Chat now with support
Chat with Support

Identity Manager 9.1 - Release Notes

Patches for synchronization projects

Patches for the following patch types are provided in One Identity Manager 9.1.

  • Patches for solved issues

  • Patches for new features

  • Milestones

To adjust existing synchronization projects to One Identity Manager version 9.1, you must implement milestones. A milestone is provided for each context. A milestone includes all patches for solved issues together with milestones from previous versions, if they have not already been implemented. Once the current milestone has been implemented in a synchronization project, the project is then compatible with One Identity Manager 9.1.

Patches for new features can be applied optionally.

The following is a list of all new patches provided in One Identity Manager 9.1 for synchronization projects. Only patches created after version 8.2.1 are listed. For information about patches from earlier versions of One Identity Manager, see the respective release notes for each version.

Every patch contains a script, which tests whether the patch can be applied to the synchronization project. This depends on the specific configuration of the synchronization.

TIP: Implement milestones first and then apply optional patches for new features.

For more information, see Applying patches to synchronization projects.

Table 15: General patches

Patch ID

Patch

Description

Issue ID

 

Milestone 9.1

Milestone for the context DPR.

 

 

Milestone 9.1

Milestone for the context One Identity Manager.

 

Table 16: Patches for Azure Active Directory

Patch ID

Patch

Description

Issue ID

VPR#33400

New property mapping rule for assigning administrator roles to Azure Active Directory groups

Adds a property mapping rule for the IsAssignableToRole schema property to the Group mapping.

This patch is applied automatically when One Identity Manager is updated.

Dependent on the Filter members of directory roles patch (VPR#33399).

33400

VPR#34744

New property mapping rule for mapping the properties of dynamic Azure Active Directory groups

Adds property mapping rules for the membershipRuleProcessingState and membershipRule schema properties to the Group mapping.

This patch is applied automatically when One Identity Manager is updated.

34744

VPR#35033

Support for B2C tenants

Adds property mapping rules for the TenantType and Identities schema properties in the Organization and User mappings.

35033

VPR#35286

Allows writing of email addresses of Azure Active Directory user accounts.

Corrects the property mapping rule for the Mail schema property in the User mapping.

This patch is applied automatically when One Identity Manager is updated.

35286

VPR#35289

Support for administrative units

Extends the synchronization configuration to support administrative units.

This patch is applied automatically when One Identity Manager is updated.

35289

VPR#35290

New property mapping rule for the creation type of Azure Active Directory user accounts.

Adds a property mapping rule for the CreationType schema property to the Group mapping.

This patch is applied automatically when One Identity Manager is updated.

35290

VPR#35303_AAD

Supports classifications

Extends the synchronization configuration to support classification of Exchange Online Office 365 groups.

35303

VPR#35768

Corrects of the ServicePrincipal mapping

Corrects the property mapping rule for the Owners schema property in the ServicePrincipal mapping.

This patch is applied automatically when One Identity Manager is updated.

Depending on patch Azure Active Directory service principal support (VPR#33088).

35768

 

Milestone 9.1

Milestone for the context Azure Active Directory.

 

Table 17: Patches for Active Directory

Patch ID

Patch

Description

Issue ID

VPR#35533

Removes unused schema properties

Removes unused virtual schema properties from the site mapping.

This patch is applied automatically when One Identity Manager is updated.

35533

VPR#33793

New property mapping rule for mapping the domain's RID master

Adds a property mapping rule for the UID_ADSMachineRIDMaster schema property to the domainDNS mapping.

This patch is applied automatically when One Identity Manager is updated.

33793

 

Milestone 9.1

Milestone for the context Active Directory.

 

Table 18: Patches for Active Roles

Patch ID

Patch

Description

Issue ID

VPR#35122

Updates the target system schema

Updates the target system schema to update data types in the stored schema.

This patch is applied automatically when One Identity Manager is updated.

35122

 

Milestone 9.1

Milestone for the context Active Roles.

 

Table 19: Patches for Microsoft Exchange

Patch ID

Patch

Description

Issue ID

VPR#31374

Support for room lists

Adds property mapping rules for the RecipientType and RecipientTypeDetails schema properties to the DistributionGroup mapping.

This patch is applied automatically when One Identity Manager is updated.

31374

VPR#35506

Corrects the behavior of "unlimited" values

Corrects the treatment of "unlimited" values. Schema properties and property mapping rules are adjusted for this.

This patch is applied automatically when One Identity Manager is updated.

35506

 

Milestone 9.1

Milestone for the context Microsoft Exchange.

 

Table 20: Patches for Exchange Online

Patch ID

Patch

Description

Issue ID

VPR#30841

Prevents the creation of additional base objects

Changes synchronization project settings to prevent more than one base objects being added.

This patch is applied automatically when One Identity Manager is updated.

30841

VPR#34568

New property mapping rules for mapping quota settings for mailboxes

Adds property mapping rules for the ProhibitSendQuota, IssueWarningQuota and ProhibitSendReceiveQuota schema properties to the mailbox mapping.

34568

VPR#34265

Mailbox permissions support

Extends the synchronization configuration to map the Full Access and Send As mailbox permissions.

