on Jan 5, 2021Access Certification
Issue | Description |
|---|---|
SF-01662679 ACM-36047 | The email template variable "isReviewActionable" is no longer relevant and has been removed. |
SF-01614645 ACM-107257 | Role Reviews with multiple overlapping reviewers had change request generation issues. |
Access Requests
Issue | Description |
|---|---|
SF- 01675690 ACM-108338 | Revoke Request could not be created when notes exceeded 256 characters. |
SF-01682920 ACM-108444 | The custom attributes column order was different than the order of the column in the query. This is also fixed for the Approval > By Entitlements tab. |
SF-01602353 ACM-105510 | Corrected the behavior to consider all the roles involved in a bulk commit of entitlement removals from roles while generating indirect entitlements. |
SF- 01677644 ACM-108394 | Change request creation failed when there was more than one Provisioning Command (Non-Visual) field in a request form. |
ASR
Issue | Description |
|---|---|
SF- 01601909 ACM-106927 | During ASR report generation, if the collector definition had an invalid password setting then a decryption error occurred. |
Authentication
Issue | Description |
|---|---|
SF-01650260 ACM-107456 | After user authentication, the AFX menu is disabled. This occurs intermittently but when it occurs the user must log out and re-authenticate. |
Change Requests and Workflows
Issue | Description |
|---|---|
SF-01648023 ACM-107478 | Entitlement type was set to "Owner" instead of "Account" when a change request was submitted via Web Services. |
SF-01545096 ACM-103489 | Revert Changes option was not working for both add/delete group from role. |
SF-01491959, 01588772 ACM-102859 | Improved Change Request generation time when removing users from roles. |
SF-01667194 ACM-108015 | Apostrophe in role name leads to change request with SQLSyntaxErrorException: ORA-00907: missing right parenthesis. |
SF- 01642989 ACM-107552 | Fixed the Intermittent deletion of SQL Queries under SQL Nodes in a Workflow job. |
SF-01659708 ACM-107801 | Out of Office delegation picked removed members of a Role/Group, if a group/role is assigned for change request approval activity and the deleted member is Out of Office. |
SF-01631460 ACM-106683 | When the Change Request description reached maximum size, if AFX tried to update the description it would repeatedly retry and fail until the size was reduced. AFX handles the description update within the size limit now. |
Collector
Issue | Description |
|---|---|
SF-01654753 ACM-106577 | On initialization of a Generic REST collector connection, the property key for setting and getting the proxy credentials was ignored when it did not match the collector settings. The property keys used to obtain proxy settings are now synced and used during initialization. |
SF-01644300 ACM-107196 | In the Workday collector, when connecting to the Workday instance, the configured proxy settings were overwritten by the latest CXF library. The proxy settings are now retained. |
SF-01626177 ACM-107584 | In the CSV Account Collector, when running a test collection with an empty CSV file, a stack overflow error was not properly handled. |
SF – 01657878 ACM-107746 | ADC & MAADC rejection SQL was optimized for better performance. |
SF-01652432 ACM-108315 | When ADC and EDC collectors did not run according to schedule, they were also not saved correctly after creation . |
SF-01684759 ACM-108608 | AD Collectors failed if certificates were selected in the UI using a DNS server with multiple domain controllers as each time the DNS server may point to a different domain controller with a different certificate. |
SF-01632854, 01653784 | In the Generic REST collector, if the mapped attribute JSONPath did not have a value in the response then it collected the wrong value. |
Connector
Issue | Description |
|---|---|
SF-01603249 ACM-105766 | SSH sessions were sometimes not closed after executing commands in the SSH connector. |
Database Performance
Issue | Description |
|---|---|
SF-01622437 ACM-106386 | SQL queries were tuned by adding indexes to improve performance. |
Dashboard
Issue | Description |
|---|---|
SF-01677703 ACM-108361 | Dashboard fact "System Admin: Admin Errors" showed the incorrect error count. It included deleted admin errors. |
Data Collection Processing and Management
Issue | Description |
|---|---|
SF-01652739 ACM-107645 | Identity and Metadata collectors showed the incorrect "Last Successful Collection Date". |
SF-01594372 ACM-105244 | Improved performance of SQL involved with rendering collector Raw Data tabs. |
SF-01608086 ACM-106939 | Identity Collectors were getting delayed on the change verification step. |
Migration
Issue | Description |
|---|---|
SF-01678013, 01680801, 01688675, 01690672 ACM-108383 | For 7.2.1, rules that involve picking global roles have been updated to use advanced role pickers. With that, the earlier rule definitions had to be migrated to the new format. Migration however failed when there were special characters in the role names. |
SF-01637876 ACM-106895 | Migration took six hours to complete on ACM-102938.sql. |
Request Forms
Issue | Description |
|---|---|
SF-01634298, 01628151 ACM-106830 | A null pointer exception observed while using multiple Provisioning Commands (Non-Visual) is now handled. |
SF-01677733 ACM-108438 | Translation was missing for Request form title |
SF-01679524 ACM-108388 | Request form 'Next' button was grayed out when a display script was generated for non-visual entitlement tables. |
Role Management
Issue | Description |
|---|---|
SF-01655486 ACM-107898 | Role import was not using application references to resolve the group entitlements of a role. Groups with similar names in multiple business sources were being confused when importing roles if a similar group was added as role entitlement. |
SF-01360547 ACM-97875 | Suggested Members Functionality showed multiple rows. |
SF-01692039 ACM-108637 | UINC/UOOC Rules were activated if there were actions on membership rules. Otherwise, they were deactivated. |
SF-01612330 ACM-107369 | Business and Technical Roles did not display as part of 'Suggested' or 'Optional' entitlements on the Activity UI. |
Rule Management
Issue | Description |
|---|---|
SF-01645216 ACM-107485 | The "Business Owner" is replaced with "Business Unit Business Owner" for Rule remediation node in workflow. The "Assigned Remediators" column is showing the respective remediator name on Violation Details dialog for all Rules pages. |
SF-01684679 ACM-108489 | A User Access Rule detected violations for deleted group members if the group was part of the entitlement condition. |
SF-01675465 ACM-108266 | Termination Rule ignored the disabled roles and the entitlements underneath the role while revoking access from the terminated users. |
Security
Issue | Description |
|---|---|
SF-01672626 ACM-108229 | In SecurityContext.csv, “Change Request,Subordinates..” has been removed to improve performance of request page loading. Supervisors can now view their subordinates' request details through the UI. |
SF-01690410 ACM-108599 | To address the vulnerability CVE-2020-13935, the tomcat version was upgraded from apache-tomcat-7.0.104 to apache-tomcat-7.0.106. |
SF-01680949 ACM-108430 | 'Basic Constraint' extension of aveksa_ca cert was not flagged as critical, making the certificate non-complaint with the RFC-5280 standard. The IHS Plugin for Websphere 8.5.5.7 and later rejected IG&L requests due to strict enforcement of RFC-5280 standard on certificates. |