NetIQ CloudAccess |
Version 1.1.2 |
Release Notes |
Date Published: August 2013 |
|
NetIQ CloudAccess is an appliance that provides a simple, secure way to manage access to Software-as-a-Service (SaaS) applications for corporate users. It provides out-of-the box security and compliance capabilities for SaaS services including full user provisioning, dynamic credentialing, privileged user management, Single Sign-On (SSO), and compliance reporting. This version includes new features, improves usability, and resolves several previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the CloudAccess forum on Qmunity, our community Web site that also includes product notifications, blogs, and product user groups. For more information about this release and for the latest release notes, see the CloudAccess Documentation Web site. To download this product, see the CloudAccess product Web site. What's New?The following section outlines the key features and functions provided by this version. Enhancements and Software FixesNetIQ CloudAccess 1.1.2 includes the following enhancements, as well as software fixes that resolve several previous issues.
Includes Option to Customize BrandingCloudAccess now provides the option to customize user-facing pages, such as the login, logout, and welcome pages, so users see your company branding instead of the default NetIQ branding. For more information, see the NetIQ CloudAccess Installation and Configuration Guide. Driver Replacement for the Connector for Google AppsThis release includes a replacement driver for the embedded Connector for Google Apps. APIs used by the previous Google Apps driver will no longer be supported after August 31, 2013, so the new driver is necessary for provisioning after that date. Security VulnerabilitiesThis release addresses security vulnerabilities found in NetIQ CloudAccess 1.1.1. (821674, 834875) Memory Usage IssueeDirectory identity sources no longer experience memory buildup issues on the eDirectory server. (830195) System RequirementsThis version of the product supports upgrades only from NetIQ CloudAccess 1.1.1.
For detailed information about hardware and software requirements, see Chapter 2 "Installing CloudAccess" in the NetIQ CloudAccess Installation and Configuration Guide. Installing This VersionTo install CloudAccess, see Chapter 2 "Installing CloudAccess" in the NetIQ CloudAccess Installation and Configuration Guide. Verifying the InstallationComplete the following steps to verify that the installation was successful. To check the installed version:
Known IssuesNetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.
Initialization IssuesInitialization Takes a Long Time to Display
Changes to the Preferred DNS Server During Initialization Result in a Static IP Address
Administration IssuesDeleting a Node from the Cluster Removes the Node from the Interface, but the VMware Image Still RunsLeaving the VMware image running allows users to authenticate to a node that does not exist on the Admin page. When you delete a node from the cluster, the appliance deletes the node from the interface, but the VMware image still exists and is running. (755006) Use the following procedure to delete a node from a cluster:
CloudAccess Cannot Set TenantName Attribute on Events Sent to Sentinel
Browser Errors If Kerberos Is Not Enabled in the Browser
Health Status Indicates That No Time Server Is Configured
Provisioning IssuesUser Email Address Changes in Active Directory Are Not Provisioned to Salesforce
Approval-Based Provisioning Continues Despite Removing the User from a Mapped Group
Re-enabled User Has Role That Was Previously Assigned
Policy Mapping IssuesNo Connectors Are Displayed on the Policy Mapping Page
CloudAccess Does Not Reconcile Pending Approvals with Changes to Policy Mappings
Using Multiple Browsers or Browser Windows Can Result in Duplicate Mappings
Using Wildcards for Filtering on Roles Page Does Not Work As Expected
Reporting IssuesReports Display Information from Deleted Connectors
Mapping Report Displays Numeric Values Appended to Data in the Authorization Name Column
Reports May Not Accurately Show Approvals
User IssueGoogle Users Can No Longer Log in After Enabling Single Sign-On
Time Synchronization IssueCloudAccess depends on timestamps to function properly. Time must be synchronized between the VMware host, each CloudAccess node in the cluster, and the workstations administering CloudAccess.
Connector IssuesLogging Out of Identity Provider Welcome Page Does Not Result in Logout from SaaS Connectors
Admin Page Does Not Provide a Way to View SaaS Metadata
Office 365 Installer May Fail During CloudAccess Credential Validation or Login
Display Name Does Not Change in Office 365 after Changing in Identity Source
Access Connector Toolkit Does Not Provide a Logout Option
Renaming Authorization at Office 365 Account Requires Policy Remapping in CloudAccess
Office 365 User Licenses Are Not Always Removed During Deprovisioning
Office 365 Single Sign-On Does Not Work After Changing Signing and Decryption Keys at ADFS
First and Last Names Are Not Updated When a User Uses Single Sign-on to Google Apps with an Existing Account
Google Apps Mail Attachment LimitThe CloudAccess Connector for Google Apps for Business currently has a maximum attachment size of 10 MB for the Google Apps Mail proxy. This limitation will be addressed in an upcoming release. Service Provider-Initiated Login to Salesforce and NetIQ Access Manager Does Not Work CorrectlyThe following limitations currently exist with the Connector for Salesforce and the Connector for NetIQ Access Manager:
Behavior of Service Provider-Initiated Login To Salesforce When Kerberos Is EnabledIf you have Kerberos enabled on your CloudAccess cluster, service provider-initiated login attempts to Salesforce may result in the browser being left at the OSP welcome page after authenticating to the OSP instead of being redirected back to Salesforce. This issue occurs only if Kerberos is enabled on the CloudAccess cluster, but it occurs regardless of whether Kerberos single sign-on (SSO) occurs to the OSP or another authentication is used instead (for example, when the workstation is not a member of the Active Directory domain). You can prevent or address this issue by changing an option on the Single Sign-On Settings page at Salesforce. This page includes a new radio button named Service Provider Initiated Request Binding with two options: HTTP POST (selected by default) and HTTP Redirect. If you have Kerberos enabled on your CloudAccess cluster, select HTTP Redirect instead of the default HTTP POST option. If you do not have Kerberos enabled on the CloudAccess cluster, you do not need to change this option. This issue occurs on workstations running Windows 7 and Internet Explorer 9, but does not occur with Firefox on Windows 7. Single Sign-On to Box.com Fails if User Session Timeout Is Set to 75 Minutes Or Longer
Contact InformationOur goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you. For detailed contact information, see the Support Contact Information Web site. For general corporate and product information, see the NetIQ Corporate Web site. For interactive conversations with your peers and NetIQ experts, become an active member of Qmunity, our community Web site that offers product forums, product notifications, blogs, and product user groups. Legal NoticeTHIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NONDISCLOSURE AGREEMENT, NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS; THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU. For purposes of clarity, any module, adapter or other similar material ("Module") is licensed under the terms and conditions of the End User License Agreement for the applicable version of the NetIQ product or software to which it relates or interoperates with, and by accessing, copying or using a Module you agree to be bound by such terms. If you do not agree to the terms of the End User License Agreement you are not authorized to use, access or copy a Module and you must destroy all copies of the Module and contact NetIQ for further instructions. This document and the software described in this document may not be lent, sold, or given away without the prior written permission of NetIQ Corporation, except as otherwise permitted by law. Except as expressly set forth in such license agreement or nondisclosure agreement, no part of this document or the software described in this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, or otherwise, without the prior written consent of NetIQ Corporation. Some companies, names, and data in this document are used for illustration purposes and may not represent real companies, individuals, or data. This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. U.S. Government Restricted Rights: If the software and documentation are being acquired by or on behalf of the US Government or by a US Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government's rights in the software and documentation, including its rights to use, modify, reproduce, release, perform, display or disclose the software or documentation, will be subject in all respects to the commercial license rights and restrictions provided in the license agreement. © 2013 NetIQ Corporation and its affiliates. All Rights Reserved. For information about NetIQ trademarks, see http://www.netiq.com/company/legal/. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||