to create a test case from the Workflow Actions > Select an action template > Test Template > New Test Case (this path will take you to the page where all existing test cases are listed, if there are none it will open a modal for you to create one) results in an error. You can still successfully create test cases from the workflow actions page.
Orchestrator#4043 - The first link in the Password reset confirmation email does not redirect you to the password reset page.
Orchestrator#4028 - When high-performance polling is enabled on the Configurations page, work orders with Keep on-going enabled remain in progress and do not trigger new work orders.
Orchestrator#3977 - The Queue Management portlet shows an error when a queue has more than 10 items.
Orchestrator#3976 - Users are not able to view tasks from the notification section.
Orchestrator#3219 - When two dashboards have the same name it is not possible to navigate correctly between them.
Orchestrator#4057 - Hardened execution-related components.
Orchestrator#4050 - Improved input-handling protections in multiple workflows.
Orchestrator#4048 - Enhanced safeguards around email-related operations.
Orchestrator#4047 - Strengthened account-management security flows.
4.1.0
New features
Orchestrator#2141 - Developed a new script to upgrade workflow YAML files from version 4.0.1 to be compatible with Orchestrator 4.1.0. This resolves issues caused by changes in Ruby and Rails introduced in Orchestrator 4.1.0, which made the previous YAML formats incompatible.
Orchestrator#1178 - Added the Look-up Editor portlet to view and edit tables created by the
SimpleParameterLookup plugin.
Orchestrator#327 - Administrators with access to terminal can now remove users from the administrator group.
Orchestrator#240 - Git for Workflow synchronization is now supported.
Breaking changes
- MySQL 8: Must be installed and configured before proceeding with the Orchestrator installation or upgrade.
- Ruby: For more information, refer to the instructions to install Ruby. It is important to highlight that you must update any custom Ruby code to make sure that it is compatible with Ruby 3.4.x.
- Nginx and Apache: Review the installation and configuration instructions provided in the documentation, as well as the sample Nginx configuration files for both single-node and high-availability (HA) installations.
Orchestrator#3952 - Orchestrator now enforces the use of unique email addresses for all new users. That means, if you create a new user with an already used email address the process will fail. Make sure to use a unique email address before performing an upgrade.
Orchestrator#3298 - Starting with Orchestrator 4.1.0, you have to store all SSH keys that
Orchestrator uses under /home/aspweb (you can place them directly in
/home/aspweb or inside any other directory in that same location). This will
ensure that the aspweb user has permissions to perform file operations as
needed.
name and description methods are
replaced by:after_initialize :set_portlet_name_and_desc
before_save :set_portlet_name_and_desc
def set_portlet_name_and_desc
self.name = "PORTLET_NAME"
self.description = "PORTLET_DESCRIPTION"
end- The version method has been removed; versioning is now handled via a metadata.yml file.
- All
AbInitio::VARIABLEreferences are now replaced withOrchConfig.variable_name (lowercase). - Use the
portlet_action_pathhelper for calls to theportlet_actionendpoint. debug_trace(e)is replaced withRails.logger.info e.full_message.- The
errorfunction is replaced withRails.logger.error. - Deprecated
Ajax.Updatercalls must be replaced withajaxUpdate. - A script to assist in updating legacy portlet files is now available at: ./script/update_portlet.rb. This script is bundled with Orchestrator.
Orchestrator#2169 - Removed the option to define a new principal.
Orchestrator#1853 - The help page and the API routes have received several changes, including the authentication method (now using bearer token) to improve security with this release.
Orchestrator#1847 - When upgrading to IBM Aspera Orchestrator 4.1.0, all your existing plugins will be updated to their latest versions. If there are no newer supported versions, contact support for assistance.
Orchestrator#1834 - The orchestrator.yml file is no longer part of the
application in 4.1.0.
Orchestrator#1509 - All routes have been updated to use REST-style parameter methods for
identifying resources and parameters, instead of embedding parameters directly in the URL. For
example, work_steps/:id/cancel is now
work_steps/cancel?id=WORKSTEP_ID. The only exception is the standard Rails CRUD
routes, which continue to embed the resource ID in the URL by default (for example,
work_steps/:id/edit).
Orchestrator#1238 - The Capsule manager menu has been removed from the Engines view sidebar.
Other changes
Orchestrator#3932 - The queue insertion logic prioritizes items based on their priority values (in ascending order). An item is inserted into the queue in a way that no higher-priority item (lower numerical value) appears below it (for example, a priority value of 1 has a higher priority than 100). After insertion, items can still be manually rearranged within the queue; however, priority values are no longer considered when reordering items after insertion.
Orchestrator#3864 - If you're upgrading from 4.0.1 to 4.1.0 you cannot reset
work orders that were created before the upgrade. To launch a new working work order,
relaunch these work orders instead.
Orchestrator#3654 - Plugins that are currently in beta will not be enabled on the plugins page.
create_userdelete_queued_item
ensure_mongrel_markedensure_mongrel_unmarkedfilter_expression
Orchestrator#3077 - Clicking on a SubWorkflow work step shows the plugin's configurations, aligning behavior to match other plugins. To see the plugins' sub-workflow, go to the Subworkflows table in the Configurations page.
Orchestrator#2898 - The mount manager feature has been removed.
Orchestrator#2430 - The PluginInstall class has been renamed to
Plugin.
Orchestrator#2419 - Removed the Monitors > All Monitors page from the dashboard route.
Orchestrator#2402 - The health_check/dashboard and
health_check/refresh routes have been removed.
Orchestrator#2255 - The orch_web_root has been removed from the
remote_nodes table.
Orchestrator#2246 - Virtual Catcher has been removed from the application.
Orchestrator#2099 - You can install external JavaScript files in the
/opt/aspera/var/config/orchestrator/custom_js directory. This will preserve these
custom files even if you uninstall Orchestrator.
Orchestrator#2095 - Replaced orchestrator.yml's web_root
variable with Rails.configuration.web_root.
Orchestrator#2286 - Monitors now point to the portable_id column instead of the
name to associate with workflows.
allow_blank_passwordaspera_dircommand_line_historydb_binenable_ssh_timeoutengine_hostengine_instancefast_startflask_server_portinstall_config_filelog_filelog_levellog_retention_daysmax_log_size_mbmongrel_action_timeoutmongrel_max_daemonsmongrel_max_serveorchestrator_dirpassword_field_definition_regexrails_log_levelrelease_version_fileschtroumpf_enabledstrick_api_validationuse_new_designeruse_robocopyweb_rootwhitelist_enabled- The
mongrel_starting_portvariable is nowport. - The
ascmd_default_timeoutvariable is nowascmd_timeout.
Orchestrator#1973 - All credentials are now encoded with a unique salt, instead of a single global secret.
Orchestrator#1834 - Orchestrator settings are now global to all orchestrator nodes that share the same database, as a user this guarantees the same behavioral experience across all orchestrator nodes in HA.
Orchestrator#1444 - Removed access to the net use managers feature.
Orchestrator#1211 - Removed BasicLogger to preserve application stability.
Orchestrator#858 - All startup and stopping scripts in the scripts directory have been removed.
Orchestrator#815 - Added max_supported_server_version,
min_supported_server_version, and is_beta to all plugins'
metadata.yaml files.
Orchestrator#759 - Replaced the name "slaves" with "workers".
Orchestrator#485 - Improvements to the way the Work Order page is displayed in the Dashboard.
Orchestrator#210 - Git integration now supports repositories hosted on any platform, not just github.com.
Orchestrator#202 - An error message is now shown when attempting to update the value of a configuration parameter with a string that contains too many characters.
- The edit modals for
FolderandNodemonitors save when pressing enter. - The
New QueueandEdit Queuemodals save when pressing enter. - The
Deletemodals delete instead of closing when pressing enter.
