지금 지원 담당자와 채팅
지원 담당자와 채팅

Active Roles 8.1.5 - SP1 Release Notes

Known issues

The following is a list of issues, including those attributed to third-party products, known to exist at the time of release.

Table 7: General known issues
Known Issue Issue ID

Activating the EnableAntiForgery key (<add key="EnableAntiForgery" value="true"/> in web.config) may cause the following error message:

Session timeout due to inactivity. Please reload the page to continue.

Workaround

Update the IgnoreValidation key in the<appSettings> section by adding a property value in lowercase:

  1. Open IIS Manager.

  2. In the left pane, under Connections, expand the tree view to Sites > Default Web Site.

  3. Under Default Web Site, click on the Active Roles application (ARWebAdmin by default).

  4. Double-click Configuration Editor.

  5. From the Section drop-down, select appSettings.

  6. Find the IgnoreForValidation key.

  7. Append the comma-separated value to IgnoreForValidation, for example: lowercasecontrolname.

  8. In the right pane, under Actions, click Apply.

  9. Recycle the App pool.

91977

Table 8: Configuration Center known issues
Known Issue Issue ID

If you upgrade Active Roles to a newer version, starting the Active Roles Configuration Center to perform the in-place upgrade can fail with the following error messages:

  • Connect failed: The system cannot find the file specified.

  • Delegate to an instance method cannot have null 'this'.

At the same time, Active Roles logs the following error in the Event Viewer:

Critical error occurred upon starting Active Roles Administration Service. Details: Database <active-roles-database> on SQL Server <sql-server-name> is unavailable.

This issue occurs if the SQL Server used by Active Roles is not already running when attempting to start the Active Roles Configuration Center after a restart to perform the upgrade process. The issue is more likely to occur if the SQL Server and Active Roles are installed on the same machine.

Workaround

To avoid this issue from occuring:

  • Install SQL Server and Active Roles on different machines.

  • Make sure that the SQL Server installation used by Active Roles is up and running before starting the upgrade process.

If you have your SQL Server and Active Roles installed on the same machine, and the error occurs, then close and reopen the Active Roles Configuration Center after the SQL Server started running.

448694

When configured for Groups and Contacts, the Office 365 and Azure Tenant Selection policy displays additional tabs.

229031

Tenant selection supports selecting only a single tenant.

229030

In the Starling Connect Connection Settings link, clicking Next displays progress, but the functionality is not affected, so the button is not required.

126892

Table 9: Console (MMC Interface) known issues
Known Issue Issue ID

The format of the edsaAzureSubscribedSKUs attribute for hybrid Active Directory users has changed between Active Roles 7.6 and 8.0. As a result of this change, from Active Roles 8.1, in the Active Roles Console, you cannot modify this attribute to assign licenses to hybrid AD users.

Workaround

To automate assigning licenses to hybrid AD users using a workflow

  1. Create a new, example hybrid user for the purpose of copying its edsaAzureSubscribedSKUs attribute, with the license(s) that you need.

  2. Copy the value of this edsaAzureSubscribedSKUs attribute.

  3. To automate assigning licenses to hybrid users using a workflow, in that workflow, paste this previously copied value as the edsaAzureSubscribedSKUs attribute.

For more information, see Workflows in the Active Roles Administration Guide.

440896

If you configure a Managed Unit with an Include by Query rule, the following condition operators cannot query Azure objects due to Graph API limitations:

  • Contains

  • Present

In addition, the Ends with condition returns results only if you specify whole words. The only exceptions to this behavior are the mail, otherMails, userPrincipalName and proxyAddresses attributes, where Ends with can properly query the values that end with your specified string.

For more information, see Support for filter by properties of Microsoft Entra ID (directory) objects in the Microsoft Graph documentation.

420917

Azure objects cannot be deleted.

Workaround

In the Delete Access Templates, grant the user Read right on the ObjectClass property.

392597

Automation workflows with the Microsoft 365 script fail, if multiple workflows share the same script and the script is scheduled to execute at the same time.

Workaround

One Identity recommends scheduling the workflows with different scripts or at a different time.

200328

When a workflow is copied from a built-in workflow, it may not run as expected.

153539

Azure Group Properties are not available if they are added to the Microsoft 365 Portal or Hybrid Exchange Properties from the forwarding address attribute of Exchange online users.

98186

In Active Roles with the Office 365 Licenses Retention policy applied, after deprovisioning the Azure AD user, the Deprovisioning Results for the Office 365 Licenses Retention policy are not displayed in the same window.

Workaround

To view the deprovisioning results of an Azure AD user:

  • In the Active Roles Console, right-click and select Deprovisioning Results.

  • In the right pane of the Active Roles Web Interface, click Deprovisioning Results.

  • To refresh the form, press F5.

91901

Table 10: Installer known issues
Known Issue Issue ID

After upgrading Active Roles, the pending approval tasks are not displayed in the Active Roles Web Interface.

91933

Table 11: Language Pack known issues
Known Issue Issue ID

In the Active Roles Configuration Center, changing the language in Global settings does not work properly.

Workaround

To change the language of the Web Interface, configure the language with the Active Roles 8.1.5 SP1 > Settings > User interface language option of the Web Interface.

125880

In the Active Roles Console, the O365 script execution configuration activity of the Workflow Designer is not completely localized to German.

151392

In the Active Roles Console, the German localization may contain visual issues and truncated texts.

91946

In the Active Roles Console, some strings are displayed in English instead of German in the German localization.

91942

In the Active Roles Synchronization Service, the Event Viewer messages are not translated to German.

91753

In the Active Roles Synchronization Service, the German localization does not have all connector strings translated.

91709

In the Active Roles Web Interface, some Azure-related strings are translated incorrectly for the supported languages. Translated texts may also contain link inconsistencies.

257995

In Active Roles, several German localization issues are present.

164713

In Active Roles, strings on the notification page are not localized.

153695

In the Language Pack installer, the link of the online EULA agreement in the EULA text does not work.

91925

Table 12: Synchronization Service known issues
Known Issue Issue ID

In the Synchronization Service, the following attributes of the Microsoft Azure AD Connector are currently not supported and cannot be queried via the Microsoft Graph API:

  • user attributes:

    • aboutMe

    • birthday

    • contacts

    • hireDate

    • interests

    • mySite

    • officeLocation

    • pastProjects

    • preferredName

    • responsibilites

    • schools

    • skills

  • group attributes:

    • acceptedSenders

    • allowExternalSenders

    • autoSubscribeNewMembers

    • hasMembersWithLicenseErrors

    • hideFromAddressLists

    • hideFromOutlookClients

    • isSubscribedByMail

    • membersWithLicenseErrors

    • rejectedSenders

    • unseenCount

This means that although these attributes are visible, they cannot be set in a mapping rule.

304074

After running the get-qcworkflowstatus cmdlet in the Synchronization Service, the workflow status is not accurate.

125768

Table 13: Web Interface known issues
Known Issue Issue ID

If using Active Roles in a hybrid environment, the Search menu may return less results than the Quick Search bar in the Web Interface header, because the Search menu does not list cloud objects.

Workaround

To get accurate and complete search results in a hybrid environment, use the Quick Search bar in the Web Interface header instead of the Search menu.

440220

Using a personal view to open an Active Directory (AD) Organizational Unit (OU) whose name contains the < special character results in the following error:

An error occurred during the last operation.
Error: A potentially dangerous Request.Query.String was detected from the client (DN="OU\<name-property>").

The issue is caused by the special character in the request URL of the Web Interface, causing failures in the web functionality of Active Roles.

Workaround

One Identity recommends avoiding the use of the < character in the name property of an AD object.

415590

When attempting to modify or delete Azure users, contacts, or groups synchronized from an on-premises Active Directory to an Azure Active Directory, the operation either appears to be successful, but silently fails, or the operation fails with a generic error message.

If the operation appears to be successful, the following message appears:

The operation is successfully completed.

However, the operation silently fails, no error message appears, and the Azure user, contact or group is not deleted or modified.

