Skip to main content

Hitachi ID LinkedIn Page Hitachi ID Facebook Page Hitachi ID Twitter Page Find us on Google+ Hitachi ID YouTube Page
Hitachi ID certification

Product Sites

Shipping Products

Hitachi ID Password Manager 8.2.7 click here to 
learn about Hitachi ID Password Manager release information

Features and Improvements:

  • Corporate reference build
    • A new column has been added to the AuthorizationPolicy table to allow the assignment of a single authorizer from an attribute defined in the request.
  • Database / Replication
    • Minimum required Oracle client version updated to 11.2.0.3 and up.
    • Maximum concurrent connection limit for Database Service (iddb) has been increased to 100 000. A new error message will be reported if this limit is reached or exceeded.
  • Licensing
    • E-mail messages sent when the license limit has been exceeded now include more details about the affected instance.
  • Logging / Health check
    • The following instance events now include real-time logging events which can be captured by tools such as the Windows event viewer:
      • GSET_CHECKIN_PARTIAL
      • GSET_CHECKIN_SUCCESS
      • GSET_CHECKOUT_SUCCESS
      • GSET_CHECKOUT_FAILURE
      • GSET_CHECKOUT_PARTIAL
      • PWD_CHECKOUT_SUCCESS
      • PWD_CHECKOUT_FAILURE
      • PWD_CHECKIN_SUCCESS
      • PWD_CHECKIN_FAILURE
      • WSTN_VIEW_PASSWORD_SUCCESS
      • WSTN_VIEW_PASSWORD_FAILURE
      • WSTN_VIEW_PASSWORD_HIS_SUCCESS
      • WSTN_VIEW_PASSWORD_HIS_FAILURE
      • ADMIN_ENABLE_ADMIN
      • ADMIN_ENABLE_USER
      • ADMIN_DISABLE_ADMIN
      • ADMIN_DISABLE_USER
      • ADMIN_UNLOCK_ADMIN
      • ADMIN_UNLOCK_USER
      • SMON_SESSION_START
      • SMON_SESSION_END
      • SMON_ADMIN_SESS_TERM_REQ
      • PSUPDATE_START
      • PSUPDATE_FINISH
      • IDAPI_LOGIN_SUCCESS
      • IDAPI_LOGIN_FAILURE
  • Password management
    • Improved secure kiosk account’s ability to identify a successful connection over VPN. A new GUID has been added to Front-end (PSF) to facilitate this check.
    • New event actions have been added for password resets and account unlocks initiated through Telephone Password Manager.
  • Performance
    • Improved performance for reviewing a certification segment with a large number of entitlements.
    • Enhanced rendering performance in IDR module’s user resource allocation page.
    • Optimize loading time of html pages by caching widget files.
  • Plug-ins / Event triggers
    • Added EVENT_POST_BATCH value to the input for the attribute validation plug-in when it is called from Workflow Manager Service (idwfm).
    • Resource operation exit traps now provide operation result to plug-in input.
  • PSLANG / API
    • Enhanced API AccountGetByAcctAttr() function to return accounts from all targets which match the specified attribute key and value.
  • Reports and dashboards
    • Enhanced the "User Attributes" report, can now filter results for user profiles by specific attribute values.
    • The "Orphaned / inactive users" report can now filter results based on how recently orphan accounts were discovered by the system.
    • Enhanced the "User accounts" report to allow filtering results for deleted accounts by the source of their deletion. This attribute is enabled only for targets with "track account changes" enabled, and records whether the account was deleted by action in the Hitachi ID Suite, or by out-of-band activity.
    • Added a new filter "Have at least N entitlements" to "Effective role assignment" report to compare minimum number of entitlements.
    • "Managed account groups" report can now query statistics on deleted or invalid memberships.
    • Added "Entitlement and attribute history" report, which can be used to audit the historical status of account attributes and entitlements at a particular point in time.
    • "Request popularity" report can now return request results sorted by affected target systems, roles, or groups.
    • "Orphaned / inactive users" report now includes the discovery time for each account when reporting on accounts lacking associated profiles.
    • "Managed system summary" report output has been improved for clarity and consistency.
    • Enhanced "User profile" report to improve filtering on profile attributes.
  • User interface
    • Extended target system address "help" interface to validate KVGroup values.

