SecurID^® Governance & Lifecycle

Summary RSA announces the availability of Patch 13 for RSA Identity Governance & Lifecycle 7.2.1. This release contains numerous fixes and improvements. See the RSA Identity Governance & Lifecycle 7.2.1 Patch 13 Release Notes for information about the contents of the patch. Recommendation: RSA strongly recommends that customers upgrade to this latest update. Please note that all patches are cumulative. Obtaining Software and Documentation: The Release Notes are available in the RSA Identity Governance & Lifecycle 7.2.1 documentation area. You can access the RSA Identity Governance and Lifecycle 7.2.1 Patch 13 software in the RSA Identity Governance & Lifecycle 7.2.1 Downloads area on RSA Community. In the Download area, click Full Product Downloads to open myRSA and to view a list of your purchased products. Select the appropriate license link to access the RSA Identity Governance and Lifecycle software downloads. Contact RSA Customer Support if any licenses for products you have purchased are missing from the list. EOPS Policy: RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details. ... View more

Article Number 000068023 Applies To SecurID Governance & Lifecycle 7.5.2 P03, P04 RSA Identity Governance & Lifecycle 7.5.0 P07, P08 RSA Identity Governance & Lifecycle 7.2.1 P10, P11, P12 Issue Change requests fail to be created from different sources as Reviews, Rules, and Roles with an error similar to the following showing in aveksaServer.log: 07/17/2022 21:52:35.097 ERROR (CR-Creation-8) [com.aveksa.server.core.concurrent.ConcurrentUtils] Task encountered an error. com.aveksa.server.core.AdminServiceException: java.lang.NullPointerException at com.aveksa.server.core.cr.ChangeRequestCreationHandler.createChangeRequest(ChangeRequestCreationHandler.java:327) at com.aveksa.server.core.cr.ChangeRequestCreationHandler.createChangeRequests(ChangeRequestCreationHandler.java:223) at com.aveksa.server.core.cr.ChangeRequestCreationHandler.createChangeRequests(ChangeRequestCreationHandler.java:107) at com.aveksa.server.core.cr.concurrent.CRCreationTask.call(CRCreationTask.java:39) at com.aveksa.server.core.cr.concurrent.CRCreationTask.call(CRCreationTask.java:19) at java.util.concurrent.FutureTask.run(FutureTask.java:277) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1160) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) at java.lang.Thread.run(Thread.java:820) Caused by: java.lang.NullPointerException at com.aveksa.server.core.cr.UserToAccountBasedCriTranslator.convertToAccountBasedRemoveChangeItem(UserToAccountBasedCriTranslator.java:310) at com.aveksa.server.core.cr.UserToAccountBasedCriTranslator.convertToAccountBasedChangeItems(UserToAccountBasedCriTranslator.java:576) at com.aveksa.server.core.cr.ChangeRequestCreationHandler.createChangeRequest(ChangeRequestCreationHandler.java:292) ... 8 more   Resolution This issue is resolved in the following versions/patches: SecurID Governance & Lifecycle 7.5.2 P05 RSA Identity Governance & Lifecycle 7.5.0 P09 RSA Identity Governance & Lifecycle 7.2.1 P13 Workaround If you are unable to apply the fix version/patch, the following workaround can be used: In the GUI, navigate to Admin > System > Settings > click Edit, and add the following Custom parameter and save the changes: Parameter Value UseAccountCacheInCRGeneration False Remove the custom setting from the system after upgrading to one of the fixed versions. ... View more

Article Number 000068050 Applies To SecurID Governance & Lifecycle 7.5.2 RSA Identity Governance & Lifecycle 7.5.0 RSA Identity Governance & Lifecycle  7.2.x Issue Log artifact generation fails with the following error on the UI > Admin > Diagnostics > Log Artifact: Image description The following error is being logged in the aveksaServer.log: 05/30/2022 09:53:09.232 ERROR (LogArtifactJob) [com.aveksa.gui.pages.admin.downloadLogs.LogArtifactJob] Error while executing log artifact job, java.io.IOException: No such file or directory The log artifact generation log stop at Telemetry Logs, as seen in the log file  /home/oracle/CollectedLogs/LogArtifactSummary.log: Informational messages reported during this run: Gathering ACM Logs (Start: 8/1/22 10:33 AM) Gathering ACM Logs (Stop: 8/1/22 10:33 AM) Gathering Aveksa Server Logs (Start: 8/1/22 10:33 AM) Gathering Aveksa Server Logs (Stop: 8/1/22 10:33 AM) Gathering AFX Logs (Start: 8/1/22 10:33 AM) Gathering AFX Logs (Stop: 8/1/22 10:33 AM) Gathering Migration Logs (Start: 8/1/22 10:33 AM) Gathering Migration Logs (Stop: 8/1/22 10:33 AM) Gathering Patch Logs (Start: 8/1/22 10:33 AM) Gathering Patch Logs (Stop: 8/1/22 10:33 AM) Gathering Oracle Logs (Start: 8/1/22 10:33 AM) Gathering Oracle Logs (Stop: 8/1/22 10:33 AM) Gathering ASR Report (Start: 8/1/22 10:33 AM) Gathering ASR Report (Stop: 8/1/22 10:34 AM) Gathering Telemetry Logs (Start: 8/1/22 10:34 AM) Cause Customer Name value contains a slash ( "/" ) which is being interpreted as a directory when generating the log artifact.   Resolution This issue is resolved in the following version/patch: SecurID Governance & Lifecycle 7.5.2 P06 Workaround Edit the Customer Name and remove the forward slash "/": Go to the UI > Admin > System > Settings, Click Edit Scroll to the Environment section, and edit Customer Name value to remove the forward slash "/" Image description Click OK to save the change ... View more

Article Number 000068051 Applies To SecurID Governance & Lifecycle 7.5.2 RSA Identity Governance & Lifecyle 7.5.0 Issue When trying to add entitlement in the Entitlements tab during creating/editing the role, it takes a lot of time to load the entitlements into the GUI. Image description And the following query shows as long-running with a large number of executions in the AWR. SQLID Query dyzx6jjcmp62y WITH ROLE_VERS (ROLE_TYPEID, ROLE_ID, ROLEVERSION_ID, ROOT_TYPEID) AS ( SELECT 'P'||ROLEVERSION_ID ROLE_TYPEID, ROLE_ID, ROLEVERSION_ID, 'P'||ROLEVERSION_ID ROOT_TYPEID FROM T_AV_ROLEVERSIONS WHERE ROLEVERSION_ID = :B1 UNION ALL SELECT 'C'||D.ENT_ID, D.ENT_ID, TO_NUMBER(NULL) ROLEVERSION_ID, R.ROOT_TYPEID FROM ROLE_VERS R JOIN T_AV_ROLEVERDEFINITIONS D ON D.ROLEVERSION_ID = R.ROLEVERSION_ID WHERE D.ENT_TYPE = 'global-role' ), ROLES (ROLE_TYPEID, ROLE_ID, ROLEVERSION_ID, ROOT_TYPEID) AS ( SELECT ROLE_TYPEID, ROLE_ID, ROLEVERSION_ID, ROOT_TYPEID FROM ROLE_VERS UNION ALL SELECT 'C'||D.ENT_ID, D.ENT_ID, TO_NUMBER(NULL) ROLEVERSION_ID, R.ROOT_TYPEID FROM ROLES R JOIN T_AV_ROLEDEFINITIONS D ON D.ROLE_ID = R.ROLE_ID WHERE R.ROLEVERSION_ID IS NULL AND D.DELETION_DATE IS NULL AND D.ENT_TYPE = 'global-role' ) SELECT ROLE_TYPEID_TYPE(ROLE_TYPEID , ROLE_ID, ROLEVERSION_ID, ROOT_TYPEID) FROM (SELECT DISTINCT ROLE_ID, ROLEVERSION_ID, ROOT_TYPEID, ROLE_TYPEID FROM ROLES) Resolution This issue is resolved in the following versions/patches: SecurID Governance & Lifecycle 7.5.2 P05 RSA Identity Governance & Lifecycle 7.5.0 P09 ... View more