This cumulative hotfix for Active Roles 7.4.1 resolves the following issues:
Active Roles Web Interface Previously, when creating a new group in the Active Roles Web Interface, the value for creating an Exchange email address unchecked by default did not gray out the mailNickname and edsaAdminGroup attributes, so they were still included in the request, which caused the groups to be created with a broken Exchange state.
This issue has been fixed and the policy now disables both attributes in the form by default.
When configuring Federated Authentication for the Web Interface, the following error message displayed after a timeout delay (5 minutes by default):
Unable to uniquely identify the user using provided claims. Please contact your Active Roles Administrator.
This issue has been resolved and Federated Authentication now revalidates without error.
Due to a memory leak in O365 Script Execution caused by a Microsoft PostScript call that does not deallocate memory despite a call to release all PSSessions, the Active Roles console (MMC Interface) closed after a few hours with an out-of-memory exception when an Automation Workflow was running a script every 5 minutes. The following line of code caused the issue:
This issue has been resolved and the memory utilization of the Active Roles server is now stable. However, the preferred solution to this issue is to update to Active Roles version 7.4.3 so that the MsOnline module is imported using Modern Authentication.
In addition, this update also contains the hotfixes of the following previously-reported issues.
SignalR is unable to establish a connection with the server using FQDN and the notifications are not working as expected.
In Active Roles service ds.log, errors are logged for Starling Connect policy.
In Active Roles, when PC-to-PC only or Enterprise Voice Telephony option is selected, for the Line URI attribute, a blank value should be allowed during enabling or modifying an account for Skype for Business.
An error You entered an invalid e-mail address is displayed when adding an additional SMTP email address with special characters.
Change history (Get-QARSOperation -OperationID ) displays type as Unknown for Self Service group change operation.
Improved the time of completing the Get-QADGroupMember command-let operation.
Fixed an issue where modifying or updating Exchange Online Properties, such as the Delegate Send As Rights and Full Access permissions removed the Trustees and then added them back.
Previously, when having a New User form with customization and extended controls set, the control value of OnGetEffectivePolicy in the script was not populated. This has been fixed.
NOTE: You must clear the Schema cache of the Active Roles service for this fix to take effect. To clear the cache, follow Solution 3 in the Resolution section of the following Knowledge Base article:
Fixed some discrepancies observed during Tenant information updates.