Active Roles Solutions Overview
One Identity Active Roles is highly configurable to meet different customer requirements. The add-on products available as part of Active Roles Solutions extend the Active Roles native capability to provide extensible solutions to the customer based on their requirement. For example, specific customer scenarios may involve the following:
- Multi-forest design environments.
- Transfer of Active Roles configuration between different environments.
-
Exchange of user, resource, and service provisioning information between SPML-enabled enterprise applications and Active Directory.
- Administration of Skype for Business Server user accounts.
-
Monitoring availability and health of the Active Roles Administration Service and its information store, Active Roles replication status, and availability of the Active Roles Web Interface.
Currently, Active Roles provides the following solutions to support customer requirements in specific environments:
Active Roles solutions are available as part of the Active Roles package. However, the solutions can be installed on your system along with Active Roles based on the specific requirement.
Exchange Resource Forest Management
The Exchange Resource Forest Management (ERFM) feature of Active Roles allows you to automate mailbox provisioning for on-premises users in environments where the mailboxes and the user accounts are managed in different Active Directory (AD) forests. Such multi-forest environments are based on the resource forest model, and mailboxes provisioned in such environments are called linked mailboxes.
Multi-forest AD deployments have higher administrative and support costs. However, they offer the highest level of security isolation between AD objects and the Exchange service. As such, One Identity recommends configuring the resource forest model for use with Active Roles in organizations that:
-
Aim for an extra layer of data security.
-
Frequently experience organizational changes, for example buying companies, or consolidating and breaking off branch companies, departments and other business units.
-
Abide by certain legal or regulatory requirements.
AD deployments following the resource forest model use two types of AD forests:
-
Account forests: These AD forests store the user objects. Organizations can use one or more account forests in the resource forest model.
-
Resource forest: This AD forest contains the Exchange server and stores the mailboxes of the user objects.
For more details on ERFM, see Exchange Resource Forest Management in the Active Roles Feature Guide.
For more information on the prerequisites and configuration of ERFM and linked mailboxes, see Configuring linked mailboxes with Exchange Resource Forest Management in the Active Roles Administration Guide.
Configuration Transfer Wizard Solution
Configuration Transfer Wizard Solution
For large enterprises which implement a complex administrative structure using Active Roles, one of the greatest challenges becomes exporting Active Roles configuration from a test environment to a production environment.
With Active Roles Configuration Transfer Wizard, you can export Active Roles configuration objects (such as Access Templates, Managed Units, Policy Objects, Policy Type objects, etc.) to an XML file and then import them from that file to populate another instance of Active Roles. The export and import operations provide a way to move configuration objects from a test environment to a production environment.
This document provides information on how to install and use Configuration Transfer Wizard.
What's new in version 7.6
What's new in version 7.6
Version 7.6 of Configuration Transfer Wizard adds support for the latest Active Roles version, 7.6. Now you can use Configuration Transfer Wizard to move configuration data between Active Roles instances of version 6.7 or later, including version 7.6.