지금 지원 담당자와 채팅
지원 담당자와 채팅

Active Roles 8.1.1 - Release Notes

Resolved issues

The following is a list of issues addressed in this release.

Table 3: Active Roles Configuration Transfer Wizard resolved issues
Resolved Issue Issue ID

Previously, the Active Roles Configuration Transfer Wizard could not be installed, even if the required Active Roles ADSI Provider was installed.

This issue was caused by a version checking problem, and is now fixed.

389286
Table 4: Active Roles Service resolved issues
Resolved Issue Issue ID
Improved the Active Roles Service to reduce potential memory leak issues after changing Azure tenants. 367188
Table 5: Add-in for Outlook resolved issues
Resolved Issue Issue ID

Previously, attempting to install Active Roles Add-in for Outlook for Microsoft Outlook versions newer than Outlook 2007 could fail with the following error message:

This product requires the following software: Microsoft Office Outlook 2007 or later.

This issue is now fixed, and the installer can properly detect all newer Microsoft Office Outlook versions.

283442

Table 6: Configuration Center resolved issues
Resolved Issue Issue ID

Previously, it could occur that when adding a new Azure tenant for Active Roles, the configured tenant was added to the Active Roles database but did not appear in the Configuration Center.

This issue is now fixed.

326042

Previously, when clicking Azure AD Configuration > Remove Azure Application to delete an Azure application that had already been deleted in the Azure Portal, the Configuration Center displayed a misleading warning.

This issue was fixed by updating the instructions and notices of the Remove Azure Application confirmation page, so that it accurately shows the typical use cases and risks of deleting an Active Roles Azure application.

142303

Table 7: Console (MMC Interface) resolved issues
Resolved Issue Issue ID

Previously, in certain environments, Dynamic Groups may not have been updated in time when adding a new rule or forcing a rebuild. Also, in case of more than 1000 changes, the changes were not processed until the nightly scheduled task.

To solve this problem, Active Roles 8.1.1 features a rebuilt Dynamic Group logic that removes the 1000 group member limit for normal group membership changes, and also ensures that changes are now always processed immediately.

405859

Previously, after creating a hybrid Azure user and assigning licenses to it in the Web Interface, its edsaAzureSubscribedSkus property in the Advanced Properties window of the Active Roles Console could appear empty, not showing the assigned licenses.

This issue is now fixed, and the edsaAzureSubscribedSkus property is populated correctly.

315810

Previously, when the cross-domain membership policy was enabled for dynamic groups, it could occur that the membership of Group Families was updated incorrectly.

This issue was fixed by enabling Group Family updates permanently.

297705

Table 8: Management Shell resolved issues
Resolved Issue Issue ID

Previously, creating an Exchange mailbox for a user that does not have a mailbox with the edsaCreateMsExchMailbox"=$true command resulted in the following error:

Set-QADUser : Administrative Policy returned an error.

This issue is now fixed, and mailbox creation is completed without errors.

322998

Previously, after an in-place upgrade, the product version shown in the title bar of the Management Shell did not update to the new version. This issue is now fixed.

314299

Previously, the following Microsoft 365 Group cmdlets worked incorrectly in the Active Roles Management Shell, typically running with no results:

  • Add-QADO365GroupMember

  • Get-QADO365Group

  • Get-QADO365GroupMember

  • New-QADO365Group

  • Remove-QADO365Group

  • Remove-QADO365GroupMember

  • Set-QADO365Group

The issue is now fixed, and all M365 Group cmdlets work as expected.

116151

Table 9: Synchronization Service resolved issues
Resolved Issue Issue ID

Previously, reconfiguring Azure BackSync in the Synchronization Service Console after performing an in-place upgrade caused workflows with automatically created connectors to break. During the reconfiguration of Azure BackSync, both the workflows and the automatically generated connectors were assigned new IDs, but the BackSync configuration used the old IDs.

The issue is now fixed.

392777

Previously, when configuring a sync workflow between Active Roles and Azure AD, the Synchronization Service indicated the Name attribute of the synchronized Azure AD object to be changed to an identification string instead of its actual value, even if it was not modified.

This issue occurred when the value of the Azure object DisplayName attribute was missing, and was fixed by adding DisplayName as a mandatory attribute to the Azure AD Connector.

322276

Previously, the Synchronization Service Capture Agent recorded and processed password change events for computer accounts.

This behavior was changed so that the Capture Agent no longer logs and forwards password change events for computer accounts to the Synchronization Service.

307297

Previously, the SCIM Connector did not support synchronizing data from WorkdayHR via Starling Connect.

This issue was fixed by updating the WorkdayHR schema.

294258

Previously, if the Synchronization Service lost connection to the configured database, it never attempted to re-establish connection until restarting the service. Instead, launching the Synchronization Service Console resulted in the following error message, even if the database came back online in the meantime:

Synchronization Service requires a configured database.
Configure a database, and then try again.

This issue was fixed by modifying the Synchronization Service so that it checks the availability of the database once every minute.

275479

Table 10: Web Interface resolved issues
Resolved Issue Issue ID

Previously, searching for Azure objects took approximately 15-20 seconds.

The issue has been resolved by modifying the Microsoft graph API pagination to reduce network traffic, and as a result, searching for Azure objects is now significantly faster.

389314

Previously, using a personal view to open an Organizational Unit (OU) whose name contained special characters resulted in a Directory object not found error.

This issue was caused by Active Roles removing these special characters from the OU name when saving the configured personal view, and it is now fixed.

322727

Previously, when using the Customization > Directory Objects > Customize Navigation Bar > General option of the Web Interface to open the Item Properties of the Reload button or the Restore Default button, clicking OK to close the dialog without any changes and reloading the configuration resulted in the changed Reload or Restore Default button no longer working.

This issue occurred because Active Roles was unable to get the target URL of these buttons, resulting in the Item Properties > URL to open field appearing empty in the Web Interface. If this field was left empty, clicking OK in the dialog to save the button settings broke the button.

To fix the issue, the Web Interface now sends a pop-up alert to inform users that the URL to open field cannot be left empty.

322689

Previously, performing an Undo Deprovision action on a deprovisioned user from the Member Of page could result in a Directory object not found error.

This issue is now fixed.

322063

Previously, in a multi-tenant environment, the domain selection drop-down lists (for example, in the Create Azure User > Create Azure Account > User Principal Name setting) of the Web Interface only listed the domains of the first Azure tenant.

This issue is now fixed.

311702

Previously, when using a virtual attribute for cloud-only Azure users, guest users, M365 groups or security groups, the value you specified for the virtual attribute did not appear on the Web Interface.

This issue occurred because of incorrect virtual attribute handling, and it is now fixed.

310538

Previously, if the EnableAntiForgery and EnableRequestValidation settings of the IIS Manager were enabled, downloading the certificates of a user via the General Properties > Published Certificates page of the Web Interface silently failed with an Invalid request error.

This issue was due to an internal error, and it is now fixed.

306210

Previously, selecting an AD LDS (ADAM) user in the Web Interface failed to load the context menu listing the available administration actions for the selected user.

This issue is now fixed, and the list of available actions appears properly.

304001

Previously, when using a custom script to generate user names in the New User page, the fields of the User logon name setting were slightly misaligned.

This issue was fixed by modifying the CSS formatting of the affected setting.

301150

Previously, when checking the Change history or User activity of an on-premises user that had non-standard ASCII characters in its name, clicking Next page resulted in errors on Page 2.

This issue was caused by incorrect encoding that was changed during page load, and it is now fixed.

291185

Previously, when searching for an existing hybrid user, the search results listed both the on-premises hybrid user and the cloud Azure user account of the user from the cloud-only Azure user container.

This issue was fixed by modifying the search method to filter out the Azure user profile, ensuring that only the on-premises user account appears in the search results.

288570

Previously, when using a policy based on a Script Module that used the onGetEffectivePolicy function, using the form of the policy in the Web Interface resulted in excessive onGetEffectivePolicy function calls, impacting performance.

This issue was fixed by reducing the number of onGetEffectivePolicy function calls.

279815

Previously, when the property form of an object appeared in the central pane instead of a pop-up (for example, after moving a user to another Organizational Unit), the Web Interface displayed the General Properties > Organization settings (such as Department or Company) values in a text box instead of a drop-down, even if those values previously appeared in a drop-down.

This issue is now fixed, so the Organization settings appear in a drop-down as in earlier Active Roles versions.

257609, 262882

Known issues

The following is a list of issues, including those attributed to third-party products, known to exist at the time of release.

Table 11: General known issues
Known Issue Issue ID

Activating the EnableAntiForgery key (<add key="EnableAntiForgery" value="true"/> in web.config) may cause the following error message:

Session timeout due to inactivity. Please reload the page to continue.

Workaround

Update the IgnoreValidation key in the<appSettings> section by adding a property value in lowercase:

  1. Open IIS Manager.

  2. In the left pane, under Connections, expand the tree view to Sites > Default Web Site.

  3. Under Default Web Site, click on the Active Roles application (ARWebAdmin by default).

  4. Double-click Configuration Editor.

  5. From the Section drop-down, select appSettings.

  6. Find the IgnoreForValidation key.

  7. Append the comma-separated value to IgnoreForValidation, for example: lowercasecontrolname.

  8. In the right pane, under Actions, click Apply.

  9. Recycle the App pool.

91977

Table 12: Configuration Center known issues
Known Issue Issue ID

When configured for Groups and Contacts, the Office 365 and Azure Tenant Selection policy displays additional tabs.

229031

Tenant selection supports selecting only a single tenant.

229030

In the Starling Connect Connection Settings link, clicking Next displays progress, but the functionality is not affected, so the button is not required.

126892

Table 13: Console (MMC Interface) known issues
Known Issue Issue ID

Azure objects cannot be deleted.

Workaround

In the Delete Access Templates, grant the user Read right on the ObjectClass property.

392597

Automation workflows with the Microsoft 365 script fail, if multiple workflows share the same script and the script is scheduled to execute at the same time.

Workaround

One Identity recommends scheduling the workflows with different scripts or at a different time.

200328

When a workflow is copied from a built-in workflow, it may not run as expected.

153539

Azure Group Properties are not available if they are added to the Microsoft 365 Portal or Hybrid Exchange Properties from the forwarding address attribute of Exchange online users.

98186

In Active Roles with the Office 365 Licenses Retention policy applied, after deprovisioning the Azure AD user, the Deprovisioning Results for the Office 365 Licenses Retention policy are not displayed in the same window.

Workaround

To view the deprovisioning results of an Azure AD user:

  • In the Active Roles Console, right-click and select Deprovisioning Results.

  • In the right pane of the Active Roles Web Interface, click Deprovisioning Results.

  • To refresh the form, press F5.

91901

Table 14: Installer known issues
Known Issue Issue ID

After upgrading Active Roles, the pending approval tasks are not displayed in the Active Roles Web Interface.

91933

Table 15: Language Pack known issues
Known Issue Issue ID

In the Active Roles Configuration Center, changing the language in Global settings does not work properly.

Workaround

To change the language of the Web Interface, configure the language with the Active Roles 8.1.1 > Settings > User interface language option of the Web Interface.

125880

In the Active Roles Console, the O365 script execution configuration activity of the Workflow Designer is not completely localized to German.

151392

In the Active Roles Console, the German localization may contain visual issues and truncated texts.

91946

In the Active Roles Console, some strings are displayed in English instead of German in the German localization.

91942

In the Active Roles Synchronization Service, the Event Viewer messages are not translated to German.

91753

In the Active Roles Synchronization Service, the German localization does not have all connector strings translated.

91709

In the Active Roles Web Interface, some Azure-related strings are translated incorrectly for the supported languages. Translated texts may also contain link inconsistencies.

257995

In Active Roles, several German localization issues are present.

164713

In Active Roles, strings on the notification page are not localized.

153695

In the Language Pack installer, the link of the online EULA agreement in the EULA text does not work.

91925

Table 16: Synchronization Service known issues
Known Issue Issue ID

In the Active Roles Synchronization Service, the following attributes of the Microsoft Azure AD Connector are currently not supported and cannot be queried via the Microsoft Graph API:

  • user attributes:

    • aboutMe

    • birthday

    • contacts

    • hireDate

    • interests

    • mySite

    • officeLocation

    • pastProjects

    • preferredName

    • responsibilites

    • schools

    • skills

  • group attributes:

    • acceptedSenders

    • allowExternalSenders

    • autoSubscribeNewMembers

    • hasMembersWithLicenseErrors

    • hideFromAddressLists

    • hideFromOutlookClients

    • isSubscribedByMail

    • membersWithLicenseErrors

    • rejectedSenders

    • unseenCount

This means that although these attributes are visible, they cannot be set in a mapping rule.

304074

After running the get-qcworkflowstatus cmdlet in the Synchronization Service, the workflow status is not accurate.

125768

Table 17: Web Interface known issues
Known Issue Issue ID

When attempting to modify or delete Azure users, contacts, or groups synchronized from an on-premises Active Directory to an Azure Active Directory, the operation either appears to be successful, but silently fails, or the operation fails with a generic error message.

If the operation appears to be successful, the following message appears:

The operation is successfully completed.

However, the operation silently fails, no error message appears, and the Azure user, contact or group is not deleted or modified.

If the operation fails, the following generic error message appears instead of a specific error message:

An error occurred during the last operation.

NOTE: Similar failures with either no error message or a generic error message may occur due to an architectural issue in the Active RolesWeb Interface.

388062,

388063

If you click Azure > Resource Mailboxes to query room mailboxes after being idle for approximately 15-20 minutes, the Active Roles Web Interface will not list any room mailboxes.

Workaround

Restart the Administration Service.

293380

In the Active Roles Web Interface, Azure roles are not restored automatically after performing an Undo Deprovision action on a user.

Workaround

After the Undo Deprovision action is completed, assign the Azure roles to the user manually.

172655

Active Roles does not support creating Azure groups for existing groups.

117015

Active Roles Web Interface does not support setting the Exchange Online Property of the ProhibitSendQuota value in Storage Quotas.

91905

Table 18: Add-on Manager known issues

Known Issue

Defect ID

After installing an add-on that creates Web Interface customization items, the Web Interface may not display the customization items created by the add-on.

Workaround

In the Web Interface, click Reload.

179835

After installing an add-on that creates a virtual attribute, the virtual attribute may not appear in the Advanced Properties dialog of the affected object.

Workaround

After installing the add-on, reconnect to the Administration Service.

180508

After installing an add-on that creates a virtual attribute and a Web Interface customization item using that virtual attribute, an error may occur when opening any Web Interface site.

Workaround

Restart Internet Information Services (IIS) on the web server running the Web Interface (for example, by running the iisreset command in the Windows command prompt).

If there is a replication group in your Active Roles environment, do the following:

  1. After the changes are propagated to all replication partners, click Reload in the Web Interface.

  2. If the Web Interface does not open, enter the following in the address bar of your browser to reload the Web Interface:

    <site url>/customization/metadata-Reload.aspx?ReloadFromWorkingCopy=1

  3. After the changes are propagated to all replication partners, restart Internet Information Services (IIS) on the web server running the Web Interface (for example, by running the iisreset command in the Windows command prompt).

180524

When you use Add-on Manager to uninstall an add-on, the following error may occur:

Object 'objectDN' was not found.

This error can occur if the add-on modifies an existing object during installation, and then the modified object is deleted by a user after the add-on has been installed.

Workaround

Uninstall the add-on from the command line using the /ForceUninstall parameter. For example:

AddOnManager.exe /UninstallAddon /AddonName:"my-addon" /ForceUninstall /Service:"servicename" /User:"domain\user" /Password:"password"

180700

After uninstalling an add-on that creates a virtual attribute and a Web Interface customization item that uses that virtual attribute, the Web Interface customization item created by the add-on may not be removed, and the Web Interface may return the following error:

An error occurred during the last operation.

Workaround

Perform the following steps:

  1. In the Web Interface, click the Reload command.

    If the Web Interface does not open, reload the Web Interface by entering the following URL in the address bar of your browser:

    <site url>/customization/metadata-Reload.aspx?ReloadFromWorkingCopy=1

    NOTE: If there is a replication group in your Active Roles environment, reload the Web Interface only after the changes are propagated to all replication partners.

  1. Restart Internet Information Services (IIS) on the web server running the Web Interface (for example, by running the iisreset command in the Windows command prompt).

    NOTE: If there is a replication group in your Active Roles environment, restart IIS only after the changes are propagated to all replication partners.

180721

After installing an add-on that creates Web Interface customization items, the Web Interface customization items created by the add-on may not be displayed.

This issue may occur if you provide incorrect user name and password for reloading Web Interface sites.

Workaround

In the Web Interface, click the Reload command.

180808

When you install Add-on Manager from the command-line, you may encounter the following error:

Command line option syntax error. Type Command /? for Help.

This error may occur if one or several parameters of the command contain more than 255 characters.

Workaround

Edit the command-line parameters (for example, the path to a file) so that each parameter is not longer than 255 characters.

183252

System requirements

Before installing Active Roles 8.1.1, ensure that your system meets the following minimum hardware and software requirements.

NOTE: When setting up a virtual environment, carefully consider the configuration aspects such as CPU, memory availability, I/O subsystem, and network infrastructure to ensure the virtual layer has the necessary resources available. Please consult One Identity's Product Support Policies for more information on environment virtualization.

To manage Azure Active Directory resources, you must install the following prerequisites in the Active Roles Configuration Center.

TIP: To run these PowerShell commands, use the 64-bit version of Windows PowerShell.

Requirement

Version

Details

NuGet package provider

Minimum: 2.8.5.201

Maximum: 3.0.0.1

You must install NuGet package provider on the computer(s) running Active Roles Administration Service. For installation instructions, see Install-PackageProvider in the Microsoft Package Management documentation.

Exchange Online PowerShell module

Minimum: 2.0.3

Maximum: 3.0.0

You must install Exchange Online PowerShell module on the computer(s) running Active Roles Administration Service. For installation instructions, see Install and maintain the EXO V2 module in the Microsoft Azure Exchange PowerShell documentation.

Az.Accounts PowerShell module

Maximum: 2.10.3

You must install Az.Accounts PowerShell module on the computer(s) running Active Roles Administration Service and Active Roles Synchronization Service. For installation instructions, see Az.Accounts in the Microsoft PowerShell Gallery.

Az.Resources PowerShell module

Maximum: 6.4.1

You must install Az.Resources PowerShell module on the computer(s) running Active Roles Administration Service and Active Roles Synchronization Service. For installation instructions, see Az.Resources in the Microsoft PowerShell Gallery.

Microsoft Graph PowerShell module

Maximum: 1.17.0

You must install Microsoft Graph PowerShell module on the computer(s) running Active RolesAdministration Service and Active RolesSynchronization Service. For installation instructions, see Microsoft Graph in the Microsoft PowerShell Gallery.

Microsoft Edge WebView2 Runtime

N/A

You must install Microsoft Edge WebView2 Runtime on the computer running Active Roles Administration Service. For more information, see Introduction to Microsoft Edge WebView2 in the Microsoft Edge Developer documentation.

(Optional) One Identity certificate

N/A

If your organization enforces the AllSigned policy, you must install the One Identity certificate during the installation of Active Roles.

CAUTION: When importing PowerShell modules with the $context.O365ImportModules function, they are imported with the versions specified in the configuration of the Azure-specific prerequisites.

However, after importing the specified versions of the required PowerShell modules, running PowerShell cmdlets without passing them as a string to the $context.O365ImportModules function can cause inconsistent behavior in Active Roles. This is because if there are multiple versions of the same PowerShell module installed on the computer running the Active Roles server, PowerShell modules containing the script to run can be imported automatically with different versions.

To avoid inconsistent behavior in Active Roles by importing different PowerShell versions, run PowerShell modules only by passing them as a string to the $context.O365ImportModules function.

Hardware requirements
Table 19: Hardware requirements
Requirement Details

Processor

NOTE: The number of cores required depends on the size of the environment and the total number of managed objects.

For Administration Service, Web Interface and Synchronization Service, any of the following:

  • Intel 64 (EM64T)

  • AMD64

  • Minimum 2 cores

  • CPU speed: 2.0 GHz or faster

NOTE: For Synchronization Service, One Identity recommends using a multi-core CPU for the best performance.

For Console and Management Tools, any of the following:

  • Intel x86

  • Intel 64 (EM64T)

  • AMD64

  • CPU speed: 1.0 GHz or faster.

Memory

NOTE: The amount of RAM required depends on the size of the environment and the total number of managed objects.

Administration Service:

A minimum of 4 GB of RAM.

Web Interface, Synchronization Service:

A minimum of 2 GB of RAM.

Console, Management Tools:

A minimum of 1 GB of RAM.

Hard disk space

Administration Service, Web Interface, Console, Management Tools:

A minimum of 100 MB of free disk space.

Synchronization Service:

A minimum of 250 MB of free disk space.

NOTE: If SQL Server and Synchronization Service are installed on the same computer, the amount required depends on the size of the Synchronization Service database.

Operating system

You can install any of the Active Roles components on a computer running:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

Active Roles supports the Standard or Datacenter edition of these operating systems.

In addition, you can install the Active RolesConsole and Management Tools on a computer running:

  • Microsoft Windows 10, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64).

  • Microsoft Windows 8.1, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64).

Component requirements

CAUTION: To avoid inconsistent behavior in Active Roles when managing Azure Active Directory resources, you must enable Transport Layer Security (TLS) protocol version 1.2. For more information, see TLS 1.2 enforcement for Azure AD Connect in the Microsoft Azure documentation.

All Active Roles components require:

  • Microsoft .NET Framework 4.7.2. For more information, see Installing .NET Framework for developers in the Microsoft .NET documentation.

    NOTE: Microsoft .NET Framework 4.8 is also supported.

  • Visual C++ 2017 Redistributable.

Table 20: Administration Service requirements
Requirement

Details

SQL Server

You can host the Active Roles database on the following SQL Server versions:

  • Microsoft SQL Server 2022, any edition.

  • Microsoft SQL Server 2019, any edition.

  • Microsoft SQL Server 2017, any edition.

  • Microsoft SQL Server 2016, any edition.

  • Microsoft SQL Server 2014, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack.

  • Azure SQL hosted databases.

To connect Active Roles to a Microsoft SQL Server deployment, the following driver is required:

  • Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL).

Windows Management Framework

Windows Management Framework 5.1 (available for download) is required on all supported operating systems.

Operating system on domain controllers

Active Roles retains all features and functions when managing Active Directory on domain controllers running any of these operating systems, any edition, with or without any Service Pack:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

NOTE: Active Roles deprecates managed domains with the domain functional level lower than Windows Server 2008 R2. One Identity recommends that you raise the functional level of the domains managed by Active Roles to Windows Server 2008 R2 or higher.

Exchange Server

Active Roles is capable of managing Exchange recipients on:

  • Microsoft Exchange Server 2019

  • Microsoft Exchange Server 2016

  • Microsoft Exchange Server 2013

NOTE: Microsoft Exchange 2013 CU11 is not supported. For more information, see Knowledge Base Article 202695.

Table 21: Web Interface requirements
Requirement

Details

Internet Services

Active Roles Web Interface requires the Web Server (IIS) server role with the following role services:

  • Web Server/Common HTTP Features/

    • Default Document

    • HTTP Errors

    • Static Content

    • HTTP Redirection

  • Web Server/Security/

    • Request Filtering

    • Basic Authentication

    • Windows Authentication

  • Web Server/Application Development/

    • .NET Extensibility

    • ASP

    • ASP.NET

    • ISAPI Extensions

    • ISAPI Filters

  • Management Tools/IIS 6 Management Compatibility/

    • IIS 6 Metabase Compatibility

Feature delegation

Internet Information Services (IIS) must provide Read/Write delegation for the following features:

  • Handler Mappings

  • Modules

To confirm that these features have the Read/Write delegation configured, use the Feature Delegation option of the native Internet Information Services (IIS) Manager tool of the operating system.

.NET Trust Levels

The .NET Trust Level must be set to Full (internal) on every computer where the Web Interface component is installed.

To configure this setting:

  1. In the native Internet Information Services (IIS) Manager tool, under Connections, expand the node of the computer, and navigate to Sites > Default Web Site.

  2. On the Default Web Site Home page, double-click .NET Trust Levels.

  3. Under Trust level, select Full (internal).

NOTE: Setting the .NET Trust Level to any other value will result in a failure when attempting to load any of the configured Active Roles Web Interface sites.

Web browser

You can access Active Roles Web Interface using:

  • Mozilla Firefox 36 (or newer) on Windows.

  • Google Chrome 61 (or newer) on Windows.

  • Microsoft Edge 79 (or newer), based on Chromium on Windows 10.

You can use a later version of Firefox and Google Chrome to access Active Roles Web Interface. However, the Active Roles Web Interface was tested only with the browser versions listed above.

Minimum screen resolution

Active Roles Web Interface is optimized for screen resolutions of 1280x800 or higher.

The minimum supported screen resolution is 1024x768.

Table 22: Console requirements
Requirement

Details

Web browser

Active Roles Console requires Microsoft Edge 79 (or newer), based on Chromium.

Table 23: Management Tools requirements
Requirement

Details

Windows Management Framework

Windows Management Framework 5.1 (available for download) is required on all supported operating systems.

Remote Server Administration Tools (RSAT)

To manage Terminal Services user properties by using Active Roles Management Shell, Active Roles Management Tools requires Remote Server Administration Tools (RSAT) for Active Directory.

For more information on installing the RSAT version applicable to your operating system, see Remote Server Administration Tools (RSAT) for Windows in the Microsoft Windows Server documentation.

Table 24: Synchronization Service requirements
Requirement

Details

SQL Server

You can host the Active RolesSynchronization Service database on:

  • Microsoft SQL Server 2022, any edition.

  • Microsoft SQL Server 2019, any edition.

  • Microsoft SQL Server 2017, any edition.

  • Microsoft SQL Server 2016, any edition.

  • Microsoft SQL Server 2014, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack.

NOTE: Active Roles Synchronization Service does not support Azure SQL hosted databases.

Windows Management Framework

Windows Management Framework 5.1 (available for download) is required on all supported operating systems.

Supported connections

Active Roles Synchronization Service can connect to the following data systems:

  • Microsoft Active Directory Domain Services (AD DS) with the domain or forest functional level of Windows Server 2016 or higher.

  • Microsoft Active Directory Lightweight Directory Services (AD LDS) running on any Windows Server operating system supported by Microsoft.

  • The following Microsoft Exchange Server versions:

    • Microsoft Exchange Server 2019

    • Microsoft Exchange Server 2016

    • Microsoft Exchange Server 2013

    NOTE: Microsoft Exchange 2013 CU11 is not supported. For more information, see Knowledge Base Article 202695.

