|Resolved issue||Issue ID|
|An entry in ADSOtherSID is generated when an ADSAccount is deleted.||2979197, 23752|
|GC queries for resolvingActive Directory objects SIDs, return an incorrect result.||3062057, 24165|
|The validity period "hourly" cannot be selected in schedules for target system synchronization.||2976225, 23743|
|Default templates for creating synchronization projects do not use uniquely, self-explanatory variable names.||3015639, 24018|
|Subqueries with key values that reach the SqlFormatter.InClauseLimit overload the SQL Server.||3077778, 24118|
|Changes to scope are not always saved.||3040235, 24172|
|The Customizer uses an incorrect SQL function to determine an employee's working hours.||3036647, 23959|
|Insufficient error messaging if a password is entered incorrectly using the LDAP authentication module.||3037757, 23990|
|Permissions missing in the Manager for role based login.||2978958, 23434|
|Exception error using # in the source directory path name of the installation resource when installing web-based components.||2993130, 23915|
|After changing the window size in the web browser, the products are not shown anymore.||3040093, 23975|
|Various problems sending emails.||24093|
|Several column properties cannot be customized.||3076449, 24104|
|Redundant calculations for the UTC offset in DialogCountry and DialogState.||3039733, 24129|
|Foreign key relations to base tables do not work reliably.||3084214, 24131|
|Error replacing process parameters with an encrypted database.||3081383, 24144|
|Performance problems calculating customer nodes in the IT Shop.||3073231, 24147|
|Missing access rights to table columns added with the program, Schema Extension.||3096352, 24174|
|Incorrect implementation of search criteria for automatic employee assignment.||2571353, 2581790, 20669|
|Access permissions missing for assignment requests in the Web Portal.||2949405, 2966934, 23609|
|Error displaying pending attestation cases in the Web Portal, if an existing custom view is selected.||3098697, 24162|
|Incorrect generating conditions in processes for creating user accounts through account definitions.||2979062, 23794|
|Optimized synchronizing memberships with relative complement handling.||3079911, 21712|
|The Active Directory connector only uses DNS hosts names for accessing the domain's global catalog over an encrypted connection.||3016149, 23993|
|The Password Capture Agent can also use the system user to log in on the One Identity Manager database.||24024|
|The Active Directory connector identifies changes to Active Directory object distinguished names through Active Directory policies, which may occur on saving.||2059042, 18019|
|A compliance check is run, by default, before sending assignment requests.||23965|
|The dialog for selecting and creating a target system connection in the Synchronization Editor has been reworked.||23663|
|Memory usage optimization when memberships are synchronized.||24070|
|Custom columns in target system tables can be mapped in Unified Namespace database views.||2407998, 19795|
|Various extensions in the Database Transporter.||19945|
|Improved accessibility to the Web Portal by connecting the new version of reCAPTCHA.||21005|
|Improved logging and transfer of object modifications.||22502|
|Improvements in the program, Data Import.||22955|
|The Software Loader export function allows you to select machine role.||23542|
|Improved display of grouped views in the Web Designer.||23543|
|Provision of a procedure for deleting custom tables.||3087519, 23828|
|The ReST API supports paging by loading assignments.||24023|
|Completed request procedures can be archived and deleted.||2604841, 14404|
|The default approval procedure "Manager of requested business role or organization" is available for approving assignment requests.||2583900, 20725|
|Consistency in handling requests when a customer or product moves to another shop.||2601266, 20815|
|Only permissions groups, which are only permitted for role based login, can be assigned to application roles.||23979|
|Additional columns for dynamic roles are taken into account when logging modifications.||23983|
|The validity period of a request for membership in SAP roles is stored in the One Identity Manager database as a limited SAP role assignment (table SAPUserInSAPRole).||22611|
|Mapping SAP communications data to employee imported from an SAP HCM system.||23619|
|Outstanding objects are no longer displayed on assignment forms.||23616|
|Employees who are marked for deletion, are no longer taken into account in automatic employee assignment.||23723|
Please download the hotfix by clicking here, and install it according to the instructions below.
To install this hotfix:
You can use the automatic software update method for updating existing installations.
To install the hotfix for the Manager web application
1. Uninstall the Manager web application.
2. Reinstall the Manager web application.
3. The Internet Information Services (IIS) default user requires write access to the Manager web application installation directory so that Manager web applications can be updated automatically. Check that the correct permissions are allocated.
For further information, see One Identity Manager Installation Guide.
Target system synchronization may return an error message after installing the hotfix if the synchronization project was created prior to any hotfix installation.
Error message example:
" Error executing an adhoc projection!"
" The mapping rule (Members by SID) was unable to execute the projection between system objects (group cn) and (group dn) successfully!"
IMPORTANT: For existing installations
Delete the synchronization project and recreate it. Restore your customizations.
To determine if this hotfix is installed
This hotfix updates all files that shipped with One Identity Manager 7.0.
To remove this hotfix