SecurID^® Governance & Lifecycle

Article Number 000067939 Applies To This is a known issue in the following versions when using Oracle 19c as the datastore: RSA Governance & Lifecycle 7.2.1 RSA Governance & Lifecycle 7.5.0 SecurID Governance & Lifecycle 7.5.2 Issue The Users page under the Users menu is slow to load. The following query shows in the AWR report as being executed for a very large number of times: gnf27z7h9fvd1 SELECT MAX(LAST_NAME || ', ' || FIRST_NAME) FROM T_MASTER_ENTERPRISE_USERS WHERE ID = :B1   Cause The query mentioned above is part of an internal function used as a virtual column in many internal tables.  This internal function performs poorly in Oracle 19c. Resolution This issue is resolved in the following versions: RSA Governance & Lifecycle 7.5.0 P08 SecurID Governance & Lifecycle 7.5.2 P04 ... View more

Article Number 000067937 Applies To RSA Identity Governance & Lifecycle 7.5.0 and older versions SecurID Governance & Lifecycle 7.5.2 Issue SecurID Governance & Lifecycle version 7.5.2 was released in November 2021.  Upgrading from earlier versions of SecurID Governance & Lifecycle (or RSA Identity Governance & Lifecycle), such as 7.5.0, 7.2.1, 7.2.0 etc., to the version 7.5.2 provides access to new features and capabilities, updated technology components, and fixes for known bugs and security vulnerabilities. The purpose of this RSA Knowledgebase Article is to describe the guidelines and resources, including known issues/remediation, to help plan a successful upgrade from older versions to SecurID Governance & Lifecycle 7.5.2. Note: The original GA build of SecurID Governance & Lifecycle 7.5.2 was replaced in June 2022 with SecurID Governance & Lifecycle 7.5.2 P03 full installer. Refer to the following product advisory for more details: Urgent SecurID Governance and Lifecycle Product Advisory – Request Activities Task Information Missing after Migration Resolution When planning to upgrade your SecurID Governance & Lifecycle deployment to the latest version, it may be a good opportunity to review your Identity Governance and Administration (IGA) business requirements and consider updating approaches to meet those requirements based on the new features and capabilities introduced in the latest version of the product.  Listed below are some guidelines and resources to help you plan a successful upgrade to SecurID Governance & Lifecycle 7.5.2. IMPORTANT:   Ensure that a full backup of your existing SecurID Governance & Lifecycle deployment has been taken and verified before proceeding with the upgrade.   Product Documentation for Upgrades: The primary reference for upgrading SecurID Governance & Lifecycle is the Upgrade and Migration Guide. Additional product guides may be referenced for detailed steps depending on the deployment scenarios. SecurID Governance & Lifecycle 7.5.2 Upgrade and Migration Guide All product documentation for SecurID Governance & Lifecycle   Recommended Practices for Upgrades: The following Recommended Practices document provides guidance on the various upgrade options and choices/decisions to be made during the upgrade planning: RSA Identity Governance and Lifecycle - Upgrade and Migration Recommended Practices (v7.1x, v7.2x) Note:  Although the above document references an older version, the concepts/approaches in general also apply to SecurID Governance & Lifecyle 7.5.2.   Known Issues: The following known issues require workarounds/remediation prior to and/or immediately after the migration part of the upgrade process:   DESCRIPTION REMEDIATION A new installation or an upgrade of software bundle deployment, using a remote database, to 7.5.2 P03 fails with error:  Could not find necessary package adoptjdk_8u292b10.tar.gz Refer to the KB article 000067960 for a workaround. BSAFE crypto libraries embedded in the SecurID Governance & Lifecycle product were updated which require IBM WebSphere Application Server based deployments to use IBM JDK 1.8.0_281 or later. IBM JDK version must be 1.8.0_281 or later when SecurID Governance & Lifecyle 7.5.2 P03 is deployed on IBM WebSphere Application Server.  Refer to the SecurID Governance & Lifecycle 7.5.2 P03 release notes for more details. When upgrading from a previous version to SecurID Governance & Lifecycle 7.5.2, manual steps may be required to create a new AVCSUSER schema in the database. Refer to the SecurID Governance & Lifecycle 7.5.2 Upgrade and Migration Guide for steps on creating the new AVCSUSER schema in the database.  The AVCSUSER schema is required for a new feature SQL Utility introduced in version 7.5.2. ACM-102799.sql script stalls for a very long time during migration when WP_USER_DATA table contains very large number of rows Refer to the KB article 000067872.  Contact RSA Customer Support for assistance (reference: ACM-114260). ACM-108053.sql script stalls for a very long time during migration when WP_USER_DATA table contains very large number of rows (e.g., 100M) Contact RSA Customer Support to engage Engineering team for a workaround specific to your environment (reference: ACM-111896). ACM-97300.sql script stall for a very long time during migration Contact RSA Customer Support to engage Engineering team for a workaround specific to your environment (reference: ACM-113948). ACM-86871.sql script stalls for a very long time during migration when T_AV_APPLICATION_LOG table contains very large number of rows (e.g., 50M) Contact RSA Customer Support to engage Engineering team for a workaround (reference: ACM-111395, ACM-113756).   ... View more

Article Number 000067960 Applies To SecurID Governance & Lifecycle 7.5.2 P03 (Full Installer) on WildFly Issue A new installation of, or an upgrade from a previous version to, SecurID Governance & Lifecycle 7.5.2 P03 (Full Installer) with a Remote Database option fails due to a missing requirement. The installation script fails to continue and reports the below error in aveksa-install.log, and a retry of the installation fails again with the same error: Running test : checkInstallPackagesPreReqs testing for requirement : wildfly-24.0.1.Final.tar.gz testing for requirement : adoptjdk_8u292b10.tar.gz Test failed Running test : checkEtcHosts Test passed Running test : checkFqdnHasDomainFormat Test passed Running test : checkMinDiskSizes Test passed Running test : checkEntitlementPrereqs passwd oracle Test passed Running test : checkEntitlementPrereqs group oinstall Test passed Running test : checkEntitlementPrereqs group dba Test passed Running test : checkUserNotInGroup oracle root Test passed Running test : checkUMASK 0022 Test passed Running test : checkDNSResolution Test passed Running test : checkShmMount Test passed Running test : checkAFXPermissions oracle '/home/oracle/AFX/' Test passed Running test : checkIntelCPUBug Test passed ------------------------------------------------------------- Pre-Requisites Test(s) failed with the following message(s) : Could not find necessary package adoptjdk_8u292b10.tar.gz in /tmp/aveksa/packages ------------------------------------------------------------- Quitting installation due to system does not meet requirements RSA Identity Governance and Lifecycle is not running Cause The package adoptjdk_8u292b10.tar.gz is not a part of the installation packages for SecurID Governance & Lifecycle 7.5.2 P03 Full Installer (which replaced the original GA version). SecurID Governance & Lifecycle 7.5.2 P03 ships with an updated package adoptjdk_8u312b07.tar.gz. This is a known issue in the SecurID Governance & Lifecycle 7.5.2 P03 Full Installer installation file with the name: acmpackages64.txt.  This file contains a wrong JDK package file name. Workaround Assuming the SecurID Governance & Lifecycle installation packages are located in the path /tmp/aveksa/, follow the below steps: Edit this file: /tmp/aveksa/staging/deploy/acmpackages64.txt Remove adoptjdk_8u292b10.tar.gz  and then add adoptjdk_8u312b07.tar.gz in acmpackages64.txt, the final correct version of the file contents should be similar to the following:  wildfly-24.0.1.Final.tar.gz adoptjdk_8u312b07.tar.gz Retry the installation (or upgrade) ... View more

Summary SecurID Governance & Lifecycle announces the availability of Patch 4 for SecurID Governance & Lifecycle 7.5.2. This release contains numerous fixes and improvements. See the SecurID Governance & Lifecycle 7.5.2 Patch 4 Release Notes for information about the contents of the patch. SecurID strongly recommends that customers upgrade to this latest version for the most recent updates, fixes supportability, and capabilities. Obtaining Software and Documentation: The Release Notes and other product documentation are accessible under the SecurID Governance & Lifecycle Documentation Page, by selecting the corresponding product version. You can access the RSA Identity Governance and Lifecycle software through the  SecurID Governance & Lifecycle Downloads Page , and select the corresponding product version. On this Downloads page, select “Full Product Downloads” to be presented with a list of products that you are entitled based on the RSA products you have purchased. Select the appropriate license link to access the available RSA Identity Governance and Lifecycle software downloads. Please contact RSA Customer Support if any licenses for products you have purchased are missing from the list. If you have any questions about how to access the software downloads or what software files you need to upgrade your environment, please reference the " How do I find the SecurID Governance and Lifecycle software files that I need?"  document on RSA Link. For additional documentation, downloads, and more resources, visit the main  SecuID Governance & Lifecycle  space on RSA Link. Additional Resources Video:  Identity Governance: Do you know who has access to what? KuppingerCole Report: Leadership Compass – Identity Governance & Administration 2021 For additional information about both the SecurID Governance & Lifecycle On-Premises and Cloud offerings, please contact your SecurID account team.   ... View more