If the operation fails, the following generic error message appears instead of a specific error message:

An error occurred during the last operation.

NOTE: Similar failures with either no error message or a generic error message may occur due to an architectural issue in the Active Roles Web Interface.

388062,

388063

If you click Azure > Resource Mailboxes to query room mailboxes after being idle for approximately 15-20 minutes, the Active Roles Web Interface will not list any room mailboxes.

Workaround

Restart the Administration Service.

293380

In the Active Roles Web Interface, Azure roles are not restored automatically after performing an Undo Deprovision action on a user.

Workaround

After the Undo Deprovision action is completed, assign the Azure roles to the user manually.

172655

Active Roles does not support creating Azure groups for existing groups.

117015

Active Roles Web Interface does not support setting the Exchange Online Property of the ProhibitSendQuota value in Storage Quotas.

91905

Table 14: Add-on Manager known issues

Known Issue

Defect ID

After installing an add-on that creates Web Interface customization items, the Web Interface may not display the customization items created by the add-on.

Workaround

In the Web Interface, click Reload.

179835

After installing an add-on that creates a virtual attribute, the virtual attribute may not appear in the Advanced Properties dialog of the affected object.

Workaround

After installing the add-on, reconnect to the Administration Service.

180508

After installing an add-on that creates a virtual attribute and a Web Interface customization item using that virtual attribute, an error may occur when opening any Web Interface site.

Workaround

Restart Internet Information Services (IIS) on the web server running the Web Interface (for example, by running the iisreset command in the Windows command prompt).

If there is a replication group in your Active Roles environment, do the following:

  1. After the changes are propagated to all replication partners, click Reload in the Web Interface.

  2. If the Web Interface does not open, enter the following in the address bar of your browser to reload the Web Interface:

    <site url>/customization/metadata-Reload.aspx?ReloadFromWorkingCopy=1

  3. After the changes are propagated to all replication partners, restart Internet Information Services (IIS) on the web server running the Web Interface (for example, by running the iisreset command in the Windows command prompt).

180524

When you use Add-on Manager to uninstall an add-on, the following error may occur:

Object 'objectDN' was not found.

This error can occur if the add-on modifies an existing object during installation, and then the modified object is deleted by a user after the add-on has been installed.

Workaround

Uninstall the add-on from the command line using the /ForceUninstall parameter. For example:

AddOnManager.exe /UninstallAddon /AddonName:"my-addon" /ForceUninstall /Service:"servicename" /User:"domain\user" /Password:"password"

180700

After uninstalling an add-on that creates a virtual attribute and a Web Interface customization item that uses that virtual attribute, the Web Interface customization item created by the add-on may not be removed, and the Web Interface may return the following error:

An error occurred during the last operation.

Workaround

Perform the following steps:

  1. In the Web Interface, click the Reload command.

    If the Web Interface does not open, reload the Web Interface by entering the following URL in the address bar of your browser:

    <site url>/customization/metadata-Reload.aspx?ReloadFromWorkingCopy=1

    NOTE: If there is a replication group in your Active Roles environment, reload the Web Interface only after the changes are propagated to all replication partners.

  1. Restart Internet Information Services (IIS) on the web server running the Web Interface (for example, by running the iisreset command in the Windows command prompt).

    NOTE: If there is a replication group in your Active Roles environment, restart IIS only after the changes are propagated to all replication partners.

180721

After installing an add-on that creates Web Interface customization items, the Web Interface customization items created by the add-on may not be displayed.

This issue may occur if you provide incorrect user name and password for reloading Web Interface sites.

Workaround

In the Web Interface, click the Reload command.

180808

When you install Add-on Manager from the command-line, you may encounter the following error:

Command line option syntax error. Type Command /? for Help.

This error may occur if one or several parameters of the command contain more than 255 characters.

Workaround

Edit the command-line parameters (for example, the path to a file) so that each parameter is not longer than 255 characters.

183252

System requirements

Before installing Active Roles 8.1.5 SP1 in an on-premises environment, ensure that your system meets the following minimum hardware and software requirements.

