The following issues were fixed in RSA Identity Governance and Lifecycle version 7.1 Patch 2.
A null pointer exception occurred when a reviewer opened the review using the email link, performed an action, then saved.
Revoking a user during a fine-grained role review resulted in a long delay before the status bar was updated.
Application coverage statistics showed incorrect values by not including roles and groups.
Triggering the Escalation Workflow of Review Reassign sent two emails to the user.
After performing bulk maintain actions on general category items, the user interface did not indicate that any action was in process. This caused the user to attempt to perform the action multiple times, even though it was already in progress.
The new reviewer interface included access for terminated users in the low-risk category by default.
Change requests could be skipped by the processing workflow.
If the names of created or pending accounts were changed during fulfillment, duplicate accounts formed for returning users with deleted accounts.
When SOAP AFX connector had an external dependency, it failed to load WSDL over SSL or with basic authentication.
The AFX connector accepted and tested a password, but then failed to use it if the password was saved with "<" in the character string.
SF-1055876 SF-1123340 SF-1130377
The Database Driver field for the SQLServer connector template did not appear after migration.
Two or more users with the same name and different user IDs could not be added to a business unit's Other Business Owner field.
Accessing an approval URL when logged in through SSO caused a NullPointerException error.
The Forgot Password feature did not work after a change in the user locale by the browser language settings.
Change Requests and Workflows
SF-929278 SF-1042033 SF-1063111
The Provisioning Command node did not save attribute values correctly when commas were used.
Imported workflows could not send email after an upgrade because of email body errors and Send Email node errors.
Approval or Fulfillment nodes sometimes skipped when retrying after a concurrency error did not update the job with new node and sub-process data.
The workflow reference ID appeared for a subprocess instead of the workflow name when "Only show workflows similar to the current workflow" was checked.
The provisioning node mapping misaligned nodes when mapping a hardcoded value to a parameter value with a comma.
AFX Requests with the "Entitlements Require Account" setting enabled would stall in the "Waiting for Dependencies" state.
Change requests with Joiner rules could experience a deadlock error caused by a Workpoint bug when the workflow is under a heavy load.
When a Workpoint license check failed due to a connection issue, the user was required to restart the system or reload the license.
The workflow business calendar did not consider holiday hours when assigning due dates to workflow actions.
Referrals were not ignored when "Ignore Referral" was checked in the connection settings.
When an IDC collected the accountExpires date attribute from an Active Directory source, the time value varied on every collection based on the time zone.
The Generic Database template with db2 type selected resulted in an error.
The Active Directory AFX Connector could not set the PASSWD_CANT_CHANGE Active Directory attribute.
A custom user link in a dashboard appended "&width=null&height=null" to the URL, which caused some external pages to not load properly.
Data Collection Processing and Management
A sub-group to group membership was rejected because the name of the group had a space at the end that was not consistently trimmed at the source and when collected.
Calculated totals for applications did not include group memberships as entitlements.
Role collectors aborted runs for groups that were role entitlements because of a case-insensitive search.
The DAG collector queries took many hours longer than expected to complete.
Collected subgroups from an LDAP were resolved as accounts instead of as groups.
The Application Metadata Collector updated some non-application business source objects, such as role sets, in error.
User type attributes did not consistently appear for a unified user after a unification.
The database slowed, reported multiple errors, and then used up all resources when conducting bulk reviews on thousands of items.
Escalation emails were not updating the value used by the runtime to send with proper priority.
A Review Reminder email configured for 24-hour intervals generated at 12-hour intervals instead.
Security access request approval email links did not work.
A supported database version could not be confirmed during migration.
The generateLoginKey.sh script reported a missing command error when used.
Metadata sometimes exported with random, duplicated objects on subsequent attempts after the first export.
Out-of-the-box Application Business Source attributes returned null values when called through variables in request forms.
The text area field was not validated for the maximum character limit if the related question had an apostrophe.
Drop-down, Multi-Select and Number fields did not populate if the avform attribute selectors were used as the default value.
The Drop Down Select control type for request forms was not disabled as intended if Enable conditions were set.
The "Allow Multiple Selections" setting did not work correctly in a User Account Table field in a form.
Custom dropdowns did not retain selections with web service fields.
A request form did not handle user details containing "\" properly for user pickers and the provisioning command.
A request form did not show the correct entry when an apostrophe is present in the value of a variable.
The selected value for a radio button appeared as ??? when passed to other form controls through the avform variable.
Request forms allowed users to move to the next page before all the form fields had finished loading.
Child entitlements of pre-selected entitlements did not load in an entitlement table form control.
Multiple account resolution prompts for every entitlement change created as account changes could lead to excessive prompts.
The Request Hierarchy Children entitlement selector allowed selected entitlements to exceed the actual total.
The error "Unable to find RoleSet ID" appeared in logs while creating a role collector with the raw name and alt name roleset attributes as different entries.
The user interface did not display a role in a role set due to a query error.
A condition for access containing IN for a rules definition could not be re-edited for attributes with case-insensitive "name" in the label.
After migration, violations appeared with the wrong state.
A truncated file size limit error was displayed for the attachments control type when using Internet Explorer.
The Owner attribute did not appear in the table options of the What Access tab under Resources.
Pressing Enter on the Forgot Password screen canceled the process.
The date in the European format of DD/MM/YYYY did not properly appear for the English (UK) locale.
SF-904694 SF-873589 SF-1156305
Benign errors appeared when a web service authenticated the AveksaAdmin user when no Aveksa system authentication source was defined for AveksaAdmin.