Chatta subito con l'assistenza
Chat con il supporto

Active Roles 8.2.1 - Feature Guide

Introduction About Active Roles
Main Active Roles features Technical overview of Active Roles
About presentation components Overview of service components About network data sources About security and administration elements About Active Directory security management Customization using ADSI Provider and script policies About dynamic groups About workflows Operation in multi-forest environments
Examples of use
Administrative rules and roles
About Managed Units About Access Templates About Access Rules About rule-based autoprovisioning and deprovisioning
Configuring and administering Active Roles Overview of Active Roles Synchronization Service Support for AWS Managed Microsoft AD FIPS compliance LSA protection support STIG compliance

Finding directory objects

In the Active Roles Console you can search for objects of different types using the Find window. To access the Find window, right-click a container and click Find.

From the In list, you can select the container or Managed Unit you want to search. The list includes the container that you selected before activating the Find window. To add containers to the list, click Browse. From the Find list, you can select the type of the objects you want to find.

When you select an object type, the Find window changes accordingly. For example, Users, Contacts, and Groups searches for users, contacts, or groups using criteria such as user name, a note describing a contact, or the name of a group. In the Find list, Active Roles splits the Users, Contacts, and Groups category into three, providing the option for a more streamlined search.

By selecting Custom Search from the Find list, you can build custom search queries using advanced search options.

Using the Find window, you can search for any directory objects, such as users, groups, computers, Organizational Units, printers or shared folders. It is also possible to search for Active Roles configuration objects such as Access Templates, Managed Units, and Policy Objects. When you search for Access Templates, Policy Objects or Managed Units and select an appropriate object type from the Find list, the relevant container appears in the In list.

Once the search has completed, the objects matching the search criteria (search results) are listed at the bottom of the Find window. You can quickly find an object in the search results list by typing a few characters. This will select the first name that matches what you typed.

Once you have found the object, you can manage it by right-clicking the entry in the search results list, and clicking the applicable commands on the shortcut menu.

About Active Roles Web Interface

The Active RolesWeb Interface is a customizable web application for data administration and provisioning in Active Directory. With the Web Interface, an intranet user (such as a helpdesk agent or a delegated administrator) can connect to Active Roles using a web browser and perform day-to-day administrative tasks, including user management tasks, such as modifying personal data, or adding users to groups.

Web Interface users can perform administrative tasks and view or modify directory data. However, their scope of authority is limited by the rights delegated in Active Roles. A Web Interface user sees only the commands, directory objects, and object properties to which they have administrative access.

Administrators can customize the pages of the Web Interface, and administrators with the proper privileges can also add or remove commands or fields displaying property values.

Key features and benefits

The key features of the Active Roles Web Interface include the following:

  • Single-page lists: All search results are listed on a single page, making it easier to sort, filter, locate and select the objects you want to manage.

  • Enhanced search tools: To further facilitate searches, the Web Interface features a unified toolbar for configuring search conditions and filter conditions. This includes a flexible condition builder, allowing you to choose predefined conditions, configure a wide variety of property-based conditions, or specify complex conditions using LDAP syntax.

  • Pop-up property pages: The pages for creating, viewing or changing objects appear on the top of the object list, allowing you to keep the list visible while selecting and managing individual objects.

  • Views: The Web Interface allows you to create, save and reuse personal views for the various AD and Azure AD containers. Each view is essentially a search query for objects contained in a particular container, and returns the list of objects matching the specified search conditions, with the specified set of list columns and list sorting order.

  • Role-based web pages: Active RolesWeb Interface supports multiple websites on the same intranet, each of them providing a separate, customizable set of menus, commands, and forms. By default, the Web Interface ships with three default pages: the Administrator Site, the Helpdesk Site, and the Self-Service Site.

  • Dynamic role-based configuration: You can dynamically adapt the contents of any Web Interface site to align them to the roles of their Web Interface users. As such, you can make sure that a user can only see the commands, directory objects and object properties to which they have administrative access.

  • Point-and-click customization: Administrators can customize the menus, commands, and pages of a site without writing a single line of code. As such, administrators can easily adapt the sites to any role, such as day-to-day administrators, business data owners, helpdesk operators, or even regular end-users.

  • Active Directory and Azure AD support: Users can administer a wide range of Active Directory and hybrid or cloud-only Azure AD resources, including users, groups, or computers.

  • Managing computer resources: Users can manage the computer resources of your organization, such as printers, shares, services, devices, local users and groups.

  • User Profile Editor: With the proper permissions configured, end-users can manage their personal or emergency data through an easy-to-use profile editor.

  • Enforcing organizational rules: The Web Interface efficiently supplements and restricts user input based on the organizational rules defined with Active Roles. As such, the Web Interface sites display only property values generated according to the rules in effect, and prohibits users to enter values that violate the rules.

  • Single sign-on with integrated Windows authentication: Active RolesWeb Interface supports single sign-on, without requiring users to enter their passwords again once they are logged in and authenticated by the operating system.

  • Localization support: Besides English, the Active RolesWeb Interface supports the following languages:

    • Chinese (Simplified and Traditional)

    • French

    • German

    • Portuguese (Brazilian and European)

    • Spanish

In addition, the Web Interface also provides the following benefits:

  • Individually customizable Web Interface sites, shipping with separate Administrator, Helpdesk, and Self-Service sites by default.

  • User permission-based views for each page.

  • Self-administration support.

  • Attractive design with superior flexibility.

  • Easy navigation with a simple layout and large UI elements, with most UI elements supporting resizing, collapsing or expanding. This allows you to adapt your UI workspace to your needs.

Getting started

To open the Active RolesWeb Interface, you must know:

  • The name of the web server running the Web Interface component.

  • The name of the Web Interface site you want to access.

When configuring the Web Interface, the Administration Service creates the following Web Interface sites by default:

  • ARWebAdmin: The Administration Site, supporting a broad range of administrative tasks.

  • ARWebHelpDesk: The Helpdesk Site, supporting the most common administrative tasks, typically performed by helpdesk personnel in an organization.

  • ARWebSelfService: The Self-Service Site, allowing users to manage their own personal accounts.

To connect to a Web Interface site

  1. In the web browser, enter the URL of the Web Interface site.

    For example, to connect to the default Administration Site, specify the following URL:

    http://<server>/ARWebAdmin

    In the above example, <server> is the name of the web server running the Web Interface.

  2. To connect, press Enter.

About the Web Interface components

The Web Interface UI consists of the following main parts:

  • The Header area at the top of the page, containing the Quick Search bar, the Feedback button, the About button, and the Logout option for your currently logged-in user.

  • The Navigation bar and the Browse pane on the left side. The Navigation bar lets you navigate between the main Web Interface components, while the Browse pane shows the available View and Tree settings.

  • The Object list next to the Browse pane.

  • The Toolbar above the Object list, allowing you to manage the loaded Object list.

  • The Command pane on the right side, containing the available administration actions for the selected object(s).

  • The Summary pane under the list of objects, containing a short summary of data about the selected object(s).

Figure 2: UI Elements

The following sub-sections describe each UI component in more detail.

About the Web Interface Navigation bar

Located on the left side of the Web Interface UI, the Navigation bar provides the first level of navigation for most of the tasks you can perform with the Web Interface. The Navigation bar lists all major Web Interface areas, and provides access to the following pages and features:

  • Home: Opens the Web Interface home page.

  • Directory Management: Allows you to browse and administer the AD and Azure AD objects in your organization.

  • Search: Allows you to search and administer the AD and Azure AD objects in your organization.

  • Customization: Allows you to customize your Web Interface pages.

    NOTE: This option is available for Active Roles Admin users only.

  • Approval: Allows you to perform tasks related to the approval of administrative operations.

  • Settings: Contains your personal settings related to displaying the Web Interface.

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione