Option to Hide Username Panel in Identity Claim
Identity claim configuration has been enhanced to show or hide the user name panel during the claim process. The 'Show UserId' check box in the Identity Claim configuration can be unchecked to hide the user name panel during the claim process. When applying this patch, the default value will be checked, to ensure continued continuity that Clients are currently seeing during the Identity Claim process.
User Match Hub
The new user match hub will provide the flexibility to initiate the user match process from a workflow. When the user match process is initiated by the hub, the user match engine will skip the regular post match workflow processing and all the downstream provisioning actions. Instead, the post match workflow configured in the user match hub will get invoked on match completion. This allows additional flexibility for the feature to have additional controls put in place, as needed.
The post match workflow can be any deployed 'Lookup' type workflow. This workflow will be invoked on completion of the user match (In the case of multiple perfect matches or strong matches, the workflow will be invoked only after the user match administrator takes a match action), the pay load will be same as regular post match workflow with the following transaction attributes.
Transaction-UserMatchPolicyId: The qualified user match policy Id.
Transaction-UserMatchStatus: The status of user match, the values may be SKIPPED (User match not configured for the org), NONE (No match found), EXACT (A perfect match found), STRONG (Matched either multiple perfect matches or a strong match).
Policy Load Mode - DB Only Option
The policy load mode has been enhanced to support a new execution level value of 'Load Mode - Database only'. This mode is similar to the Policy Load Mode - File Only option, but instead of printing it out to a CSV file, it will allow you to configure the workflow you'd like to execute after the evaluation has completed, so that it can be imported into a database table.
When the execution level is Load Mode - Database Only, the 'Load Mode - Database Workflow' property has to be specified, any deployed 'Normal' mode workflow can be selected for this property. When the policy workflow is executed in 'Load Mode - Database Only' mode, then the workflow specified in the 'Load Mode - Database workflow will be invoked with the result of the policy evaluation. The payload to the workflow will have the following structure.
The following elements are multi-valued. The schema of the payload is available as loadmodeschema.xml file under the datafourm\config folder.
<policy>, <startGraceDaysOverrideRule>, <endGraceDaysOverrideRule> , <resource> and <entitltment>.
Improved query performance across the product by doing the following:
- Replace usage of SELECT * with SELECT column list
- Limit the usage of SELECT DISTINCT when possible; Instead handled the duplicates at the application layer
- Replaced incorrect use of OUTER JOINs with INNER JOIN, if the JOIN is to non-nullable FK columns
Ability to View Resource Centric UI for User Access
Introduced resource centric view of certifiable entities in the Self Service 'Users' Tab. This can be enabled or set as default from compliance configuration in the Identity Administration Page. An option to switch to User or Resource View will be presented to user access certifiers and technical reviewers.
Resource View lists all the resources assigned to the certifier. When expanded, it lists the users having that resource to be certified by the certifier.
Option to Allow, Remove and Reassign is available at the user level. Columns up to the 70% width of User Listing Dynamic UI Screen, is used to display the users and the remaining is used to show the certification actions.
On further expanding the users, it will display details of the user and entity such as entitlements, obtainment information, certification history will be displayed.
List of defects reported by customers or implementation, does not contain defects raised internally.
- Fixed issue with resource change processing configuration (under Configuration tab-->Configuration) ending up processing policies in remove grace periods.
- Feature Affected: Provisioning Policy - Resource Change Processing
- Fixed issue with user license management in Office 365 connector. The groups used to manage the license was not being read correctly via the API.
- Feature Affected: Connector
- Connector Affected: Microsoft Office 365
- Fixed the user access view in self-service to display the systems, resources and entitlements sorted by name.
- Feature Affected: Self-Service user access view
The download links below are applicable to Fischer on-premise customers that host the Fischer IdM software in their environment. If you are a Fischer IaaS (Cloud) customer, all delivery of updates are performed by Fischer on a scheduled basis.
To download the latest update, you will need a login to the Fischer Release portal. If you are a Fischer on-premise customer and would like to request an account to the Fischer Release portal, please submit a request through the Fischer ticketing system.