RAC/M Identity™ is our simple and effective identity governance (IGS) solution that enables large and small enterprises to understand and manage the complex relationships between users and their access to physical and digital resources, on-premise or SaaS.
IMPORTANT IMPROVEMENT
Role Modification Request
A new screen is available in the self-service section for role modification requests. #3242
Section 1: The dropdown menu “Choose a role” allows for role selection, and an optional field “Choose a version template” lets users base modifications on an existing version of the role if necessary.
Section 2: This section allows the addition and removal of members directly assigned to a role. Potential members are listed on the left, while modifications can be previewed in the center. Modifications are shown with intuitive icons (+ for additions, – for removals).
Section 3: Users can define criteria to automatically assign members based on specific attributes. The interface allows the modification and deletion of these criteria. Changes to assignment criteria immediately display the affected members, providing a clear view of potential and active members.
Section 4: Users can add or remove access rights associated with a role. Potential access options are listed on the left for quick addition. Added and removed accesses are highlighted in the central section with color indicators for clarity.
Important:
- The property self.service.new_request_role_modification.enable in the conf/config.properties file allows enabling or disabling this feature. Possible values: “true” (enabled) or “false” (disabled).
- New permissions have been added in the RAC/M Profiles screen for granular access to different pages.
Improved display of SOD details
An improved modal window now provides detailed insights into Segregation of Duties (SOD) conflicts directly within self-service requests and approvals, making it easier to understand why specific role requests or entitlements conflict with SOD rules. A visual conflict representation offers a user-specific view with icons, colors, and symbols to highlight conflicts.
IMPROVEMENTS
- It is now possible to activate a role without executing provisioning. #3602
- Role creation in self-service. #3242
- A new screen is available in the self-service section for role creation requests. This page allows adding a link to an external ticketing service for the creation request.
- The property self.service.new_request_role_creation.enable in the conf/config.properties file enables or disables this feature. Possible values: “true” (enabled) or “false” (disabled).
- The property self.service.new_request_role_creation.link in the conf/config.properties file allows defining the link to be used for the page.
- A new screen is available in the self-service section for role creation requests. This page allows adding a link to an external ticketing service for the creation request.
- Standardization of date usage and display. #2847
- Two new optional properties are available in the conf/config.properties file:
- default.system.language to set the default language.
- default.locale.[Language (fr or en)] to set the default locale.
- Refer to the documentation for more details on the configuration.
- Two new optional properties are available in the conf/config.properties file:
- Standardization of locale settings in emails. #3984
MINOR IMPROVEMENTS
- Modified navigation menu colors in the self-service section. #4169
- The asset list in the account match page is now sorted alphabetically. #3055
- Added a field to configure CCs on emails in the ModuleProcessAccountBasedOnLastLoginDate module. #3955
- Increased the size of the section displaying the email template during campaign creation. #2937
- Removed the Jetty version from request headers. #4064
- Added the “Cache-Control” header to requests. #4065
- Removed a policy for profile removal. #4034
- Added a link to connectors in the collectors page. #3662
- Added a filter in identity access requests to hide accesses already included in selected roles. This filter is checked by default. #3437
- Modified role nomenclature: “static” members are now called “directly assigned” and dynamic members are now called “automatically assigned.” #4089
- Added a column to display the role owner in the role list. #715
- Improved the case-sensitive comparison description in the copy module. #3887
- Standardized the terms “title” versus “position” for JOBS. #418
- In the conf/config.properties file, increased the default value of webserver.maxFormContentSize from 200000 to 1000000. #4118
- Removed a duplicate index in the PROFILE table. #4080
- Increased the size of the FORMAT column in the TREATMENT table. #4084
- It is no longer necessary to insert the base STRUCTURAL_IMPORT entry when clearing import table content. #3130
CORRECTIONS
- Removed buttons for individual asset items during asset creation. #3100
- Fixed display of request date in the task rejection modal. #2883
- Fixed display of user entries in request emails for special characters. #3928
- Corrected selection of the “Sign In with Microsoft” image. #4010
- Fixed table display issues when text contains long strings without spaces. #3930 #2126
- Improved visual elements in campaign detail modals. #4081
- Added indicators for required fields in campaign transfer modals. #3877
- Corrected text in incremental campaigns to align with button labels. #3144
- Fixed undefined subjects for certain types of manual provisioning via the GLPI script. #3990
- Fixed generation of account provisioning items when a logical group is rejected in a campaign. #4204
- Fixed campaign launch when the identity language contains uppercase letters. #3855
- Correctly updated the REVIEWER_FIRST_NAME and REVIEWER_LAST_NAME fields during a campaign transfer. #4045
- Adjusted error messages in email tests for the provisioning section. #3940
- Fixed line number logging when an error occurs during execution of the ModuleCSVUpdateOrInsertTable module. #4083
- Fixed the message displayed when no extractor is available in the list. #4043
- Fixed calculation of the percentage of identities without a supervisor. #3965
- Corrected role version list filter to properly handle special characters. #3959
- Fixed an issue where an override was used instead of the account name in materialization modules. #3963
- Fixed an issue with executing the ModulePermutation module when the number of items to process is 2000. #3987
- Fixed an issue preventing the saving of employment status mappings in Firefox. #3427
- The warning for group provisioning during account updates only displays if groups are modified. #3695
- Fixed validation error handling during the saving of a new module. #3263
- Corrected an SQL issue in the creation of extended attributes. #4033
- Absolute paths are no longer available in URLs for file modification actions. #4066
- Fixed an issue with displaying campaign templates when the language cookie is not set. #4098