Current Version: 8.2.7

Release Date: December 17, 2014


Hitachi ID Identity Manager 8.2.7click here to 
learn about Hitachi ID Identity Manager release information

Features and Improvements:

  • Access certification
    • Certification segments with a method set to ’Entitlement Authorizers’ can now have the certifier and delegates defined via plug-in.
    • User ID field is now shown as a clickable link in Certification round page to improve usability. Clicking on this link will open a pop-up window displaying user profile information.
  • Corporate reference build
    • A new column has been added to the AuthorizationPolicy table to allow the assignment of a single authorizer from an attribute defined in the request.
  • Database / Replication
    • Minimum required Oracle client version updated to 11.2.0.3 and up.
    • Maximum concurrent connection limit for Database Service (iddb) has been increased to 100 000. A new error message will be reported if this limit is reached or exceeded.
  • Licensing
    • E-mail messages sent when the license limit has been exceeded now include more details about the affected instance.
  • Logging / Health check
    • The following instance events now include real-time logging events which can be captured by tools such as the Windows event viewer:
      • GSET_CHECKIN_PARTIAL
      • GSET_CHECKIN_SUCCESS
      • GSET_CHECKOUT_SUCCESS
      • GSET_CHECKOUT_FAILURE
      • GSET_CHECKOUT_PARTIAL
      • PWD_CHECKOUT_SUCCESS
      • PWD_CHECKOUT_FAILURE
      • PWD_CHECKIN_SUCCESS
      • PWD_CHECKIN_FAILURE
      • WSTN_VIEW_PASSWORD_SUCCESS
      • WSTN_VIEW_PASSWORD_FAILURE
      • WSTN_VIEW_PASSWORD_HIS_SUCCESS
      • WSTN_VIEW_PASSWORD_HIS_FAILURE
      • ADMIN_ENABLE_ADMIN
      • ADMIN_ENABLE_USER
      • ADMIN_DISABLE_ADMIN
      • ADMIN_DISABLE_USER
      • ADMIN_UNLOCK_ADMIN
      • ADMIN_UNLOCK_USER
      • SMON_SESSION_START
      • SMON_SESSION_END
      • SMON_ADMIN_SESS_TERM_REQ
      • PSUPDATE_START
      • PSUPDATE_FINISH
      • IDAPI_LOGIN_SUCCESS
      • IDAPI_LOGIN_FAILURE
  • Performance
    • Improved performance for reviewing a certification segment with a large number of entitlements.
    • Enhanced rendering performance in IDR module’s user resource allocation page.
    • Optimize loading time of html pages by caching widget files.
    • Improved load time of main menu screen.
  • Plug-ins / Event triggers
    • Added EVENT_POST_BATCH value to the input for the attribute validation plug-in when it is called from Workflow Manager Service (idwfm).
    • Resource operation exit traps now provide operation result to plug-in input.
  • PSLANG / API
    • Enhanced API AccountGetByAcctAttr() function to return accounts from all targets which match the specified attribute key and value.
  • Reports and dashboards
    • "Session activity" report now includes the "Login chain authentication" search filter, to return login statistics for custom authentication chains.
    • Enhanced the "User Attributes" report, can now filter results for user profiles by specific attribute values.
    • The "Orphaned / inactive users" report can now filter results based on how recently orphan accounts were discovered by the system.
    • Enhanced the "User accounts" report to allow filtering results for deleted accounts by the source of their deletion. This attribute is enabled only for targets with "track account changes" enabled, and records whether the account was deleted by action in the Hitachi ID Suite, or by out-of-band activity.
    • Added a new filter "Have at least N entitlements" to "Effective role assignment" report to compare minimum number of entitlements.
    • "Managed account groups" report can now query statistics on deleted or invalid memberships.
    • Added "Entitlement and attribute history" report, which can be used to audit the historical status of account attributes and entitlements at a particular point in time.
    • "Request popularity" report can now return request results sorted by affected target systems, roles, or groups.
    • "Orphaned / inactive users" report now includes the discovery time for each account when reporting on accounts lacking associated profiles.
    • "Managed system summary" report output has been improved for clarity and consistency.
    • Enhanced "User profile" report to improve filtering on profile attributes.
  • User interface
    • Extended target system address "help" interface to validate KVGroup values.

Current Version: 8.2.7

Release Date: December 17, 2014


Hitachi ID Privileged Access Manager 8.2.7click here to 
learn about Hitachi ID Privileged Access Manager release information

Features and Improvements:

  • Corporate reference build
    • A new column has been added to the AuthorizationPolicy table to allow the assignment of a single authorizer from an attribute defined in the request.
  • Database / Replication
    • Minimum required Oracle client version updated to 11.2.0.3 and up.
    • Maximum concurrent connection limit for Database Service (iddb) has been increased to 100 000. A new error message will be reported if this limit is reached or exceeded.
  • Licensing
    • E-mail messages sent when the license limit has been exceeded now include more details about the affected instance.
  • Logging / Health check
    • The following instance events now include real-time logging events which can be captured by tools such as the Windows event viewer:
      • GSET_CHECKIN_PARTIAL
      • GSET_CHECKIN_SUCCESS
      • GSET_CHECKOUT_SUCCESS
      • GSET_CHECKOUT_FAILURE
      • GSET_CHECKOUT_PARTIAL
      • PWD_CHECKOUT_SUCCESS
      • PWD_CHECKOUT_FAILURE
      • PWD_CHECKIN_SUCCESS
      • PWD_CHECKIN_FAILURE
      • WSTN_VIEW_PASSWORD_SUCCESS
      • WSTN_VIEW_PASSWORD_FAILURE
      • WSTN_VIEW_PASSWORD_HIS_SUCCESS
      • WSTN_VIEW_PASSWORD_HIS_FAILURE
      • ADMIN_ENABLE_ADMIN
      • ADMIN_ENABLE_USER
      • ADMIN_DISABLE_ADMIN
      • ADMIN_DISABLE_USER
      • ADMIN_UNLOCK_ADMIN
      • ADMIN_UNLOCK_USER
      • SMON_SESSION_START
      • SMON_SESSION_END
      • SMON_ADMIN_SESS_TERM_REQ
      • PSUPDATE_START
      • PSUPDATE_FINISH
      • IDAPI_LOGIN_SUCCESS
      • IDAPI_LOGIN_FAILURE
  • Performance
    • Improved performance for reviewing a certification segment with a large number of entitlements.
    • Enhanced rendering performance in IDR module’s user resource allocation page.
    • Optimize loading time of html pages by caching widget files.
    • Improved load time of main menu screen.
  • Privileged access management
    • Managed accounts removed from their target manually are now detected and handled by import rules.
    • Added new Hipamlws resynchronization functionality as a recovery mechanism to resolve instances of missing or conflicting data between Hitachi ID Privileged Access Manager server and local service mode system.
    • Improved Managed account access page to automatically refresh after end user randomizes or overrides the password.
    • McAfee ePO support is no longer installed by default.
    • Recorded session search results are now sorted by start time, in descending order.
    • Increased timeout value when stopping Privileged Access Manager Local Workstation service via the Windows Services management interface.
    • Improved Privileged Access Manager Local Workstation Service (hipamlws) to be able to handle situations where poll time is zero or unknown.
    • The Local workstation service now automatically disables listing of accounts and groups when installed on a domain controller.
  • PSLANG / API
    • Enhanced API AccountGetByAcctAttr() function to return accounts from all targets which match the specified attribute key and value.
  • Reports and dashboards
    • Enhanced the "User Attributes" report, can now filter results for user profiles by specific attribute values.
    • The "Orphaned / inactive users" report can now filter results based on how recently orphan accounts were discovered by the system.
    • Enhanced the "User accounts" report to allow filtering results for deleted accounts by the source of their deletion. This attribute is enabled only for targets with "track account changes" enabled, and records whether the account was deleted by action in the Hitachi ID Suite, or by out-of-band activity.
    • Added a new filter "Have at least N entitlements" to "Effective role assignment" report to compare minimum number of entitlements.
    • "Managed account groups" report can now query statistics on deleted or invalid memberships.
    • Added "Entitlement and attribute history" report, which can be used to audit the historical status of account attributes and entitlements at a particular point in time.
    • "Request popularity" report can now return request results sorted by affected target systems, roles, or groups.
    • "Orphaned / inactive users" report now includes the discovery time for each account when reporting on accounts lacking associated profiles.
    • "Managed system summary" report output has been improved for clarity and consistency.
    • Enhanced "User profile" report to improve filtering on profile attributes.
  • User interface
    • Extended target system address "help" interface to validate KVGroup values.

