Identity Director 2022.2

Starting with Identity Director 2022.2, you can upload images for your access certification campaigns, in the Management Portal. This functionality aims to increase user experience and ease navigation in the Web Portal for users with a large number of active campaigns.

All the buttons used to modify the campaign status can now be found under a dynamic section called Campaigns. Select one or more campaigns from your list and you will be able to perform various actions, such as Launch, Delete, Resume, and more.

The email address of each campaign owner is displayed when reviewers click on the text area of the campaign in the Web Portal. This change aims to ease direct communication within the organization, should reviewers require additional information in order to complete the review process.

You can now select Groups and Smart rule from the Reviewer type drop-down list, in addition to the existing Individual Reviewers option. This expands the functionality of certification campaigns and opens a new door in the feature set. A campaign can now be assigned to multiple reviewers, with the results centralized in the Results tab of the campaign once the review process is complete. The results can also be exported into a CSV file from the Management Portal.

Access certification events such as adding or editing campaigns and deleting campaign instances or definitions are now logged in the Audit Trail. The additional information improves the reporting capability and provides a more in-depth look at the access certification campaigns from your environment.

Starting with Identity Director 2022.2, you can select a MicrosoftActive Directory connector to use information about people from Security Groups and Organizational Units into the Management Portal. This is used for entitlement reconciliation.

Information received from MicrosoftActive Directory is synchronized with Identity Director via data sources and handled using the mappings defined in data connections. People and Classifications data connections are used together with People and Group membership data sources to ensure the People related information is imported properly. When setting up a certification campaign, multiple data connections can be selected to match complex business scenarios. The result is then reconciled and compared so that reviewers can see an user's resulting qualifications in both Identity Director and Active Directory and decide according to them.

Data connections are only needed to determine the connectivity and mapping information for the external system, they are by no means synchronized. No entities from Identity Director (people or organizations) will be modified in any way following a reconciliation.

The Identity Director component responsible for the actual connection to the external system is Transaction Engine, therefore this component must be able to access the Active Directory.

On the Pages tab of a Provide Information workflow action, you can now enable dynamic attributes for List and Checklist service attributes. This comes as an addition to the dynamic attributes introduced in Identity Director 2021.2. The dynamic features allowing extra attributes to be displayed in a Provide Information workflow action according to various conditions are now available for 6 attributes: Date, DateTime, Text, Organization, List, and Checklist.

In Identity Director 2020.3.1, we have introduced a retry mechanism that would initiate if the Transaction Engine was unable to retrieve Run Book results during its first attempt. This mechanism is no longer necessary and was removed from the product starting with Identity Director 2022.2.

Previously, services marked as favorite disappeared from the Web Portal when the Show in My Store option was disabled in the Management Portal.

Starting with Identity Director 2022.2, the service is displayed in the Web Portal, even with the Show in My Store option disabled. However, users are no longer able to request it.

In the Web Portal, under Account, users can manage the applications used for sign in, password reset, or unlock account from the newly added Security tab.

With the introduction of Multifactor Authentication, we have allowed users to enroll their own devices and authentication applications. However, the devices could only be used in Password Reset scenarios if Multifactor Authentication was enabled in the environment. With this update, the device management functionality has been decoupled from Multifactor Authentication so users can freely manage their devices without requiring additional assistance from the IT department.

The Access Certification feature is only available with the Access and Enterprise licenses, starting with Identity Director 2022.2.