OPENIDM-4768: Index for links table (Oracle) should be unique

OPENIDM-4766: Reduce default logging in IDM log files

OPENIDM-4678: Recon may fail if source object is deleted during recon and a correlation query is defined

OPENIDM-4584: Infinite loop while attempting to create default config/sync object from within mappingDetails endpoint

OPENIDM-4542: Incorrect conversion of CREST QueryFilters to ICF Filters by the OpenIDM ICF Provisioner Service

OPENIDM-4497: Column definitions for postgresql auditaccess table have wrong length

OPENIDM-4471: openidm.patch returns null when a no effect patch is called

OPENIDM-4121: Audit sample does not support sorting, page sizes, or paged results

OPENIDM-4083: ReconciliationService unable to query audit data from remote SQL server

OPENIDM-4078: '400 Bad Request error' can occur when try to display Mapping page in UI with audit-sample

OPENIDM-3980: Duplicate source IDs with source system break reconciliation

OPENIDM-3914: Mishandling system object identifiers with slash character

OPENIDM-3611: Action dropdown on connector detail page renders outside of browser pane

OPENIDM-3512: ICF Provisioner Service needs to support system objects with path expression as ID

OPENIDM-3338: workflow.json configuration without a mail username and password throws a NPE

OPENIDM-2427: Pagination on managed users not working with MS-SQL, DB2 and Oracle as repo

Asynchronous reconciliation does not work on Linux with Java 8. (OPENIDM-3076)

When you add or edit a connector through the Admin UI, the list of required Base Connector Details is not necessarily accurate for your deployment. Some of these details might be required for specific deployment scenarios only. If you need a connector configuration where not all the Base Connector Details are required, you must create your connector configuration file over REST (see "Creating Default Connector Configurations" in the Integrator's Guide) or edit the connector configuration file (conf/provisioner.openicf-connector-type.json) directly.

For OracleDB repositories, queries that use the queryFilter syntax do not work on CLOB columns in explicit tables.

A conditional GET request, with the If-Match request header, is not currently supported.

OpenIDM provides an embedded workflow and business process engine based on Activiti and the Business Process Model and Notation (BPMN) 2.0 standard. As an embedded system, local integration is supported. Remote integration is not currently supported.

For updates and patches from OpenIDM 4, you can use the CLI, and any supported browser listed in "Before You Install OpenIDM Software", except Internet Explorer 9.

OPENIDM-6509: JMX enable prevents GC of discarded BoneCPDataSource objects

OPENIDM-6481: OpenIDM creates redundant BoneCPDataSource

OPENIDM-5033: No validation is done when using the Admin UI to configure an LDAP connector

OPENIDM-5032: Workflow sample: unable to complete manager task, due to startup issues

Workaround: Disable and re-enable Password Reset. For more information, see "Configuring User Self-Service" in the Integrator's Guide.

OPENIDM-4969: Admin UI, Bad Link when reconciling an XML file resource

OPENIDM-4961: enableFilteredResultsHandler:true causes NPEs when using queryFilter=true

OPENIDM-4957: OpenAM Auth Module, UI doesn't reflect change in Require OpenAM Authentication setting, after saving (refresh required)

OPENIDM-4954: In Admin UI, Audit Event config, "passed variables" added to the script are not saved

Workaround: Edit the corresponding JSON file directly.

OPENIDM-4946: Admin UI -- CSV Audit Handler: if tamper-evident security is disabled and signature interval is blank, other security entries lead to audit service failure

Workaround: Open the audit.json file for your project and remove the "signatureInterval" entry in the security section, or change it to a formatted string of appropriate duration.

OPENIDM-4945: Newline character was not saved correctly when configured through UI and caused only one line in csv audit files

Workaround: Open the audit.json file for your project, and change "endOfLineSymbols" : "\\n" to "endOfLineSymbols" : "\n".

OPENIDM-4933: Tamper-evident audit logs: Verification command does not give meaningful results

OPENIDM-4926: Scriptedcrest2Dj and Scriptedrest2Dj samples do not work with OpenDJ 3.0.0

OPENIDM-4919: Script eval action doesn't handle ResourceExceptions thrown by scripts

OPENIDM-4918: Attempt by openidm-admin to add Security Questions leads to Problem During Profile Update error

OPENIDM-4917: Scripted CREST Sample - UI connector template is missing descriptions

OPENIDM-4914: In Admin UI, deleting connector for sample5 fails with internal error

OPENIDM-4913: TaskScanner not working when using Oracle as a repo

OPENIDM-4908: KBA settings can cause Password Reset to fail with a 500 Internal Server Error: "Exception intercepted"

OPENIDM-4879: Workflow sample usecase specific repo config file is missing for Oracle and postgreSQL

OPENIDM-4856: Role edit page doesn't load when openidm-authorized, Basic minimum user clicked

OPENIDM-4855: Clicking disabled Save button on Role edit page takes you to Dashboard

OPENIDM-4830: Admin UI, double conflicting pop-up windows are possible

OPENIDM-4829: Admin UI, Audit, CSV Handler configuration, fails without proper signatureInterval entry

OPENIDM-4828: CSV Connector does not handle multi-line attributes

OPENIDM-4812: Admin UI: 500 error from Invalid Search in Mapping Detail Properties attribute grid text box

OPENIDM-4799: with OrientDB repo, reading managed user with encoded quote in ID is failing with server error on policy

OPENIDM-4798: Command to create a managed user with encoded percentage in ID fails with server error on policy

OPENIDM-4797: Connector info provider needs to be updated to connect to .NET server

Workaround: Add a space or a line to the provisioner.openicf.connectorinfoprovider.json file, which reloads the associated bundle.

OPENIDM-4792: When a sync mapping references source or target routes other than "managed" or "system", the Mapping UI won't render

OPENIDM-4777: A patch on one cluster system is not replicated on the other members of the cluster

OPENIDM-4693: Creating a Managed Object with a semicolon leads to an error

OPENIDM-4692: ALL_GONE situation for deleted entries leads to NPE in JS

OPENIDM-4624: MS SQL database script creates the openidm user with the wrong password

Workaround: In /path/to/openidm/db/mssql/scripts/openidm.sql, change PASSWORD=N'Passw0rd' to PASSWORD=N'openidm'.

OPENIDM-4549: Warnings when importing MS-SQL schema

OPENIDM-4521: Custom attributes submitted in request to store in jdbc repo are not stored but the request returns them.

OPENIDM-4473: Activiti does not pick up DataSource configuration changes.

OPENIDM-4462: Delete request with HTTP "If-Match *" header does not work on repo endpoints

OPENIDM-4388: repo/scheduler not found exception, when Oracle DB is the repo

OPENIDM-4386: Update process: cli.sh should include info on new / updated / backed up files in update.log

OPENIDM-4369: Viewing data for an LDAP/Group in the UI throws an error

OPENIDM-4321: Unable to use cli.sh for remote administration over a secure port

OPENIDM-4315: Unable to run queries on managed/user using CLIENT_CERT module with openidm-admin role

OPENIDM-4261: Setting relationship properties to empty string throws NPE

OPENIDM-4227: Use value of managed object prior to save for sync events to use hashed values

OPENIDM-4149: availableConnectors are not updated after remote ICF shut down

OPENIDM-4127: Endpoint system/os returns cpu usage above available

OPENIDM-4110: Multiple servlets map to path stacktraces on startup with MySQL/DB2/MSSQL as repo

Workaround: If you observe this error, restart OpenIDM. The error should not reoccur after a restart.

OPENIDM-4080: Deleting a custom Certificate in Trustore via REST now returns a broken response

OPENIDM-4049: User list doesn't filter as input is typed into the filter fields

OPENIDM-4020: "My group's tasks" not showing tasks from different processes

OPENIDM-3983: Target reconciliation broken when _targetQuery results contain full objects

OPENIDM-3974: Unable to update/add a property in response.content object in Javascript script (launched from router onResponse hook)

OPENIDM-3972: Sync Failure handling calls to onSyncFailure.js-deadLetterQueue do not work

OPENIDM-3969: Response size of POST is limited to 1MB

OPENIDM-3941: PATCH via REST with operation increment with invalid value returns 500 instead of 400

OPENIDM-3937: RESTful calls, HEAD method no longer works (OpenIDM/CREST 3)

OPENIDM-3857: Cannot pass along custom context when making router requests from script

OPENIDM-3745: UI doesn't display msg related to failedPolicyRequirements when attempting to add new process

OPENIDM-3667: openidm/managed/user/openidm-admin 404 (Not Found) when selecting process instance created by openidm-admin

OPENIDM-3613: BoneCP: unexplained connections getting created

OPENIDM-3525: Endpoint reconResults not working with MS-SQL/DB2 as repo (internal error 500)

OPENIDM-3450: CLI.SH configimport does not work with the --replaceAll option

OPENIDM-3357: In Admin UI / Edit XML Connector, LiveSync schedule is not saved properly

OPENIDM-3199: When a mailtask can't be completed in an Activiti workflow, an exception is thrown

OPENIDM-3197: '%' character in object id of openidm.read calls has to be encoded

OPENIDM-3187: Custom authentication headers cannot handle Unicode characters

OPENIDM-3149: Custom Endpoint Example: object request.patchOperations is wrong for Groovy scripts

OPENIDM-2348: Implement external webapp for the remote Activiti server

OPENIDM-2028: The .NET Connector Server Exception displays an incorrect connector error

OPENIDM-2016: Sync on unsupported object class with remote java connector returns 500 instead of 400

OPENIDM-1898: Representation of request-object differs between code and json-representation

OPENIDM-1823: getScriptBindings function of ServiceScript (ScriptRegistryImpl.java) slows down extremely when accessed in parallel from multiple threads

OPENIDM-1664: Memory usage of AD connector continue to increase.

OPENIDM-1488: XDate locales could not be initialized correctly

OPENIDM-1445: Provisioner service does not decrypt encrypted attributes before passing them to OpenICF framework

OPENIDM-1430: OpenIDM needs a restart after importing a new cert via REST API

OPENIDM-1269: some issues with Case Sensitivity options for Sync

OPENIDM-1165: EXCEPTION action when doing liveSync stops the synctoken processing

OPENIDM-1074: Disabling automatic polling for changes of config file not possible on new install

OPENIDM-848: Conflicting behavior might be observed between the default fields set by the onCreate script and policy enforcement

OPENIDM-470: OpenIDM cannot rename objects - if the identifier of the object changes, the associated link breaks

When configuring connectors, (see "Configuring Connectors" in the Integrator's Guide), you can set up nativeType property level extensions. The JAVA_TYPE_DATE extension is deprecated.

Support for a POST request with ?_action=patch is deprecated. Clients that do not support the regular PATCH verb should use the X-HTTP-Method-Override header instead.

For example, the following POST request uses the X-HTTP-Method-Override header to patch user jdoe's entry:

$ curl \
 --cacert self-signed.crt \
 --header "X-OpenIDM-Username: openidm-admin" \
 --header "X-OpenIDM-Password: openidm-admin" \
 --header "Content-Type: application/json" \
 --request POST \
 --header "X-HTTP-Method-Override: PATCH" \
 --data '[
    {
    "operation":"replace",
    "field":"/description",
    "value":"The new description for Jdoe"
    }
  ]' \
  "https://localhost:8443/openidm/managed/user/jdoe"