Current Version: 8.2.7

Release Date: December 17, 2014


Hitachi ID Group Manager 8.2.7click here to 
learn about Hitachi ID Group Manager release information

Features and Improvements:

  • Corporate reference build
    • A new column has been added to the AuthorizationPolicy table to allow the assignment of a single authorizer from an attribute defined in the request.
  • Database / Replication
    • Minimum required Oracle client version updated to 11.2.0.3 and up.
    • Maximum concurrent connection limit for Database Service (iddb) has been increased to 100 000. A new error message will be reported if this limit is reached or exceeded.
  • Licensing
    • E-mail messages sent when the license limit has been exceeded now include more details about the affected instance.
  • Logging / Health check
    • The following instance events now include real-time logging events which can be captured by tools such as the Windows event viewer:
      • GSET_CHECKIN_PARTIAL
      • GSET_CHECKIN_SUCCESS
      • GSET_CHECKOUT_SUCCESS
      • GSET_CHECKOUT_FAILURE
      • GSET_CHECKOUT_PARTIAL
      • PWD_CHECKOUT_SUCCESS
      • PWD_CHECKOUT_FAILURE
      • PWD_CHECKIN_SUCCESS
      • PWD_CHECKIN_FAILURE
      • WSTN_VIEW_PASSWORD_SUCCESS
      • WSTN_VIEW_PASSWORD_FAILURE
      • WSTN_VIEW_PASSWORD_HIS_SUCCESS
      • WSTN_VIEW_PASSWORD_HIS_FAILURE
      • ADMIN_ENABLE_ADMIN
      • ADMIN_ENABLE_USER
      • ADMIN_DISABLE_ADMIN
      • ADMIN_DISABLE_USER
      • ADMIN_UNLOCK_ADMIN
      • ADMIN_UNLOCK_USER
      • SMON_SESSION_START
      • SMON_SESSION_END
      • SMON_ADMIN_SESS_TERM_REQ
      • PSUPDATE_START
      • PSUPDATE_FINISH
      • IDAPI_LOGIN_SUCCESS
      • IDAPI_LOGIN_FAILURE
  • Performance
    • Improved performance for reviewing a certification segment with a large number of entitlements.
    • Enhanced rendering performance in IDR module’s user resource allocation page.
    • Optimize loading time of html pages by caching widget files.
  • Plug-ins / Event triggers
    • Added EVENT_POST_BATCH value to the input for the attribute validation plug-in when it is called from Workflow Manager Service (idwfm).
    • Resource operation exit traps now provide operation result to plug-in input.
  • PSLANG / API
    • Enhanced API AccountGetByAcctAttr() function to return accounts from all targets which match the specified attribute key and value.
  • Reports and dashboards
    • Enhanced the "User Attributes" report, can now filter results for user profiles by specific attribute values.
    • The "Orphaned / inactive users" report can now filter results based on how recently orphan accounts were discovered by the system.
    • Enhanced the "User accounts" report to allow filtering results for deleted accounts by the source of their deletion. This attribute is enabled only for targets with "track account changes" enabled, and records whether the account was deleted by action in the Hitachi ID Suite, or by out-of-band activity.
    • Added a new filter "Have at least N entitlements" to "Effective role assignment" report to compare minimum number of entitlements.
    • "Managed account groups" report can now query statistics on deleted or invalid memberships.
    • Added "Entitlement and attribute history" report, which can be used to audit the historical status of account attributes and entitlements at a particular point in time.
    • "Request popularity" report can now return request results sorted by affected target systems, roles, or groups.
    • "Orphaned / inactive users" report now includes the discovery time for each account when reporting on accounts lacking associated profiles.
    • "Managed system summary" report output has been improved for clarity and consistency.
    • Enhanced "User profile" report to improve filtering on profile attributes.
  • User interface
    • Extended target system address "help" interface to validate KVGroup values.

Current Version: 8.2.7

Release Date: December 17, 2014


Hitachi ID Connector Pack 3.0.0 click here to 
learn about Hitachi ID Connector Pack release information

Features and Improvements:

