Skip to main content

12.4.2

Features and improvements

Bravura Privilege

  • Added conflict check between pam_disclosure_view_copy and pam_account_management_disclosure_view_copy scenario components.

Authentication

  • Added new password rules:

    • MINLOWER: have at least N lowercase letters

    • MINUPPER: have at least N uppercase letters

Workflow

  • Updated autores utility to skip the deprecated role specified by option -role, and do not calculate variances or submitting request for the deprecated role.

Upgrade / migration

  • Added the upgradetest utility with the shipped installation files to check for potential issues prior to upgrading the database.

Resolved issues

Bravura Pass

  • Fixed a security issue with the Login Assistant / Credential Provider from the locked down browser window.

  • Modified Profile and request attribute information page to make configuration option Allow duplicate values available under Bravura Pass-only license.

  • Adjusted netvalidatepwpol plugin to be able to directly check against Azure.

Bravura Privilege

  • Fixed inconsistency between authorization of API and UI submitted requests for pam_vault_management.

Reports

  • Fixed the issue where the Review certification delegations report did not properly filter delegations.

Automation

  • Fixed escape issue in IDTrack workfile.

Workflow

  • Fixed an issue where a session becomes invalid when accessing a resource configuration page, where an invalid user is configured as an authorizer in one of the phased authorizers.

  • Fixes request generation to include seqno's in reqinfo kvg for default attribute values.

Upgrade / Migration

  • Improved queueflush.exe error detection

  • Modified upgrade scripts to properly clean up invalid data from "xgrpmbr_diff" (11.2.0) and "ucpcache" (12.3.0) so upgrade can proceed.

Mobile

  • Fixed an issue preventing the UI from rendering on Android webviews (such as authenticating to the Gmail app).

Maintenance

  • Fixed updinst utility to properly determine the primary node when using the requestsync option.

Components

  • Fixed replacement of variables within environment files.

  • Fixed issue where loaddb components would fail if the stableid of an object changed only by its case.

  • Added hook_patch to Functional.hid_authchain_recaptcha so that authchain.m4 is correctly regenerated on patch skin rebuild.

Connectors (agents)

  • Fixed idmconfig-based target administrator onboarding to respect the "isconnpswd" flag.

Customization

  • Added default robots.txt to block webcrawlers.

  • Added default X-Robots-Tag response headers.

  • Added configurable response headers by using a setupiis.cfg in the psconfig directory.

API

  • Fixed Resource* class of IDAPI functions to be able to modify discovery flags of targets.

In this section: