This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
SecurID® Governance & Lifecycle Product Documentation
Browse the official SecurID Governance & Lifecycle product documentation for helpful tutorials, step-by-step instructions, and other valuable resources.
- RSA Community
- :
- Products
- :
- RSA Governance & Lifecycle
- :
- Documentation
- :
- Product Documentation
- :
- Fixed Issues in 7.1.1 Patch 7
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
-
Options
- Subscribe to RSS Feed
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Fixed Issues in 7.1.1 Patch 7
Fixed Issues in 7.1.1 Patch 7
The following issues were fixed in RSA Identity Governance and Lifecycle version 7.1.1 Patch 7.
Access Certification
| Issue | Description |
|---|---|
| SF-1475193 ACM-103400 | Review bulk actions were not always persisted for items across all pages when comments were added or when the state of the review items was changed to NONE. |
| SF-1546412 ACM-103907 | The 'Account Name' and 'Name' columns were blank for entitlements displayed under the 'Existing Entitlements for Accounts that will be enabled' table on the change request detail page. The query has been fixed to fetch these column values. |
| SF-1493778 ACM-103090 | A user was incorrectly able to select multiple users from a deletion request, because the table was not properly cleared when navigating back and forth. |
Access Requests
| Issue | Description |
|---|---|
| SF-1022256 ACM-84860 | Revoking local entitlements were automatically completed by the system even when the ApplyImmediate tag was set to false. The system now correctly considers the ApplyImmediate tag when processing. |
| SF-1544032 ACM-103663 | Rejection of a change item through approval did not update the review item from which it was generated. Review items are now updated in the cases of change item or request cancellation. |
| SF-1488440 ACM-103055 | When a user logged in with same user ID in multiple windows of the same browser to access the application, a "request could not be handled" message appeared while performing actions on Role and Review pages. This issue has been addressed as part of this ticket. Now users can access multiple browser windows with the same login without any error messages. |
Account Management
| Issue | Description |
|---|---|
| SF-1457802 ACM-102023 | During attribute synchronization, AFX had updated Active Directory with the text from a command parameter mapping instead of the actual value. |
ACM Security Model
| Issue | Description |
|---|---|
| SF-1427402 ACM-101172 | The security scope pop-up did not display "Report Result: Run" or "Report Result: View Report" when there was no result generated for those reports. Now the report name is displayed in the pop-up even if a report result does not yet exist. |
AFX
| Issue | Description |
|---|---|
| SF-1134811 ACM-85408 | When a change request in an RACF connector used the $ symbol in a value, the $ symbol and everything following it was skipped during execution. |
| SF-1026617 ACM-80377 | The system sent two password available emails for a single change request item, because an email was triggered after change request item completion and again after change request completion. |
| SF-1441515 ACM-101678 | Error management for the Unauthorized (401) error in AFX authentication has been improved. |
| SF-1445248 ACM-101553 | When a single work item out of multiple work items in a change request was not fulfilled by AFX, change requests were kept in the fulfillment phase and their associated workflows were flagged as stalled. The work item was fulfilled only after restarting AFX. |
Change Requests and Workflows
| Issue | Description |
|---|---|
| SF-1549340 ACM-103619 | The due date for an approval node was previously dependent on the start time of the job. |
| SF-1399646 ACM-102701 | When an approval was rejected, the email incorrectly used the user ID instead of the ID for a dynamic role or group. |
| SF-1549667 ACM-103680 | When a pending account had dependencies in another change request, and the pending account's change request was rejected by the approver, all of the items other than the pending account were rejected, and the pending account was provisioned. |
| SF-1277727 ACM-98931 | Accessing workflows using an HTTP proxy caused the application to continuously load the workflows. |
| SF-1555836 ACM-103840 | The security improvement to remove parameters for architect processes from the URL did not handle the situation in which the default ports 80 and 443 were removed from the browser but the application server provided them to the user interface, which prevented iframe communication from matching. |
Collector
| Issue | Description |
|---|---|
| SF-1439321 ACM-100947 | The RESTful webservice connector had required a client secret when using OAUTH2 authentication. The client secret is now optional, because it is not required by OAUTH2 protocol. |
| SF-1346911 ACM-97132 | Could not change or update collectors when using a language other than English. |
Connector
| Issue | Description |
|---|---|
| SF-1545433 ACM-103479 | The REST connector login capability did not use input parameters when generating a session token. |
| SF-1545433 ACM-103478 | The REST connector did not use the Accept header as expected to accept all content types. |
| SF-1545433 ACM-103475 | The REST connector was adding unnecessary, unconfigured HTTP headers to configured capabilities. |
| SF-1545433 ACM-103473 | While creating a REST connector, the application added an extra output parameter pattern after saving the connector. |
| SF-1545433 ACM-103477 | In the AFX DB connector capabilities, the display of input parameter popup for SQL commands has been handled. |
Data Collection Processing and Management
| Issue | Description |
|---|---|
| SF-1551032 ACM-103697 | After deleting a collector, the entitlement count in the "Total Entitlements" column displayed the same number of entitlements as before the deletion. |
