サポートと今すぐチャット
サポートとのチャット

Active Roles 8.0.1 LTS - Feature Guide

Introduction Administrative rules and roles Using Active Roles Configuring and administering Active Roles FIPS compliance LSA protection support

Workflows – Initialization scripts

When running a workflow instance, Active Roles uses a single PowerShell operating environment (called "runspace") for all script activities held in that workflow. The workflow runtime engine creates a runspace once the workflow instance started, and maintains the runspace during the run of the workflow instance.

When you configure a workflow, you can specify PowerShell commands you want the workflow runtime engine to initialize immediately after creating the runspace. These commands are part of an initialization script that the workflow engine runs prior to performing the script activities.

With an initialization script, you can define runspace configuration data separately from the logic of other script activities, and you can use it to initialize the environment for initializing script activities. Specifically, you can:

  • Load PowerShell modules and snap-ins. All activity scripts can use the modules and snap-ins loaded in the initialization script without having to load the prerequisite modules or snap-ins on a per-activity basis.

    The modules and snap-ins loaded in the initialization script are available to all script activities at workflow runtime. For example, the Import-Module 'SmbShare' command added to the initialization script makes the Server Message Block (SMB) Share-specific cmdlets available to all script activities within the workflow.

  • Initialize environment-specific variables, referred to as "global variables". All activity scripts can retrieve and update global variables, which makes it possible to exchange data between different activity scripts.

    The global variables are visible to all script activities at workflow runtime. For example, the $rGuid = [Guid]::NewGuid() command added to the initialization script makes the $rGuid variable available to all script activities within the workflow. To reference a variable defined in the initialization script, the activity script must use the $global: qualifier, such as $global:rGuid.

    TIP: If the run of the workflow instance is suspended (for example, because it is waiting for approval), then resumed (for example, after receiving approval), the runspace is reinitialized, so the global variables may change.

    In such cases, if you need to preserve the value of a global variable, add the [Persist()] attribute to the variable name in the initialization script, such as [Persist()]$rGuid = [Guid]::NewGuid(). Global variables defined this way are saved to a persistent storage when the workflow instane is suspended, then restored from the storage when the workflow instance is resumed.

    To save a variable, Active Roles creates and stores an XML-based representation of the object represented by the variable, similarly to the Export-Clixml command in Windows PowerShell. When restoring the variable, Active Roles retrieves the XML data that represents the object, and creates the object based on that data, similarly to the Import-Clixml command.

Getting started

You can create new initialization scripts in the Workflow Designer of the Active Roles Console.

To start creating a new initialization script

  1. In the Active Roles Console, navigate to Configuration > Policies > Workflow.

  2. To open the Workflow Designer, select the workflow you want to configure.

  3. In the details pane, click Workflow options and start conditions > Configure.

  4. To open the initialization script editor, click Initialization script.

The Initialization script tab then displays the currently used script (if it exists). To add a new script or modify the existing one, use the editor.

Workflows – Searching for expiring users

You can use the Search activity in an Active Roles workflow to search directory objects (such as users or groups), that match the criteria you specify with your search terms. Active Roles can then pass the search results to other workflow activities to perform additional actions.

The Search activity also supports searching for user accounts that will expire within the specified amount of time.

Getting started

To search for user accounts that expire within a certain amount of days, use the Search activity of the Workflow Designer in the Active Roles Console.

To search for expiring user accounts with a workflow

  1. In the Active Roles Console, navigate to Configuration > Policies > Workflow.

  2. To open the Workflow Designer, select the workflow you want to configure.

  3. Add a Search activity to the workflow, or right-click an existing one, and select Properties.

  4. To filter the search to user accounts that will expire, select Retrieve only expiring user accounts.

  5. In the dialog that opens, specify the number of days to check. The Search activity will list user accounts that expire within the specified number of days.

Workflows – Sending plain-text notification messages

When configuring an Active Roles workflow, you can set email notification messages for the workflow based on a message template. The template specifies the format and contents of the notification message, including its subject and body.

The notification messages are created (and by default, sent) in HTML format. However, when configuring a Notification or Approval activity, you can also send them in plain-text format. Sending notification messages in plain-text format is useful for integration solutions that use mail flow for data exchange between Active Roles and other solution components in your organization.

Getting started

To configure a plain-text notification message for a Notification or Approval activity, use the Workflow Designer in the Active Roles Console.

To configure plain-text notification messages for a workflow

  1. In the Active Roles Console, navigate to Configuration > Policies > Workflow.

  2. To open the Workflow Designer, select the workflow you want to configure.

  3. Right-click the Notification or Approval activity you want the notification for, or add them to the workflow from the Workflow Designer options.

  4. In the Notification Message page, select Format notification message as plain text.

Using Active Roles

This section summarizes the major user experience features of Active Roles related to the various day-to-day administration operations you can perform with it.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択