Chatee ahora con Soporte
Chat con el soporte

Active Roles 8.0.1 LTS - How-to Guide

Changes to Setup and Installation

Active Roles introduces the following changes to Setup and Installation:

Unified Setup Wizard
Table 1: Changes to Unified Setup wizard
Version 6.9 and earlier Version 7.3 or later
Numerous MSI files Single ActiveRoles.EXE
The components must be installed in the correct order.  
Silent Install

The Active Roles installer, Setup.exe has command-line options for a silent installation. For more details, refer to KB 185799

Example:

Setup.exe /quiet /install ADDLOCAL=Service,Console /IAcceptActiveRolesLicenseTerms

Configuration Center

The Configuration Center unifies management of core configuration for the Active Roles Administration Service and Web Interface, which allows administrators to perform the core configuration tasks from a single location.

Highlights include:

  • Initial configuration tasks such as creation of Administration Service instances and default Web Interface sites.
  • Import of configuration and management history from earlier Active Roles versions.
  • Management of core Administration Service settings, such as the Active Roles Admin account, service account, and database connection.
  • Creation of Web Interface sites based on site configuration objects of the current Active Roles version or site configuration objects imported from earlier Active Roles versions.
  • Management of core Web Interface site settings, such as the site’s address on the Web server and configuration object on the Administration Service.
  • Scriptable Configuration Center operations using Windows PowerShell command-line tools provided by the Active Roles Management Shell.

The following two methods are available for configuring the Active Roles instance:

  • Graphical User Interface (Active Roles Configuration Center)
  • PowerShell (Active Roles Management Shell)
Management Shell Integration

The Active Roles Management Shell, which provides Windows PowerShell based command-line tools (cmdlets) for executing and automating administrative tasks in Active Roles, is a part of the Management Tools component included in the Active Roles Setup.

Modules:

  • ActiveRolesManagementShell
  • ActiveRolesConfiguration

ActiveRolesManagementShell

  • Provides cmdlets for managing users, group, computers, and other objects in Active Directory via Active Roles; managing digital certificates; and administering certain Active Roles objects.
  • Cmdlets are prefixed with QAD or QARS, such as New-QADUser, Add-QADCertificate, or New-QARSAccessTemplateLink.

ActiveRolesConfiguration

  • Provides cmdlets for configuring Active Roles Administration Service instances and Web Interface sites.
  • Available on 64-bit (x64) systems only. It requires the Active Roles Administration Service or Web Interface to be installed; otherwise, the module does not provide all cmdlets.
  • The cmdlets provided in this module have their noun prefixed with AR, such as New-ARDatabase, New-ARService, or New-ARWebSite.

Changes to System requirements

For the Microsoft operating systems, products (such as SQL Server or Exchange Server), and web browsers supported by Active Roles 8.0.1, see System requirements in the Active Roles Release Notes.

System Requirements

For the complete system requirements, please refer the latest Active Roles Release Notes. The following are the important system requirements for Active Roles installation:

  • Operating Systems Supported for Active Roles installation: Microsoft Windows 2008 R2 and later, including 2019
  • SQL Server requirements: Microsoft SQL 2012 through SQL 2019

  • Microsoft .NET Framework: .NET 4.7.2
  • Other software required for Active Roles may be installed from the Redistributables folder on the installation media.
Resource Usage

The sizing of disk space and the SQL database capacities are best planned out by using the Resource Usage Calculator, which is found in the Documentation folder on the installation disk or image.

The Resource Usage Calculator is included with the installation media and can be found under:

Documentation\ ActiveRoles_7.4_ResourceUsageCalc.xls

For more information on the system requirements, please see the Pre-Installation and Upgrade section for the Active Roles Diagnostic and System Readiness Checker tools.

Ports Used by Active Roles

If the environment managed by Active Roles is located behind a firewall, then the following ports must be open between Active Roles Administration Service and the managed environment:

Access to DNS Servers
  • Port 53 TCP/UDP Inbound/Outbound
Access to domain controllers
  • Port 88 (Kerberos) TCP/UDP Inbound/Outbound
  • Port 135 (RPC endpoint mapper) TCP Inbound/Outbound
  • Port 139 (SMB/CIFS) TCP Inbound/Outbound
  • Port 445 (SMB/CIFS) TCP Inbound/Outbound
  • Port 389 (LDAP) TCP/UDP Outbound
  • Port 636 (LDAP SSL) TCP Outbound
  • Port 3268 (Global Catalog LDAP) TCP Outbound

This port is required if Active Roles is configured to access the domain by using SSL.

  • Port 3269 (Global Catalog LDAP SSL) TCP Outbound

This port is required if Active Roles is configured to access the domain by using SSL.

  • The TCP port allocated by RPC endpoint mapper for communication with the domain controller

Active Directory domain controllers can be configured to use specific port numbers for RPC communication. For instructions, see http://support.microsoft.com/kb/224196.

Access to Exchange servers
  • Port 135 (RPC endpoint mapper) TCP Inbound/Outbound
  • The TCP port allocated by RPC endpoint mapper for communication with the Exchange server

Exchange servers can be configured to use specific port numbers for RPC communication. For instructions, see http://support.microsoft.com/kb/270836.

Computer resource management
  • Port 139 (SMB/CIFS on the managed computers) TCP Inbound/Outbound
  • Port 445 (SMB/CIFS on the managed computers) TCP Inbound/Outbound
Computer restart
  • Port 139 (SMB/CIFS on the managed computers) TCP Inbound/Outbound
  • Port 137 (WINS) UDP Outbound
  • Port 138 (NetBIOS datagrams) UDP Outbound
Home folder provisioning and deprovisioning
  • Port 139 (SMB/CIFS on the servers that host home folders) TCP Inbound/Outbound
  • Port 445 (SMB/CIFS on the servers that host home folders) TCP Inbound/Outbound
Access to SMTP server for e-mail integration
  • Port 25 (Default SMTP port) TCP Outbound

Active Roles uses SMTP port 25 by default. The default port number can be changed in the properties of the Mail Configuration object in the Active Roles console. If Mail Configuration specifies a different port, open that port rather than port 25.

Access to AD LDS instances
  • The TCP port specified when registering the AD LDS instance with Active Roles
Access to SQL Server

If SQL Server that hosts the Active Roles database is located behind the firewall, open the following ports between Active Roles Administration Service and SQL Server:

  • Port 1433 (Default SQL Server instance) TCP Inbound/Outbound

Open this port if the Active Roles database is on the default instance of SQL Server. If a different port is assigned to the default instance, open that port rather than port 1433.

  • Port 1434 (SQL Server Browser service) UDP Inbound/Outbound

Open this port if the Active Roles database is on a named instance of SQL Server. In this case Active Roles uses UDP port 1434 to determine the port assigned to the named instance, open port 1434 along with the TCP port assigned to the named instance.

Access to Active Roles Administration Service

If a firewall is required between Active Roles clients, such as MMC Interface, Web Interface, ADSI Provider or Management Shell, and Active Roles Administration Service, open the following ports in the firewall:

  • Port 15172 TCP Inbound/Outbound
Access to Web Interface

If the Active Roles Web Interface will be accessed through a firewall, open the following ports:

  • Port 80 (Default HTTP) TCP Inbound/Outbound
  • Port 443 (Default HTTPS) TCP Inbound/Outbound

The Web Interface normally runs over port 80, or over port 443 if SSL is enabled (off by default).

Synchronization Service

The Synchronization Service requires the following port to be open:

  • Port 15173 TCP Outbound

The Capture Agent requires this port to be open (on the Domain Controller):

  • Port 7148 TCP Inbound
Documentos relacionados

The document was helpful.

Seleccionar calificación

I easily found the information I needed.

Seleccionar calificación