Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Active Roles 8.1.1 - How-to Guide

Upgrade Steps

For an upgrade demonstration, please refer to the following knowledge base article:

https://support.oneidentity.com/kb/226332

To upgrade Synchronization Service

  1. Install Synchronization Service on the computer running Quick Connect or on a different host.
  2. Configure Synchronization Service to use a new database for storing configuration settings and synchronization data. To perform this step, use the Configuration Wizard that appears when the Synchronization Service Administration Console starts for the first time after installation.
  3. Import configuration settings from Quick Connect to Synchronization Service.

    NOTE: Before proceeding with this step, it is highly recommended to disable the scheduled workflows and mapping operations in Quick Connect. The scheduled workflows and mapping operations may be started after this step is completed.

    To import configuration settings:

    1. On the computer where the Synchronization Service is installed, start the Synchronization Service Administration Console.
    2. In the upper right corner of the Administration Console window, click the gear icon, and then click Import Configuration.
    3. In the wizard that appears, select the correct version of Quick Connect Sync Engine from which to import the configuration settings. Optionally, the Import sync history check box may be selected to import the sync history along with the configuration settings.
    4. Follow the steps in the wizard to complete the import operation. If the synchronization data to be imported is stored separately from the configuration settings, then, on the Specify source SQL Server databases step, select the Import sync data from the specified database check box, and specify the database.

  1. Retype access passwords in the connections that were imported from Quick Connect.

    This is required due to security reasons. The import of configuration settings does not retrieve the encrypted passwords from Quick Connect. Use the Synchronization Service Administration Console to make changes to each connection as appropriate, depending upon the data system to which the connection applies.

  1. If the synchronization workflows involve synchronization of passwords, install the new version of Capture Agent on the domain controllers.

    The new version of Capture Agent replaces the old version. However, as the new version supports both Synchronization Service and Quick Connect, the password synchronization functions of Quick Connect will not be lost after the Capture Agent is updated.

Communication Ports

Table 2: Communication ports

Port

Protocol

Type of traffic

Direction of traffic

53 TCP/UDP DNS Inbound, Outbound
88 TCP/UDP Kerberos Inbound, Outbound
135 TCP RPC Endpoint mapper Inbound, Outbound
139 TCP SMB/CIFS Inbound, Outbound
445 TCP SMB/CIFS Inbound, Outbound
389 TCP/UDP LDAP

Outbound

3268

TCP

LDAP

Outbound

3269

TCP

SSL (only required if SSL is used to connect to AD)

Outbound

636

TCP

SSL

Outbound

15173

TCP

Synchronization Service

Inbound, Outbound

7148 TCP Capture Agent (only if Synchronization Service is used to sync passwords to AD) Inbound, Outbound

For further information regarding Synchronization Service, refer the latest Active Roles Synchronization Service Administrator Guide included with the Active Roles installation media.

Reports

Reporting is an optional component of Active Roles. To use Active Roles reports, the following components are required:

  • Microsoft SQL Server Reporting Services (SSRS) must be installed and configured.

    NOTE: If the SQL Server service and SRSS are on different hosts, a “Double-Hop” authentication issue may occur. For more information, see the knowledge base article, https://support.oneidentity.com/kb/69693.

  • The Active Roles service account must have sufficient permissions to create and write to a database on the SQL Server.

    NOTE: The database cannot be pre-created, and must be created by Active Roles.

  • The Active Roles service account must have sufficient permission to publish reports on the SRS server.

    NOTE: Quest Knowledge Portal is no longer included with Active Roles 7.x. To view reports, use the native SQL Server Report URL.

How to configure reports

Please refer to Video Solution 156240, which demonstrates how to configure Reports in Active Roles:

https://support.oneidentity.com/kb/156240

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation