1.1 New Features and Enhancements

Identity Manager 4.8.2 provides the following key functions and enhancements in this release:

1.1.1 Platform Support

In addition to the existing operating systems (OS), this service pack supports following OS:

  • SUSE Linux Enterprise Server (SLES) 15 SP2

  • Red Hat Enterprise Linux (RHEL) 7.8 and 8.2

1.1.2 New Features in Identity Applications

Identity Applications component includes the following new features:

Enabling Separation of Duties Constraint for Inherited Roles

A new property com.microfocus.idm.sod.inheritedroles has been included in Identity Manager 4.8.2 version that enables detection of Separation of Duties violation for inherited roles, where a user cannot be assigned a parent role if the SoD Constraint defined at the child role level is violated by the current role of the user.

Displaying SoD violation for inherited roles is disabled by default; however, an administrator can enable it by adding the com.microfocus.idm.sod.inheritedroles=true property in the ism-configuration.properties file located at /opt/netiq/idm/apps/tomcat/conf/ directory.

1.1.3 New Features in Identity Reporting

Identity Reporting component includes the following new features:

Ability to Handle Role and Resource Assignment Changes Efficiently in Identity Reporting

This release enables reports to retrieve resource assignment details from the Role and Resources Service Driver (RRSD) through DCS driver. The Roles and Resources Driver is updated to pass on the audit details on a resource modification to Access Request Reports. Identity Reporting now displays the requester details in reports when a resource is assigned or revoked. In order to achieve this, you must update Roles and Resources Service Driver prior to running reports in Identity Reporting.

To update the Role and Resources Service Driver, perform the steps mentioned in Role and Resource Service Driver 4.8.2 Release Notes.

To run a report and view its details, perform the following steps:

  1. Enable auditing in User Applications. For more information, see Configuring Identity Applications in the NetIQ Identity Manager - Configuring Auditing in Identity Manager.

  2. To start data collection services:

    1. Log in to Identity Reporting Data Collection Services.

    2. Navigate to Settings > Data Sync Policy.

    3. Click add icon, specify the server and database details, and then click Create.

    4. Navigate to General Settings and click Start Data Collection.

  3. Download Access Requests reports from https://nu.novell.com/designer/rpt660/idm/

  4. Log in to database and run the respective idmrpt_events_v2.sql and idmrpt_trustview_v.sql views.

  5. Tor run and view the downloaded report:

    1. Log in to Identity Reporting.

    2. Navigate to Import > Import Report Definitions, click Select File and import rpz file of the report.

    3. Navigate to Repository and click Run Now on the imported report.

    4. Navigate to Reports and click View of the report.

1.1.4 What’s Changed?

In this release, new REST APIs for Get All Processes, Get Process details, and Get Tasks details have been added to the IDMProv.war to match the APIs that were provided by RIS.war. The REST APIs and the corresponding documentation are available in the idmappsdoc.war file. You can also refer to the REST API Documentation available at the Identity Manager Developer website.