NOTE: When setting up a virtual environment, carefully consider the configuration aspects such as CPU, memory availability, I/O subsystem, and network infrastructure to ensure the virtual layer has the necessary resources available. For more information about environment virtualization, see One Identity's Product Support Policies.

To authenticate and communicate with Azure, the Active Roles Service must have access to the following Microsoft endpoints:

  • https://login.microsoftonline.com/

  • https://developer.microsoft.com/graph

  • https://graph.windows.net/

To manage Azure Active Directory resources, you must install the following prerequisites in the Active Roles Configuration Center.

TIP: To run the PowerShell commands of the following modules, use the 64-bit version of Windows PowerShell.

Requirement

Version

Details

NuGet package provider

Minimum: 2.8.5.201

Maximum: 3.0.0.1

You must install the NuGet package provider on the computer(s) running Active Roles Administration Service.

For installation instructions, see Install-PackageProvider in the Microsoft Package Management documentation.

Exchange Online PowerShell V3 module

Minimum: 3.0.0

Maximum: 3.1.0

You must install the Exchange Online PowerShell module on the computer(s) running Active Roles Administration Service.

For installation instructions, see About the Exchange Online PowerShell module in the Microsoft Exchange PowerShell documentation.

Az.Accounts PowerShell module

Maximum: 2.10.3

You must install the Az.Accounts PowerShell module on the computer(s) running Active Roles Administration Service and Active Roles Synchronization Service.

For installation instructions, see Az.Accounts in the Microsoft PowerShell Gallery.

Az.Resources PowerShell module

Maximum: 6.4.1

You must install the Az.Resources PowerShell module on the computer(s) running Active Roles Administration Service.

For installation instructions, see Az.Resources in the Microsoft PowerShell Gallery.

Microsoft Graph PowerShell module

Maximum: 1.17.0

You must install the Microsoft Graph PowerShell module on the computer(s) running Active Roles Administration Service. For installation instructions, see Microsoft Graph in the Microsoft PowerShell Gallery.

Microsoft Edge WebView2 Runtime

N/A

You must install Microsoft Edge WebView2 Runtime on the computer running Active Roles Administration Service. For more information, see Introduction to Microsoft Edge WebView2 in the Microsoft Edge Developer documentation.

(Optional) One Identity certificate

N/A

If your organization enforces the AllSigned policy, you must install the One Identity certificate during the installation of Active Roles.

CAUTION: When importing PowerShell modules with the $context.O365ImportModules function, they are imported with the versions specified in the configuration of the Azure-specific prerequisites.

However, after importing the specified versions of the required PowerShell modules, running PowerShell cmdlets without passing them as a string to the $context.O365ImportModules function can cause inconsistent behavior in Active Roles. This is because if there are multiple versions of the same PowerShell module installed on the computer running the Active Roles server, PowerShell modules containing the script to run can be imported automatically with different versions.

To avoid inconsistent behavior in Active Roles by importing different PowerShell versions, run PowerShell modules only by passing them as a string to the $context.O365ImportModules function.

Hardware requirements
Table 15: Hardware requirements
Requirement Details

Processor

NOTE: The number of cores required depends on the size of the environment and the total number of managed objects.

For Administration Service, Web Interface and Synchronization Service, any of the following:

  • Intel 64 (EM64T)

  • AMD64

  • Minimum 2 cores

  • CPU speed: 2.0 GHz or faster

NOTE: For Active Roles Synchronization Service, One Identity recommends using a multi-core CPU for the best performance.

For Console, SPML Provider and Management Tools, any of the following:

  • Intel x86

  • Intel 64 (EM64T)

  • AMD64

  • CPU speed: 1.0 GHz or faster.

Memory

NOTE: The amount of RAM required depends on the size of the environment and the total number of managed objects.

Administration Service:

A minimum of 4 GB of RAM.

Web Interface, Synchronization Service:

A minimum of 2 GB of RAM.

Console, SPML Provider and Management Tools:

A minimum of 1 GB of RAM.

Hard disk space

Administration Service, Web Interface, Console, SPML Provider and Management Tools:

A minimum of 100 MB of free disk space.

