New features and enhancements
Select specific data object types to migrate
You can now explicitly specify the data object types that you want to migrate to do the migration in chunks instead of migrating all supported data objects in one go. With the new Migrate the following objects option, you can migrate the following:
- All supported objects
- Base and user objects
- Base objects only
- User objects only
- DIGIPASS objects only
This can be especially useful if you need to migrate a lot of data. If the migration process fails or is aborted, you usually need to repeat the complete process, since DMT cannot resume an aborted process and continue from where it left off.
Supported platforms, database management systems, and other third-party products
Software libraries
The software library lists are not exhaustive, but include the most notable and critical updates only. For a complete overview, refer to the third-party dependency files included with the installed product.
This version now includes the following (updated) third-party libraries:
- Boost C++ libraries 1.85
libxml2 2.13.5
Fixes: CVE-2024-25062, CVE-2023-45322
OpenSSL 3.0.15
Fixes: CVE-2024-0727, CVE-2023-6129, CVE-2023-5678, CVE-2023-5363, CVE-2023-4807, CVE-2023-3817, CVE-2023-2975
zlib 1.3.1
Fixes: CVE-2023-45853, CVE-2022-37434
Fixes and other updates
Issue OAS-24430: Invalid DIGIPASS import file creates incorrect entries in database
Description: When you import MDL authenticator licenses from a DIGIPASS import file (*.csv) that contains specific invalid message vector data, the import process may complete but create invalid authenticator parameters in the database (vdsDPSoftParams). As a result, the authenticator license cannot be used to activate authenticator instances afterward.
Affects: Data Migration Tool 3.21–3.26
Status: The data and parameter verification has been improved to prevent invalid authenticator license records.
Issues OAS-24701, OAS-12229 (Support cases CS0130603, CS0085259): DMT does not migrate PNID or direct assignment flag values
Description: When you migrate from a source system, DIGIPASS push notification identifier (PNID) values are not transferred.
If you import from a DIGIPASS import file (*.csv), the DirectAssignOnly column is not correctly evaluated and incorrectly set in the database. The respective authenticators cannot be used for auto-assignment, and future data migration from that server instance via DMT can fail.
Affects: Data Migration Tool 3.21–3.26
Status: DMT now migrates PNID values for authenticator instances. Furthermore, you can now specify PNID values when you import from a DIGIPASS import file (via DevicePNId). The DirectAssignOnly column in import files is handled correctly.
Deprecated components and features
PDF documentation (Deprecated)
You can view the user documentation of most OneSpan products online already at https://docs.onespan.com/, and we plan to shift exclusively to online documentation.
This means that PDF documentation will be completely removed in future major releases of Data Migration Tool (currently planned for 3.28).
Known issues
Data Migration Tool does not support maker–checker authorization
Description: Data Migration Tool does not allow data migration if maker–checker authorization is enabled on either the source or the destination system.
Affects: Data Migration Tool 2.10–3.27.2
Status: No fix available. Disable maker–checker authorization on both the source and the destination system.
Issue 41626: Mobile Authenticator Studio incorrectly set to UNBOUND upon migration
Description: When you attempt to migrate Mobile Authenticator Studio version 4 that is already present in the destination server, the authenticator becomes UNBOUND upon migration.
Issue 20591: User links not migrated upon subsequent migration attempts
Description: When you migrate data again with the Update Existing Records option enabled, Data Migration Tool may fail to preserve links between linked user accounts. This will occur if:
- The user accounts in question were linked after the first migration attempt.
- Each linked user account had an assigned authenticator when they were first migrated across.
This occurs because Data Migration Tool migrates all user accounts first, and then attempts to re-apply any links between linked user accounts. However, if those user accounts already exist in the destination with assigned authenticator (i.e. as they were when they were first migrated), their links will not be re-applied.
Status: No fix available. To circumvent this issue, ensure that all user links are applied after the data migration.