| SF-1548558 ACM-103575 | The role data collector counted extra rejected role membership from all role collector runs. |
| SF-1537490 ACM-103555 | Unification did not properly update the Terminated Flag for a user causing Termination Rule to not work properly. |
| SF-1554999 ACM-103813 | When an account was a direct member of both a parent group and one of its sub-groups, a change item to remove the account from the parent group was verified only after removing the account from the sub-group. |
| SF-1451627 ACM-101993 | Indirect relationship processing runs took increasingly longer amounts of time on each subsequent day. |
Database Management/Performance
| Issue | Description |
|---|---|
| SF-1581727 ACM-104549 | Added additional workflow object auditing to include editing as well as create and delete. Also added auditing for edit, create, and delete workflow forms. |
| SF-1561165 ACM-104088 | When deleting older data runs, large groups of selected jobs are used and connections could exceed the maximum Oracle processes. This has been optimized to handle large groups of data properly. |
Metadata Import/Export
| Issue | Description |
|---|---|
| SF-1510215 ACM-102938 | Business users had been unable to edit role names and description after import. |
| SF-1467613 ACM-102474 | After importing application metadata, the business and technical owners were not properly updated. |
Request Forms
| Issue | Description |
|---|---|
| SF-1474124 ACM-102221 | When the a form filter contained a variable to resolve in view/edit cases, when there was no valid context to resolve the variables, SQL errors appeared in the logs. |
Role Management
| Issue | Description |
|---|---|
| SF-1539649 ACM-103719 | After a user with non-administrator privileges clicked the Remove button to remove a role, the buttons did not refresh to say Removed as expected. This patch ensures that the buttons are correctly refreshed when the Remove button is clicked. |
| SF-1539762 ACM-103591 | Role mining incorrectly considered deleted group membership. |
| SF-1486823 ACM-102913 | Automatically generated revocation change requests for a role did not include role entitlements. |
| SF-1464633 ACM-101822 | Users were able to see missing entitlements assigned to a user through a role, even after processing the Role Missing Entitlement Rule, because it was not recalculating required metrics. |
| SF-1551679 ACM-103698 | Role Set Technical Owner/Other Technical Owner and Business Owner/Other Business Owner were unable to take bulk actions on their roles under Roles > Roles > Actions. |
| SF-1561439 ACM-104041 | Roles that were assigned to removed role sets were unable to be viewed or modified by the role owners, if the roles were moved to other role sets but not committed. |
| SF-1492099 ACM-102686 | A change request to remove a user from several business roles completed but did not remove the user's access. |
| SF-1380668 ACM-98267 | The purging process now includes clean-up of abandoned RoleVersions. |
Rules
| Issue | Description |
|---|---|
| SF-1491818 ACM-103345 | In segregation of duty (SoD) rule workflows, the decision node did not correctly transition to the true condition. |
| ACM-100858 | When an entitlement explained by a role was in violation, the remediation action was performed on the entitlement instead of the role. With this patch, remediations on violations of entitlements explained by roles are performed on the role. |
| SF-1396248 ACM-99164 | A change request contained a violation even after the violating entitlement was removed from the role. |
| SF-1547928 ACM-103574 | The Role Missing Entitlement Rule created a change request with duplicate items. |
| SF-1540199 ACM-103519 | An Advance query in the search expression dialog that had the “IN” condition with multiple values resulted in an invalid relational operator error. |
| ACM-103184
| A rule incorrectly tried to disable accounts without entitlements that were still pending or had in-progress change requests. |
Security
| Issue | Description |
|---|---|
| SF-1430739 ACM-101433 | When performing a key rollover/re-encryption, the collector or connector passwords were not re-encrypted with the latest keys until the collector or connector was re-saved from the user interface, even when the option to re-encrypt stored data was selected. |
Server Core
| Issue | Description |
|---|---|
| SF-1554196 ACM-103947 | System status notification events that were not processed before a restart were ignored and the indicator was not shown until the next occurrence. |
| SF-1453631 ACM-101881 | The database SID and server name were logged into the T_ARCHIVE table as part of the archive process by reading the details from Aveksa_System.cfg. The Aveksa_System.cfg file is not available in WebSphere and WebLogic environments, so changes have been made to read the SID and server name directly from the database. |
| SF-1550424 ACM-103701 | The pruning process did not include canceled events. |
User Interface
| Issue | Description |
|---|---|
| SF-1540572 ACM-103430 | The Activities breadcrumb in My Activities did not work as expected. |
| SF-1552651 ACM-103727 | The table options dialog box displayed a horizontal scroll bar when the text was longer than the dialog width. Longer lines of text are now wrapped to prevent the need for horizontal scrolling. |
Web Services
| Issue | Description |
|---|---|
| SF-1543914 ACM-103573 | Calling the createChangeRequest web service did not work as expected from workflows. |
| SF-1440066 ACM-101501 | The updateReviewItems web service did not work correctly for a user with multiple accounts. |
| SF-1546972 ACM-103586 | Requests submitted using the createChangeRequest web service did not show violations when failOnViolation was set to false. |
Previous Topic:Fixed Issues in 7.1.1 Patch 6
Next Topic:Fixed Issues in 7.1.1 Patch 8
You are here
Fixed Issues in 7.1.1 Patch 7
No ratings
