NetIQ CloudAccess |
Version 1.1 |
Release Notes |
Date Published: January 2013 |
|
NetIQ CloudAccess (formerly NetIQ Access Gateway for Cloud) is an appliance that provides a simple, secure way to manage access to Software-as-a-Service (SaaS) applications for corporate users. It provides out-of-the box security and compliance capabilities for SaaS services including full user provisioning, dynamic credentialing, privileged user management, Single Sign-On (SSO), and compliance reporting. This version includes new features, improves usability, and resolves several previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the CloudAccess forum on Qmunity, our community Web site that also includes product notifications, blogs, and product user groups. For more information about this release and for the latest release notes, see the CloudAccess Documentation Web site. To download this product, see the CloudAccess product Web site. What's New?The following sections outline the key features and functions provided by this version. Includes New Connector for Office 365This version of CloudAccess includes a new Connector for Office 365, which provides automated provisioning of accounts from the identity sources to Office 365. The Connector for Office 365 also provides single sign-on (SSO) to Office 365. Adds Support for Multiple ConnectorsThis version adds support for multiple Connectors of the same type. For more information about the requirements for each connector, see the NetIQ CloudAccess Installation and Configuration Guide. Adds Support for Additional SSO-Only ConnectorsThis version adds support for additional connectors that you can use for single sign-on (SSO) to other applications or Web services. These connectors are available for download from your Customer Center. For more information, see the Access Connector HQ Web site. Includes New Update ChannelThis version includes a new update channel for keeping your appliances up to date with the latest security fixes, bug fixes, and feature updates. CloudAccess checks the Novell Customer Center channel for updates on a regular basis, and you can choose to download and install updates immediately or wait until the default installation time to minimize network impact. For more information, see the NetIQ CloudAccess Installation and Configuration Guide. Adds Support for eDirectory as an Identity SourceThis version adds support for eDirectory as an identity source. For more information, see the NetIQ CloudAccess Installation and Configuration Guide. Adds Support for Role-Based AdministrationThis version adds support for role-based administration, which enables the appliance administrator to delegate administrative functions, such as Application Owner, Approver, or Compliance Auditor, to business users. For more information, see the NetIQ CloudAccess Installation and Configuration Guide. Improves Support for User Access on Mobile DevicesCloudAccess rendering on supported mobile devices has been improved, and support for mobile access to the Connector for Salesforce has been added. Mobile devices that do not communicate using Security Assertion Markup Language (SAML), but only user name and password for authentication, can now log in to Salesforce through CloudAccess using enterprise credentials if delegated authentication is enabled on the associated Salesforce account. For more information, see the NetIQ CloudAccess Installation and Configuration Guide. Enhancements and Software FixesNetIQ CloudAccess 1.1 includes enhancements as well as software fixes that resolve several previous issues.
Includes Navigation EnhancementsThis version includes enhancements to the CloudAccess console so you can easily navigate from one administration page to another. Includes Health Status EnhancementsThis version includes enhancements to the CloudAccess console that enable you to view health status and more easily manage and troubleshoot the nodes in your cluster and associated connectors. For more information, see the NetIQ CloudAccess Installation and Configuration Guide. Adding a New Node to the Cluster While an Existing Node is Down Causes the Initialization Page to Stop RespondingAs a best practice, you should verify that all of the nodes in your cluster are healthy and communicating properly before adding a new node to the cluster. However, the initialization process now completes successfully when you add a new node to the cluster even if an existing node is not running. (757812) After a Switch Master, Cluster Nodes or Active Directory Connectors are RedCloudAccess no longer falsely displays the health of Active Directory connectors or nodes in the cluster as red after you perform a switch master. (756486, 756894, 75689) Mobile Access for the Connector for Google Apps for Business Appears Disabled in the InterfaceCloudAccess now correctly displays the state of the mobile access feature when you delete an existing Connector for Google Apps for Business and add a new connector. (753184) The Appliance Fails to Provision All Users in Overlapping GroupsCloudAccess now properly supports and executes policy mappings on groups with overlapping users. (734642) Duplicate sAMAccountNames across Identity Sources Cause IssuesDuplicate sAMAccountNames across multiple identity sources no longer allow users to impersonate one another. (754860) Login Loop Occurs when Accessing the Admin and Policy Mapping Pages from the Same SessionCloudAccess now opens Admin and Policy Mapping pages as expected from the same session. (751846) "Problem Applying Changes" Error Appears on the Policy Mapping PageCloudAccess no longer displays an error on the Policy Mapping page if you modify a mapping without selecting the approval check box. (744333) Cannot Access the Approval Page after Creating Large Numbers of Approvals SimultaneouslyAs a best practice, consider adding a maximum number of 2,000 approval requests simultaneously. However, CloudAccess now correctly displays new approvals as expected. (757417, 757423) Enabling Show Descriptions While Running Reports Loses the Report StatusEnabling the Show Descriptions option while running reports no longer causes the report status to disappear. (748142) Chrome Does Not Display the Policy Mapping Page ProperlyWhen you use Google Chrome to access the Policy Mapping page, the icons and the name of the connector in the drop-down list are rendered properly. (713154) System RequirementsThis version of the product does not support upgrades from NetIQ Access Gateway for Cloud 1.0. If you currently have Access Gateway for Cloud 1.0 installed in your environment, you must uninstall it before you install this version. For detailed information about hardware and software requirements, see Chapter 2 "Installing CloudAccess" in the NetIQ CloudAccess Installation and Configuration Guide. Known IssuesNetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.
Initialization IssuesTime Not Synchronized on the ESX or ESXi Server Causes Intermittent Problems
Initialization Takes a Long Time to Display
Changes to the Preferred DNS Server During Initialization Result in a Static IP Address
Administration IssuesDeleting a Node from the Cluster Removes the Node from the Interface, but the VMware Image Still RunsLeaving the VMware image running allows users to authenticate to a node that does not exist on the Admin page. When you delete a node from the cluster, the appliance deletes the node from the interface, but the VMware image still exists and is running. (755006) Use the following procedure to delete a node from a cluster:
Adding a Node Results in a Command Failure
Adding a Node Never Completes
Progress Bar is Not Accurate During Updates
Error When Adding a Node to a Cluster
Provisioning IssuesUser Email Address Changes in Active Directory Are Not Provisioned to Salesforce
Approval-Based Provisioning Continues Despite Removing the User from a Mapped Group
Re-enabled User Has Role That Was Previously Assigned
Policy Mapping IssuesNo Connectors Are Displayed on the Policy Mapping Page
The Policy Mapping Page Returns a 500 Internal Server Error
Renaming Groups in an Identity Source May Disable Users in SaaS Applications
Only 1500 Members of an Active Directory Group Can Be Mapped to Roles
CloudAccess Does Not Reconcile Pending Approvals with Changes to Policy Mappings
Fatal Error Logged When Policy Mapping Page is Accessed
Approval IssuesThe Approval Page Is Blank
Reporting IssuesReports Display Information from Deleted Connectors
Mapping Report Displays Numeric Values Appended to Data in the Authorization Name Column
The Reporting Page Is Blank
Reports May Not Accurately Show Approvals
User IssuesAuthentication to SaaS Application Fails in Internet Explorer 9 if Kerberos is Enabled, but the User is not Authenticated to Active Directory
Google Users Can No Longer Log in After Enabling Single Sign-On
With Prompt Before Provisioning, Claiming Existing Salesforce Account May Be Slow, and User May See SSO Error
Users See Unhelpful Error During Sign-On if Connector for Office 365 is Disabled or Deleted
Time Synchronization IssuesCloudAccess depends on timestamps to function properly. Time must be synchronized between the VMware host, each CloudAccess node in the cluster, and the workstations administering CloudAccess.
Connector IssuesLogging Out of Identity Provider Welcome Page Does Not Result in Logout from SaaS Connectors
Admin Page Does Not Provide a Way to View SaaS Metadata
Office 365 Installer May Fail During CloudAccess Credential Validation or Login
Simultaneous Logout from Office 365 Does Not Work Correctly
Uninstalling Connector for Office 365 on Windows Server May Not Remove Connector from CloudAccess
Display Name Does Not Change in Office 365 after Changing in Identity Source
The Connector for Office 365 Does Not Detect When You Change the DNS Name or the Key Pairs for the CloudAccess Cluster
Removing Mappings Does Not Fully Deprovision Office 365 Accounts
Access Connector Toolkit Does Not Provide a Logout Function
First and Last Names Are Not Updated When a User Uses Single Sign-on to Google Apps with an Existing Account
Navigation Through the Connector for Google Apps in Internet Explorer 9 Does Not Work Correctly
Contact InformationOur goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you. For detailed contact information, see the Support Contact Information Web site. For general corporate and product information, see the NetIQ Corporate Web site. For interactive conversations with your peers and NetIQ experts, become an active member of Qmunity, our community Web site that offers product forums, product notifications, blogs, and product user groups. Legal NoticeTHIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT, NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS; THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU. For purposes of clarity, any module, adapter or other similar material ("Module") is licensed under the terms and conditions of the End User License Agreement for the applicable version of the NetIQ product or software to which it relates or interoperates with, and by accessing, copying or using a Module you agree to be bound by such terms. If you do not agree to the terms of the End User License Agreement you are not authorized to use, access or copy a Module and you must destroy all copies of the Module and contact NetIQ for further instructions. This document and the software described in this document may not be lent, sold, or given away without the prior written permission of NetIQ Corporation, except as otherwise permitted by law. Except as expressly set forth in such license agreement or non-disclosure agreement, no part of this document or the software described in this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, or otherwise, without the prior written consent of NetIQ Corporation. Some companies, names, and data in this document are used for illustration purposes and may not represent real companies, individuals, or data. This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. U.S. Government Restricted Rights: If the software and documentation are being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government's rights in the software and documentation, including its rights to use, modify, reproduce, release, perform, display or disclose the software or documentation, will be subject in all respects to the commercial license rights and restrictions provided in the license agreement. © 2013 NetIQ Corporation and its affiliates. All Rights Reserved. For information about NetIQ trademarks, see http://www.netiq.com/company/legal/. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||