Introduction
Active Roles simplifies and streamlines creation and ongoing management of user accounts and groups in Windows Active Directory (AD) environments by automating user and group account creation in AD, Azure AD, mailbox creation in Exchange and Exchange Online, group population, and resource assignment in Windows.
It provides strictly enforced security, rich capabilities for automating directory management tasks, change approval and easy-to-use Web interfaces, to achieve practical user and group account management for the Windows enterprise.
This document is for individuals responsible for deploying Active Roles in their organization. It provides step-by-step instructions for preparing the environment and installing the Active Roles components.
Active Roles Components
Active Roles components
Active Roles divides the workload of directory administration into three functional layers: presentation components, service components, and network data sources.
Figure 1: Active Roles Components
The presentation components include client interfaces for the Windows platform and the Web, which allow users with appropriate rights to perform a precisely defined set of administrative activities. Active Roles also includes the reporting solution to generate reports on the administrative activities.
The service components constitute a secure layer between administrators and managed data sources. It ensures consistent policy enforcement, provides automation capabilities, and enables the integration of business processes for administration of Active Directory, Exchange and other corporate data sources.
The main component of Active Roles is the Administration Service—a powerful rules-based proxy for the management of network data sources. The Administration Service features advanced delegation capabilities and provides the ability to enforce administrative policies that keep data current and accurate. The Administration Service acts as a bridge between the presentation components and network data sources. In large networks, multiple instances of the Administration Services can be deployed to improve performance and ensure fault tolerance.
The Administration Service uses the configuration database to store configuration data that includes definitions of objects specific to Active Roles, assignments of administrative roles and policies, and procedures used to enforce policies.
The Administration Service provides a complete audit trail by creating records in the Active Roles event log. The log shows all actions performed and by whom, including actions that were not permitted. The log entries display the success or failure of each action, as well as which attributes were changed while managing objects in data sources.
Active Roles Setup package
The Active Roles distribution Media folder constitutes the following:
- ActiveRoles.exe
- Components
- Documentation
- Redistributables
- Solutions
- Active Roles Release Notes
Active Roles installation
The Active Roles distribution Media folder contains the executable file and installers for the default and additional components that enable you to install Active Roles and its components on your computer.
To install Active Roles and its components
- Ensure that all the pre-requisites to install Active Roles and the components are met on the system where you plan to install the product. For information on the hardware and software requirements for each component, see the System Requirements section in the Active Roles Release Notes.
- Navigate to the location of the Active Roles distribution package, double-click ActiveRoles.exe and start the Setup wizard.
- Follow the instructions in the Setup wizard.
Based on the components selected, the Administration Service, Configuration Center, Web Interface, Management Shell, MMC Console, and ADSI Provider are installed on the system.
Alternatively, you can also download the installer file and install individual components manually from the respective component folder.
- Configure the Administration Service and other installed components.
NOTE: The Administration Service must be configured and running to configure and start any other Active Roles components.
For information on installing and configuring the Administration Service see Deploying the Administration Servicesection.
For information on installing and configuring the user interfaces see the Deploying user interfaces section.
- In addition to Active Roles default components, you can install and configure the following additional solutions components provided by Active Roles:
- Add-in for Outlook
- Add-on Manager
- Collector and Report Pack
- Configuration Transfer Wizard
- Diagnostic Tools
- Management Pack for SCOM
- SPML Provider
- Sync Service Capture Agent
For information on installing and configuring the additional solutions components, see Installing additional components.
|
|
NOTE:For more information on extending the Active Roles provisioning and account administration capabilities to your cloud applications, click Learn More in the Setup Progress window. |