NetIQ Identity Manager 4.8 Review – Part 1: Overview
| December 4, 2019This is the first in a series of blog posts dedicated to the NetIQ Identity Manager 4.8 release. For a quick overview of the new features, visit our Identity Manager 4.8 Webinar page.
NetIQ Identity Manager 4.8 versions
Identity Manager 4.8 comes in two versions: standard and advanced. The core features of each have not changed, but check out our chart below to compare standard and advanced components.
Supported Operating Systems
NetIQ Identity Manager 4.8 can be installed on SLES 12sp4 – SLES 15sp1, Redhat 7.5 – RHEL 8. Windows is supported with Server 2016 and 2019. Note that support for server 2012 has been deprecated in this release.
Downloading Identity Manager 4.8
Both the standard edition as well as the advanced edition are included on the download page at https://dl.netiq.com. The following options are available:
NetIQ Identity Manager 4.8 New Features and Versions
If you are familiar with the components of Identity Manager’s previous releases, this will summarize the new features. For those not familiar, we suggest reviewing the NetIQ/Micro Focus website for Identity Manager here, or contact Concensus and we can assist!
Installation Options
Identity Manager 4.8 comes with the typical Enterprise Mode of installing directly on top of a Windows Server (Windows Installer) or Linux Server platform (RPM-based installer) on supported platforms. New to Identity Manager 4.8 is the container option. The following Identity Manager containers can be installed on any supported Docker OS host:
- iManager
- Vault (eDirectory/IDM Engine)
- Reporting (RPT/DCS)
- User App
- OSP
- Remote Loader
- Fanout Agent
- Postgress DB
- AMQ
- SSPR
In addition, Micro Focus recommends that you use a tool such as Kubernetes, Salt/Ansible, CDF or Rancher to manage your deployments. Concensus is currently evaluating these tools and other options for our Concensus Cloud deployments. We have already run the components on Ubuntu systems in our test lab.
The containers make upgrading individual components much easier if you have an existing container strategy in place.
eDirectory 9.2
eDirectory 9.2 shipped prior to the release of Identity Manager 4.8 but is included on the DVD with the vault installer. The new features for eDirectory include:
- Install as a Container (as part of the Identity Manager 4.8 ISO)
- Rest Endpoints are coming (not on the Identity Manager 4.8 ISO)
- Support for Non-Reversible Passwords (PBKDF2)
- Note that XDAS has been deprecated and it is suggested that you use CEF for auditing
A few notes about the upcoming release of the REST services for eDirectory. It will support CRUD operations. The following table lists the comparable LDAP operation to the new REST API Method:
This will help support the forthcoming management console that will eventually replace iManager.
Designer for Identity Manager 4.8
The new version of Designer has a few updates to support New Actions and the new Identity Applications. There is also some limited support for using GIT for package control. GIT is only recommended for sharing packages when they are developed or staged. For project version control it is recommended that you continue to use SVN.
The following new actions are available within Designer for Identity Manager 4.8:
- Delete Resource, Delete Role, If Operation Entitlement, Modify Resource, Modify Role
- Invoke REST Endpoint
- Remove Named Password, Set Named Password
- Creating forms using the new Workflow Form Builder (Built on Form.IO)
Introducing the New Forms Engine for Identity Manager 4.8
The new forms engine built on forms.io has been added to the Identity Applications suite. This enables a new form builder to be used from Designer instead of having to log into the user app to create forms. Existing forms will have to be rebuilt. There is no functionality that will upgrade existing forms. An article could be written on the new forms builder itself but here are a few screenshots of how easy it is to create new forms:
Form components are well documented on the NetIQ site with plenty of screenshots that show you just how powerful these are.
The documentation can be found in the user guide here, and for some IDM-specific form help, check out the Formio Help here.
Next Up
In our next blog post, we will take a deeper dive into building out an Identity Manager 4.8 system.
Summary
The NetIQ Identity Manager 4.8 release is a solid release from Micro Focus. Keeping up with Identity Manager releases is important not only for security but for modernizing your infrastructure. As the product evolves to a hybrid deployment mode (both on-premise and in the cloud), this release is going to be key to making that happen. If you are looking at deploying containers or cloud hosting, we recommend updating to this release as part of that journey.