The following issues were fixed in RSA Identity Governance and Lifecycle version 7.1.1 Patch 8.
The help text for account review action buttons previously displayed help text for user access reviews. Now the correct help text is displayed.
The new review user interface did not display some Swedish characters properly.
The Backup Business Owner and Other Business Owner were not included as review monitors by default when Business Owner was selected. The system has been updated to include all types of business owners as monitors.
Hardened code to prevent duplicate out-of-office entries for a given user.
Change Requests and Workflows
Users with the Access Request Administrator application role were unable to see processing workflows associated with change requests.
The change request milestone did not display approvals that were canceled due to escalations.
Improved queries with large role modifications to avoid Oracle limits for the number of parameters.
The Aveksa Statistics Report (ASR) displayed a larger number of pending activities than were actually pending in RSA Identity Governance and Lifecycle.
Running a SQL query with multiple CSV files in the Group Data Query for an Account Data Collector with HXTT CSV driver yielded incorrect results.
When using Salesforce AFX connector, the proxy details to fetch the access token are not persisted, if not provided when connector is created first time.
Data Collection Processing and Management
CSV collector did not populate some joined fields.
NVL function in Account Mapping queries failed when the account length was more than 20 characters.
Added optimizations for databases with large data sets when doing change verification tasks.
Long-running data purging became stuck during cleanup of WP_WI_ALERT.
After a user set a default value for the "Drop down select" field in a request form, the Next button appeared disabled while running the form.
Role import did not resolve business sources for groups collected from an MAADC, and the role export XML file did not have the application name attribute for group entitlements.
After adding groups with the same name from different applications or directories to a role, the role remained with only one group.
Unexpected behavior occurred when technical roles had a cyclic dependency.
Users were able to see missing entitlements assigned to a user through a role, even after processing the Role Missing Entitlement Rule, because it was not recalculating required metrics.
Improved query performance when retrieving Rule Violation Data.
User access and SOD rules created incorrect violation and change requests when a user was a part of a group's child sub-group. The incorrect change request was created to remove the subgroup's account from the parent group. This patch ensures that the violation and change items are correctly created to remove the account from the sub-group.
After creating a change request, if a user browses away from the page or closes the window before submitting, the pending change request submission was not visible in the user's UI until logging in a second time.