When stopping workers from the UI, the workers are no longer restarted. However, when killing workers from the UI, they are restarted regardless of whether the process manager is enabled or disabled.
If you have workflows using the AsperaSharesManagement plugin, you need to save
those workflows and launch them again in 4.1.0.
If Orchestrator is running behind a firewall, you must allowlist the rubygems.org domain to enable access to required Ruby gems.
You may need to save certain workflows again after upgrading if version 4.1.0 includes updated plugins that introduce new fields not present before the upgrade.
Fixed issues
Connection to Active Directory failed: Active Directory has been disabled. Adjust your settings, click on Enable Directory Service, and save again to retest.
Orchestrator#1965 - Administrators are able to deactivate other administrator accounts.
Orchestrator#1849 - Automatic-refreshing of data on orchestrator pages is paused when the window is minimized.
Orchestrator#1167 - After applying patch level 3, resources disappear and it is not possible to create or edit them.
Orchestrator#1131 - Security enhancement related to user authentication.
Orchestrator#1112 - If you are declaring custom attributes for a node and change from a password connection to a key connection, after saving these changes all custom attributes are lost.
Orchestrator#663 - Autoscale workers can help take on work orders when all other work orders are busy.
Orchestrator#954 - Security improvement to address certain vulnerable libraries.
Orchestrator#951 - Issues with importing a workflow to Orchestrator using the API.
Orchestrator#282 - Fixed the import_plugin endpoint.
Orchestrator#257 - Orchestrator allows to start a Work order even if the workflow is not published.
Orchestrator#203 - The default logon_timeout value has been updated to 3600
seconds.
Orchestrator#166 - Issues with Orchestrator and Git integration.
Documentation updates
Included a new section for Zero-downtime patching in a High-Availability cluster.
Added a new section for the Git integration.
Included a new section for Migrating to a supported OS.
Known issues and limitations
Orchestrator#4568 - When reopening the filter options in the Inline
Journals page. The From and To fields show
the default dd/mm/yyyy values instead.
If you import a node monitor from one instance (for example, instance 1) that monitors a specific node into another instance (for example, instance 2), and the corresponding node does not exist in the target instance, polling the node monitor results in an error.
Exporting a monitor from previous Orchestrator versions into 4.1.0 is not currently supported.
Orchestrator#3939 - Issues may occur when storing input string variables that contain a colon
(:). For example, if a user enters a string such as IP:Port in the
Map Inputs tab, after saving and reopening the step, the string may appear as
IP"Port". However, the input variable will still display the correct value in the
launched work order details. Workaround: Pass these input strings as parameters and then map
the input variable to those parameters.
Orchestrator#3905 - In an high availability (HA) setup configured with an external load balancer, when workers across multiple nodes are running work orders, the load balancer can only detect workers from a single node instead of recognizing all active node workers.
Orchestrator#3880 - If you encounter the "Execution Error in workstep 6 preparation for
activation: undefined method 'timeout' for nil" error while processing a work order, go to
Engine > Processes and "kill" all workers (they will restart
automatically). After doing this, work orders will work as expected.
rpm -Uvh ibm-aspera-orchestrator-*.rpm --replacefiles Orchestrator#157 - Capsules are loaded during the Orchestrator server startup, but updates made after startup are not reloaded automatically into Puma. In contrast, engine and worker processes continuously reload updated capsule files as part of their normal operation.
Supported plugins
The following table contains all supported plugins for the current version release of Orchestrator.
| AmazonS3Operation | DatabaseQuery | MassParameterSetter |
| ArrayFanout | DatabaseTrigger | Md5Checksum |
| AscpClient | DependencyChecker | MediaInfo |
| AsperaCentralWatcher | DolbyOperation | MergePoint |
| AsperaFilesPackageDelivery | ElementalMediaConvert | MongodbOperation |
| AsperaFilesPackageWatcher | ElementalTranscoding | QueueStager |
| AsperaNodeApi | EmailNotification | RemoteExecution |
| AsperaNodeApiTransferMonitor | ExitStatus | RemoteFileOperation |
| AsperaNodeApiTransferOperation | FaspControl | ResourceManager |
| AsperaNodeFileWatcher | Faspex5Delivery | RestRequest |
| AsperaNodeSearch | Faspex5FileProcessing | ScpTransfer |
| AsperaOnCloudManagement | Faspex5InboxWatcher | SftpTransfer |
| AsperaOtfv | Faspex5PackageMonitor | SftpTrigger |
| AsperaSharesManagement | FaspTransfer | SharesTransferSetup |
| AsyncRemoteExecution | FfmpgTranscoding | SimpleParameterLookup |
| AtemeTranscoding | FileArchivingOperation | SonyCi |
| CatdvRestRequest | FileGenerator | SonyCiFileWatcher |
| CollectionManager | FileJournalLogEntry | SpreadsheetParser |
| ConsoleNotification | Filter | SubWorkflow |
| ConsoleSmartTransferOperation | FtpTransfer | UserInput |
| ConvertPath | FtpTrigger | VantageTranscoding |
| CorbaOperation | Funnelin | WorkflowLauncher |
| CurlOperation | ItunesTransporter | WorkOrderMetaData |
| CustomProgressNotifier | LocalFileOperation | XmlParsing |
| CustomPython | LocalFileWatcher | ZencoderTranscoding |
| CustomRuby | LoadBalancer | AMQPMessage |
| CustomTrigger | LoadManager | FileInfo |
| PasswordGenerator | InfluxDBOperation | RemoteFolderWatcher |
| AMQPTrigger | ArchiveManager | SOAPRequest |
| FXPTransfer | LocalFolderWatcher | BatonFileVerification |
| ScheduleTrigger | SharedStateOperation | SoftLayerAPI |
| VidcheckerVerification | UUIDGenerator | SymantecPGP |
| AzureServiceBusOperation | AzureServiceBusTrigger | ADIParser |
| SOAPRequestListener | EmailInboxWatcher | FLICSTranscoding |
| LocalExecution | ADI3Parser | RegexMatcher |
| AmazonSQSTrigger | FederatedWorkflow | LocalFilePermission |
| RSSFeedReader | TimecodeManager | FrameIOOperation |
| SlackNotification | XSLTTransformation | RemoteFileWatcher |
| WebDAVOperation | AmazonSQSOperation | FacebookUploadOperation |
| FTPFolderTrigger | SnapshotPlugin | HttpTransfer |
| InputManipulation | UserLookup | XsdValidation |
| HelloWorld | AmazonSnsOperation | OrchestratorAlertEntry |
| WatchFileMovement | ClamavCheck | AmazonDynamoDbOperation |
| AmazonGlacierOperation | IbmMqIntergration | WatsonSpeechToText |
| WatsonTextToSpeech | RobocopyOperation | FfprobeInfo |
| FaspStream | FtpsTransfer | KafkaStream |
| IbmMqMftTransfer |
System requirements
Operating systems
Linux 64-bit
| OS | Version |
|---|---|
| RHEL | 8.x and 9.x. RHEL 10 is only supported for Orchestrator version 4.1.1 and later |
| Rocky | 8.x and 9.x. Rocky 10 is only supported for Orchestrator version 4.1.1 and later |
Database
| Database | Version |
|---|---|
| MySQL | 8.4.2 |
Web server
| Web server | Version |
|---|---|
| Nginx | 1.9.14 and later |
Runtime environments
| Runtime environment | Version |
|---|---|
| Ruby | 3.4.x |
| Node.js | Latest LTS version |
Browsers
| Browser | Version |
|---|---|
| Firefox | 57-105 |
| Chrome | 64-106 |
Product support
For online support, go to the IBM Aspera Support site at https://www.ibm.com/mysupport/. To open a support case, log in with your IBMid or set up a new IBMid account.