Release 21.04.
Release 21.04.00.00 (Version 1.0)
Installation script to be able to provide a customer environment
Installation script to install an IAM.cloud gateway
- Identities Life Cycle (entry/change/department and function change/leaving/reentry)
- Location, organizational unit and cost centers Life Cycle
- Creation, modification and deletion of business roles
- Standard recertification
- Attestation of business roles
- Attestation of memberships in business roles
- Attestation of the assignment of system authorizations to cost centers
- Attestation of the assignment of system roles to cost centers
- Attestation of the assignment of system authorizations to departments
- Attestation of the assignment of system roles to departments
- Attestation of the assignment of system authorizations to locations
- Attestation of the assignment of system roles to locations
- Certification of new users
- Attestation of secondary cost centers
- Attestation of secondary departments
- Attestation of secondary sites
- Attestation of user accounts
- Recertification of users
- Standard IAM.cloud application roles
- Identity Audit attestor
- Company policy attestor
- Identity Audit exception approver
- Company policy supervisor
- Company policy administrator
- Identity Audit administrator
- Chief approval team member
- Report subscription administrator
- Global Target system administrator
- Company policy exception approver
- Business role attestor
- Identity Audit rule supervisor
- Organization data attestor
- Source data administrator
- Organization data administrator
- Business roles administrator
- Employee data administrator
- Compliance & Security Officer
- Global Target system configurator
- Auditor
- Portal request attestor
- Recertifier of external users
- Standard password management
- Authorization via access code or existing password
- Password reset question and answer management
- Password change for all connected target systems
- Standard role classes for the composition of roles for authorization and access assignment
- cloud account provisioning
- Projects
- Birthright rollers
- Functions
- Positions
- Interface: Source data
- Standardized CSV format for identities, departments, cost centers, locations and functions
- CSV files can be uploaded individually to the customer environment via PowerShell
- CSV files can be uploaded manually via the IAM customer portal
- Interface: Active Directory
- automatic connection of a OnePrem Active Directory via IAM.cloud Gateway
- Standard Account Life Cycle
- Automatic provisioning of Active Directory groups for ordering in the portal
- Interface: Microsoft Exchange
- automatic connection of a OnePrem Microsoft Exchange via IAM.cloud Gateway
- Standard Mailbox Life Cycle
- Automatic provision of distribution groups for ordering in the portal
- Interface: Azure Active Directory
- automatic connection of an Azure Active Directory tenant
- Standard Account Life Cycle
- Interface: Microsoft Exchange Online
- automatic connection of a Microsoft Exchange Online tenant
- Standard Mailbox Life Cycle
- ReST Service
- central ReST service for customer data processing by means of
- Scripting (Powershell, Bash)
- custom software development
- central ReST service as a target for existing solutions at the customer's site
- IT Service Management (Cherwell, Service Now, Jira)
- customer relation management
- Recruiting Systems
- alternative HCM solutions and in-house developments
- central ReST service for customer data processing by means of
- central adjustment of parameters for configuration
- Attestation
- Peer Group Analysis
- ApprovalThreshold
- IncludeManager
- IncludePrimaryDepartment
- IncludeSecondaryDepartment
- PersonToAttestNoDecide
- Peer Group Analysis
- Audit Trail
- LifeTime
- life cycle
- Department
- CleanupLifeTime
- ReceipientAddress
- Employee
- ApproveNewExternalUsers
- BlacklistBlockingDuration
- CleanupLifeTime
- GeneralBlockingDuration
- naming convention
- Central user account
- E-mail address
- Initials
- ReminderInterval
- Location
- CleanupLifeTime
- ReceipientAddress
- Request & Fullfillment
- AutoQualified
- GapDefinition
- GapFitting
- Peer Group Analysis
- ApprovalThreshold
- CheckCrossfunctionalAssignment
- IncludeManager
- IncludePrimaryDepartment
- IncludeSecondaryDepartment
- PersonInsertedNoDecide
- PersonInsertedNoDecideCompliance
- PersonOrderedNoDecide
- PersonOrderedNoDecideCompliance
- ReuseDecision
- ShoppingCartPattern
- ValidityWarning
- System Configuration
- DefaultCulture
- DefaultMailDomain
- IgnoreHoliday
- IgnoreWeekend
- QueryAnswerDefinitions
- QueryAnswerRequests
- Schedules
- Target System
- DefaultAddress
- PersonExcludeList
- Central configuration of the connected and connected target systems
- Central overview and administration of source system information
- Uniform IAM.cloud design
- Standard portal for end users
- Standard portal for password management
- Department
- Attestation
Release 21.04.00.01 (Version 1.0 - Hotfix 1)
- Activation of the Patch Management Module in the installation script
- Security updates in the IAM.cloud Gateway installation script
- Encryption of dedicated values
- Use of IAM.cloud application roles for authentication
- Update of infrastructure components
- Ingress Nginx: 0.44.0 -> 0.45.0
- SQL Server 2019: CU9 -> CU10
- Ingress CertManager: 1.2.0 -> 1.3.1
- OneIdentity Hotfix 34183 - "Upgrade of swagger-ui-dist breaks compilation".
- Standard IAM.cloud application roles
- cloud administrator
- Standard roles for authorization and access assignment
- Birthright rollers
- all internal
- all external
- all administrators
- Birthright rollers
- Interface: Source data
- Enhancement of the output of warnings for unresolvable references
- Support of hierarchical location data via location types
- Central overview and administration of source system information
- Additional output of details in case of error
Release 21.04.00.02 (Version 1.0 - Hotfix 2)
- Fixed an issue that the IPG specific Ingress configuration is overwritten with the Ingress Nginx update 0.44.0 -> 0.45. This did not affect new environments but only existing environments which were patched.
- no changes
- no changes
- no changes
Release 21.04.00.03 (Version 1.0 - Hotfix 3)
- Fixed the problem that the configuration parameter PasswordResetToken is replaced by plain text in the update.
- DB Backup filename additionally contains the whole timestamp, so that several backups per day are possible.
- cloud modules are only updated if a new version is available.
- Infrastructure update is now also performed at parameter "-update
- the unique customer instance ID is now stored as Kubernetes Secret
- various optimizations of the IPG patch module
- Config file is now stored as multi-line JSON instead of PSObject in Azure Key Vault
- improved output of error messages during infrastructure update
- Troubleshooting when configuring the AKS Maintenance Plan
- Troubleshooting if /tmp/oneim is not present on the InstallPod (e.g. after container reboot or cluster upgrade)
- Patch to add the value "GATEWAY_SERVERNAME" to the OneIM Secret to start the new OneIM Jobserver Windows Container
- Upgrade to AKS Version 1.19.11
- Performance optimizations of various SQL configuration parameters
- Deployment of the new OneIM Jobserver Windows Container to enable Exchange Online synchronization
no changes