  • Microsoft Lync Server version 2013 with limited support.

  • Microsoft Skype for Business 2019, 2016 or 2015.

  • Microsoft Windows Azure Active Directory (Azure AD) using Microsoft Graph API version 1.0.

  • Microsoft Office 365 directory.

  • Microsoft Exchange Online service.

  • Microsoft Skype for Business Online service.

  • Microsoft SharePoint Online service.

  • Microsoft SQL Server, any version supported by Microsoft.

  • Microsoft SharePoint 2019, 2016, or 2013.

  • Active Roles version 7.4.3, 7.4.1, 7.3, 7.2, 7.1, 7.0, and 6.9.

  • One Identity Manager version 7.0 (D1IM 7.0).

  • One Identity Manager version 8.0.

  • Support for Generic LDAP Connector, MySQL Connector, Open LDAP Connector, IBM Db2 Connector, Salesforce Connector, Service now Connector, and IBM RACF Connector.

  • Support for SCIM-based data import operations.

  • Support for Oracle Database, Oracle Database User Accounts, Oracle Unified Directory, Micro Focus NetIQ Directory, and IBM AS/400 connectors.

  • Data sources accessible through an OLE DB provider.

  • Delimited text files.

Legacy Active Roles ADSI Provider

To connect to Active Roles version 6.9, install the Active Roles ADSI Provider. For more information, see Installing additional components in the Active Roles Quick Start Guide.

One Identity Manager API

To connect to One Identity Manager 7.0, install One Identity Manager Connector on the computer running Active Roles Synchronization Service. This connector works with the RESTful web service and no SDK installation is required.

Internet connection

To connect to cloud directories or online services, the machine running Active Roles Synchronization Service must have a reliable Internet connection.

Table 25: Synchronization Service Capture Agent requirements
Requirement

Details

Operating system

The DCs on which you install Active Roles Synchronization Service Capture Agent must run one of the following operating systems with or without any Service Pack:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

For more information, see the Active Roles Synchronization Service Administration Guide.

Table 26: Language Pack requirements
Requirement

Details

Active Roles version

The Active Roles 8.1.1 Language Pack requires Active Roles version 8.1.1 of the Administration Service, Configuration Center, Console, Synchronization Service or the Web Interface installed on the target machine.

The Active Roles 8.1.1 Language Pack will not work properly with earlier versions of Active Roles.

Operating system

You can install the Active Roles Language Pack on 64-bit operating systems only.

Table 27: Add-on Manager requirements

Requirement

Details

Processor

Any of the following:

  • Intel 64 (EM64T)

  • AMD64

  • CPU speed: 1.0 GHz or faster

Memory

A minimum of 1 GB of RAM.

Hard Disk Space

A minimum of 100 MB of free disk space.

Operating System

Any of the following Windows Server operating systems:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

In addition, you can also install Add-on Manager on a computer running:

  • Microsoft Windows 10, Professional or Enterprise edition, 64-bit (x64)

Active Roles Console

Add-on Manager requires Active Roles 8.1.1Console installed.

Microsoft Windows PowerShell

Windows PowerShell 5.1 or later

Web Browser

Microsoft Edge 79 or newer (based on Chromium)

Table 28: Diagnostic Tools requirements

Requirement

Details

Processor

1.0 GHz or faster 32-bit (x86) or 64-bit (x64) CPU.

Memory

NOTE: The amount of RAM required depends on the size of the log file opened with the Log Viewer tool.

A minimum of 1 GB of RAM.

Hard disk space

A minimum of 10 MB of free disk space.

Operating system

Any of the following Windows Server operating systems:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

Product licensing

Use of this software is governed by the Software Transaction Agreement found at www.oneidentity.com/legal/sta.aspx. This software does not require an activation or license key to operate.

The product usage statistics can be used as a guide to show the scope and number of managed objects in Active Roles.

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택