RAC/M Identity™ is our simple and effective identity governance (IAM) solution that enables businesses large and small to understand and manage the complex relationships between users and their access to physical and digital resources, on-premise or in cloud computing.
IMPORTANT NEW FEATURES
1. Advanced support for manual provisioning via workflow services
1.1. This screen is available in the Configuration / Manual provisioning menu.
- You can trigger provisioning actions via an email using the MVEL language, sent to a specific email address or for enterprise ticketing services such as ITSM and Omnitracker
- You can automate ticket creation for provisioning directly in ticketing solutions using APIs such as Servicenow. This feature uses Groovy scripts to give the flexibility to use different APIs like REST, GraphQL or others.
You can trigger provisioning actions via an email using the MVEL language, sent to a specific email address or for enterprise ticketing services such as ITSM and Omnitracker
In the Assets, in the Provisioning section, a choice of one of the manual provisioning configurations is available.
1.2. Ticket number
A ticket number is displayed at the top of the provisoning request panel and in the self-service area in the request approval mode. These numbers are links that can redirect you to the target system to view the status of specific requests.
- Top of the provisioning requests panel
- In the self-service in the application approval modal
2. Support for Azure AD authentication
Added support for Azure AD SAML authentication. This simplifies the process of accessing the solution and integrates with the company’s current authentication infrastructure.
IMPROVEMENTS
- Added a routing parameter in the asset indicating to whom additional instruction requests should be sent. #2342
- Changed the way identity statuses are displayed in the identity list. Colored labels are now used. #2396
- The licenses of the third-party libraries used are now included in the RAC/M Identity distribution #2514
- It is now possible to save an identity with a date field in the SAP date format. #2398
- Access review campaign
- Members of a reviewer’s delegation group can now access the reviewer’s campaign from the Self-Service. #2304
- When extending the end date, the calendar is pre-opened by default. #2301
CORRECTIFS
- Update of third-party libraries used to fix vulnerabilities. #2440 #2201
- Fixed a vulnerability related to Struts and OGNL..
- On a new installation, ICF connectors will use the default Java trusted CA certificates, this will ensure that connections to servers using certificates signed by public trusted authorities will work on installation #2390
- Correction of the state of a provisioning request when the access rights are insufficient in the target system. These requests should be in the “Error” state#2330
- Fixed an error in the ModuleCopyColumnsAndInsertSQL module at the copy related to the Hierarchy table.#2289
- Fixed an error in the modal for assigning roles to an identity if the checkbox “Only display active roles” is unchecked.#2267
- Fixed editing a disabled module from the blocks screen.#2302
- Removing the duplicate extra35 attribute from the account details screen #2459
- After the generation of a role, the link to the generated role is now functional #2488
- Self-Service
- Added a missing label indicating that the role is inactive in the details of a task #2483
- Correction of the display of the date selector in the details of a task #2455
- Access review campaigns
- Fixed access via self-service. Access performance to this section has been improved. #2346
- Amélioration de la performance dans le calcul du nombre d’accès restant à réviser. #215
- It is no longer possible to extend the end date of a campaign in preview mode #2404
- The “More Action” drop-down menu no longer exits the window at the last item #2394
- The identity search is now functional #2513
BREAKING CHANGES
- Update Java to JDK 15 version.
- Changed support for date formats (CLDR) in several modules. Lost support for the following format in French: “lundi 1 juillet. 2013”. The date will have to be written with one of the two following formats:
- “lundi 1 Juillet 2013”
- “lun 1 Juillet 2013”
- Modules Affected by this change:
- ModuleFormaterDateUniformisation
- ModuleIdentityEventHandler
- ModuleCopyColumnsAndInsert
- Changed support for date formats (CLDR) in several modules. Lost support for the following format in French: “lundi 1 juillet. 2013”. The date will have to be written with one of the two following formats:
- Update of log4j. Migrate to the new log4j2.xml format. Please see the log4j_props_to_log4j2.md document for migration.
- Changed the name of a placeholder variable in campaign email templates from campaignReviewerTitle to campaignReviewerName.
- Added 4 new required configurations in the config.properties file:
- auth.saml.enabled=false
- auth.saml.relyingPartyIdentifier=
- auth.saml.metadataUrl=
- auth.saml.replyURL=