Fixed Issues in 7.1.1 Patch 7

Document created by RSA Information Design and Development Employee on Feb 5, 2020Last modified by RSA Information Design and Development Employee on Aug 27, 2020
Version 5Show Document
  • View in full screen mode

The following issues were fixed in RSA Identity Governance and Lifecycle version 7.1.1 Patch 7.

Access Certification

                       

Issue

Description

SF-1475193

ACM-103400

Review bulk actions were not always persisted for items across all pages when comments were added or when the state of the review items was changed to NONE.

SF-1546412

ACM-103907

The 'Account Name' and 'Name' columns were blank for entitlements displayed under the 'Existing Entitlements for Accounts that will be enabled' table on the change request detail page. The query has been fixed to fetch these column values.

SF-1493778

ACM-103090

A user was incorrectly able to select multiple users from a deletion request, because the table was not properly cleared when navigating back and forth.

Access Requests

                       

Issue

Description

SF-1022256
SF-1462122

ACM-84860

Revoking local entitlements were automatically completed by the system even when the ApplyImmediate tag was set to false. The system now correctly considers the ApplyImmediate tag when processing.

SF-1544032

ACM-103663

Rejection of a change item through approval did not update the review item from which it was generated. Review items are now updated in the cases of change item or request cancellation.

SF-1488440

ACM-103055

When a user logged in with same user ID in multiple windows of the same browser to access the application, a "request could not be handled" message appeared while performing actions on Role and Review pages. This issue has been addressed as part of this ticket. Now users can access multiple browser windows with the same login without any error messages.

Account Management

               

Issue

Description

SF-1457802

ACM-102023

During attribute synchronization, AFX had updated Active Directory with the text from a command parameter mapping instead of the actual value.

ACM Security Model

               

Issue

Description

SF-1427402

ACM-101172

The security scope pop-up did not display "Report Result: Run" or "Report Result: View Report" when there was no result generated for those reports. Now the report name is displayed in the pop-up even if a report result does not yet exist.

AFX

                           

Issue

Description

SF-1134811

ACM-85408

When a change request in an RACF connector used the $ symbol in a value, the $ symbol and everything following it was skipped during execution.

SF-1026617

ACM-80377

The system sent two password available emails for a single change request item, because an email was triggered after change request item completion and again after change request completion.

SF-1441515

ACM-101678

Error management for the Unauthorized (401) error in AFX authentication has been improved.

SF-1445248

ACM-101553

When a single work item out of multiple work items in a change request was not fulfilled by AFX, change requests were kept in the fulfillment phase and their associated workflows were flagged as stalled. The work item was fulfilled only after restarting AFX.

Change Requests and Workflows

                               

Issue

Description

SF-1549340

ACM-103619

The due date for an approval node was previously dependent on the start time of the job.

SF-1399646

ACM-102701

When an approval was rejected, the email incorrectly used the user ID instead of the ID for a dynamic role or group.

SF-1549667

ACM-103680

When a pending account had dependencies in another change request, and the pending account's change request was rejected by the approver, all of the items other than the pending account were rejected, and the pending account was provisioned.

SF-1277727

ACM-98931

Accessing workflows using an HTTP proxy caused the application to continuously load the workflows.

SF-1555836

ACM-103840

The security improvement to remove parameters for architect processes from the URL did not handle the situation in which the default ports 80 and 443 were removed from the browser but the application server provided them to the user interface, which prevented iframe communication from matching.

Collector

                   

Issue

Description

SF-1439321

ACM-100947

The RESTful webservice connector had required a client secret when using OAUTH2 authentication. The client secret is now optional, because it is not required by OAUTH2 protocol.

SF-1346911

ACM-97132

Could not change or update collectors when using a language other than English.

Connector

                               

Issue

Description

SF-1545433

ACM-103479

The REST connector login capability did not use input parameters when generating a session token.

SF-1545433

ACM-103478

The REST connector did not use the Accept header as expected to accept all content types.

SF-1545433

ACM-103475

The REST connector was adding unnecessary, unconfigured HTTP headers to configured capabilities.

SF-1545433

ACM-103473

While creating a REST connector, the application added an extra output parameter pattern after saving the connector.

SF-1545433

ACM-103477

In the AFX DB connector capabilities, the display of input parameter popup for SQL commands has been handled.

Data Collection Processing and Management

                               

Issue

Description

SF-1551032

ACM-103697

After deleting a collector, the entitlement count in the "Total Entitlements" column displayed the same number of entitlements as before the deletion.

SF-1548558

ACM-103575

The role data collector counted extra rejected role membership from all role collector runs.

SF-1537490
SF-1574041
SF-1566464
SF-151295

ACM-103555

Unification did not properly update the Terminated Flag for a user causing Termination Rule to not work properly.

SF-1554999

ACM-103813

When an account was a direct member of both a parent group and one of its sub-groups, a change item to remove the account from the parent group was verified only after removing the account from the sub-group.

SF-1451627

ACM-101993

Indirect relationship processing runs took increasingly longer amounts of time on each subsequent day.

Database Management/Performance

                   

Issue

Description

SF-1581727

ACM-104549

Added additional workflow object auditing to include editing as well as create and delete. Also added auditing for edit, create, and delete workflow forms.

SF-1561165

ACM-104088

When deleting older data runs, large groups of selected jobs are used and connections could exceed the maximum Oracle processes. This has been optimized to handle large groups of data properly.

Metadata Import/Export

                   

Issue

Description

SF-1510215

ACM-102938

Business users had been unable to edit role names and description after import.

SF-1467613

ACM-102474

After importing application metadata, the business and technical owners were not properly updated.

Request Forms

               

Issue

Description

SF-1474124

ACM-102221

When the a form filter contained a variable to resolve in view/edit cases, when there was no valid context to resolve the variables, SQL errors appeared in the logs.

Role Management

                                           

Issue

Description

SF-1539649

ACM-103719

After a user with non-administrator privileges clicked the Remove button to remove a role, the buttons did not refresh to say Removed as expected. This patch ensures that the buttons are correctly refreshed when the Remove button is clicked.

SF-1539762

ACM-103591

Role mining incorrectly considered deleted group membership.

SF-1486823
SF-1503678

ACM-102913
ACM-102552

Automatically generated revocation change requests for a role did not include role entitlements.

SF-1464633

ACM-101822

Users were able to see missing entitlements assigned to a user through a role, even after processing the Role Missing Entitlement Rule, because it was not recalculating required metrics.

SF-1551679
SF-1559555

ACM-103698

Role Set Technical Owner/Other Technical Owner and Business Owner/Other Business Owner were unable to take bulk actions on their roles under Roles > Roles > Actions.

SF-1561439

ACM-104041

Roles that were assigned to removed role sets were unable to be viewed or modified by the role owners, if the roles were moved to other role sets but not committed.

SF-1492099

ACM-102686

A change request to remove a user from several business roles completed but did not remove the user's access.

SF-1380668

ACM-98267

The purging process now includes clean-up of abandoned RoleVersions.

Rules

                                   
IssueDescription

SF-1491818

ACM-103345

In segregation of duty (SoD) rule workflows, the decision node did not correctly transition to the true condition.

ACM-100858

When an entitlement explained by a role was in violation, the remediation action was performed on the entitlement instead of the role. With this patch, remediations on violations of entitlements explained by roles are performed on the role.

SF-1396248

ACM-99164

A change request contained a violation even after the violating entitlement was removed from the role.

SF-1547928

ACM-103574

The Role Missing Entitlement Rule created a change request with duplicate items.

SF-1540199

ACM-103519

An Advance query in the search expression dialog that had the “IN” condition with multiple values resulted in an invalid relational operator error.

ACM-103184

 

A rule incorrectly tried to disable accounts without entitlements that were still pending or had in-progress change requests.

Security

               

Issue

Description

SF-1430739

ACM-101433

When performing a key rollover/re-encryption, the collector or connector passwords were not re-encrypted with the latest keys until the collector or connector was re-saved from the user interface, even when the option to re-encrypt stored data was selected.

Server Core

                       

Issue

Description

SF-1554196

ACM-103947

System status notification events that were not processed before a restart were ignored and the indicator was not shown until the next occurrence.

SF-1453631

ACM-101881

The database SID and server name were logged into the T_ARCHIVE table as part of the archive process by reading the details from Aveksa_System.cfg. The Aveksa_System.cfg file is not available in WebSphere and WebLogic environments, so changes have been made to read the SID and server name directly from the database.

SF-1550424

ACM-103701

The pruning process did not include canceled events.

User Interface

                   

Issue

Description

SF-1540572

ACM-103430

The Activities breadcrumb in My Activities did not work as expected.

SF-1552651

ACM-103727

The table options dialog box displayed a horizontal scroll bar when the text was longer than the dialog width. Longer lines of text are now wrapped to prevent the need for horizontal scrolling.

Web Services

                       

Issue

Description

SF-1543914

ACM-103573

Calling the createChangeRequest web service did not work as expected from workflows.

SF-1440066

ACM-101501

The updateReviewItems web service did not work correctly for a user with multiple accounts.

SF-1546972

ACM-103586

Requests submitted using the createChangeRequest web service did not show violations when failOnViolation was set to false.
You are here
Fixed Issues in 7.1.1 Patch 7

Attachments

    Outcomes