Chat now with support
Chat with Support

Identity Manager 9.2 - Release Notes

Modified synchronization templates

The following provides you with an overview of modified synchronization templates. Patches are made available for updating synchronization templates in existing synchronization projects. For more information, see Patches for synchronization projects.

Table 17: Overview of synchronization templates and patches

Module

Synchronization template

Type of modification

Target System Synchronization Module

Automatic One Identity Manager synchronization

changed

Azure Active Directory Module

Azure Active Directory synchronization

changed

Azure Active Directory B2C tenant

changed

Active Directory Module

Active Directory synchronization

changed

Active Roles Module

Synchronize Active Directory domain via Active Roles

changed

Cloud Systems Management Module

Universal Cloud Interface synchronization

none

Oracle E-Business Suite Module

Oracle E-Business Suite synchronization

none

Oracle E-Business Suite CRM data

none

Oracle E-Business Suite HR data

none

Oracle E-Business Suite OIM data

None

Microsoft Exchange Module

Microsoft Exchange 2013/2016/2019 synchronization (v2)

changed

Google Workspace Module

Google Workspace synchronization

none

LDAP Module

AD LDS synchronization

None

AD LDS Synchronization (version 2)

None

OpenDJ synchronization

None

OpenDJ Synchronization (version 2)

None

Generic LDAP Synchronization (version 2)

None

Oracle DSEE Synchronization (version 2)

None

Domino Module

Lotus Domino Synchronization

changed

Exchange Online Module

Exchange Online synchronization (v2)

None

Microsoft Teams Module

Microsoft Teams (via Azure Active Directory)

None

OneLogin Module

OneLogin Domain Synchronization

None

Privileged Account Governance Module

One Identity Safeguard synchronization

changed

SAP R/3 User Management Module

SAP R/3 synchronization (Base Administration)

changed

SAP R/3 (CUA subsystem)

none

SAP R/3 Analysis Authorizations Add-on Module

SAP R/3 BW

none

SAP R/3 Compliance Add-on Module

SAP R/3 authorization objects

none

SAP R/3 Structural Profiles Add-on Module

SAP R/3 HCM authentication objects

none

SAP R/3 HCM employee objects

none

SharePoint Module

SharePoint synchronization

none

SharePoint Online Module

SharePoint Online synchronization

none

Universal Cloud Interface Module

SCIM Connect via One Identity Starling Connect

changed

SCIM synchronization

changed

SCIM synchronization of an SAP Cloud ALM application

new

Unix Based Target Systems Module

Unix Account Management

changed

AIX Account Management

changed

Patches for synchronization projects

Patches for the following patch types are provided in One Identity Manager 9.2.

  • Patches for resolved issues

  • Patches for new features

  • Milestones

To adjust existing synchronization projects to One Identity Manager version 9.2, you must implement milestones. A milestone is provided for each context. A milestone includes all patches for resolved issues together with milestones from previous versions, if they have not already been implemented. Once the current milestone has been implemented in a synchronization project, the project is then compatible with One Identity Manager 9.2.

Patches for new features can be applied optionally.

The following is a list of all new patches provided in One Identity Manager 9.2 for synchronization projects. Only the patches that were newly created after version 9.1.1 are listed. For information about patches from earlier versions of One Identity Manager, see the respective release notes for each version.

Every patch contains a script, which tests whether the patch can be applied to the synchronization project. This depends on the specific configuration of the synchronization.

TIP: Implement milestones first and then apply optional patches for new features.

For more information, see Applying patches to synchronization projects.

Table 18: General patches

Patch ID

Patch

Description

Issue ID

VPR#36755

Disables the synchronization buffer for the central database

Disables the synchronization buffer for various virtual schema properties in the central database schema in synchronization projects for system synchronization.

36755

 

Milestone 9.2

Milestone for the context DPR.

 

 

Milestone 9.2

Milestone for the context One Identity Manager.

 

Table 19: Patches for Azure Active Directory

Patch ID

Patch

Description

Issue ID

VPR#36596

Support for connection certificates

Adds the CP_CertificateThumbprint variable to the default variable set.

This patch is applied automatically when One Identity Manager is updated.

36596

VPR#36729

New schema property for Azure Active Directory user account

Adds property mapping rules for the employeeHireDate, employeeLeaveDateTime, employeeType, eoddivision, and eodcostcenter schema properties to the User mapping.

This patch is applied automatically when One Identity Manager is updated.

36729

VPR#36799

Sets filters in multi-reference rules

Inserts member filters in various multi-reference rules for the Owners schema property.

This patch is applied automatically when One Identity Manager is updated.

36799

VPR#33776

New schema properties for mapping the login times of Azure Active Directory user accounts

Adds property mapping rules for mapping the last login times of user accounts (siaLastNISignInDateTime, siaLastNISignInRequestId, siaLastSignInDateTime, siaLastSignInRequestId) to the User mapping.

These schema properties can only be accessed under an Azure Active Directory premium license.

33776

VPR#35769

Enables service principals to be mapped as service principal owners

Extends the member filter of the vrtOwners_Owners property matching rule in the ServicePrincipal mapping to include service principals.

This patch is applied automatically when One Identity Manager is updated.

35769

VPR#35513

Support for RBAC and PIM features

Extends the synchronization configuration to synchronize objects for role-based access control (RBAC) and privileged identity management (PIM).

This patch is applied automatically when One Identity Manager is updated.

35513

 

Milestone 9.2

Milestone for the context Azure Active Directory.

 

Table 20: Patches for Active Directory

Patch ID

Patch

Description

Issue ID

VPR#14634

New maps for mapping POSIX properties

Adds the posixUser, posixGroup, and posixContact mappings for mapping POSIX properties of user accounts, groups, and contacts.

14634

 

Milestone 9.2

Milestone for the context Active Directory.

 

Table 21: Patches for Active Roles

Patch ID

Patch

Description

Issue ID

VPR#14634_ARS

New property mapping rules for POSIX properties

Adds property mapping rules to the User, InetOrgPerson, Group, and Contact mappings to map POSIX properties.

14634

 

Milestone 9.2

Milestone for the context Active Roles.

 

Table 22: Patches for Microsoft Exchange

Patch ID

Patch

Description

Issue ID

VPR#35776

Extends send as permissions

Extends the synchronization configuration to support send-as permissions for distribution groups.

This patch is applied automatically when One Identity Manager is updated.

35776

VPR#35779

New property mapping rules for mapping a hierarchical address book

Adds to property mapping rules to various mapping to map a hierarchical address book.

This patch is applied automatically when One Identity Manager is updated.

35779

 

Milestone 9.2

Milestone for the context Microsoft Exchange.

 

Table 23: Patches for HCL Domino

Patch ID

Patch

Description

Issue ID

VPR#36087

Mapping of user account roaming properties

Extends the Person mapping to map user account roaming properties.

This patch is applied automatically when One Identity Manager is updated.

36087

VPR#36831

Remove quotas for deleting objects

Removes quotas for the Delete object method from the CertifierRequest and AdminRequest synchronization steps.

36831

 

Milestone 9.2

Milestone for the context HCL Domino.

 

Table 24: Patches for Exchange Online

Patch ID

Patch

Description

Issue ID

VPR#35780

New property mapping rules for mapping a hierarchical address book

Adds to property mapping rules to various mapping to map a hierarchical address book.

This patch is applied automatically when One Identity Manager is updated.

35780

 

Milestone 9.2

Milestone for the context Exchange Online.

 

Table 25: Patches for SharePoint Online

Patch ID

Patch

Description

Issue ID

VPR#36961

Removes unused schema properties

Removes unused virtual schema properties from the Web schema type.

36961

 

Milestone 9.2

Milestone for the context SharePoint Online.

 

Table 26: Patches for Privileged Account Management

Patch ID

Patch

Description

Issue ID

VPR#36044

Support for One Identity Safeguard partitions

Extends the synchronization configuration to support One Identity Safeguard partitions.

36044

VPR#36315

Maps the One Identity Safeguard audit log

Extends the synchronization configuration to load the One Identity Safeguard audit log (AuditLog).

36315

VPR#36617

Support for One Identity Safeguard 7.2 and 7.3

Extends the synchronization configuration to support One Identity Safeguard versions 7.2 and 7.3

36617, 36943

 

Milestone 9.2

Milestone for the context Privileged Account Management.

 

Table 27: Patches for SAP R/3

Patch ID

Patch

Description

Issue ID

VPR#36970

Sets reload threshold of user accounts

Sets the reload threshold in the user synchronization step to the value 4.

36970

 

Milestone 9.2

Milestone for the context SAP R/3.

 

Table 28: Patches for SAP R/3 authorization objects

Patch ID

Patch

Description

Issue ID

VPR#35904

Removes unused processing methods

Remove unused processing methods (Update) in different synchronization steps.

35904

 

Milestone 9.2

Milestone for the context SAP R/3.

 

Table 29: Patches for the SCIM interface (in Universal Cloud Interface Module)

Patch ID

Patch

Description

Issue ID

VPR#36376

New variable for configuring list settings

Adds a variable for configuring the number of elements per page when requested for the objects list in the default variable set and the connection parameters.

This patch is applied automatically when One Identity Manager is updated.

36376

VPR#36985

Schema extension corrections

Saves the name of the schema type extensions in the schema.

This patch is applied automatically when One Identity Manager is updated.

36985

 

Milestone 9.2

Milestone for the context SCIM.

 

Table 30: Patches for Unix

Patch ID

Patch

Description

Issue ID

VPR#36688

New property mapping rules for mapping the last login times and last password changes of user accounts

Adds property mapping rules for LastPasswordChange and LastLogin to the User mapping.

This patch is applied automatically when One Identity Manager is updated.

36688

 

Milestone 9.2

Milestone for the context Unix.

 

Deprecated features

The following features are no longer supported with this version of One Identity Manager:

  • The following scripts have been removed:

    • VI_GetValueOfObject

    • VID_GetValueOfDialogObject

    • VI_ITDataFromOrg

    • VI_AE_ITDataFromOrg

    • VI_GetOrgUnitFromCertifier

    • VI_ConvertDNToCanonicalName

    • VI_PersonAuto_LDAP

    • VI_PersonAuto_ADS

    • VI_PersonAuto_EBS

    • VI_PersonAuto_Notes

    • VI_PersonAuto_SAP

    • VI_PersonAuto_SharePoint_SPSUser

    • VI_GetAttestationObject

    • VI_GetDNParser

    • TSB_Find_And_Use_Linked_Account_For_AccountDef

  • The following configuration parameters have been removed.

    • TargetSystem | ADS | DBDeleteOnError

    • TargetSystem | ADS | VerifyUpdates

    • TargetSystem | EBS | DBDeleteOnError

    • TargetSystem | NDO | VerifyUpdates

    • TargetSystem | SAPR3 | DBDeleteOnError

    • TargetSystem | SAPR3 | VerifyUpdates

    • TargetSystem | SharePoint | DBDeleteOnError

The following features will be discontinued in future versions of One Identity Manager and should no longer be utilized:

  • The following features will not be supported in the One Identity Manager Service in future.

    • FileJobProvider

    • FileJobDestination

    • FileJobGate

    • FTPJobProvider

    • FTPJobDestination

    • HTTPJobProvider

    • HTTPJobDestination

    • HTTPJobGate

  • The Web Designer and Web Designer-based web applications will not be supported in future. Use the HTML web applications that are provided via the API Server.

  • The PersonPasswordHistory table will be removed in future versions.

  • The following scripts are labeled obsolete. A warning to this effect is issued during compilation.

    • VI_AE_BuildCentralAccount

    • VI_AE_BuildCentralAccountGlobalUnique

    • VI_BuildInternalName

    • VI_AE_CreatedefaultMailAddress

    • VI_AE_BuildCentralSAPAccount

System requirements

Before installing One Identity Manager 9.2, ensure that your system meets the following minimum hardware and software requirements.

For more detailed information about system prerequisites, see the One Identity Manager Installation Guide.

NOTE: When setting up a virtual environment, carefully consider the configuration aspects such as CPU, memory availability, I/O subsystem, and network infrastructure to ensure the virtual layer has the necessary resources available. For more information about environment virtualization, see One Identity's Product Support Policies.

Every One Identity Manager installation can be virtualized. Ensure that performance and resources are available to the respective One Identity Manager component according to system requirements. Ideally, resource assignments for the database server are fixed. Virtualization of a One Identity Manager installation should only be attempted by experts with strong knowledge of virtualization techniques.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating