Chat now with support
Chat with Support

Active Roles 8.1.4 - Feature Guide

Introduction About Active Roles
Main Active Roles features Technical overview of Active Roles
Presentation components Service components Network data sources Security and administration elements Active Directory security management Customization using ADSI Provider and script policies Dynamic groups Workflows Operation in multi-forest environments
Examples of use
Administrative rules and roles
Managed Units Access Templates Access Rules Active Roles Synchronization Service Exchange Resource Forest Management Skype for Business Server User Management
Configuring and administering Active Roles Support for AWS Managed Microsoft AD FIPS compliance LSA protection support

Installation label

To identify your Active Roles installation in the Managed Object Statistics report, you can set a label for your deployment in the Active Roles Console.

This is useful, for example, if you have several Active Roles deployments installed in your organization (for example, separate pilot, non-production and production environments) and you want to easily distinguish them visually.

Once configured, the installation label appears in the title of the Managed Object Statistics report.

Getting started

For more information on how to configure an installation label for Active Roles, see Installation label in the Active Roles Administration Guide.

Safe mode

Active Roles provides a troubleshooting mode called "Safe mode" that starts Administration Service in a limited state.

When you enable Safe mode, Administration Service:

  • Disregards all custom policies, workflows, scripts, scheduled tasks and other custom-made assets that may prevent Active Roles from starting and operating normally.

  • Rejects connections from any users that do not have Active Roles Admin privileges.

While Safe mode is active, only Active Roles Admins can connect to Administration Service, so that they can troubleshoot problems by changing the existing Active Roles configuration or removing any customizations that could cause issues. Once troubleshooting is finished, Active Roles Admins can also turn off Safe mode and resume normal Active Roles operation.

Getting started

You can enable Safe mode from the Active Roles Management Shell.

To enable or disable Safe mode

  1. On the computer running the Active Roles Administration Service, log in with a user account that has administrator rights on the computer.

    NOTE: You can enable or disable Safe mode only with a user account that has local administrator rights on the computer running Administration Service.

  2. Start the Active Roles Management Shell from the Windows Start menu or the Apps page of the operating system.

  3. To enable safe mode, enter the following commands in the Management Shell command-line interface:

    Set-ARService -SafeModeEnabled $true

    Restart-ARService

  4. To enable safe mode, enter the following commands in the Management Shell command-line interface:

    Set-ARService -SafeModeEnabled $false

    Restart-ARService

Support for AWS Managed Microsoft AD

NOTE: This feature is officially supported starting from Active Roles 8.1.3 SP1 (build 8.1.3.10). It is not supported on Active Roles 8.1.3 (build 8.1.3.2) and earlier versions.

Active Roles supports deployment and configuration in the Amazon cloud to manage AWS Managed Microsoft AD instances hosted via AWS Directory Service.

This allows you to:

  • Perform Active Directory management tasks in your AWS Managed Microsoft AD environment.

  • Synchronize directory data from an on-premises AD environment to AWS Managed Microsoft AD.

  • Synchronize passwords from an on-premises Active Directory to AWS Managed Microsoft AD (with certain limitations).

For more information on configuring Active Roles to manage AWS Managed Microsoft AD environments, see Configuring Active Roles for AWS Managed Microsoft AD in the Active Roles Quick Start Guide or Active Roles Administration Guide documents.

For more information on configuring Active Roles Synchronization Service to synchronize resources to or from AWS Managed Microsoft AD, see Installing and configuring Synchronization Service for use with AWS Managed Microsoft AD in the Active Roles Synchronization Service Administration Guide.

Supported AWS Managed Microsoft AD deployment configuration

To manage AWS Managed Microsoft AD environments, you must deploy Active Roles in Amazon Web Services (AWS) in the following configuration:

  • Active Roles must be deployed on an Amazon Elastic Compute Cloud (EC2) instance or instances. For more information, see the Amazon Elastic Compute Cloud documentation.

  • The SQL Server required by Active Roles Administration Service must run on a separate Amazon Relational Database Service for Microsoft SQL Server (RDS for SQL Server) instance. For more information, see the Amazon RDS documentation.

  • The Active Directory environment must be hosted in AWS via AWS Directory Service. For more information, see the AWS Directory Service documentation.

NOTE: Support for AWS Managed Microsoft AD by Active Roles was tested only in this configuration. Active Roles does not officially support managing AWS Managed Microsoft AD environments in a hybrid deployment, that is, using an on-premises Active Roles and/or SQL Server installation and hosting AD via AWS Directory Service.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating