Support for Azure AD Graph 1.6 for Active Roles Synchronization Services
Active Roles Synchronization Service now supports Directory schema extensions for Azure Graph API version 1.6. This enables you to view and select the extension attributes registered in the Azure subscription while selecting the attributes of an Azure object to perform the various CRUD activities.
Active Roles now allows you to administer group Managed Service Accounts. Introduced in Windows Server 2012, group Managed Service Account (gMSA) is a domain security principal whose password is managed by Windows Server 2012 domain controllers and can be retrieved by multiple systems running Windows Server 2012. Having Windows services use gMSA as their logon account minimizes the administrative overhead by enabling Windows to handle password management for service accounts. Group Managed Service Accounts provide the same functionality as Managed Service Accounts introduced in Windows Server 2008 R2 and extend that functionality over multiple servers.
NOTE: Exchange operations cannot be performed on the on-premises Exchange Server environment using the gMSA account. For example, Remote mailbox, User mailbox, or Contact.
Active Roles supports usage of Group Managed Service Account as Active Roles Service Account. For more information about using gMSA as a service account, see Configuring gMSA as an Active Roles Service account in the Active Roles Administration Guide.
Active Roles allows you to perform operations on bulk attributes for multiple users at a time. The Web interface provides you the Update object attributes to perform bulk operations on selected attributes for multiple Active Roles users.
Active Roles allows you to perform password reset operation for multiple users at a time as part of the batch operations using the Web interface.