Fixed Issues in 7.1 Patch 5

Document created by RSA Information Design and Development on Aug 14, 2019Last modified by RSA Information Design and Development on Nov 21, 2019
Version 5Show Document
  • View in full screen mode

The following issues were fixed in RSA Identity Governance and Lifecycle version 7.1 Patch 5.

Access Certification

                                           

Issue

Description

SF-1157646

ACM-86823

Reviews erroneously generated sign off reminder emails when reviewers were not allowed to sign off for themselves.

SF-1176460

ACM-87929

A reassigned review configured to allow a delegated user to sign off did not enable a delegate to sign off as intended.

SF-1173057

ACM-88464

Account reviews that generated change requests explicitly by owner did not properly create revoke item change requests if application business owners and directory technical owners were granted monitor access.
ACM-88164A fine-grained role review for bulk revokes of role memberships with large user counts performed slower than expected.
ACM-92706A bulk revoke action during a fine-grained role review on a role's user member or entitlement that was already revoked caused an error.

SF-1178009

ACM-90758

A reviewer listed in the Escalations Tab could not be found by the search tool.

SF-1172039

ACM-87438

Some reviewer escalation workflows were not triggered and the review history did not update if the review became active by an escalation workflow.

SF-1176983

ACM-88167

The Radio button text "Review items are signed off" on the configuration page of a User access review definition appeared when the sign-off option was not actually available.

Access Requests

                           

Issue

Description

SF-1156659

ACM-86562

The Entitlement View did not filter correctly as instructed by "Initial set of entitlements to show" when triggered by a request button.

SF-1189546

ACM-92989

An added submission field did not appear in Additional Information while creating a Change Request for an application with groups.

SF-1286545

ACM-93599

A "Remove account to group" change request from a webservice did not set the affected users in the request information.

SF-1193655

ACM-89679

If a user closes the browser or navigates away from the page using any function other than the cancel or back buttons, entries for pending accounts are left in T_AV_ACCOUNTS.

Account Management

               

Issue

Description

SF-892981
SF-1103183

ACM-71073

The Who Has Access tab did not display any users.

Admin Errors

                       

Issue

Description

SF-1223251

ACM-90384

A Notification rule that used Identity Unification as an error source did not send an email to the specified users as expected.

SF-1265089

ACM-92855

The Account Load Data error was not listed for available types in the properties of a Create Admin Error workflow node.

SF-1205426

ACM-90188

Email failures did not appear in the notification tray to alert the admin.

Authentication

               

Issue

Description

SF-1215963

ACM-90219

The Active Directory objectGUID and objectSID were not properly supported attributes from authentication sources for either account or identity data collection.

Aveksa Statistics Report

               

Issue

Description

SF-1138522

ACM-85418

Decision Node settings changed automatically in the Out of Office workflow when any other node was changed and saved.

Change Requests and Workflows

                                                                       

Issue

Description

SF-1173926

ACM-88384

Custom workflows could not be deleted.

SF-1158316
SF-1204062

ACM-90489
ACM-90603

Workflow variable names showed unexpected format changes after an upgrade.

SF-1204867

ACM-89649

When editing existing exceptional access, the user interface limited the business justification to 500 characters while it allowed 4000 characters for new entries.

SF-1258377

ACM-92069

After applying a patch, Workflow SQL nodes periodically failed with null pointer exceptions.

SF-1222578

ACM-90665

The variable value ${access_request_cri_app_cas2} did not successfully populate after a patch was applied.

SF-1230171

ACM-90666

On restart, a Change Request with only form fulfillment created a workflow that skipped all its form fulfillment nodes.

SF-1277646

ACM-93113

Parallel Phase Nodes duplicated workflow and fulfillment jobs because of concurrency errors.

SF-1277724

ACM-92992
ACM-92993

The REST Node POST request body mandated XML code that was not required.

SF-1161187

ACM-90147

An Errors link in the run history of a Custom Task job summary table did not show the logged errors when clicked.

SF-1266678

ACM-93462

The "Assign to" list incorrectly showed as an option for Resource Selection.

SF-1294015

ACM-94309

The Jobs tab in Admin > Workflow showed a UI error when evaluating errors with over 4000 characters.

SF-1304407

ACM-94532

A subprocess node condition applied to nodes without following configured settings.

SF-1297357

ACM-94126

The Group by Category approvals were skipped in Joiner workflows.

SF-1181059

ACM-88351

The Show Job Level Variables setting in request workflows overwrote the same setting in approval and fulfillment workflows.

SF-1293969

ACM-94160

The AFX create account action failed when a change request with multiple “Create Account” items for multiple applications and for a single user has one of the “Create Account” items rejected.

Collector

               

Issue

Description

SF-1305102

ACM-94653

CSV database processing could not handle column header values nested in double quotation marks.

Connector

               

Issue

Description

SF-1214862

ACM-89813

The ServiceNow AFX Connector lacked command output parameter settings for the "Check Ticket Status" and "Check Request Status" capabilities.

Data Collection Processing and Management

                                       

Issue

Description

SF-831492

ACM-89647

Duplicate users appeared in the data when a deleted user from an earlier version was recreated with the exact same settings.

SF-1224169

ACM-91121

Collection added duplicate Aveksa access entitlements to the account and user.

SF-1228554

ACM-90663

A data table stored historical configuration information in clear text.

SF-1201069

ACM-89785

Duplicates created in the T_SCHEDULED_TASKS table prevented unification from completing.

SF-1231311

ACM-91584

Unification removed user account mapping when one of many resolution attributes was changed.

SF-1236885

ACM-91586

An ADC User Resolution with more than 3 attributes from the same source left an account unmapped and without an ORPHANED_DATE value.

SF-1242815

ACM-91761

The Last Reviewed Date OOTB attribute erroneously showed as an available collector mapping attribute in the UI.

