Release notes
Google Apps Multidomain Connector Enhancements
The existing connector has been enhanced to include the following features:
Vault Matter Dataformat
Introduced a new dataformat Vault Matter, which helps creating matter and holds in Google Vault. A matter is the basic component of the Google Vault, which is basically the workspace in which holds are created. The matter can be shared with any number of people, who are referred to as collaborators. Once the matter is created the enhancement allows for holds to be created, which will define the corpus and items that should be put on hold. The connector provides the flexibility to:
- Create matter with basic details and add holds by modifying them
- Create matter and hold in a single call, which the connector splits internally and makes multiple calls
The dataformat is introduced with following export and import functionalities. The below functionalities are implemented using Google Vault AIP library, which in turn makes REST calls to the cloud server. The security concerns (authN and authZ) are ensured by OAuth 2.
Prerequisites
An app should be created in Google portal with the needed permissions, which are called scopes. The scope can be any of the following based on the operation we are performing.
Export
- List Matters - Lists all matters created, filtered by the states OPEN, CLOSED, DELETED, or STATE_UNSPECIFIED. There is an additional property (FIlterMatterByState) that can be set during export, which is available in the export plugin. This helps the connector filter/limit the results based on the state of matter.
- Get a matter by Id - getMatterById
- Connected system look up from mapper by Id
Import
- Create Matter
- With basic details
- With basic with permission details
- With basic + hold details
- Modify matter
- With basic details
- With basic with permission add/delete details
- With basic + hold add/modify/delete details
- Delete Matter
Lookup
- Matter By Id
Supported Attributes
| Attribute Name | Type | Export | Create | Modify | Delete | Comments |
|---|---|---|---|---|---|---|
|
matterId |
String | Y | N | Y | Y | The unique identifier of the item. Read-only. |
|
name |
String | Y | Y | N | N | The name of the matter. |
|
description |
String | Y | Y | Y | N | The description of the matter |
|
state |
String | Y | N | N | N | The state of the matter OPEN, CLOSED, DELETED, STATE_UNSPECIFIED. |
|
matterPermissions->accountId |
String | Y | Y | Y | N | The account to which the role is given |
| matterPermissions->role | String | Y | Y | Y | N | The role which is to be assigned to the account. OWNER, COLLABORATOR, ROLE_UNSPECIFIED |
| matterPermissions->changeType | String | Y | N | Y | N | Decides what operation to be done with permission (i.e., add/delete) |
|
holds->holdId |
String | Y | N | Y | N | The id of the hold |
| holds->name | String | Y | N | N | N | Name of the hold |
|
holds-> updateTime |
String | Y | N | N | N | The hold update time |
| holds-> accounts->holdTime | String | Y | N | N | N | Account hold time |
| holds-> accounts->changeType | String | Y | Y | Y | N | Change type to manage account to/already on hold |
| holds-> accounts->accountId | String | Y | Y | Y | N | ID of the account |
| holds-> accounts->email | String | Y | Y | Y | N | Email of the account |
| holds-> accounts->firstName | String | Y | N | N | First name of the account | |
| holds-> accounts->lastName | String | Y | N | N | Last name of the account | |
| holds->corpus | String | Y | N | N | The corpus on which the hold query is to be applied: MAIL, DRIVE, GROUPS, HANGOUTS_CHAT, VOICE | |
| holds-> query->driveQuery->includeSharedDriveFiles | String | Y | N | N | The indicator whether the hold shoudl include shared drive files as well | |
| holds-> query->driveQuery->includeTeamDriveFiles | String | N | Y | N | The indicator whether the hold shoudl include teams drive files as well | |
| holds-> query->groupsQuery->endTime | String | N | Y | N | The end time of the hold | |
| holds-> query->groupsQuery->startTime | Integer | N | Y | N | The start time of the hold | |
| holds-> query->groupsQuery->terms | boolean | N | Y | N | The filter by which holdable items are identified. refer for building terms | |
| holds-> query->hangoutsChatQuery->includeRooms | String | N | Y | N | The classification label for the site | |
| holds-> query->mailQuery->endTime | String | N | Y | N | The end time of the hold | |
| holds-> query->mailQuery->startTime | String | N | Y | N | The start time of the hold | |
| holds-> query->mailQuery->terms | String | N | Y | N | The filter by which holdable items are identified refer for building terms | |
| holds-> query->voiceQuery->coveredData | String | N | Y | N | The email id of the user who is creating the si |
Data Transfer Support
Google Apps connector user data format import has been enhanced to support data transfer. Data transfer is processed for change types modify and delete. Google data transfer is application based and have to provide the application id for which data transfer is to be processed. When data transfer is processed, the application data belongs to the user given for modify/delete is transferred to the user configured with data transfer attributes. The data transfer API requires the Id of both users and primaryEmail is not supported. The id of the importing user should be provided with userId attribute.
Prerequisites
The app linked to the service account should have the scope:
https://www.googleapis.com/auth/admin.datatransfer
Attributes
Following are the attributes to be configured for data transfer.
| Name | Description |
| DataTransfer->newOwnerUserId | Id of the user to whom the data is being transferred. |
| DataTransfer->Application->applicationId | Id of the application for which data transfer has to be done. |
| DataTransfer->Application->DataTransferParams->key | The type of the transfer parameter for the application. |
| DataTransfer->Application->DataTransferParams->value | The value of the transfer parameter for the application. |
License Management
Google connector user data format import has been enhanced to support license management.
Prerequisites
The app linked to the service account should have the scope:
https://www.googleapis.com/auth/apps.licensing
Attributes
Following are the attributes for license management.
| Name | Type | Export | Create | Modify | Delete |
| License->productId | String | Y | Y | Y | N |
| License->productName | String | Y | N | N | N |
| License->selfLink | String | Y | N | N | N |
| License->skuId | String | Y | Y | Y | N |
| License->skuName | String | Y | N | N | N |
| License->userId | String | Y | N | N | N |
User Session Sign Out
Google Apps connector has been enhanced to support user session sign out when the user is disabled by admin. The session sign out API needs additional permission to process. So the call could fail for existing solutions if the permissions are not updated. To avoid issues in existing solutions, the failure is logged but not propagated outside of that.
Prerequisites
The app linked to the service account should have the scope:
https://www.googleapis.com/auth/admin.directory.user.security
Ellucian Ethos Enhancements
Ellucian Ethos connector has been enhanced to support Position and Department data formats. Also, the Employee data format has been enhanced to support import.
Position
Introduced the Position data format to export and lookup institution-positions. This data format supports paging, filtering and get entry by id options on export. Lookup by filter and by id are supported for this data format. The following is the list of attributes supported for this data format.
| Name | Type |
| authorizedOn | String |
| campus->code | String |
| campus->description | String |
| campus->id | String |
| campus->institution->code | String |
| campus->institution->description | String |
| campus->institution->id | String |
| campus->institution->title | String |
| campus->title | String |
| classification->code | String |
| classification->description | String |
| classification->id | String |
| classification->title | String |
| code | String |
| departments->code | String |
| departments->description | String |
| departments->endOn | String |
| departments->id | String |
| departments->status | String |
| departments->title | String |
| description | String |
| endOn | String |
| exemptionType | String |
| fullTimeEquivalent | String |
| id | String |
| metadata->createdBy | String |
| metadata->createdOn | Date |
| metadata->modifiedBy | String |
| metadata->modifiedOn | Date |
| reportsTo->position->id | String |
| reportsTo->type | String |
| startOn | String |
| status | String |
| title | String |
Department
Introduced the Position data format to export and lookup employment-departments. This data format supports paging, filtering and get entry by id options on export. Lookup by filter and by id are supported for this data format. The following is the list of attributes supported for this data format.
| Name | Type |
| code | String |
| description | String |
| endOn | Date |
| id | String |
| metadata->createdBy | String |
| metadata->createdOn | Date |
| metadata->modifiedBy | String |
| metadata->modifiedOn | Date |
| status | String |
| title | String |
Employee
Employee data format has been enhanced to support import operations. This data format support add and modify operations, but delete is not supported. The following is the list of attributes supported on import.
| Name | Type |
| benefitsStatus | String |
| campus->id | String |
| contract->detail->id | String |
| contract->type | String |
| endOn | Date |
| homeOrganization->id | String |
| hoursPerPeriod->hours | String |
| hoursPerPeriod->period | String |
| id | String |
| leaveReason->id | String |
| payClass->id | String |
| payStatus | String |
| person->id | String |
| rehireableStatus->eligibility | String |
| rehireableStatus->type->id | String |
| startOn | Date |
| status | String |
| terminationReason->id | String |
Blackboard REST Enhancements
The Blackboard REST connector has been enhanced to support new data format Pronoun. The user data format has been enhanced to support additional attributes.
Pronoun Data Format
A new data format is introduced in the connector to support export, lookup and import pronouns. Export supports paging and filtering. Entry by Id is not supported for pronouns API, so that option is not available is export and lookup.
| Name | Type | Export | Create | Modify | Delete |
| id | String | Y | N | Y | Y |
| name | String | Y | Y | Y | N |
| status | String | Y | Y | Y | N |
User Data Format Attributes
User data format is enhanced to support the following attributes. These attributes are supported in export, lookup and import. The new attributes are available only in newer versions of Blackboard server. So it is important to make sure that the server supports these attributes before using it in workflows.
| pronouns |
| pronunciation |
| contact->institutionEmail |
| name->preferredDisplayName |
Granular PSA Configurations
The PSA feature has been enhanced with new set of PSA policies, user groups and features so that each admin UI tab can be qualified individually. The new SaaS policies will also exclude some options which are strictly for master administrators. The below table summarizes new SaaS admin policies
| Policy Name | Qualifying Tab | Additional Restrictions |
| SaaS User Administrators | Users | Import LDAP Users and Add Users options will not be available |
| SaaS System Administrators | Systems | Will not be able to update shared systems |
| SaaS Server Administrators | Servers | Server Events, HA and Logs options will not be available. Not permitted to update workflow/trigger configurations. For full control of workflows and triggers, let the user qualify for the iPaaS policy. |
| SaaS Approval Administrators | Approvals | |
| SaaS Policy Administrators | Prov Policy | |
| SaaS Compliance Administrators | Compliance | Manage Reports and View Reports options will not be available |
| SaaS Security Administrators | Security | |
| SaaS Self-Service Administrators | Self-Service | Self-Claiming option will not be available |
| SaaS Configuration Administrators | Configuration | Security QA, Licenses and Key Management options will not be available. Usage of shared systems in product attribute and DUI are restricted. |
| SaaS Apps Administrators | Apps |
Compromised Password Check Enhancement
The compromised password check property has been enhanced to support more options. The new option will allow include or exclude of passwords generated by the random password generator from compromised password check.
Fixed Defects
List of defects reported by customers or implementation, does not contain defects raised internally.
-
Fixed issues with export sub call processing for Ellucian Ethos connector. This issue was happening when there were too many sub calls to process and the time to complete these calls exceed the token validity. Corrected token update error handling to support all type of sub calls.
Feature Affected: Connectors
Connector Affected: Ellucian Ethos
-
Fixed issue with access token refresh for Microsoft Office 365 REST connector. There was an issue in loading the credentials required to refresh the token. Corrected the credentials loading issue to fix the access token refresh issue.
Feature Affected: Connectors
Connector Affected: Microsoft Office 365 REST
-
Fixed issue with token creation for Zoom connector. The token creation call was redirected to Identity server and Identity server called Zoom server to generate the access token. Corrected the Identity server to Zoom call to fix token creation.
Feature Affected: Connectors
Connector Affected: Zoom
-
Fixed issue with access token refresh for Webex Team connector. There was an issue with URL and path used for the refresh call. Corrected the URL and path to fix the access token refresh issue.
Feature Affected: Connectors
Connector Affected: Webex Team
-
Fixed issue of sending compliance reminder notification to previous assignees. Corrected the process to send the reminder notification only to current assignee.
Feature Affected: Compliance
-
Fixed issue of compliance scheduled jobs not starting on scheduled time.
Feature Affected: Compliance
Downloads
The download links below are applicable to Fischer on-premise customers that host the Fischer IdM software in their environment. If you are a Fischer IaaS (Cloud) customer, all delivery of updates are performed by Fischer on a scheduled basis.
To download the latest update, you will need a login to the Fischer Release portal. If you are a Fischer on-premise customer and would like to request an account to the Fischer Release portal, please submit a request through the Fischer ticketing system.
Identity Linux 7.7.18 Installer
Identity Windows 7.7.18 Installer
DataForum Linux 7.7.18 Installer
DataForum Windows 7.7.18 Installer
Gateway Linux 7.7.18 Installer