Chat now with support
Chat mit Support

Active Roles 8.2.1 - Feature Guide

Introduction About Active Roles
Main Active Roles features Technical overview of Active Roles
About presentation components Overview of service components About network data sources About security and administration elements About Active Directory security management Customization using ADSI Provider and script policies About dynamic groups About workflows Operation in multi-forest environments
Examples of use
Administrative rules and roles
About Managed Units About Access Templates About Access Rules About rule-based autoprovisioning and deprovisioning
Configuring and administering Active Roles Overview of Active Roles Synchronization Service Support for AWS Managed Microsoft AD FIPS compliance LSA protection support STIG compliance

About attribute synchronization rules

Synchronization Service allows you to create and configure synchronization rules to generate values for target object attributes. These rules support three synchronization types:

  • Direct synchronization: Assigns the value of a source object attribute to the target object attribute you specify.

  • Script-based synchronization: Uses your custom Windows PowerShell script to generate the target object attribute value.

  • Rule-based synchronization: Uses your custom synchronization rules to generate the target object attribute value you want.

About rule-based generation of Distinguished Names

Synchronization Service provides flexible rules for generating the Distinguished Names (DNs) for the created objects. These DN generation rules allow you to ensure that the created objects are named in full compliance with the naming conventions existing in your organization.

About synchronization scheduling

To meet your organizational policies and save both time and effort, you can schedule and automate the configured data synchronization tasks with Synchronization Service.

About extensive data system support

To access external data systems, Synchronization Service uses so-called "connectors", enabling Synchronization Service to read and synchronize identity data from the specific data systems.

Active Roles Synchronization Service can connect to the following data systems:

  • Data sources accessible via an OLE DB provider.

  • Delimited text files.

  • IBM AS/400, IBM Db2, and IBM RACF systems.

  • LDAP directory service.

  • Micro Focus NetIQ Directory systems.

  • The following Microsoft services and resources:

    • Active Directory Domain Services (AD DS) with the domain or forest functional level of Windows Server 2016 or higher.

    • Active Directory Lightweight Directory Services (AD LDS) running on any Windows Server operating system supported by Microsoft.

    • Azure Active Directory (Azure AD) using Microsoft Graph API version 1.0.

    • Exchange Online services.

    • Exchange Server with the following versions:

      • Microsoft Exchange Server 2019

      • Microsoft Exchange Server 2016

    • Lync Server version 2013 with limited support.

    • SharePoint 2019, 2016, or 2013.

    • SharePoint Online service.

    • Skype for Business 2019, 2016 or 2015.

    • Skype for Business Online service.

    • SQL Server, any version supported by Microsoft.

  • One Identity Active Roles version 7.4.3, 7.4.1, 7.3, 7.2, 7.1, 7.0, and 6.9.

  • One Identity Manager version 8.0 and 7.0 (D1IM 7.0).

  • OpenLDAP directory service.

  • Oracle Database, Oracle Database User Accounts, and Oracle Unified Directory data systems.

  • MySQL databases.

  • Salesforce systems.

  • SCIM-based data systems.

  • ServiceNow systems.

For more information on using these connectors, see External data systems supported with built-in connectors in the Active Roles Synchronization Service Administration Guide.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen