Version: Cloud

Resolved Issues and Bug Fixes

Read more about resolved issues and bug fixes in this release.

Access Request

Attribute window shows no attributes in the legacy Access Request

We have fixed a bug in which a resource with no attribute was displaying the attribute pop-up window for selecting an attribute. However, since there were none, it was impossible to select one. Now, the attribute pop-up window does not appear in that scenario.

INC-270792

New UI Access Request do not work with account types

We have fixed a bug that prevent account types to work correctly when requesting access. This issue has been fixed.

INC-271093, 273730

New access request filter is showing wrong data

We have resolved an issue where resource types marked with the prevent self-service option were incorrectly appearing in the filter options during access requests. Now, these resources will no longer be displayed as an option in the filter.

INC-273241

Enterprise Server

Issue with event definition not being triggered

There was an issue with triggering the event definition. We have fixed the issue and updated the documentation. Currently, reference paths in event definition are only allowed for:

timer events for a regular data object type
non-timer events for shadow resource assignment object type

INC-272300

Copy Action option "Always run as internal operation" is not recorded in changeset

We've solved an issue with configuration change logging and configuration change import of the Always run as internal operation attribute in the Copy action option, in the Event definition.

INC-273738

Implicit Assigned Enterprise Role removes all other child resources

We have addressed an issue wherein an auto-generated account was unable to enter the desired state, specifically when its desired state was set as true, due to the associated permission not being in the desired state. This fix ensures the auto-generated account won't remain in the system unnecessarily if the reason for its creation is no longer valid, thus preventing it from being deprovisioned.

INC-271814

View state validation issue for Windows Integrated security

We've resolved periodic issue with view state validation that was causing premature session timeout error messages. This problem was specific to instances utilizing Windows Integrated security.

INC-273437

Event definition with `Main.CreateObjectFromTemplate2` code method fails

An issue with the event definition, involving a code method and copy action rule, resulting in failure has been resolved with the following improvements to the Main.CreateObjectFromTemplate2 code method:

The securityOverride flag is respected for both when Users and UserGroups creation, as well as during update events.
The skipCreateEvents flag is now respected when creating Users and UserGroups.

INC-273610

The global search function consistently times out whenever an identity is queried

The SQL query for column search utilizing the full-text index now includes "OPTION (HASH JOIN)" at the beginning if the customer setting Full Text search with option hash join is activated, mirroring the approach taken in the SQL query for global search. This addition of the SQL query option can, under certain circumstances, mitigate SQL timeouts in view searches, whether global or column-based.

INC-273304

Resource assignment updates blocked via OData despite proper authorization

We've fixed a bug that prevented updates to Resource Assignments via OData.

INC-273474

Connectivity

Import failing due to issue with false duplicate

We've resolved and issue, when resilient SSIS packages are utilized, resulting in import failure with the following warning:

OleDb Bulk Error encountered. Will begin attempt number 1 of 5 max

The bulk insert is now done in a single transaction, allowing to rollback the entire bulk if the connection is broken.

Outdated library Renci.SshNet.dll and missing HostKey validation in the Flat file CSV connectivity

The flat file collector has a new configuration parameter: Host Key Fingerprint. It is used for the host key validation, to prevent man-in-the-middle attacks. If the value is not provided, the validation is skipped. MD5 and SHA256 fingerprints are supported.

Format: algorithm:fingerprint
Example: SHA256:jlDPKCCRr1TkufVsZJf02ejXNQ7RB/vg09uGwKeSwnU

INC-273664

SAP HCM import failing

We have resolved an issue with the Data Preview service not releasing memory utilized by the collector, resulting in the imports not being performed. The issue has now been fixed and the imports are performed correctly.

INC-272953

Issues with the EXPLICITOWNER property

There was an issue with the import failing with the following error message:

Error assigning value(s) for property **EXPLICITOWNER** to data object: Could not locate data object with value **xxx** in property **ODWBUSIKEY** with type id(s) 905

The error occurred during update of resources, identities or contexts.

The issue has been resolved by avoiding exporting ownerships referencing non-primary identities.

INC-272361

Role and Policy Engine

Resources displayed multiple times in Identity and Survey

We've resolved an issue where duplicate calculated assignments were being created when the Omada Identity self-management resource assignment had multiple review verdicts assigned.

INC-264467

Endless RoPE calculations issue

We have resolved an issue concerning endless RoPE calculations occurring for accounts with an initial password attribute in configurations where running imports were not initiated, and the actual state is determined by claims.

INC-273668

RoPE calculation fails for identity type Machine

We've fixed an issue with calculating implicit assignments for machine identities.

INC-273668

Omada Provisioning Service

Issue with ServiceAccount that doesn't have a resolved account

There was an issue in the RoPE AttestationSurveyExtension causing an identity calculation to fail under some circumstances with the following error message: ...doesn't have a resolved account. The issue has been fixed.

INC-273568

Surveys

Download PDF is not working in Surveys

We have fixed a bug that prevents the user from exporting surveys in PDF format.

INC-271300

Other

Never expires does not work in the new UI

We have resolved an issue where the year 9999 was displayed whenever a Valid to date was set to Never Expires. This has now been corrected and now Never Expires will be shown for dates that are on or after the year 3000.

INC-274078

Access Request​

Attribute window shows no attributes in the legacy Access Request​

New UI Access Request do not work with account types​

New access request filter is showing wrong data​

Enterprise Server​

Issue with event definition not being triggered​

Copy Action option "Always run as internal operation" is not recorded in changeset​

Implicit Assigned Enterprise Role removes all other child resources​

View state validation issue for Windows Integrated security​

Event definition with Main.CreateObjectFromTemplate2 code method fails​

The global search function consistently times out whenever an identity is queried​

Resource assignment updates blocked via OData despite proper authorization​

Connectivity​

Import failing due to issue with false duplicate​

Outdated library Renci.SshNet.dll and missing HostKey validation in the Flat file CSV connectivity​

SAP HCM import failing​

Issues with the EXPLICITOWNER property​

Role and Policy Engine​

Resources displayed multiple times in Identity and Survey​

Endless RoPE calculations issue​

RoPE calculation fails for identity type Machine​

Omada Provisioning Service​

Issue with ServiceAccount that doesn't have a resolved account​

Surveys​

Download PDF is not working in Surveys​

Other​

Never expires does not work in the new UI​