Updating to version 3.18.0

Pre-startup tasks

• The automaticProvisioning_account.html email template has been removed. This template was used to send the password in a separate email. If you have customized this template, you can recreate it using the new template automaticProvisioning_passwords.html.
• The automaticProvisioning_accesses.html email template has been modified to take into account the consolidation of notifications. If you had customized this template, you need to copy the new template and redo the customization.
• The parameters mail.consolidation.job.enabled, mail.consolidation.min.delay.seconds, mail.consolidation.max.delay.seconds and mail.consolidation.job.quartz must be configured in the conf/config.properties file. Please refer to Provisioning notification for more information on configuring these notifications.
• The self.service.new_request_account_activation.enable parameter must be configured in the conf/config.properties file. This controls the new tile in self-service for account activation.
• The new self.service.terminate_identity.hr_types parameter can be added to the conf/config.properties file to configure the job types of the identities displayed in the list for the "Termination (employee)" tile.
  • The HR Identifiers of eligible identities are used.
  • The default value is "external".
  • An empty value indicates that all identities can be processed.
  • To specify multiple types, the ";" character is used as a separator.
• Two new parameters have been added to the conf/config.properties file:
  • self.service.workflow.terminate_external_identity.auto_approved indicates whether the termination requests for external contractors are automatically approved.
  • self.service.workflow.terminate_identity.auto_approved indicates whether the employee termination requests are automatically approved.

Post-startup tasks

• The provisioning notification configuration for asset provisioning and asset grouping notifications has changed. Please review the configuration following the update.
• If account activation is used, the "Account Activation Requests" permission must be assigned to the RAC/M profiles that will be able to use the feature.

Additional considerations

Added additional libraries needed to authenticate with Azure AD and other authentication mechanisms

The JDBC driver for connecting to the SQL Server database is now included in the solution. In addition, all the additional libraries needed to authenticate with Azure AD and the other authentication mechanisms supported by this "driver" are also included. It may be necessary to change the data source connection links in the configuration file or in the ICF connector configuration (e.g.: add ";encrypt=true;trustServerCertificate=true" to the link). See documentation for more details.