  • New connectors
    • Added Sophos Safeguard (agtsge) connectors.
    • Added Concur Solutions - Expenses and Invoicing (agtconcur) connectors.
    • Added ODBC script (agtodbcscript-32) connector and interface program pxodbc-32.exe for 32-bit support for ODBC data sources.
  • Application servers
    • CSV Connector Service (agtcsv) connector now supports additional delimiters.
    • VMWare vSphere (agtvsphere) connector now list and manage VMs as pseudo accounts.
  • Connector operations and behavior
    • Enhanced connector infrastructure to support runcommand operation.
    • The following connectors have runcommand operation support added:
      • agtpython
      • agtora
      • agtsql
      • agtsybct
      • agttelnet
      • agtnt
      • agtssh
    • The serverinfo operation is now supported for Java-based connectors.
    • The following connectors and interface programs have been upgraded to 64-bit versions:
      • pxsoap
      • pxremedyforce
      • pxodbc
      • pxnull
      • pxsvcnow
      • pxmssm
      • pxpython
      • pxhpsm-ws-im
      • pxpsynchv6
      • pxcasd
      • nrcifs
      • nrsmb
      • nrsrhpt
      • agtora
      • agtorascript
      • agtps
      • agtnds
      • agtexg2k7
      • agtbes
      • agtbes-ws
      • agtcache
      • agtilearn
      • agtsvcnow
      • agttamsso
      • agtwebex
      • agtwebex-conn
      • agtacf2
      • agtad
      • agtaddn
      • agtbitlocker
      • agtchkpt
      • agtcsv
      • agtdb2
      • agtdb2script
      • agtdos
      • agtepo
      • agtgapps
      • agthitrack
      • agthpsm_ws
      • agthsnm
      • agtidm
      • agtmcee6
      • agtmvm.exe
      • agtnt
      • agtnull
      • agtodbcscript
      • agtopan
      • agtpgpwde
      • agtpython
      • agtracf
      • agtsalesforce
      • agtsf
      • agtshrpt
      • agtsoap
      • agtsql
      • agtsqlscript
      • agtssh
      • agttelnet
      • agtts
      • agtunix
      • agtxml
    • Enhanced agentGetConnection() PSLANG function so that it can be called by PSLANG based connectors.
    • Added the ability to px* programs to populate all the server address data into $general and $targetData variables.
    • The following connectors have been deprecated, and will no longer be avaliable:
      • agtex2k
      • agtjdeow80-com
      • agtolap
    • The following connectors have been replaced:
      • agtsyb by agtsybct
      • agtsybscript by agtsybctscript
    • The new connectors have the same functionalities as the old, but use new libraries.
    • Exposed the shortid parameter for connectors that usePSLANG.
  • Database systems
    • Oracle database 12C1 is now a supported target system.
    • Microsoft SQL Server (agtsql) and Microsoft SQL Server script (agtsqlscript) connectors now supports Microsoft SQL Server 2012/2014 servers.
    • Microsoft SQL Server (agtsql) connector now supports SSL encryption.
    • Oracle Database (agtora) connector can now list, assign and remove privileges. These privileges are considered account groups.
    • Enhanced the Sybase ASE (agtsybct) connector by:
      • Allowing a direct communication with the server
      • Adding the server info operation
      • Detecting a reset failure when the servers password policy is not respected 1.1.5 Hardware tokens
    • Support has been added for both Java JRE 1.7 32-bit and 1.8 32-bit for the RSA Authentication Manager 7.1/8.x (agtrsaam) connectors.
  • Network operating systems
    • Windows NT Server (agtnt) connector now consolidates all subscriber types and groups into one subscriber list file.
    • Active Directory DN (agtaddn) connector can now exclude container objects from listing.
    • Active Directory DN (agtaddn) connector will use the CN attribute when performing a rename operation.
    • Active Directory DN (agtaddn) connector can list groups or computers from a group or a OU.
  • Script systems
    • Modified LDAP Attribute sample scripts to add the ability to unlock user accounts on Oracle Directory Server via resetting a password.
    • Scripted connectors can now use all the connector return codes.
    • Added sample configuration script agtldap-pamldap.cfg for LDAP servers with authentication through pluggable authentication modules.
    • The PowerShell Script (agtps) connector now uses standard connector error codes.
    • Added agtssh-cisco_ios.psl script for Cisco IOS support for SSHD and Telnet targets.
    • Added sample script agtssh-chkpt-ngx.psl for Secure Shell (agtssh) connectors operations for Check Point Embedded NGX based Devices.
    • Added sample script agtssh-junos9x.psl for SSH support for Juniper JunOS devices.
    • Implemented new %k:_hostID% replacement string to be accessible in exposing target ID in scripting connectors.
  • Single sign-on
    • SiteMinder (agtsm) connector can now return only the directory of interest when listing accounts, and more debugging was added to the siteminder binary.

Current Version: 3.0.0

Release Date: December 10, 2014


page top page top