CP-IMV-140100-0006 Release Notes

The following defects have been fixed in this Cumulative Patch:
cis141
The following defects have been fixed in this Cumulative Patch:
Support Ticket
Engineering Ticket
Problem Summary
Root Cause and Additional Deployment Instructions
Associated Risk
969121
DE351708
On performing the Cleanup Submitted task, the following error is thrown:"Cannot insert duplicate key in object 'dbo.archive_tasksession12_5'"
While performing the Cleanup Submitted task with Audit option selected, the Workflow task session, which is in audit state, also moves Work Item tasks from Task Persistence to Archive database.
HIGH
1106778
DE368105
Performance degrades when endpoint account list is retrieved using REST API.
Account search invokes redundant JIAM layer function calls.
HIGH
956053
DE360369
Security vulnerability: SQL Injection on performing Policy Xpress operations. 
SQL query is exposed when a database exception occurs.
HIGH
Internal
DE375400
On accessing the "Groups" tab in "Modify User" screen, an exception is thrown.
An attribute to initialize group MOs is not available.
HIGH
1068897
DE361132
Configure or remap CA Governance tasks to a custom task.
This is an enhancement that allows account suspend, resume, and delete events to be accessible from Event Listener thus allowing rapid resolution of specific accounts.
MEDIUM
1011409
DE358814
SOAP Base query in Policy Xpress plugin does not support WSS.
Added WSS support to Policy Xpress plugin SOAP Query.
MEDIUM
998793
DE358742
In the absence of primary and secondary approvers, the work item is not forwarded to the default approver.
The Concurrency error of the Workpoint causes this issue.
MEDIUM
1095616
DE366541
Unable to assign groups membership to users if that group is outside of the first 10,000 search results.
This is an enhancement to secondary group searches.
MEDIUM
1099931
DE366859
For error codes 51(BUSY) and 52, endpoints are not marked offline automatically.
The error code 51(BUSY) and 52 are not handled by CA Identity Manager.
MEDIUM
1067650
DE360471
multiple role assignment issues
Task with AccountSync=OnEveryEvent sends improper synchronization flag when the identity policies add/remove Provisioning Roles.
From 14.1 onwards, task with AccountSync=OnEveryEvent is not handled for synchronization flags 
MEDIUM
1068902
DE363361 
Unable to export an environment when a rule string is used in eTADSMemberOf attribute, and throws "String index out of range -1" error.
eTADSMemberOf attribute expects a groupDN, which definitely contains ",DC=" as a substring. However, if a rule string is used instead of groupDN, it may not have ",DC=" as a substring.
MEDIUM
1006121
DE363119
Tasks are getting stuck in progress state until a restart is made.
This is an enhancement to the ACK mode on JBoss/WildFly.
MEDIUM
1073169
DE367768
Import of Global Policy Workflow objects via Roles and Tasks Settings.xml fails without any error. 
The functionality to import "Global Policy Based Workflow for Events" was not implemented.
MEDIUM
1078645
Enhancement
Live notifications report from CA Identity Manager to CA Identity Governance is not accurate.
Audit database does not capture all events data.
 MEDIUM
1064027
DE360545
Unable to acquire an Oracle endpoint when the URL attribute exceeds 128 characters.
The URL attribute is restricted to 128 characters.
MEDIUM
1095555
DE365801
Single expression search does not work as expected.
The "Single expression search" flag is not used while forming a query filter for CA Identity Manager search operation.
LOW
Internal
DE364813
Ability to resubmit multiple tasks that are marked "Failed" via TEWS API calls.
Enhancement to support resubmission of multiple failed tasks.
LOW
1105393
DE368254
Resubmission of multiple tasks that are in failed state is not working.
This is an enhancement that allows resubmission of multiple tasks that are in failed state.
LOW
1012714
DE369594
In Identity Policies, when policy conditions are met, the audit messages are not audited. 
Proper implementation was missing for audit messages.
LOW
1113574
DE372013
User Full Name Handler adds an additional space.
Extra spaces in the User Full Name Handler were not handled.
LOW
1075802
DE363038
In View Submitted Task, the tasks are not sorted by date from latest to oldest. 
Date is not considered while sorting tasks in View Submitted Tasks.
LOW
1071338
DE362039
Some tasks/events remain in-progress and cannot be re-posted to JMS via CA Identity Manager Management Console.
This is an enhancement. Added a new capability to resubmit tasks TEWS API to also handle in progress tasks.
LOW
1105140
DE370082
Issue with the order of the account synchronization request that is sent by CA Identity Manager to Provisioning Server per provisioning role.
Incorrect order of provisioning synchronization requests caused the issue.
LOW
Enhancement
Enhancement
update endpoint entitlement
The Endpoint Entitlements were no handled.
LOW
Enhancement
Enhancement
move get account status from GET to POST
The Account Status was not getting updated from GET to POST
LOW
Enhancement
Enhancement
approval resolves fixing
The Work item approval was not handled properly.
LOW
1104521
DE371409
On configuring Skype for Business, the following exception is thrown:
"Revoke of the skype role->skype template does not revoke the skype access."
The functionality to revoke skype is not implemented.
HIGH
945902
DE342392
Provisioning Server is unable to convert an expired date to the calendar format.
Provisioning Server does not support expired date.
MEDIUM
Internal
DE367356
In release 14.1, Office 365 connector did not support multidomain.
In release 14.2, Office 365 connector supports multidomain. So, this functionality was backported from 14.2 to 14.1.
LOW
1105421
DE368860
Global provisioning user attributes length is inadequate.
Increased the maximum length of the global provisioning user attributes.
LOW
US499024
Enhancement
In release 14.1, "Account Activation" and "Terminate User Session on Expiration" attributes with PAM 3.2 are not supported.
In release 14.2, "Account Activation" and "Terminate User Session on Expiration" attributes of PAM 3.2 are supported. So, this functionality was backported from 14.2 to 14.1.
MEDIUM
1063182
DE360159
User synchronization with account templates fails when the account template profile name contains a "space" or the following special characters at the beginning of the string: 
"#", "," , "+", """, "\", "<", ">", ";"
The special characters are not escaped and when LDAP processor tries to parse the Distinguished Name value it fails.
MEDIUM