지금 지원 담당자와 채팅
지원 담당자와 채팅

Active Roles On Demand Hosted - Quick Start Guide

Introduction to Active Roles On Demand

One Identity Active Roles is an access management system designed to assist administrators in the access management of on-premises, hybrid and cloud enterprise infrastructures, such as Microsoft Active Directory (AD), organization mailboxes, Lightweight Directory Services (LDS), and so on. Besides providing tools to provision access to various company resources (user accounts, computers, email addresses, printers, and so on), it also allows you to set up business unit-level or company-level policies and workflows for automating access management tasks to save administration time and operational costs.

One Identity Active Roles On Demand is a complete Active Roles installation, provisioned in the One Identity cloud and connected to your network through a virtual private network (VPN). One Identity operates and monitors the runtime environment for you.

When purchasing and deploying Active Roles On Demand the first time, you must send a set of network and VPN connection information to One Identity via the One Identity Starling portal (https://www.cloud.oneidentity.com), and you must upload an offline domain join file. The One Identity Cloud Operations Team then provisions your Active Roles On Demand environment based on the information and offline domain join file you provided.

This provisioning can take up to 24 hours to complete, and some additional VPN configuration may be required to adjust your VPN gateway device to connect to the VPN gateway you hosted.

As One Identity is provisioning Active Roles On Demand in an address that is private to your VPN, One Identity provides the IP address for Active Roles On Demand and the administrator account credentials.

Active Roles On Demand system requirements

One Identity Active Roles On Demand provides its core features in a SaaS-delivered model. Therefore, you do not need to install the Active Roles Administration Service and the Active Roles Web Interface components on-premises.

However, to access, configure and maintain the Active Roles On Demand solution, you must install certain client-based Active Roles components on-premises with the indicated system requirements.

Before using the 30 May 2022 release of Active Roles On Demand, ensure that you meet the following requirements.

Active Roles Management Tools

Active Roles Management Tools is a composite component, providing the following client-based tools to configure and manage your Active Roles deployment:

  • Active Roles Configuration Center

    NOTE: Active Roles Configuration Center is available on 64-bit systems only.

  • Active Roles Management Shell

  • Active Roles SDK

  • ADSI Provider

Table 1: Active Roles Management Tools system requirements
CPU

Intel x86, Intel 64 (EM64T) or AMD64 processor, 1 GHz or faster.

RAM

1 GB or more.

Disk space

100 MB

Supported OS

  • Microsoft Windows Server 2022, 2019, or 2016 (Standard or Datacenter edition).

  • Microsoft Windows 8.1 or 10 (Professional or Enterprise edition, 32-bit or 64-bit).

NOTE: Active Roles is not supported on Windows Server Core installations.

.NET Framework

4.7.2

Windows Management Framework

5.1

Miscellaneous

  • Visual C++ 2017 Redistributable

  • Microsoft Windows Remote Server Administration Tools (RSAT) for AD is required to manage Terminal Services user properties with Active Roles Management Shell or Active Roles Management Tools.

Configuration Center

Active Roles Configuration Center provides a single solution for configuring the Active Roles Administration Service instances and Active Roles Web Interface sites, allowing administrators to perform the core configuration tasks from a single location. These include the following:

  • Creating and configuring the Active Roles Administration Service and the default cloud-based Active Roles Web Interface sites.

  • Managing the core Active Roles Administration Service settings, such as the Active Roles administrator account, service account, and database connection.

  • Managing the core Active Roles Web Interface settings, such as the site address on the web server and its configuration object in the Active Roles Administration Service.

  • Logging options for troubleshooting Active Roles components.

    NOTE: Currently, when opening the Logging settings of the Active Roles Configuration Center, the Logging page will be blank. As a workaround, contact the One Identity Cloud Operations Team if you need to change your logging settings.

  • The Starling Join feature, enabling Active Roles to connect to the One Identity Starling Cloud Platform and integrate with additional One Identity products for additional functionality.

Active Roles Management Shell

A set of Management PowerShell cmdlets, providing a means for executing and automating tasks in Active Roles and covering three key areas:

  • Active Directory objects

  • Active Roles configuration

  • Active Roles Synchronization Service

Active Roles SDK

The Active Roles SDK, providing samples and documentation for developers to help them:

  • Customize Active Roles by creating custom client applications and user interfaces.

  • Expand the use of Active Roles by integrating it with the existing proprietary applications and network data sources.

ADSI Provider

The Active Directory Services Interface (ADSI) Provider enables custom user interfaces and applications to access Active Directory services through Active Roles. ADSI Provider translates client requests into DCOM calls and interacts with the Active Roles Administration Service.

The Active Roles ADSI Provider allows custom scripts and applications (such as web-based applications) to communicate with Active Directory, while taking full advantage of the security, workflow integration and reporting benefits of Active Roles.

The data exposed by Active Roles ADSI Provider is organized in a namespace identical to the namespace of the Windows system LDAP provider. The name of the Active Roles ADSI Provider namespace is EDMS://, instead of using the Microsoft LDAP:// namespace).

Active Roles Console

Active Roles Console (also known as the MMC Interface) is a Microsoft Management Console (MMC) snap-in for a Microsoft Windows-based user interface.

Administrator users can use Active Roles Console to perform most Active Roles configuration actions while standard users can perform daily delegated administration and operations with it.

Table 2: Active Roles Console system requirements
CPU

Intel x86, Intel 64 (EM64T) or AMD64 processor, 1 GHz or faster.

RAM

1 GB or more.

NOTE: The amount of memory required by Active Roles Console depends on the total number of managed objects.

Disk space

100 MB

Supported OS

  • Microsoft Windows Server 2022, 2019, or 2016 (Standard or Datacenter edition).

  • Microsoft Windows 8.1 or 10 (Professional or Enterprise edition, 32-bit or 64-bit).

NOTE: Active Roles is not supported on Windows Server Core installations.

.NET Framework

4.7.2

Web browser

Microsoft Edge 79 (or newer), based on Chromium

Miscellaneous

Visual C++ 2017 Redistributable

셀프 서비스 도구
지식 기반
공지 및 알림
제품 지원
소프트웨어 다운로드
기술 설명서
사용자 포럼
비디오 자습서
RSS 피드
문의처
라이센싱 지원가져오기
기술 지원
모두 보기
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택