No new synchronization templates are provided in One Identity Manager 9.3. No synchronization templates were deleted.
Patches are provided for changes to existing synchronization templates. For more information, see Patches for synchronization projects.
Patches for the following patch types are provided in One Identity Manager 9.3.
Patches for resolved issues
Patches for new features
Milestones
To adjust existing synchronization projects to One Identity Manager version 9.3, you must implement milestones. A milestone is provided for each context. A milestone includes all patches for resolved issues together with milestones from previous versions if they have not already been implemented. Once the current milestone has been implemented in a synchronization project, the project is then compatible with One Identity Manager 9.3.
Patches for new features can be applied optionally.
The following is a list of all new patches provided in One Identity Manager 9.3 for synchronization projects. Only the patches that were newly created after version 9.2.1 are listed. For information about patches from earlier versions of One Identity Manager, see the respective release notes for each version.
Every patch contains a script, which tests whether the patch can be applied to the synchronization project. This depends on the specific configuration of the synchronization.
TIP: Implement milestones first and then apply optional patches for new features.
For more information, see Applying patches to synchronization projects.
|
Patch ID |
Patch |
Description |
Issue ID |
|---|---|---|---|
|
ADO#446363 |
Support for Microsoft Entra ID security attributes |
Extends the synchronization configuration to support Microsoft Entra ID security attributes on user accounts and service principals. This patch is applied automatically when One Identity Manager is updated. |
446363 |
|
ADO#438166 |
New property mapping rules for mapping sponsors for user accounts |
Inserts a new property mapping rule in the User mapping for mapping sponsors for user accounts. This patch is applied automatically when One Identity Manager is updated. |
438166 |
|
ADO#446183 |
Support for Microsoft Entra ID temporary access passes |
Extends the synchronization configuration to support Microsoft Entra ID temporary access passes for user accounts in Microsoft Entra ID tenants. This patch is applied automatically when One Identity Manager is updated. |
446183 |
|
Patch ID |
Patch |
Description |
Issue ID |
|---|---|---|---|
|
ADO#440672 |
Marks system schema properties as read-only |
Updates the target system schema to mark schema properties as read-only if they are marked as System-Only in Active Directory. This patch is applied automatically when One Identity Manager is updated. |
440672 |
|
Patch ID |
Patch |
Description |
Issue ID |
|---|---|---|---|
|
VPR#37283 |
Support for directories as members of PAM asset groups |
Extends the synchronization configuration to support directories as members of PAM asset groups. This patch is applied automatically when One Identity Manager is updated. |
433775 |
|
ADO#450685 |
Support for One Identity Safeguard 7.5 |
Extends the synchronization configuration to support One Identity Safeguard version 7.5. |
450685 |
|
Patch ID |
Patch |
Description |
Issue ID |
|---|---|---|---|
|
ADO#326713 |
Corrects the userExternalID mapping |
Corrects the mapping for external identifiers. Removes the vrtExtID_EXTID property mapping rule. |
326713 |
|
Patch ID |
Patch |
Description |
Issue ID |
|---|---|---|---|
|
ADO#419381 |
Support for ports in connection parameters |
Extends the connection parameters by specifying the port for the SharePoint connector to communicate internally. This patch is applied automatically when One Identity Manager is updated. |
440892 |
The following features are no longer supported with this version of One Identity Manager:
The following features are no longer supported in the One Identity Manager Service.
FileJobProvider
FileJobDestination
FileJobGate
FTPJobProvider
FTPJobDestination
HTTPJobProvider
HTTPJobDestination
HTTPJobGate
The Web Designer and Web Designer-based web applications are no longer supported. Use the HTML web applications that are provided via the API Server.
When the Manager is in simulation mode, processing of DBQueue Processor tasks, such as recalculating compliance rules, is no longer supported. This affects the Identity Audit Simulation and Identity Audit Simulation Evaluation plugins as well as the VID_DatabaseSimulationResult_with_Compliance_Export report.
The SQL Server 2019 version for the One Identity Manager database is no longer supported.
Synchronization with Microsoft Exchange 2013 is no longer supported.
Synchronization with SharePoint 2013 is no longer supported.
The use of classic authentication using user name and password to synchronize with SharePoint Online is no longer supported. SharePoint Online synchronization projects must be converted to certificate-based login.
One Identity Active Roles versions 7.x are no longer supported.
One Identity Safeguard versions 6.x, 7.1, 7.2, 7.3, and 7.4 are no longer supported.
The PowerShellComponent process component is no longer supported. Use the PowershellComponentNet4 process component instead.
Container support for Windows Server 2016 will be discontinued.
Web Service Wizard for integrating SOAP or WCF web services has been removed. SOAP web services are disabled during migration as they are no longer supported. Documentation is provided on integrating web services via NuGet packages.
Due to the new program structure, it is no longer possible to pre-compile assemblies in the Designer and then transfer them to the database. The Process > Compile and save to database menu item has been removed from the Process Editor.
The globallog.config configuration file is no longer supported.
The ServerConfig/ITShopConfig/VI_ITShop_Employee_Preselected configuration key for the Web Portal has been removed.
The CaptchaCaseInsensitive and CaptchaTestKey configuration keys have been removed for the API Server, Web application overview, and scim API projects.
In the Administration Portal, various configuration keys under ServiceCatalogViewConfiguration have been removed.
The following scripts were deleted.
VI_AE_BuildCentralAccount
VI_AE_BuildCentralAccountGlobalUnique
VI_BuildInternalName
VI_AE_CreatedefaultMailAddress
VI_AE_BuildCentralSAPAccount
NOTE: The script was used in earlier versions of One Identity Manager in templates for the Person table. Check the templates and any other customized usage of these scripts.
The following scripts were deleted.
QER_CloudAssistant_LifeCycle
VI_MailApproval_ProcessInBox
VI_MailApproval_ProcessMail
VID_GetWebService
The following configuration parameters are not used in the Database Agent Service anymore and have been removed.
QBM | DBServerAgent
QBM | DBServerAgent| CountSlotAgents
QBM | DBServerAgent | CreateNotification
QBM | DBQueue | ChangeLimitMax
QBM | DBQueue | ChangeLimitMin
The TargetSystem | SAPR3 | SAPRights | TestWithoutTCD configuration parameter can no longer be modified. To change the processing logic of SAP functions, use the logical expression that is stored in each function definition. The logical expression for existing function definitions from versions older than 9.3 is calculated taking the configuration parameter into account. For more information, see Enhancements. (Issue ID 438883)
Running process functions externally as a separate 32-bit process is no longer supported. The process functions have been deleted.
NOTE: Customized uses of process functions are adapted during migration. Check your processes after migration.
Connecting CData ADO.NET Provider databases with the generic database connector is no longer supported.
Risk indexes are no longer recalculated immediately when data changes. They are only calculated on a scheduled basis.
The following features will be deprecated in future releases of One Identity Manager and should no longer be used:
Support for Windows Server 2012 and Windows Server 2012 R2 will be deprecated in future releases.
The TargetSystem | SAPR3 | SAPRights | TestWithoutTCD configuration parameter will be deprecated in future versions.
Before installing One Identity Manager 9.3, ensure that your system meets the following minimum hardware and software requirements.
For more detailed information about system prerequisites, see the One Identity Manager Installation Guide.
NOTE: When setting up a virtual environment, carefully consider the configuration aspects such as CPU, memory availability, I/O subsystem, and network infrastructure to ensure the virtual layer has the necessary resources available. For more information about environment virtualization, see One Identity's Product Support Policies.
Every One Identity Manager installation can be virtualized. Ensure that performance and resources are available to the respective One Identity Manager component according to system requirements. Ideally, resource assignments for the database server are fixed. Virtualization of a One Identity Manager installation should only be attempted by experts with strong knowledge of virtualization techniques.
© 2025 One Identity LLC. ALL RIGHTS RESERVED. Términos de uso Privacidad Cookie Preference Center
