RAC/M Identity™ is our simple and effective identity governance (IAM) solution that enables businesses large and small to understand and manage the complex relationships between users and their access to physical and digital resources, on-premise or in cloud computing.
Major New Features
Important features and changes have been added in this release:
Added fast integration at sequence and block level. Quick integration allows you to create all the modules needed to import an application from a target system. This greatly reduces the amount of time to integrate a new application by providing a basic functional integration which can then be improved to meet all specific needs.
Operational issues are issues occurring in the day-to-day operation of the solution. The issues are now directly displayed in the dashboard to help operators quickly spot them. Further, links to the asociated elements help operators navigate to the source and quickly resolve issues.
- Review Campaigns
- Addition of paging at the level of sub-lists to handle identities with a very large number of entitlements to review
- Added a button to go to the next unreviewed item
- In the review campaign result report, identities are now grouped by reviewer
- RAC/M Identity can now listen on a specific interface (IP address) for web connections, previously it listened on all available interfaces
- In the Accounts Matching page, it is now possible to match multiple accounts to an identity in a single operation.
- Added an option to execute a sequence automatically when starting RAC/M Identity
- Improved performance during role removals
- Added a confirmation when deleting an ICF Connector
- In the details page of an Asset, it is now clearly indicated that when no account selection strategy is selected, the strategy of the Asset Grouping is used instead.
- In the Identity details page, sub access lists are now displayed asynchronously to help load the page faster
- The default amount of RAM assigned to the solution has been changed to 6144Mb
- Review Campaigns
- Fixed campaign result report when there are very long item descriptions which caused the report to fail
- In the campaign results report by service account, the status “unreviewed” is no longer displayed at the identity level because there is no such review for service accounts
- The “Approve All” feature is now functional in a service account campaign
- In a role-based campaign, you can now search for a role containing ‘[‘ or ‘]’ in its name
- It is now possible to create a campaign with a long description
- In the list of campaigns, campaigns in “Preview” mode are no longer at the end of the list
- It is now possible to complete a campaign that contains a rejected account that does not have any group
- In the Excel Campaign Progress Report, the approval result is now displayed with black on white font instead of white on white which rendered it invisible
- When an Entitlement in Excess of Role Campaign is launched, it is no longer the role-based access campaign that is launched.
- Campaigns in “Preview” mode are no longer displayed in the list of campaigns shown to certifiers
- In the access request page, the filter “Show only roles and entitlements assigned in your division” now works correctly
- The popup for validating the calculation of SOD is now displayed correctly in all screens
- The correct number of additional entitlements is now displayed in the description of access requests and tasks
- When creating a RAC/M user, the correct message is now displayed when the password is selected
- Visual improvements in the Account Matching screen
- In the Collectors screen, column mapping is no longer lost in the display when a source file or system is no longer available
- The module that handles identity transfers (ModuleProcessIdentityTransfer) now correctly handles cases where the identity to be transferred has been deleted
- RAC/M Identity now takes into account the time of the start date when assigning a role
- The correct number of deleted groups in the ModuleDeleteNonUpdatedSinceDate module is now displayed
- Segregation of duties approval tasks are now correctly consolidated by approver group
- In the Group details page, the click area of the “Additional information” section is now in the right place
- In the Asset Grouping details page , account selection strategies are now mandatory
- In the Asset details page, RAC/M Identity now validates that the name and technical name of the asset does not already exist before saving the information
- In the Identity details page, the role search for assignment now works properly
- In the Identity details page, saving a new identity following a validation error now works correctly
- When activating a new Role version, RAC/M Identity now correctly removes access to members who are no longer in the new version
- When a user is assigned a role dynamically because it matches the role criteria, the request to add entitlements is initiated by a special user “SYSTEM” instead of the user which triggered the recalculation of roles asignments
- Starting in version 3.9.0, the server does not start if the following properties of the configuration file conf/config.properties are not configured to open a real keystore. In prior versions, the server could start if the “ssl” configuration was set to “false” but this is no longer the case.