Database Management/Performance

                           

Issue

Description

SF-1224207

ACM-90323

A Data purge job that ran through the backend repeatedly failed to complete the custom task purge.

SF-1201744

ACM-89849

Performance issues occurred when revoking entitlements from a role during a fine-grained role review.

SF-1074740

ACM-85409

An error occurred after a CLOB was converted into a varchar in the CHANGE_REQUEST_VARIABLE view.

SF-1203774

ACM-88976

Performance issues occurred when editing roles.

Email

                   
IssueDescription

SF-1191611
SF-1240924

ACM-88807

Some Approval Email replies did not show the correct reference numbers for a request and showed <AV-MsgRef-REF> instead.

SF-1056837
SF-1155367

ACM-80572

A requestor still received approval emails despite being on the Exclude list.

Installer

               
IssueDescription

SF-1205479

ACM-89296

The Database-Only installation did not check for sufficient disk space to complete installation.

Password Management

               

Issue

Description

SF-1196317

ACM-88868

The special character "<" was trimmed from the password field if it followed a number in the character string.

Reports

                                               

Issue

Description

SF-1219878

ACM-90510
ACM-90511

The T_AV_AFX_LOG_MESSAGE and T_EMAIL_LOG tables lacked a public view of their data.

SF-1271093

ACM-92667

Scheduled reports in XLS-format could not be opened after migration.

SF-1258049

ACM-92226

After an upgrade, reports using the PV_USER_ALL_ACCESS view failed with an error if the report had custom value integer attributes.

SF-782401

ACM-63770

After applying a style template to a report or report template, the Apply Style Template to Report screen did not indicate the currently applied style.

SF-1219878

ACM-90512

The tables T_AV_AFX_REQUEST & T_AV_AFX_REQUEST_HISTORY did not contain public views.

SF-1158510

ACM-88913

The OOTB report using the template "Changes in User Global Roles by Date Range" could become stuck due to excessive query executions.

SF-1284789
SF-1291139

ACM-93688

CSV Column headers were duplicated when exported as an attachment in an email from a scheduled report generation.

SF-1130030

ACM-88494

A Report with a non-standard column defined with TO_DATE/TO_TIMESTAMP functions in a select statement could fail to extract the date and showed the "jasperreports.engine.JRRuntimeException" error instead.

SF-968478

ACM-76164

When a form was designed with an application name that did not match the business source raw name, the account filter did not work correctly.

Request Forms

                                           

Issue

Description

 

SF-1194256

ACM-88878

The Display and Enabled conditions for an entitlement table did not work as expected. 

SF-1239355

ACM-91122

The conditions to display or enable an entitlement table form control could not be properly verified in the form. 

SF-912473
SF-957890

ACM-72112

The request form did not properly validate a direct request for entitlements that were already granted indirectly through a role. 

SF-1263329

ACM-92257

A request form associated with a business source could not be edited because of an error.  

SF-1212317

ACM-90015

Email sent with an External URL link that contains the externalURL and title parameters caused "request could not be handled" errors. 

SF-1212748

ACM-91669

The entitlement table with display conditions did not appear when the dynamic variable value changed.  

Role Management

                   

Issue

Description

SF-1166227

ACM-87106

On the Analytics tab, the Out of constraint user table disappeared and the UI locked up and displayed incorrectly when a user was removed from the table.

SF-882193

ACM-70716

When creating roles using the Discover Roles functionality, the suggested entitlements do not match the suggested entitlements condition.

Rules

                           
IssueDescription

SF-1180940

ACM-88634

A Termination Rule with the 'or' condition for a Delete Accounts action did not create the expected change requests to revoke entitlements.

SF-1080104
SF-642932

ACM-52576

The termination rule created a duplicate request that could not be completed when a user was terminated and then deleted.

SF-1000621
SF-1041352
SF-1100872

ACM-77042

Scheduled rules ran multiple times when the rule name or type had been changed.

SF-1262986

ACM-92256

The User Access Rule only worked when applied to a single user.

Security

                       

Issue

Description

SF-1213459

ACM-90322

The patch includes an updated version of JDK 8, which addresses some known security vulnerabilities.

Note:  Follow the instructions in Install a Patch to update the JDK.

SF-1223436

ACM-91372

Users granted the "View All" role could not see group and role members in the What Access tab.

SF-1022650

ACM-78259

Applied properties to enhance security for an internal communications port used by a mule agent.

Server Core

               

Issue

Description

SF-1128205
SF-1144286
SF-1159804

ACM-84894

Heavy change request activity increased the ADC processing time for longer than expected.

User Interface

                                   

Issue

Description

SF-1158799

ACM-86788

The Accounts table in the Directories Resource Accounts Tab showed a "Backup Supervisor" column in Table Options that is never populated in an accounts table.

SF-1072223
SF-1080714

ACM-83584

Multiple clicks on a form could select one item multiple times to create duplicate selections.

SF-969882

ACM-75372

The notification button opened a blank window with a disabled Complete button if no tasks were available to the user.
ACM-92994Proxy protocol changes in a Rest Node could not be saved.

SF-1176345

ACM-88381

The node filter in System > Logs could not show any logs in a WebLogic environment.

SF-1042710

ACM-79980

The log page in Admin > Email did not show results correctly when sorted by Processing Result.

Web Services

                       
IssueDescription

SF-1253334

ACM-92041

Duplicate group names on a multi app collector could cause the webservice call that created a change request to choose the wrong group.

SF-983571
SF-1223579

ACM-76016

The User Attribute Change webservice reported a "User Not Found" error when the User ID was on record.

SF-1264262

ACM-92518

The documentation for the processRule Web Service did not state that a token was mandatory.

Attachments

    Outcomes