Active Roles Configuration Shell
The ActiveRolesConfiguration module (also known as the "Configuration Shell") provides cmdlets for configuring Active Roles Administration Service instances and Web Interface sites. The names of the cmdlets provided by this module start with the AR prefix, such as New-ARDatabase, New-ARService, or New-ARWebSite.
NOTE: Consider the following when planning to use the ActiveRolesConfiguration module:
-
This module is available on 64-bit operating systems only.
-
You can only install this module on computers where the Administration Service or Web Interface modules are also installed. Otherwise, the module will not provide all cmdlets.
The following table lists the cmdlets of the Configuration Shell.
Table 6: Configuration Shell Cmdlets
|
Get-ARComponentStatus |
Returns the installation and configuration status of the Active Roles components. |
|
New-ARDatabase |
Creates a new Active Roles database. |
|
Import-ARDatabase |
Transfers Active Roles configuration data or management history data from one database to another. |
|
Backup-AREncryptionKey |
Backs up the current encryption key of the configuration database in the local Administration Service instance into a file. |
|
Restore-AREncryptionKey |
Restores the configuration database encryption key from a backup file to the local Administration Service instance. |
|
Reset-AREncryptionKey |
Creates a new encryption key for the configuration database in the local Administration Service instance. |
|
New-ARService |
Creates the Active Roles Administration Service instance on the local computer. |
|
Get-ARService |
Gets the status of the Active Roles Administration Service instance from the local computer. |
|
Set-ARService |
Modifies the Active Roles Administration Service instance on the local computer. |
|
Start-ARService |
Starts the Active Roles Administration Service instance on the local computer. |
|
Stop-ARService |
Stops the Active Roles Administration Service instance on the local computer. |
|
Restart-ARService |
Stops and starts the Active Roles Administration Service instance on the local computer. |
|
Remove-ARService |
Deletes the Active Roles Administration Service instance from the local computer. |
|
Test-ARServiceDatabaseSettings |
Verifies whether the specified Active Roles database settings would cause Management History issues due to setting separate Configuration and Management History databases. |
|
Get-ARServiceStatus |
Gets the Active Roles Administration Service status information from the local computer. |
|
Get-ARVersion |
Gets the version of the local Active Roles installation. |
|
New-ARWebSite |
Creates a new Active Roles Web Interface site. |
|
Get-ARWebSite |
Gets the Active Roles Web Interface sites from the web server. |
|
Set-ARWebSite |
Modifies the specified Active Roles Web Interface site on the web server. |
|
Remove-ARWebSite |
Deletes the specified Active Roles Web Interface site from the web server. |
|
Get-ARWebSiteConfig |
Gets Web Interface site configuration objects from the Active Roles Administration Service. |
|
Export-ARWebSiteConfig |
Exports the specified Web Interface site configuration to a file. |
Using the System Checker
You can start the System Checker by running the Active Roles System Checker application from the Start menu or Apps page, depending upon your version of the Windows operating system.
From the System Checker main window, you can perform the following tasks:
-
To check your computer, click System Readiness Checks, then select the appropriate Active Roles version for which to perform the checks.
-
To check a particular SQL Server instance, click SQL Server Checks and specify the SQL Server instance to check. You can also specify the authentication method and connection credentials for access to the SQL Server instance.
-
To check a particular Active Directory domain or a particular Domain Controller (DC), click Active Directory Checks and specify the name of the domain or the name of the DC. You can also specify connection credentials for access to the domain or DC.
System Checker then creates a report of the selected action, and displays it in its report viewer. Reports are divided into sections, each of which represents the results of a single check. If a report section includes any errors or warning messages, you can view the messages by expanding the section in the report viewer.
The report viewer also allows you to:
-
Print the report.
-
Export the report to an HTML file, so that you can open the report in a web browser later.
-
Save the report to a report file, so that you can open the saved report in the report viewer later.
-
Open a saved report by clicking Open in the main menu of System Checker, and selecting the report file.
-
Rebuild the report, and optionally also changing the report options.
To rebuild the report, click Recheck on the toolbar of the report viewer.
Active Roles Log Viewer
The Active Roles Log Viewer tool allows you to browse and analyze:
-
Diagnostic log files created by the Active Roles Administration Service.
-
Event log files created by saving the Active Roles event logs in the Windows Event Viewer on the computer running the Administration Service.
The Log Viewer tool can help you to:
-
Check the sequence or hierarchy of requests processed by the Administration Service.
-
Identify error conditions that the Administration Service encountered during request processing.
-
Find Knowledge Base (KB) Articles for specific log messages and errors.
You can open Active Roles diagnostic log files (ds.log) or saved event log files (*.evtx) with the Log Viewer tool, allowing you to check:
-
The errors encountered by the Administration Service and recorded in the log file.
-
Requests processed by the Administration Service and traced in the log file.
-
All trace records found in the diagnostic log file.
-
All events found in the event log file.
When you select an error from the list, you can also look for applicable One Identity KB Articles to learn more about the log entry or troubleshoot selected errors.
In addition, the Active Roles Log Viewer tool also allows you to:
-
Search in the loaded log file for a particular text string, such as an error message.
-
Filter the list by various conditions to narrow the listed items to those you are actually interested in.
-
View detailed information about each list item, such as error details, request details or stack trace.
Getting started
To start using Active Roles Log Viewer, see the following resources:
-
For more information on how to install Active Roles Log Viewer, see Steps to install Diagnostic Tools in the Active Roles Quick Start Guide.
-
For more information on using Active Roles Log Viewer, see Using the Log Viewer tool in the Active Roles Administration Guide.
Voluntary threshold for managed object count
By default, Active Roles does not limit the number of managed objects you can manage. However, as the license fee is based on the managed object count, you may need to verify that the object count stays under a certain threshold. To do so, you must specify a threshold value for the number of managed objects.
Once you configure this voluntary threshold, the scheduled task that counts the managed objects will raise an alert whenever it detects that the current number of managed objects exceeds the configured threshold value. Active Roles will indicate this alert in the Product Usage Statistics page of the Active Roles Console, and can also send a notification over email.
Getting started
For more information on how to configure the threshold, see Voluntary thresholds for the managed object count in the Active Roles Administration Guide.