This patch is applied automatically when One Identity Manager is updated.

34265

VPR#34766

Support for certificate-based authentication

Adds the AADOrganization variable to the default variable set.

This patch is applied automatically when One Identity Manager is updated.

34766

VPR#35343_O3E

Supports classifications

Extends the synchronization configuration to support classification of Exchange Online Office 365 groups.

This patch is applied automatically when One Identity Manager is updated.

35303

 

Milestone 9.1

Milestone for the context Exchange Online.

 

Table 21: Patches for Microsoft Teams

Patch ID

Patch

Description

Issue ID

VPR#35410

Updating the One Identity Manager schema

Updates the One Identity Manager schema to properly set the scope for O3TTeam and O3TTeamChannel.

This patch is applied automatically when One Identity Manager is updated.

35410

 

Milestone 9.1

Milestone for the context Azure Active Directory.

 

Table 22: Patches for Google Workspace

Patch ID

Patch

Description

Issue ID

VPR#34885

Extensions for synchronizing Google Workspace external email addresses

Extends the synchronization configuration for synchronizing external email addresses

34885

 

Milestone 9.1

Milestone for the context Google Workspace.

 

Table 23: Patches for LDAP

Patch ID

Patch

Description

Issue ID

VPR#35702

Ignore upper and lower case when comparing values

Set the Ignore case option in the property mapping rules of the ObjectClass and StructuralObjectClass schema properties.

This patch is applied automatically when One Identity Manager is updated.

35702

 

Milestone 9.1

Milestone for the context LDAP.

 

Table 24: Patches for HCL Domino

Patch ID

Patch

Description

Issue ID

VPR#35500

Correction of the vrtProxyDataBaseName schema property

Corrects the script for loading the vrtProxyDataBaseName schema property of the AdminRequest (all) schema class.

This patch is applied automatically when One Identity Manager is updated.

35500

VPR#35745

Check value of variable MailFileAccessType

Checks and corrects the MailFileAccessType variable in all variable sets.

This patch is applied automatically when One Identity Manager is updated.

35745

 

Milestone 9.1

Milestone for the context HCL Domino.

 

Table 25: Patches for Privileged Account Management

Patch ID

Patch

Description

Issue ID

VPR#35621

Support for One Identity Safeguard 7.0 (LTS)

Extends the synchronization configuration to support One Identity Safeguard version 7.0 (LTS).

35621

 

Milestone 9.1

Milestone for the context Privileged Account Management.

 

Table 26: Patches for SAP R/3

Patch ID

Patch

Description

Issue ID

VPR#34646_SAP

Updates the target system schema

Updates the target system schema.

This patch is applied automatically when One Identity Manager is updated.

34646

 

Milestone 9.1

Milestone for the context SAP R/3.

 

Table 27: Patches for SAP R/3 personnel planning data and structural profiles

Patch ID

Patch

Description

Issue ID

VPR#32154

Introduces some revision counters

Enables revision filtering in the Main Identity, Workdates of Employee, and Communication Data synchronization steps.

32154

 

Milestone 9.1

Milestone for the context SAP R/3 structural profile add-on.

 

Table 28: Patches for SAP R/3 BI analysis authorizations

Patch ID

Patch

Description

Issue ID

 

Milestone 9.1

Milestone for the context SAP R/3 analysis authorizations add-on.

 

Table 29: Patches for SAP R/3 authorization objects

Patch ID

Patch

Description

Issue ID

 

Milestone 9.1

Milestone for the context SAP R/3.

 

Table 30: Patches for SharePoint

Patch ID

Patch

Description

Issue ID

 

Milestone 9.1

Milestone for the context SharePoint.

 

Table 31: Patches for SharePoint Online

Patch ID

Patch

Description

Issue ID

VPR#30841

Prevents the creation of additional base objects

Changes synchronization project settings to prevent more than one base objects being added.

This patch is applied automatically when One Identity Manager is updated.

30841

 

Milestone 9.1

Milestone for the context SharePoint Online.

 

Table 32: Patches for the SCIM interface (in Universal Cloud Interface Module)

Patch ID

Patch

Description

Issue ID

VPR#34952

Additional certificate options for system connections

Adds new variables to the default variable set and connection parameters.

This patch is applied automatically when One Identity Manager is updated.

34952

VPR#35571

New variable for configuring a request timeout

Adds a variable to configure the request timeout to the default variable set and connection parameters.

35571

 

Milestone 9.1

Milestone for the context SCIM.

 

Table 33: Patches for the Universal Cloud Interface interface (in Cloud Systems Management Module)

Patch ID

Patch

Description

Issue ID

VPR#35451

Handling of XIsInEffect columns for all UserInGroup* and UserHasGroup* tables.

Adds special handling of the XIsInEffect columns for all UserInGroup* and UserHasGroup* tables to the corresponding mappings and workflows.

35451

 

Milestone 9.1

Milestone for the context Universal Cloud Interface.

 

Table 34: Patches for Unix

Patch ID

Patch

Description

Issue ID

 

Milestone 9.1

Milestone for the context Unix.

 

Table 35: Patches for the One Identity Manager connector

Patch ID

Patch

Description

Issue ID

 

Milestone 9.1

Milestone for the context Database.

 

Table 36: Patches for the CSV connector

Patch ID

Patch

Description

Issue ID

 

Milestone 9.1

Milestone for the context CSV.

 

Deprecated features

The following features are no longer supported with this version of One Identity Manager:

  • In future, mutual aid as well as password questions and password answers will not be supported in the Manager.

    Use the Password Reset Portal to change passwords. Save your password questions and password answers in the Web Portal.

  • The SOAP Web Service is no longer supported.

  • The SPML Webservice is no longer supported.

  • The API Designer is no longer supported.

    Added instructions in the One Identity Manager API Development Guide on how to convert XML-based API definition code into a plugin library.

  • Administration of different versions of a compiled project using compilation branches is no longer supported.

  • The Visual Studio Code extension for HTML application development is no longer supported.

  • Compiling HTML applications in the Database Compiler is no longer supported.

  • The SharePoint 2010 connector is no longer supported.

  • The Microsoft Exchange 2010 connector is no longer supported.

  • The Relevance for compliance property for IT Shop requests (PWODecisionStep.ComplianceRelevance and QERWorkingStep.ComplianceRelevance) is no longer supported.

  • Starling Two-Factor Authentication and the Starling 2FA app are no longer be supported as the Starling Two-Factor Authentication service will be discontinued on November 1, 2022.

    • OneLogin is used for multi-factor authentication for requests or attestation.

    • Use the new functionality of adaptive cards with Starling Cloud Assistant to approve requests and attestation cases.

  • The generic LDAP connector is no longer supported. Use the LDAP Connector (version 2).

The following features will be discontinued in later One Identity Manager versions and should no longer be utilized:

  • The following script are labeled obsolete. A warning to this effect is issued during compilation.

    • VI_GetValueOfObject

    • VID_GetValueOfDialogObject

    • VI_ITDataFromOrg

    • VI_AE_ITDataFromOrg

    • VI_GetOrgUnitFromCertifier

    • VI_ConvertDNToCanonicalName

    • VI_PersonAuto_LDAP

    • VI_PersonAuto_ADS

    • VI_PersonAuto_EBS

    • VI_PersonAuto_Notes

    • VI_PersonAuto_SAP

    • VI_PersonAuto_SharePoint_SPSUser

    • VI_GetAttestationObject

System requirements

Ensure that your system meets the following minimum hardware and system requirements before installing One Identity Manager. For more detailed information about system prerequisites, see the One Identity Manager Installation Guide.

NOTE: When setting up a virtual environment, carefully consider the configuration aspects such as CPU, memory availability, I/O subsystem, and network infrastructure to ensure the virtual layer has the necessary resources available. Please consult One Identity's Product Support Policies for more information on environment virtualization.

Every One Identity Manager installation can be virtualized. Ensure that performance and resources are available to the respective One Identity Manager component according to system requirements. Ideally, resource assignments for the database server are fixed. Virtualization of a One Identity Manager installation should only be attempted by experts with strong knowledge of virtualization techniques.

Minimum requirements for the database server

A server must meet the following system requirements for installation of a One Identity Manager database. Depending on the number of One Identity Manager modules and the accounts managed in One Identity Manager, the requirements for working memory, hard disk storage, and processors may be significantly greater than the minimum requirements.

Processor

8 physical cores with 2.5 GHz+ frequency (non-production)

16 physical cores with 2.5 GHz+ frequency (production)

NOTE: 16 physical cores are recommended on the grounds of performance.

Memory

16 GB+ RAM (non-production)

64 GB+ RAM (production)

Hard drive storage

100 GB

Operating system

Windows operating system

  • Note the requirements from Microsoft for the SQL Server version installed.

UNIX and Linux operating systems

  • Note the minimum requirements given by the operating system manufacturer for SQL Server databases.

Software

Following versions are supported:

  • SQL Server 2019 Standard Edition (64-bit) with the current cumulative update

NOTE: For performance reasons, the use of SQL Server Enterprise Edition is recommended for live systems.

  • Compatibility level for databases: SQL Server 2019 (150)

  • Default collation: case insensitive, SQL_Latin1_General_CP1_CI_AS (recommended)

  • SQL Server Management Studio (recommended)

NOTE: The minimum requirements listed above are considered to be for general use. With each custom One Identity Manager deployment these values may need to be increased to provide ideal performance. To determine production hardware requirements, it is strongly recommended to consult a qualified One Identity Partner or the One Identity Professional Services team. Failure to do so may result in poor database performance.

For additional hardware recommendations, read the KB article https://support.oneidentity.com/identity-manager/kb/290330/how-to-configure-settings-as-per-the-system-information-overview, which outlines the System Information Overview available within One Identity Manager.

NOTE: In virtual environments, you must ensure that the VM host provides performance and resources to the database server according to system requirements. Ideally, resource assignments for the database server are fixed. Furthermore, optimal I/O performance must be provided, in particular for the database server. For more information about virtual environments, see Product Support Policies.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating