NetIQ Identity Manager 4.6 Service Pack 3 improves usability and resolves several previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs. You can post feedback in the Identity Manager Community Forums on NetIQ Communities, our online community that also includes product information, blogs, and links to helpful resources.
The documentation for this product and the latest release notes are available on the NetIQ Web site on a page that does not require you to log in. If you have suggestions for documentation improvements, click comment on this topic at the bottom of any page in the HTML version of the documentation posted at the Identity Manager Documentation Web site.
Identity Manager 4.6.3 provides the following support, updates, and fixes in this release:
In addition to the existing platforms, this service pack extends support for all Identity Manager components on the following platforms:
Red Hat Enterprise Linux (RHEL) 7.5
SUSE Linux Enterprise Server (SLES) 12 SP3
This release adds support for the following components in Identity Manager:
Identity Manager Engine 4.6.3
Identity Manager Remote Loader 4.6.3
Identity Manager Designer 4.7.1
NOTE:You can download this version from the Designer download page.
Identity Applications 4.6.3
Identity Reporting 5.5.2
This release adds support for the following dependent components:
NetIQ eDirectory 9.1.1
NetIQ eDirectory 8.8.8 Patch 11
NetIQ iManager 3.1.1
NetIQ iManager 2.7.7 Patch 11
NOTE:You must install iManager 3.1.1 to support eDirectory 9.1.1, and iManager 2.7.7 Patch 11 to support eDirectory 8.8.8 Patch 11. Ensure that you update your existing plug-ins to the latest versions for the iManager version you are using.
SSPR 4.3.0.1
OSP 6.2.1
NOTE:This release supports OSP 6.2.1 or later versions.
Sentinel Log Management for Identity Governance and Administration (IGA) 8.2
Java Development Kit 8 Update 172 (jdk8u172) or Java Runtime Environment 1.8 Update 172 (jre8u172)
Apache Tomcat 8.5.30
PostgreSQL 9.6.9
Support for the following operating systems will be deprecated from Identity Manager 4.7:
Red Hat Enterprise Linux 6
SUSE Linux Enterprise Server 11
Microsoft Windows 2008
Open Enterprise Server 11
NetIQ remains committed to support the current versions of Identity Manager on these platforms throughout the end of their support lifecycles.
This release includes the following software fixes that resolve several previous issues in the Identity Manager:
NetIQ Identity Manager includes software fixes that resolve several previous issues in Identity Manager engine and plug-in:
You can now extend the eDirectory schema when the n4u.server.interfaces entry in the nds.conf file contains only the port number and not the complete IP address of the eDirectory server. For example, n4u.server.interfaces=@524. When you issue the schema extension command, it prefixes the local IP address in the IP address value of the field and extends the schema. (Bug 1054190)
Identity Manager eliminates the dependency of providing a description for a named password when migrating the password. The password is successfully migrated when the description of the password is not specified. (Bug 1062292)
The Trace window correctly opens in the session from which it has been opened. (Bug 1064595)
A new parameter, Socket Read Timeout, has been included in Identity Manager. You can set the parameter to a maximum of 30 seconds when sending the emails using the JavaMail API. The Identity Manager engine reads this value and responds in the specified time.(Bug 1087300)
NetIQ Identity Manager includes software fixes that resolve several previous issues in the identity applications.
You can now create a new Orgchart Portlet instance or edit an existing instance. The HTML editor correctly renders the Business Cards formatting. (Bug 1088065)
Identity Applications resolve the session conflicts for simultaneous login and logout operations. (Bug 1100745)
The Permission Index packages are updated to correctly display the Featured Items on Identity Manager Dashboard. (Bug 1037189)
When you request a role, resource, or a Provisioning Resource Definition containing an approval process, the Role and Resource Service driver successfully updates the request status from 0 to an appropriate state with minimal CPU utilization. (Bug 1100560)
The Workflow engine now successfully executes Provisioning Resource Definitions without errors. (Bug 1090218)
In User Application, the tasks are not duplicated. A task approver can now view separate tasks for individual requests for different users. (Bug 1090238)
When the User Application login page is left idle for a long time (for example, 10 minutes), OSP reports a timeout error and displays an error message that contains a link to re-login to the application. (Bug 1089293)
Revoking or deleting of inherited assignments is disabled. Identity Applications allow you to delete only the direct assignments. (Bug 1071477)
When requesting permissions for other users, you can now search with the description field for roles, resources, and Provisioning Request Definitions. (Bug 1097640)
When user attributes are added to User Search Lookup Attributes in the Settings > Customization page of the dashboard, a team manager can search for users by those attributes during proxy assignments. You can also obtain users for the newly added attributes such as city and FullName by using the REST API. (Bug 1083384)
The Comments section of a request in the Tasks and Request History page displays users’ actions for that user. It displays the full name of a user instead of user’s CN. (Bug 1088083)
You must use the Shared Pages option of the User Application to correctly render the HTML message in the browser. (Bug 1095091)
You can now include the ‘&’ character in a query. The query correctly interprets this character and returns the correct results. (Bug 1088064)
You can now assign a dynamic group as a manager of a team. This release also provides the following enhancements:
Manager of a dynamic group or a static group can obtain information about other members of that group and create new proxy assignments.
Manager of a single user can create new proxy assignments.
(Bug 1088078)
A non-administrator user no longer needs public trustee rights to view the Provisioning Request Definition tile in the Applications page. (Bug 1086261)
The WorkID in comments and in the URL for Group Approval type is now consistent in the Identity Manager Dashboard. (Bug 1086020)
Identity Applications now read the task information from the database columns instead of parsing the XMLs. This improves the response of the Task page. (Bug 1088073)
The Organization chart is updated to display only the objects and attributes that the logged-in user is entitled for. The logged-in user cannot view:
objects for which they do not have browse rights
attributes for which they do not have read rights (Bug 1070705)
Directory Abstraction Layer now accepts Boolean attribute values while creating users in the dashboard. (Bug 1088072)
When you set a new value or change an existing value in the Date Picker field in a workflow, the width settings of static list and pick list are retained. (Bug 1098207)
When you search for a permission containing special characters, the search internally escapes these characters and returns the correct results.(Bug 1074367)
While creating a workflow, the dashboard evaluates simple and complex ECMA expressions specified in the Resource Name Override attribute and then correctly displays the value of the attribute. (Bug 1088076)
When you search for permissions while creating a request for other users, Identity Applications take minimal time to display the permissions in the dashboard.(Bug 1095807)
The system requirements for this release are located on the Identity Manager 4.6 System Requirements page.
Log in to the NetIQ Downloads page and follow the link that allows you to download the software.
The following files are available:
|
Filename |
Description |
|---|---|
|
IDM_engine_rl_IDM4.6.3.zip |
Contains files for Identity Manager Server (Identity Manager Engine, Remote Loader, Fan-Out Agent) |
|
IDM46-Apps-SP-3.zip |
Contains files for Identity Applications |
For more information about the order of upgrading the components, see Section 3.2, Update Order.
You need to be on Identity Manager 4.6, 4.6.1 or 4.6.2 to upgrade to Identity Manager 4.6.3. If you are currently on Identity Manager 4.5.6 or a prior version, you must first upgrade to 4.6 and then upgrade to 4.6.3 version.
The upgrade process requires you to upgrade the Identity Manager components in a specific order. NetIQ recommends that you review this information from the release notes for your current version.
|
Base Version |
Upgraded Version |
|---|---|
|
Identity Manager engine, eDirectory, and identity applications |
|
|
Identity Manager 4.6, 4.6.1, or 4.6.2 with eDirectory 9.0.2 HF2 or later |
Identity Manager 4.6.3 with eDirectory 9.1.1 or later Identity Manager 4.6.3 with eDirectory 9.0.4 or later |
|
Identity Manager 4.6, 4.6.1, or 4.6.2 with eDirectory 8.8.8 SP9 HF2 or later |
Identity Manager 4.6.3 with eDirectory 9.1.1 or later Identity Manager 4.6.3 with eDirectory 9.0.4 or later Identity Manager 4.6.3 with eDirectory 8.8.8 SP11 or later |
|
Remote Loader |
|
|
Identity Manager 4.6, 4.6.1, or 4.6.2 with Remote Loader 4.6 |
Identity Manager 4.6.3 with Remote Loader 4.6.3 |
|
Identity Manager Designer |
|
|
Designer 4.6, 4.6.1, or 4.6.2 |
Designer 4.7.1 NOTE:Upgrade Designer to 4.7 before upgrading it to 4.7.1. Designer 4.7 includes an LDAP protocol to perform live operations with the Identity Vault. You must convert your workspace to work with this version of Designer. For more information about other considerations, see NetIQ Identity Manager Designer 4.6 Release Notes. For information about Designer 4.7, see Designer 4.7 Release Notes. |
|
Designer (LDAP) 4.6, 4.6.1, 4.6.1.1, or 4.6.2 |
Designer 4.7.1 NOTE:Upgrade Designer to 4.7 before upgrading it to 4.7.1. |
|
Identity Applications 4.6, 4.6.1, 4.6.1.1, or 4.6.2 |
Identity Applications 4.6.3 |
|
Identity Reporting 5.5.0 or 5.5.1 |
Identity Reporting 5.5.2 |
You must update the components in the following order:
Identity Vault (Optional)
Identity Manager Engine
Remote Loader
Designer
Identity Applications (for Advanced Edition)
NOTE:After updating Identity Applications, you must update OSP before restarting the Tomcat application server.
OSP
Sentinel Log Management for IGA
Identity Reporting
SSPR
This service pack includes IDM_engine_rl_IDM4.6.3.zip for updating the Identity Manager engine. For update instructions, see the steps listed in the download file.
This service pack includes an update to Identity Applications and the supporting software. After the update, you must verify that the components are updated to the following versions:
Identity Applications 4.6.3
Apache Tomcat 8.5.30
Java 1.8 Update 172
You can install the service pack by using the Identity Applications update utility or manually update the components. All the updates are available in the IDM46-Apps-SP-3.zip file. Download the file to the server where you deployed the identity applications and perform the steps listed in the download files.
This service pack requires you to update your existing PostgreSQL database version. For example, if you are running the PostgreSQL database on a SLES 11 SP4 server, upgrade the database to 9.4.18 version. For other supported platforms, upgrade the PostgreSQL database to 9.6.9 version. To update the database, perform the steps listed in the readme file from the download page.
This service pack provides support for NetIQ Self Service Password Reset 4.3.0.1. You can update to this version by downloading it from the download page.
This service pack provides support for NetIQ One SSO Provider 6.2.1. You can update to this version by downloading it from the download page.
NetIQ strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.
Issue: This issue occurs only if you changed the default location of the idmapps_tomcat_init script (/etc/init.d/) on your computer.
Workaround: Ensure that the script is present in the /etc/init.d/ location before starting the upgrade.
Issue: The Organization Chart Portlet in User Application does not load the HTML options properly in Google chrome. (Bug 1101995)
Workaround: Use another supported browser. For example, Microsoft Internet Explorer or Mozilla Firefox.
Issue: Catalog Administrator and Home and Provisioning Dashboard fail to load when you attempt to log in with an expired password. (Bug 1066306)
Workaround: Reset the password using SSPR or iManager.
Our goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you.
For detailed contact information, see the Support Contact Information website.
For general corporate and product information, see the NetIQ Corporate website.
For interactive conversations with your peers and NetIQ experts, become an active member of our community. The NetIQ online community provides product information, useful links to helpful resources, blogs, and social media channels.
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.
Copyright © 2018 NetIQ Corporation, a Micro Focus company. All Rights Reserved.