We are pleased to announce the new SaaS version of Netwrix Identity Manager (NIM). This release focuses on making access governance easier, improving data accuracy, and strengthening entitlement oversight across your environment.
Want the full details? Click the link below!
New Features
NIM Profile Connector
A new connector allows Netwrix Identity Manager profiles to be managed and governed like any other application entitlement.
With this connector, you can:
- Bring NIM-generated profiles into your role model
- Apply the same governance, certification, and review processes used for other entitlements
- Manage NIM profiles across one or multiple NIM instances
This ensures that permissions originating from NIM itself are fully governed.
NIM Profile | Netwrix Product Documentation
Modify, Edit or Remove roles via the Assigned Roles Dashboard
The Assigned Roles page was previously read-only, offering visibility into role assignments without the ability to act. Itâs now fully actionable.
Because this view is role-centric, you can see all users associated with a specific role in one place â and now make changes directly from that same view.
You can now:
- Add, edit, or remove assigned roles directly from the dashboard
- Filter by role to quickly see who has been granted or denied specific access
- View granted and denied roles together for clearer decision making
These improvements simplify access reviews and make entitlement management faster and more intuitive.
New date attribute type
Netwrix Identity Manager now supports a new date-only attribute type for values that must remain consistent across time zones. This prevents unintended changes to fields such as birthdays or contract dates when viewed from different regions.
Benefits include:
- Date values are stored without any time zone adjustment
- Accurate, consistent representation of date-only fields
- Continued support for datetime fields when time precision is required
This enhancement improves the reliability of identity data in global deployments.
Enhancements
Simulation improvements
The simulation engine now shows only the changes that are directly affected by the simulated modification. It no longer displays the full set of updates that will occur during the next role model computation.
This provides clearer, more predictable simulation results and reduces noise during what-if analysis.
Certification campaign scheduling
You can now define the start time for certification campaigns. This allows campaigns to begin at a specific time of day, rather than starting immediately or at a default time, giving administrators better control over scheduling and notifications.
Improved audit trail for workflow approvals
Workflow approval history is now retained even if the approving user account has been deleted. This closes a compliance gap and ensures complete traceability for auditors and reviewers.
Trace actions on role reconciliation, resource reconciliation, and provisioning review
When users make changes via these pages, the user who performed the action, and when it was performed is now recorded to the database and can be queried. This closes a compliance gap and ensures complete traceability for auditors and reviewers.
Right-to-left (RTL) language support
The user interface now supports right-to-left languages, ensuring correct layout and usability for RTL locales.
Brand change: Usercube renamed to Netwrix Identity Manager
The Usercube product name has been updated to Netwrix Identity Manager (NIM). The change affects product naming only and does not alter functionality or configuration.
Bug Fixes and Miscellaneous Updates
| Component | Description |
|---|---|
| Access Control and Workflows | A 500 error occurs when the subject exceeds 442 characters in the workflow finalize step. |
| Access Control and Workflows | Form controls with InputType set to hidden are copied when cloning a record. |
| Access Control and Workflows | Workflow fields exceeding 442 characters are flagged as too long, even though the target column index supports 4000 characters. |
| Access Control and Workflows | Filtering by requestor on the Workflow Overview page shows results only for the first page; subsequent pages appear blank. |
| Access Control and Workflows | In a workflow, a 403 issue is encountered when forwarding or when saving as a draft. |
| Access Control and Workflows | Workflow Overview errors when a workflow has a mono record form with a binding that references its parent entity type. |
| Certifications and Risks | A resource type is marked as missing a required parameter even when the parameter is optional. |
| Certifications and Risks | Certification campaigns using the ânot certified sinceâ filter do not work as expected. |
| Certifications and Risks | Risk filters applied to roles in certification campaigns are not reflected in the campaign description after creation. |
| Certifications and Risks | In certification campaigns, a duplicate error is thrown if a permission assignment is included in two different campaigns and processed for removal in the same job. |
| Configuration | When using IGA Core solution configuration, the User Type criterion does not appear in the administratorâs advanced search bar. |
| Configuration | When using a lowercase âc#â prefix in C# expressions within XML configuration, the expression is not recognized and no error message is displayed. |
| Configuration | During a configuration deployment, a primary key violation is raised when importing a configuration where scaffolded dimensions were updated using ConsolidationMode. |
| Configuration | The SendRoleModelNotification task is now deprecated and is no longer used in the CreateConnectorSynchroComplete and CreateAgentSynchroComplete scaffoldings. |
| Connectors and Integrations | Running âRefresh Schemaâ from the connectors page does not consistently work. |
| Connectors and Integrations | Refreshing the schema for the Microsoft EntraID connector fails. |
| Connectors and Integrations | An Active Directory account that is created, but has not yet been synchronized, fails when an account activation command is provisioned. |
| Jobs and Policy | A resource type cannot be updated in a workflow even when configured to allow modification. |
| Jobs and Policy | In exclusively incremental jobs, provisioned accounts are not marked as verified after synchronization. |
| Jobs and Policy | If the redundant assignment job encounters an error, it cannot be restarted. |
| Jobs and Policy | On the Assigned Roles page, the Excel download displays EntityType as â[object Object]â instead of its display name. |
| Jobs and Policy | Deleting a resource type via the Access Roles page does not properly trigger cascade delete operations. |
| Jobs and Policy | Duplicate emails related to the role model are sometimes generated. |
| Logs / Performance / Security | The send-notifications command displays unclear error messages when required parameters are missing. |
| Logs / Performance / Security | On the Access Rules page, when copying a resource type rules and then modifying it before saving, could result in incomplete copies. |
| UI / UX | The permission basket page displays as blank when there is a cyclic relationship between categories. |
| UI / UX | When viewing a permissions basket with an âAs of dateâ specified, the permission details show the current state instead of the state at the specified date. |
| UI / UX | Pagination buttons are not always correctly displayed on the Workflow Overview page when navigating back to the first page. |
| UI / UX | Roles that are uncategorized donât appear in the permissions basket. |
| UI / UX | The âAdd a resource typeâ label in resource type picker used on resource screens could not be translated. |
| Other | A file encrypted with the Usercube-Encrypt-File tool is sometimes not correctly decrypted. |
Need help with this update?
There are many different ways to get help with our products!
| Situation | Action |
|---|---|
| If you feel the product is broken and not working as intended⌠| Contact Support |
| If you have a question youâd like to ask other experts⌠| Create a discussion in the community: Identity Manager > Discussions & Questions |
| If you have a feature request⌠| Let our product team know directly: Identity Manager > Ideas |
| If you have something cool to show⌠| Show everyone what you built: Identity Manager > Show & Tell |
What are your thoughts?
We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!