Fixed Issues in 7.1 Patch 3

Document created by RSA Information Design and Development Employee on Aug 14, 2019Last modified by RSA Information Design and Development Employee on Nov 21, 2019
Version 5Show Document
  • View in full screen mode

The following issues were fixed in RSA Identity Governance and Lifecycle version 7.1 Patch 3.

Access Certification

                                       

Issue

Description

SF-1083271
SF-1176983

ACM-83163

After uploading a coverage file to delegate a sign-off to another user, duplicate Entitlements appeared in a User Access Review.

SF-1144992

ACM-85868

An on-hold role review that was closed without changes incorrectly marked a role as "changed".

SF-924608

ACM-72958

Group review results for monitors incorrectly displayed the member count for all groups as zero.

SF-1184310

ACM-88254

After performing bulk maintain actions on general category items, the user interface did not indicate that any action was in process. This caused the user to attempt to perform the action multiple times, even though it was already in progress.

SF-1195963

ACM-88680

A reviewer without required privileges could download the full list of users and attributes from any User Picker pop-up.

SF-1202327

ACM-89970

Large-scale reviews used all available memory and crashed the server with OutOfMemory errors.

SF-1202327

ACM-88929

Out of Memory errors occurred during large reviews.

Access Requests

                           

Issue

Description

SF-1049128

ACM-79721

A change in property types, caused by change requests for accounts that generated revocation change requests for users, led to incomplete information for revocation that failed on fulfillment errors.

SF-1122086

ACM-84828

An automatically generated revocation request would fail when using a directory for an account.

SF-1189389
SF-1189398
SF-1189510
SF-1189404

ACM-88467
ACM-88468
ACM-88485
ACM-88477

The system did not generate change requests from violation remediation actions for revoked accounts when simultaneously revoking and giving exceptional access for multiple accounts that belonged to the same app role.

SF-1223556

ACM-90304

When reverting a pending account, an Oracle error “ORA-19279” prevented successful completion of the action. Also, restarting RSA Identity Governance and Lifecycle while some change requests were not finalized could result in the same Oracle error “ORA-19279” and prevent server initialization that resulted in users not being able to log in.

Account Management

                   

Issue

Description

SF-1143132

ACM-85968

A pending account cancelled in the fulfillment phase still created an account if the name matched to a previously deleted account.

SF-1085269

ACM-83004

An account template for role and rule changes could be improperly mapped to a request form through a workaround.

AFX

                       

Issue

Description

SF-1102654
SF-1131206
SF-1183455
SF-1193888

ACM-85871

AFX enters "not running" status and connectors enters "stopped" status due to locks on the t_av_afx_server_agent table.

SF-1194056

ACM-88781

The maximum length of the JDBC URL field was too short for AFX connectors.

SF-1064046
SF-1120246

ACM-84535

The Oracle Directory Server connector failed to create an account when the userPassword attribute was required for account creation.

Aveksa Statistics Report

               

Issue

Description

SF-1165448
SF-1170461

ACM-86990
ACM-90517

The ASR did not pull data for Web Application Machine Information.

Change Requests and Workflows

                               

Issue

Description

SF-1043713
SF-1148983

ACM-79531

Workflow variables containing multiple rows of data displayed with the comma delimiters.

SF-1192752

ACM-88582

Change request variables did not appear when fulfillment workflow edits updated the wrong variable.

SF-889452

ACM-71049

The default AFX manual fulfillment subprocess did not have a job state node to cancel change items, which caused change items in a canceled fulfillment to be stuck in "pending verification" status.

SF-981459

ACM-75938

Accounts and entitlements added through the "Complete Manual Activity Before Collection" feature would not appear in the user interface when referenced outside of the Users page.

SF-1058844

ACM-83640

The Show Job Level Variables checkbox did not appear for Escalation workflows.

Collector

               

Issue

Description

SF-1164164
SF-1172536

ACM-86975

Multi-app collectors slowed down when older data was not removed as expected and instead accumulated with each run.

Connector

                   

Issue

Description

SF-1162980

ACM-87472

Active Directory attribute synchronization was unsuccessful in some environments when the account attribute values were set to null.

SF-1059478

ACM-80536

The SAP connector did not support the USERTYP account attribute.

Data Collection Processing and Management

                           

Issue

Description

SF-1166339

ACM-88505

After the ADC ran, the Foreign Security Principal (FSP) membership changes in Active Directory did not update in RSA Identity Governance and Lifecycle.

SF-1165478

ACM-87066

Unification sometimes terminated users and duplicated them into new User IDs.

SF-981459

ACM-75980

Accounts and entitlements added through the "Complete Manual Activity Before Collection" feature were not reconciled or removed after running collection.

SF-1176684

ACM-87842

Performance issues occurred for indirect relationship processing when processing deleted role relationships.

Database Management/Performance

                   

Issue

Description

SF-1150006

ACM-86789

The GATHER_DATABASE_STATISTICS task failed on a buffer overflow error.

SF-1164598

ACM-88699

Illegal TXN State errors were reported in the user interface after applying a patch.

Installer

               
IssueDescription

SF-1182857

ACM-88297

Schema patching errors occurred when upgrading a WebSphere installation.

Provisioning

               

Issue

Description

SF-1192284

ACM-88777

The Workflow ValidReplyAnswers macro did not populate and list URLs in a consistent order.

Reports

               

Issue

Description

SF-949068

ACM-76876

Reports exported into the CSV or XLS format occasionally did not retain any data.

Request Forms

                                       

Issue

Description

SF-1168573

ACM-87946

The password generator URI field did not resolve form variables.

SF-1151669

ACM-86387

A warning message on change requests needed clarification.

SF-1184989
SF-1179125

ACM-88383
ACM-88439

After changing the value of an avform variable, related form controls with display conditions did not update.

SF-887157
SF-957895
SF-1002780

ACM-70736

User filters with avform.user variables added to the Compare Users field of the Provisioning form removed all users instead.

SF-960379

ACM-74603

Form text fields with a long entry did not show the complete text in request or approval screens.

SF-1210320

ACM-89468

When Multiple Account Resolution is set to “per business source” and the request form adds entitlements from multiple applications that are tied to the same underlying directory, account prompts appear for each application instead of once for the directory.

SF-1188323

ACM-88507

When the User Selection screen for an Access Request form has a grouping that contains more than 100,000 users, the following error occurred when expanding and collapsing the grouping: “Error - java.land.IndexOutOfBoundsException: Index: 100000, Size: 100000”.

Role Management

                       

Issue

Description

SF-1067111

ACM-66489

When a change request removed a child technical role from a parent business role, it also erroneously removed group entitlements that were shared from a different child technical role with common entitlements.

SF-1113010

ACM-84589

The displayed number of suggestions and violations did not correctly update collection when membership rules changed for a role and the role moved to the pending state.

SF-1089845

ACM-85357

The Role analytics table for missing required entitlements incorrectly showed technical roles as global roles.

Rules

               
IssueDescription

SF-1139602

ACM-85892

After modifying a collector, a UCD rule detected changes that had already been validated following a previous detection.

Security

               

Issue

Description

SF-940772
SF-1174388

ACM-73739

Users could access pages in RSA Identity Governance and Lifecycle without required privileges.

User Interface

                   

Issue

Description

SF-1065497

ACM-81449

An invalid identifier error in request forms appeared when using the Other type for owners in a business source filter.

SF-1152397

ACM-86298

Clicking the Back button in the web browser did not load the previous page.

Attachments

    Outcomes