Chatee ahora con Soporte
Chat con el soporte

Active Roles 8.2.1 - Release Notes

Active Roles

Active Roles

Release Notes

Version 8.2.1

04 December 2024, 16:53

These release notes provide information about the Active Roles release. For the most recent documents and product information, see Online product documentation.

About this release

Active Roles 8.2.1 is a patch release with new features and functionality. See New features and Enhancements.

IMPORTANT: Starting from Active Roles 8.2.1, the Microsoft OLE DB Driver requirements have changed. These changes require additional configuration steps to perform before upgrading or installing Active Roles. Failure to complete these steps might result in the Active Roles Service not starting. For more information, see Microsoft OLE DB Driver for SQL Server security impacts.

New features

Active Roles 8.2.1 has the following new features.

Azure Government tenant support

Active Roles and Active Roles Synchronization Service now support connecting to and managing the objects of Azure Government (GCC and GCC-H) tenants.

  • In Active Roles, you can connect to Azure Government tenants via the Active Roles Configuration Center. After adding the Azure Government tenant and consenting Active Roles as an Azure application, you can manage the objects of the Azure Government tenant via the Active Roles Web Interface or the Managed Unit feature of the Active Roles Console.

  • In Active Roles Synchronization Service, you can configure the Azure AD Connector, the Microsoft 365 Connector and Azure BackSync to synchronize the resources of Azure Government tenants.

For more information, see the following resources:

  • For more information on Azure Government tenants, see Compare Azure Government and global Azure in the Microsoft Azure documentation.

  • For more information on how to connect Active Roles to an Azure Government tenant and consent Active Roles as an Azure application through the Active Roles Configuration Center, see Configuring a new Azure tenant and consenting Active Roles as an Azure application in the Active Roles Administration Guide.

  • For more information on how to configure Azure BackSync for Azure Government tenants, see Configuring Azure BackSync in the Active Roles Synchronization Service Administration Guide.

  • For more information on how to configure the Azure AD Connector or the Microsoft 365 Connector for Azure Government tenants, see Creating a Microsoft Azure Active Directory connection or Creating a Microsoft 365 connection in the Active Roles Synchronization Service Administration Guide.

Azure BackSync replacement

Active Roles now supports the Azure BackSync feature via the associated BackSync Replacement built-in script and workflow, which are available in the Active Roles Console. This feature replaces the Azure BackSync operation of the Active Roles Synchronization Service.

For more information, see About the BackSync Replacement workflow in the Active Roles Administration Guide.

Related topics

Enhancements

The following is a list of enhancements implemented in Active Roles 8.2.1.

Table 1: General enhancements
Enhancement Issue ID

Federated authentication support in Active Roles received the following enhancements:

  • Active Roles now also supports federated authentication using SAML 2.0, allowing users to access websites or sign in once with the single sign-on (SSO) option.

    NOTE: Federated authentication is not supported and does not work on standalone Web Interface instances.

  • Active Roles now also supports automatically refreshing expired certificates from the remote store, if federated authentication is configured for the Active Roles Web Interface, but the certificate gets expired and another identity provider, such as Microsoft Entra ID replaces it.

    NOTE: After upgrading Active Roles, always ensure that Active Roles automatically refreshes expired certificates. To do so:

    • If using WS-Federation, in the Active Roles Configuration Center, in Web Interface > Authentication, reconfigure federated authentication.

    • If using SAML 2.0 authentication, in the Active Roles Configuration Center, in Web Interface > Authentication, configure federated authentication and make sure to load the federation metadata from a URL (instead of loading it from a file).

For more information, see Configuring federated authentication in the Active Roles Administration Guide.

299431,

437706

Active Roles 8.2.1 has been checked against the following Security Technical Implementation Guidelines (STIGs) of the Defense Information Systems Agency (DISA).

  • Application Security and Development

  • MS SQL Server 2016 Database

  • MS SQL Server 2016 Instance

The checks performed during STIG validation are compliant with the following National Institute of Standards and Technology (NIST) Special Publications (SP):

  • NIST SP 800-53

  • NIST SP 800-53A

  • NIST SP 800-53 Revision 4

413546
Table 2: Active Roles Configuration Center enhancements
Enhancement Issue ID

Security enhancements to SAML 2.0 configuration process.

465851

The Active Roles Configuration Center received the following enhancements related to importing Management History:

  • Improved the performance of the Import Management History wizard. The speed of importing Management History data is significantly increased.

  • Improved the Import Management History wizard user interface.

  • Added retry policy for SQL exceptions. If the migration fails due to a network related or transient SQL exception, the process now restarts automatically, and the wizard attempts to import the current batch 3 times before canceling the operation. If the migration fails due to other SQL exceptions, the wizard only restarts the migration once.

For more information, see Importing Management History data in the Active Roles Upgrade Guide.

433585
Table 3: Active Roles Console enhancements
Enhancement Issue ID

The Active Roles Console received the following enhancements related to Managed Units:

  • You can now create Managed Units from Azure distribution groups and Azure contacts with any "Include" or "Exclude" membership rules, not just with the Include Explicitly and Exclude Explicitly rules.

  • If you create or update a Managed Unit query, the Find drop-down list now also lists Azure distribution groups and Azure contacts.

For more information, see Configuring federated authentication in the Active Roles Administration Guide.

401787

Improved the performance of the Active Roles Console when listing Azure distribution groups in the Select Objects dialog.

387339

Table 4: Active Roles Synchronization Service enhancements
Enhancement Issue ID

The Active Roles Synchronization Service Capture Agent component now supports Local Security Authority (LSA). For more information, see Configuring Additional LSA Protection in the Microsoft Windows Server documentation.

125828

Table 5: Active Roles Web Interface enhancements
Enhancement Issue ID

Improved the performance of the Active Roles Web Interface when loading the list of Azure distribution groups.

387339

Herramientas de autoservicio
Base de conocimientos
Notificaciones y alertas
Soporte de productos
Descargas de software
Documentación técnica
Foros de usuarios
Tutoriales en video
Aviso de actualizaciones de páginas web (RSS)
Comuníquese con nosotros
Obtenga asistencia con las licencias
Soporte Técnico
Ver todos
Documentos relacionados

The document was helpful.

Seleccionar calificación

I easily found the information I needed.

Seleccionar calificación