IBM Security Privileged Identity Manager fix pack 2.0.2-ISS-ISPIM-VA-FP0006

Download Description

IBM Security Privileged Identity Manager version 2.0.2 fix pack 6 introduces the following new features:

• Support for the integration of IBM Security Guardium with IBM Security Privileged Identity Manager
  This integration allows IBM Security Guardium to report the real users who perform privileged actions on databases using shared IDs. To support it, IBM Security Privileged Identity Manager introduces a new database resource type, allows resources to be bulk loaded separately from credentials, and provides new database views. For more information, see the following links:
  - #Resources type identifier column headers
  - Creating a user to access database views
  - Database views

• Bulk uploading for resources and accesses
  Access can now be created using bulk upload, and resources can now be uploaded separately from credentials. For more information about the bulk upload CSV file format, see the following links:
  - #Resources type identifier column headers
  - #Access type identifier column headers
• Support for Basic Authentication in REST APIs
  Published REST APIs of IBM Security Privileged Identity Manager now supports pre-emptive Basic Authentication. When the correct credentials are specified in the Basic Authentication header, CSRF token is not required. The APIs continue to accept the existing authentication method of form-based login and CSRF token. For more information, see REST APIs for IBM Security Privileged Identity Manager.
• Self-Service User Interface update
  The Self-Service User Interface is updated with a new look and feel. The features of this console are not changed.
• Password Policy Rules
  The password policy rules are updated with three new rules. For more information, see Password strength rules.
  

• APAR IV86030
  The privileged administrator is unable to connect an AIX credential to identity provider.

• APAR IV84509
  The ISIM server is unable to check the status account request on the ISPIM server.

• APAR IV82807
  The virtual appliance allows weak Message Authentication Code (MAC) algorithms for incoming SSH connections.
  
• APAR IV81706
  The administrator is unable to add a member node to a cluster.

• APAR IV79399
  The ISIM server is unable to provision an ISPIM user with a user ID that contains mixed or upper case characters.

• APAR IV81732
  Spaces are trimmed when the administrator modifies the property value by using the CLI.

• APAR IV82853
  The administrator is unable to reconnect member nodes to the existing cluster when the primary node password is changed.

• APAR IV68186
  The virtual appliance reports exceptions in trace.log file from bad erservicepwd1 attribute.

• APAR IV78726
  The administrator is unable to create users in ISPIM by using REST APIs because of the difficulty in obtaining the CSRF token.

• APAR IV83689
  The administrator is unable to configure the external user registry in ISPIM to match the Active Directory environment because of restrictions on placement of the system user account.

• APAR IV85646
  The administrator is unable to update service properties using the CLI.

• Defect
  Incorrect audit_event data for check-in/check-out credentials.

• Defect
  The administrator is unable to synchronize cipher suites configuration from primary to node.

• Defect
  The privileged administrator does not receive email notifications for the reconfiguration result of managed services.

• Defect
  In a clustered environment, the administrator is unable to change the virtual appliance administrator password using the LMI.

• Defect
  After changing password of the Directory Server bind user , the administrator is unable to configure the Directory Server with the new password.