Identity Manager 7.0 Cumulative Hotfix (180502)

Return

Feedback submitted.

Was this article helpful?

[Select Rating]

Title

Identity Manager 7.0 Cumulative Hotfix

Description

The following is a list of issues resolved in this hotfix.

Resolved issue	Issue ID
Fixed error in " QBM_PJobQueueUpdateState" when trying to send emails.	2950165, 23550
In the approval workflow editor new steps are added at cursor position, not at top of the form.	2945664, 23520
Minimal SAP permission requirements for added functionality is now documented.	2928515, 23467
Fixed issue in Synchronization Editor while saving changes to a change label.	2954149, 23678
UNSB group assignments now respect the limits of the target system type.	2920432, 23632
"DialogDatabase.EditionName" and "DialogDatabase.EditionVersion" are now added even when starting the initial migration directly from Configuration Wizard.	2945791, 23552
Loading the report "VI_UNSGroup_historical_memberships" does not result in errors anymore if riskindex preprocessor is disabled.	2930470, 23460
Fixed error calculating approver in decision rules BR and BS.	2918951, 23407
Toolbox is now displayed regardless of the number of decision steps in a workflow definition form.	2910846, 23402
Company policy changes to the where clause are now displayed in TimeTrace as well.	2915301, 23388
Fixed Data Importer error when importing hierarchical structures.	2954191, 23426
Improved performance when importing large translation files.	2913550, 23424
Limited value definition for deferred operations is set correctly.	2923141, 23412
Error loading a prepared template in Analyzer is fixed.	2990064, 23826
Schema Extension does not create an "XOrigin" field for non-m:n tables anymore.	2993545, 23824
Displaying customized settings from the configuration buffer is now working correctly in Designer.	2994142, 23819
Helpdesk customizer is now using "SQL Function QER_FCVTimeToWorkTimePerson" instead of "QBM_FCVTimeToWorkTimePerson".	3036647, 23959
Fixed error when loading executables from a directory starting with #.	2993130, 23862, 23915
Optimizing the calculation time for the width of the shapes displayed on overview forms.	2984582, 23846
Added missing permissions for some information that is missing on overview form for an employee.	2978958, 23772
Fixed error on running the attestation case "Data Governance: Resource security deviation attestation" throws error 'Invalid Column name Ident_QAMResourceType'.	23734
Error in script "VI_AttestationCase_RemoveGroupMembership" corrected.	2956628, 23701
Password Capture Agent configuration tool sets new password correctly.	2961870, 23685
Error setting wrong DateTime values is fixed.	2947076, 23757
Changes to configuration parameters in Web Designer are now saved correctly.	2968421, 23744
Fixed error when trying to clear "Person.DeactivationEnd" with "IsTemporarilyDeactivated" being active.	2976046, 23737
Creating attestation policies using the application server does not lead to errors anymore.	2983593, 23358
Corrected error in SQL Wizard not displaying correct info.	2976251, 23728
Changing your own password even when connecting as "read-only user" is now possible.	2928853, 23583
Corrected incorrect setting of connection variables with respect to their encryption.	2948494, 23570
Fixed error when transporting assignments to custom permissions groups.	2968055, 3039264, 23807
Fixed infrequent blocking of the DBQueue Processor in certain situations.	2980939, 23765
In the stored procedures #QBMHelperQueueRepair the columns "Object" und "SubObject" are not "NOT NULL" columns anymore.	2978948, 23754
The synchronization engine now supports passwords with "$$".	2954963, 23470
Fixed changes to culture information based on the updated culture information within the .NET framework.	2892285, 23253
The modularization of permissions groups in is finalized.	2968711, 20182
Error when changing a schedule from Daily to Hourly is fixed.	2976225, 23742
Added missing assignments of role-based permissions groups to forms and navigation.	2978958, 23434
Compliance check for role assignments now works without requiring owner permissions.	2949405, 2981382, 23386
Custom layout changes to overview pages are now supported.	2994142, 23354
Fixed error on setting group memberships for contacts to local groups when trusts are only unidirectional.	2651395, 21672
Fixed an error in the web front-end not checking "RPSSubscription.IsRejected".	2699523, 21461
Fixed the error regarding the deletion of other request information when aborting requests.	2382827, 19696
Filtering for group memberships between trusted domains is now working.	2651395, 21767
Suppressing dynamic role settings for IT Shop nodes other than the customer node.	2903242, 23339
Fixed error in Schema Extension under Oracle when displaying index information.	2797066, 22405
Asking question multiple times as an attestation approver is now supressed.	2925061, 2968519, 21810
Fixed issues with calculating group memberships when members have been moved/renamed during the synchronization.	2980939, 23901
Fixed error in process component for setting access when group name contains a blank ("tout le monde").	2990293, 23880
Deny permissions on Data under Governance are now displayed correctly in web portal.	2978868, 23808
Synchronization Editor does not stop on duplicate entries but is just logging them instead.	2980939, 23922
Fixed display issue after resizing the web front-end.	3040093, 23975
Added missing error notification when not setting an isMandatory parameter.	2147183, 18762
Transport has additional parameter "last migration date" as selection criteria when creating a transport based on change information.	16836
Transport per change flag does not result in errors when renaming a process in another change tag.	966278, 966946, 15207
Loading to the Designer SQLite database is now adapted to the modular structure of .	2396785, 19101
Sort order of change labels is applied when importing a transport having multiple change labels.	17078
Extended display pattern collection for TimeTrace values is now supported.	2989623, 15076
More detailed compiler settings (debug, release) for different web projects.	23968
Performance optimization of department and locality assignments in processes "ADS_PersonAuto_Mapping_ADSAccount" und "ADS_PersonAuto_Mapping_ADSContact".	23664
Transporting UNSRoot definitions including all settings is now supported.	14589
Job server status page now works when using SSL as well.	13393
Quick summary about custom changes is now available in Designer.	23561
Simulation report in Synchronization Editor now has a summary of processed objects/operations like the synchronization log report.	23433
AddMember and DelMember are available as "single shot" tasks for AD (as in v6).	2980939, 2977837, 23911
Quick search was added to the target system browser in the Synchronization Editor.	23896
Transporting compliance rules is now supported.	23297
The audit of login events to a web application now adds the application information as well.	2410483, 20461
The feature for auto-creating person objects is now available for custom target system tables.	2287899, 19259
Failed processes and their retries are now displayed as warning and not as error in the log.	2896836, 23236
Support added for redirecting to an error page after timeout when using the application server.	21929
The public ReST API is extended to support calling methods, customizer methods, scripts and events.	22038
Support for load-balancing SQL processes on job servers which are not the Master SQL server.	21867
Added support for sending encrypted and signed mails using TLS, S/MIME and PGP.	2895737, 2836809, 23229
Added support for reading and assigning SAP security policies.	2861199, 22951
Support for SQL Server AlwaysOn functionality.	2627203, 2913950, 2998227, 21285
On SAP Systems newer than 7.11 a new way was introduced for setting a "productive" password without forcing the user to change the password at next logon. This is now working without or with SNC enabled.	2435174, 2550871, 2559100, 2861417, 13157
Fixed error that leads to a situation that executing "MakeDecision" methods through the are not replay aware.	2659598, 21265
Changes to a DN of an AD object are recognized on saving when using Active Roles policies.	2059042, 18019
To avoid problems after restoring a database from a backup of another database, the DBQueue Processor now checks the correctness of the connection string stored in the database.	2943775, 23567
Optimized performance for the functions "ADS_FGIGroupInGroupValidDetail" and "ADS_GGetInfo.FGIUserInGroupValidDetail".	23535
The public ReST API now supports to specify different load types for collections.	23608
More info_types have been added to the SAP HCM synchronization.	23596
Optimized definition of the assignment of database jobs to the Master SQL server.	2955752, 2963879, 23471
Fixed errors when using the "get best fit group" call in .	470762, 23280
Added process component for using Windows PowerShell Version 3 and later.	23233
Simple list reports can now be sent via email.	23363
Fixed error on displaying attestation cases in the correct grouping.	23290

Resolution
Please download the hotfix by Click Here, and install it according to the instructions below.
To install this hotfix:
1. Manually update the administration workstation on which the One Identity Manager database schema installation will be started. Execute the program autorun.exe from the root directory on the One Identity Manager installation medium.
2. Stop the One Identity Manager Service on the server, which processes direct database queries.
3. Backup the One Identity Manager database.
4. Execute One Identity Manager database schema installation on the database.
5. Manually update the server, which processes direct database queries.
6. Start the One Identity Manager Service on the server, which processes direct database queries.
7. Update other installations on workstations and servers.
You can use the automatic software update method for updating existing installations.
For further information, see One Identity Manager Installation Guide.
Known issues
Synchronization of Active Directory may display an error message after installing the hotfix.
Error message example:
```
[2134002] Error executing an adhoc projection!
 [1777239] The mapping rule (Members by SID) was unable to execute the projection
 between system objects () and () successfully!
```
To determine if this hotfix is installed
This hotfix updates all files that shipped with One Identity Manager 7.0.
1. Start the Designer or the Manager and select the menu item Help | Info.
  You can see an overview of your system configuration on the System information.
  Version number 2015.0008.0023.0010 for all modules and application Version 7.0 2015.10.17.001 indicate that this hotfix is installed.
To remove this hotfix
1. Manually update the administration workstation on which the One Identity Manager database schema installation will be started. Use the original installation sources for One Identity Manager 7.0.
2. Stop the One Identity Manager Service on the server, which processes direct database queries.
3. Restore the One Identity Manager database.
4. Manually update the server, which processes direct database queries.
5. Update other installations on workstations and servers. You can use the automatic software update method for updating existing installations.
Attachments

Release Notes