Active Roles (formerly known as ActiveRoles®) simplifies and streamlines creation and ongoing management of user accounts, groups, and contacts in Windows Active Directory (AD) and Azure Active Directory environments.
Active roles automates:
It provides strictly enforced security, rich capabilities for automating directory management tasks, change approval and easy-to-use Web interfaces, to achieve practical user and group account management for the Windows enterprise.
Active Roles also facilitates administration and provisioning for Active Directory, Exchange, and Azure Active Directory (Azure AD) in a hybrid environment.
Active Roles supports connecting to One Identity Starling and accessing Starling Services such as Two-factor Authentication, Starling Connect, and Identity Analytics and Risk Intelligence.
Key new features
The new release of Active Roles extends and enhances the capabilities of the product with the following changes.
Major new features in Active Roles Version 7.5:
Major new features in Active Roles Version 7.4.5:
Major new features in Active Roles Version 7.4.4:
- Support for Azure SQL database.
- Support for cloud-only Azure objects (Azure Users, Azure Guest Users, Azure Contacts).
Major new features in Active Roles Version 7.4.3:
- Support for multiple Azure tenants.
- Support for Modern Authentication.
Major new features in Active Roles Version 7.4.1:
Major enhancements Active Roles Version 7.4:
New built-in workflow and script added for the following
Edit or update exchange or extension properties of the Master account even in the absence of the corresponding shadow account in the Exchange Forest.
Automate the process of copying the database users, permissions, SQL logins, and roles from the old SQL database to a new database during the in-place upgrade and import database.
In Active Roles, the Fine-Grained policy takes precedence over Domain policy in evaluating the User account and password information. The User account information and Account Policies are displayed based on the Fine-Grained policy applied on the container.
Auto-shrink option can be customized for new Active Roles database (configuration and management history) during the configuration of Active Roles.
In ERFM policy, the substitute attribute, mail can now be used optionally instead of using it as a hard-coded attribute.
Support for new connectors through Synchronization Service. For more information, refer Enhancements.
Supports installation of Synchronization Service Management Shell component individually via command prompt. For more details refer How to install Synchronization Service Management Shell in Synchronization Service Admin Guide
Builtin Azure policy is enhanced with the additional provisioning of the attribute edsvaAzureOffice365Enabled.
Support for Modern Authentication while communicating with Exchange Online from Active Roles service.
Optimized policy evaluation for license management, Office 365 roles management.
Support for the multiSubnetFailOver feature of MS SQL Server to maximize internal availability.
Support for the Security Identity Mappings functionality as available in Active Directory Users and Computers (ADUC) Snap-in.
Workflow enhancements that enable you to add Azure or Office 365 modules in PowerShell and run the Office 365 services such as Skype for Business, Azure AD, Azure RM, AZ, and Sharepoint Powershell scripts within existing Active Roles workflows.
Restrict MMC interface access to users, by enabling the MMC Interface access settings using the Configuration Center. By default, on installing Active Roles, all users are enabled to log in to the MMC interface. You can now enable the MMC interface access setting to restrict users from accessing the MMC interface.
Enhancement of SPML operation to get ObjectSid to retrieve the value in the SID format along with the base64Binary format.
- Creation of OneDrive for Azure AD users using OneDrive Provisioning Policy.
Configuring secure communication for Active Roles Web Interface using Force SSL Redirection.
- Support to modify the following Exchange Online properties in Synchronized Identity and Federated environments using the Active Roles Web interface:
Mail Flow Settings properties: Message Size Restrictions and Delivery Options
Mailbox Feature properties: Exchange ActiveSync, Outlook Web App, MAPI, IMAP, POP3, and Archive
Delegation: Send As, Full Access
Mail Settings: Messaging records Management
- Creation of Remote Mailbox for hybrid users
Additional Hybrid Directory features
Active Roles supports the following additional features for hybrid directory support:
Office 365 Group CRUD activities
Active Roles provides the facility to perform administrative tasks such as create, read, update, and delete groups in Office 365 through the web interface. You can also perform other operations such as add and remove members to Office 365 groups. Some of the group operations can be performed using the Management Shell in addition to the web interface. For more information on managing Office 365 groups using the Active Roles web interface and Management Shell, see the following sections in the latest Active Roles Administration Guide.
- Office 365 Group management tasks using the Web interface
- Office 365 Group management tasks using Management Shell interface