Synchronization Service:

A minimum of 250 MB of free disk space.

NOTE: If SQL Server and Synchronization Service are installed on the same computer, the amount required depends on the size of the Synchronization Service database.

Operating system

You can install any of the Active Roles components on a computer running:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

Active Roles supports the Standard or Datacenter edition of these operating systems.

In addition, you can install the Active RolesConsole and Management Tools on a computer running:

  • Microsoft Windows 10, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64).

  • Microsoft Windows 8.1, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64).

Component requirements

CAUTION: To avoid inconsistent behavior in Active Roles when managing Azure Active Directory resources, you must enable Transport Layer Security (TLS) protocol version 1.2. For more information, see TLS 1.2 enforcement for Azure AD Connect in the Microsoft Azure documentation.

All Active Roles components require:

Table 16: Administration Service requirements
Requirement

Details

SQL Server

You can host the Active Roles database on the following SQL Server versions:

  • Microsoft SQL Server 2022, any edition.

  • Microsoft SQL Server 2019, any edition.

  • Microsoft SQL Server 2017, any edition.

  • Microsoft SQL Server 2016, any edition.

  • Microsoft SQL Server 2014, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack.

  • Azure SQL hosted databases.

  • Azure SQL hosted databases.

To connect Active Roles to a Microsoft SQL Server deployment, install Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL).

Windows Management Framework

Windows Management Framework 5.1 (available for download) is required on all supported operating systems.

Operating system on domain controllers

The product retains all of its features and functions when managing Active Directory on domain controllers running any of these operating systems, any edition, with or without any Service Packs:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

NOTE: The supported domain functional level is Windows Server 2008 R2 or higher.

Exchange Server

Active Roles is capable of managing Exchange recipients on:

  • Microsoft Exchange Server 2019

  • Microsoft Exchange Server 2016

Table 17: Web Interface requirements
Requirement

Details

Internet Services

Active Roles Web Interface requires the Web Server (IIS) server role with the following role services:

  • Web Server/Common HTTP Features/

    • Default Document

    • HTTP Errors

    • Static Content

    • HTTP Redirection

  • Web Server/Security/

    • Request Filtering

    • Basic Authentication

    • Windows Authentication

  • Web Server/Application Development/

    • .NET Extensibility

    • ASP

    • ASP.NET

    • ISAPI Extensions

    • ISAPI Filters

  • Management Tools/IIS 6 Management Compatibility/

    • IIS 6 Metabase Compatibility

Feature delegation

Internet Information Services (IIS) must provide Read/Write delegation for the following features:

  • Handler Mappings

  • Modules

To confirm that these features have the Read/Write delegation configured, use the Feature Delegation option of the native Internet Information Services (IIS) Manager tool of the operating system.

.NET Trust Levels

The .NET Trust Level must be set to Full (internal) on every computer where the Web Interface component is installed.

To configure this setting:

  1. In the system-provided Internet Information Services (IIS) Manager tool, under Connections, expand the node of the computer, and navigate to Sites > Default Web Site.

  2. On the Default Web Site Home page, double-click .NET Trust Levels.

  3. Under Trust level, select Full (internal).

NOTE: Setting the .NET Trust Level to any other value will result in a failure when attempting to load any of the configured Active Roles Web Interface sites.

Web browser

You can access Active Roles Web Interface using:

  • Mozilla Firefox 36 (or newer) on Windows.

  • Google Chrome 61 (or newer) on Windows.

  • Microsoft Edge 79 (or newer), based on Chromium on Windows 10.

You can use a later version of Firefox and Google Chrome to access Active Roles Web Interface. However, the Active Roles Web Interface was tested only with the browser versions listed above.

Minimum screen resolution

Active Roles Web Interface is optimized for screen resolutions of 1280x800 or higher.

The minimum supported screen resolution is 1024x768.

Table 18: Console requirements
Requirement

Details

Web browser

Active Roles Console requires Microsoft Edge 79 (or newer), based on Chromium.

Table 19: Management Tools requirements
Requirement

Details

Windows Management Framework

Windows Management Framework 5.1 (available for download) is required on all supported operating systems.

Remote Server Administration Tools (RSAT)

To manage Terminal Services user properties by using Active Roles Management Shell, Active Roles Management Tools requires Remote Server Administration Tools (RSAT) for Active Directory.

For more information on installing the RSAT version applicable to your operating system, see Remote Server Administration Tools (RSAT) for Windows in the Microsoft Windows Server documentation.

Table 20: Synchronization Service requirements
Requirement

Details

Operating system on domain controllers

The product retains all of its features and functions when managing Active Directory on domain controllers running any of these operating systems, any edition, with or without any Service Packs:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

NOTE: The supported domain functional level is Windows Server 2008 R2 or higher.

SQL Server

You can host the Active Roles Synchronization Service database on:

  • Microsoft SQL Server 2022, any edition.

  • Microsoft SQL Server 2019, any edition.

  • Microsoft SQL Server 2017, any edition.

  • Microsoft SQL Server 2016, any edition.

  • Microsoft SQL Server 2014, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack.

  • Azure SQL hosted databases.

Windows Management Framework

Windows Management Framework 5.1 (available for download) is required on all supported operating systems.

Supported connections

Active Roles Synchronization Service can connect to the following data systems:

  • Data sources accessible via an OLE DB provider.

  • Delimited text files.

  • IBM AS/400, IBM Db2, and IBM RACF systems.

  • LDAP directory service.

  • Micro Focus NetIQ Directory systems.

  • The following Microsoft services and resources:

    • Active Directory Domain Services (AD DS) with the domain or forest functional level of Windows Server 2016 or higher.

    • Active Directory Lightweight Directory Services (AD LDS) running on any Windows Server operating system supported by Microsoft.

    • Azure Active Directory (Azure AD) using Microsoft Graph API version 1.0.

    • Exchange Online services.

    • Exchange Server with the following versions:

      • Microsoft Exchange Server 2019

      • Microsoft Exchange Server 2016

    • Lync Server version 2013 with limited support.

    • SharePoint 2019, 2016, or 2013.

    • SharePoint Online service.

    • Skype for Business 2019, 2016 or 2015.

    • Skype for Business Online service.

    • SQL Server, any version supported by Microsoft.

  • One Identity Active Roles version 7.4.3, 7.4.1, 7.3, 7.2, 7.1, 7.0, and 6.9.

  • One Identity Manager version 8.0 and 7.0 (D1IM 7.0).

  • OpenLDAP directory service.

  • Oracle Database, Oracle Database User Accounts, and Oracle Unified Directory data systems.

  • MySQL databases.

  • Salesforce systems.

  • SCIM-based data systems.

  • ServiceNow systems.

Legacy Active Roles ADSI Provider

To connect to Active Roles version 6.9, install the Active Roles ADSI Provider. For more information, see Installing additional components in the Active Roles Installation Guide.

One Identity Manager API

To connect to One Identity Manager 7.0, install One Identity Manager Connector on the computer running Active Roles Synchronization Service. This connector works with the RESTful web service and no SDK installation is required.

Internet connection

To connect to cloud directories or online services, the machine running Active Roles Synchronization Service must have a stable Internet connection.

Table 21: Synchronization Service Capture Agent requirements
Requirement

Details

Operating system

The DCs on which you install Active Roles Synchronization Service Capture Agent must run one of the following operating systems with or without any Service Pack:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

For more information, see the Active Roles Synchronization Service Administration Guide.

Table 22: Language Pack requirements
Requirement

Details

Active Roles version

The Active Roles 8.1.5 SP1 Language Pack requires Active Roles version 8.1.5 SP1 of the Administration Service, Configuration Center, Console, Synchronization Service or the Web Interface installed on the target machine.

The Active Roles 8.1.5 SP1 Language Pack will not work properly with earlier versions of Active Roles.

Operating system

You can install the Active Roles Language Pack on 64-bit operating systems only.

Table 23: Add-on Manager requirements

Requirement

Details

Processor

Any of the following:

  • Intel 64 (EM64T)

  • AMD64

  • CPU speed: 1.0 GHz or faster

Memory

A minimum of 1 GB of RAM.

Hard Disk Space

A minimum of 100 MB of free disk space.

Operating System

Any of the following Windows Server operating systems:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

In addition, you can also install Add-on Manager on a computer running:

  • Microsoft Windows 10, Professional or Enterprise edition, 64-bit (x64)

Active Roles Console

Add-on Manager requires Active Roles 8.1.5 SP1 Console installed.

Microsoft Windows PowerShell

Windows PowerShell 5.1 or later

Web Browser

Microsoft Edge 79 or newer (based on Chromium)

Table 24: Diagnostic Tools requirements

Requirement

Details

Processor

1.0 GHz or faster 32-bit (x86) or 64-bit (x64) CPU.

Memory

NOTE: The amount of RAM required depends on the size of the log file opened with the Log Viewer tool.

A minimum of 1 GB of RAM.

Hard disk space

A minimum of 10 MB of free disk space.

Operating system

Any of the following Windows Server operating systems:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

Table 25: Data Collector and Reporting Pack requirements

Requirement

Details

Processor

Any of the following:

  • Intel x86

  • Intel 64 (EM64T)

  • AMD64

  • CPU speed: 2.0 GHz or faster.

Memory

A minimum of 2 GB of RAM.

Hard disk space

  • 12 MB for the Data Collector and Reporting Pack.

  • 10 GB for the SQL Server Reporting Services.

Operating system

Any of the following Windows Server operating systems:

  • Microsoft Windows Server 2022

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2016

SQL Server and SQL Server Reporting Services

You can host the Active Roles Data Collector and Reporting Pack on the following SQL Server versions:

  • Microsoft SQL Server 2022, any edition.

  • Microsoft SQL Server 2019, any edition.

  • Microsoft SQL Server 2017, any edition.

  • Microsoft SQL Server 2016, any edition.

  • Microsoft SQL Server 2014, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack.

  • Azure SQL hosted databases.

  • Azure SQL hosted databases.

To connect Active Roles to a Microsoft SQL Server deployment, install Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL).

Active Roles ADSI Provider

Active Roles 8.1.5 SP1 Management Tools must be installed.

Deployment requirements on AWS

Before deploying Active Roles 8.1.5 SP1 in Amazon Web Services (AWS) to manage AWS Managed Microsoft AD via AWS Directory Service, ensure that the following prerequisites are met.

Connectivity requirements

You must have:

  • Stable network connectivity to Amazon Web Services (AWS).

  • Port 1433 open and available for the Amazon Relational Database Service (RDS) service.

  • Access to the AWS service with the AWSAdministratorAccess permission.

    NOTE: Make sure that you have AWSAdministratorAccess permission, as it is required for certain configuration steps. The AWSPowerUserAccess permission is not sufficient for completing the entire configuration procedure.

Infrastructure requirements

To deploy and configure Active Roles for AWS Managed Microsoft AD, you must have access to the following AWS services and resources:

  • AWS Managed Microsoft AD deployed via AWS Directory Service.

  • One or more Amazon Elastic Compute Cloud (EC2) instance(s) hosting the Active Roles services and components.

    The EC2 instance(s) must have, at minimum:

    • 2 vCPUs running at 2.0 GHz.

    • 4 GB of RAM.

    TIP: One Identity recommends hosting the main Active Roles services and components (the Active Roles Service and Console, and the Active Roles Web Interface) on separate EC2 instances. If you deploy all Active Roles services and components in a single EC2 instance, use a more powerful instance to ensure a better user experience for the product.

    NOTE: AWS Managed Microsoft AD support was tested with a single t2.large EC2 instance.

  • An Amazon Relational Database Service for SQL Server (RDS for SQL Server).

    NOTE: AWS Managed Microsoft AD support was tested with an RDS instance running the latest version of Microsoft SQL Server.

Make sure that all these components are discoverable or visible to each other.

Product licensing

Use of this software is governed by the Software Transaction Agreement found at https://www.oneidentity.com/legal/sta.aspx. This software does not require an activation or license key to operate.

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택