Known limitations, issues, and workarounds

Edit online

This topic describes the currently known issues, limitations, and workarounds for the IBM Verify Identity Governance - Container.

Known issues in version 11.0.0.0

This section lists the known issues and limitations in IBM Verify Identity Governance - Container version 11.0.0.0.

  • In the Operational Visibility Dashboard, Certification request donut charts do not show pending requests for which the initiate date has surpassed the filter date.

    For example: Consider a scenario that the campaign is initiated on 1-May with a duration of 60 days. On 1-May, the campaign requests are pending and correctly displayed on the dashboard. On 15-May, if the filter is set to 7 days, then no data is displayed (even though the requests are still pending). This is because the campaign was not initiated in the past 7 days, and hence it is not displayed on the dashboard.

  • Known limitation: In the Operational Visibility Dashboard, the Onboarded Count is not updated in User lifecyle Stats and User lifecycle Trends when Users are loaded from HR Feed, even when users are created successfully.

    Note that these fields only show the count of users which are created from Administration Console. The Operational Visibility Dashboard supports only the updates that are managed through the lifecycle workflows in the product. Any user created directly in LDAP without using workflows is not included in the counts on the Operational Visibility Dashboard.

  • In the Analytics DashboardAnalytics Risk RulesSelf Certification section, the remediation does not work if the access is removed from ISC or Console from user or its disabled from console.
  • In the Analytics DashboardAll Violations section, the Trend violation count may sometimes not match with the actual violation count.
  • Some of the known issues related to Access Control Interfaces (ACIs):
    • ACI is currently not available for the user interface.
    • Note that an ACI created for the Org/ Dynamic Role is automatically applied to the Application Org / Dynamic Role as well.

      Workaround: If you want to apply the ACI to only the Org/ Dynamic Role, you need to add the following filter: (!(objectclass=erapplicationroleitem)).

  • In the Analytics Dashboard, if multiple policies are present, then the percentages on the donut charts may get overlapped irrespective of the zoom size. Also, in this case, some of the legends for donuts are may not be displayed.
  • The "Full screen" option does not work for the donut chart widgets.
  • The Risk Owner approvals are not triggered appropriately when multiple inflight requests submitted for same requestee. Similarly, the Approver may not see the correct risk information for multiple inflight requests submitted for same requestee.
  • Ability to filter accesses using Linked/Not Linked option from Business ActivitiesAdd Permission screen is currently not available.
  • Ability to add risks to mitigation from Mitigation ControlView Risks section is currently not available.
  • Application Roles are not added into Provisioning Policy Member roles.
  • Role Scheduling is not supported.
  • New Role functionality is not available via SOAP APIs (that is, currently it does not support backward compatibility).
  • While assigning user to role, "assignment attribute values" cannot be set.
  • Analytics Engine currently does not support deployment on Microsoft Windows platform.
  • In the online documentation, some topics may have formatting issues or typographical issues. Some topics may use legacy nomenclature. These issues are being addressed and documentation is being updated on an ongoing basis.

Known issues fixed in IVIG v11.0.0.0 FP 1 release

The following issues are fixed in the IBM Verify Identity Governance version 11.0.0 Fix Pack 1 release.
  • Import/Export functionality is not available for "Accesses".
  • At a maximum, 1001 roles can be added irrespective of role numbers.
  • Multiple requests are triggered when "Dynamic Role" is changed. For example, Filter is changed as well as accesses are modified at the same time.

Known issues fixed in IVIG v11.0.0.0 IF releases

The following issues are fixed in the IBM Verify Identity Governance version 11.0.0.0 Interim Fix 1 release.
  • The "Assignment Attribute" cannot be set for multiple users.
  • Violation list is not retrieved for all violations. This issue is observed only with DB2 database.
  • The Operational dashboard and the Analytics Dashboard currently only support English language.