What's New in Identity Director 2021.2

For Identity Director 2021.1.1, we have rewritten the queries responsible for loading organizations from the database.

For earlier versions, query performance is drastically affected by database index fragmentation, especially for indexes on the OR_Objects and OR_ObjectDescriptions tables. Therefore, if you choose not to upgrade to version 2021.1.1, we strongly recommend close monitoring and frequent reorganize/rebuild operations for those indexes, notably for environments with large numbers of organizations.

In order to improve performance and functionality, the Provide InformationSummary page has been enhanced with the following updates:

1. You can now enable or disable the Provide Information summary information from the Properties tab of the workflow action.

2. You can optionally add a custom Display Name to your attributes, which will appear in the summary at the end of the Provide Information wizard.

Loading of the Organizations page in the Management Portal has been improved. With the addition of paged loading, one hundred organizations will be loaded at a time.

Database table indexes have been improved for overall shorter response times.

PowerShell is one of the most versatile tools available to IT professionals. Integrating the use of PowerShell into Identity Director ensures access to quick and powerful custom solutions for our customers.

A new Workflow Action was included in Identity Director that allows running PowerShell scripts in one or more places inside a business workflow. This feature is currently in the Technical Preview stage and will be fully launched in the fall of 2021. However, features such as ensuring security for credentials and using the script result in the workflow are already included.

Use cases such as message editing, workflow enhancement, and password reset flexibility can now be handled by PowerShell through Identity Director.

Following the addition of this Workflow Action, minor configuration changes are required for the Management Portal to function correctly.

• If you will not be using Execute PowerShell Script, following a clean installation:

  1. Browse to C:\Program Files (x86)\RES Software\IT Store\Web Console\Config.

  2. Within this folder, locate the WebConsole.config file and open it.

  3. Go to webConsoleConfiguration > managementService > database > encryptionKey.

  4. Remove the default value for encryptionKey , leaving only the quotation marks. 
     The end result should be encryptionKey="".

• If you will be using Execute PowerShell Script:
  Before applying the encryption key for the Management Portal, make sure that, in IIS, the Load User Profile option for the Management Portal is set to True.

  How to check the Load User Profile status

  1. Open the IIS Management Console.

  2. Navigate to Application Pools > IT Store Management.

  3. Open the Advanced Settings for IT Store Management.

  4. In the Process Model section, make sure that the Load User Profile is set to True.

  5. If the Load User Profile is set to False, set it to True and click Recycle.

     • If you have to change the configuration, make sure to exit the Management Portal first.

Feel free to experiment with this technical preview feature in your test environments. We are waiting for your feedback and improvement suggestions either through UserVoice or directly at [email protected].

In response to the many requests to enhance the Identity Director UI, we decided to adopt a phased rollout strategy of implementation.

The current release brings forward a new and redesigned menu, aligning to the new design paradigms of web-based applications. The dashboard and the base colors of highlighted items were also changed and aligned to a new color scheme that will be gradually implemented throughout the whole product. This makes tracking changes much easier when working on a wide screen.

In the 2020.3 version, we introduced the list person attribute to expand the people management and delegation capabilities of Identity Director. That feature contained a component - being able to add services as triggers in the attribute definition - that proved to produce undesired effects such as performance and load issues, under certain conditions.

That is why, in the 2021.1 version, services can no longer be added as triggers in the list attribute definition. Additionally, after installing the 2021.1 version, any services added to any list attribute will be disregarded, to free the Transaction Engine component from unnecessary workloads.

We are aware that some of you might have configured attributes like this already and would like to assure you that this behavior will come back again in the 2021.2 release in September.

We are currently going through a wide range of feedback regarding product performance and we understand the importance of such a use case. For this reason, we want to use this time to bring you a feature that is not only useful but, in addition, has a fast response times for triggers and qualifications.

Due to very limited use and demand, support for Oracle and IBM DB2 Datastores was deprecated as of Identity Director 2020.1.

In order to improve performance and functionality, the Provide Information wizard in the Web Portal has been enhanced with the following updates:

1. The ability to search for an organization within the current level.

2. Organizations in the current level are loaded progressively, as the user scrolls through the drop-down list.

The improvements enable users to more easily select organizations.

The Provide Information Wizards in the Web Portal and in the Management Portal were improved by adding an extra summary section at the end. This allows for an easier review of the choices the user has made throughout the wizard.

The choices made throughout the pages of the wizard can be displayed here for the user and administrator’s convenience.

The Transaction Engine and Windows Client processes and services were renamed to match product naming across the whole set of components. This has caused issues in the past by not allowing administrators to quickly identify the product’s running processes.

When a list service attribute is used to set the values of a people attribute with Add or Overwrite if the people attribute is of type list, all values from the list service attribute will be added.

The People Data Connection synchronization log now offers additional details. The feature can be turned on in the People Data Connection, by checking the "Show Advanced Synchronization Details" option in the "Properties" tab. The synchronization log will offer advanced details on what exactly has changed for the persons concerned.

The synchronization log details will be displayed similarly to the following example:

Updated person "Eric Brown"
Employee Number changed from 00 to 99
Last Name changed (restricted)
Manager changed from David to ""
Role changed from Engineer to Senior Engineer