지금 지원 담당자와 채팅
지원 담당자와 채팅

Active Roles 8.2 - Web Interface User Guide

Getting Started Web Interface Basics Performing Management Tasks
Managing your personal account Managing Active Directory objects Running an automation workflow Managing temporal group memberships Managing Azure AD, Microsoft 365, and Exchange Online objects
Managing cloud-only Azure contacts Managing Hybrid AD users
Creating a new Azure AD user with the Web Interface Viewing or updating the Azure AD user properties with the Web Interface Viewing or modifying the manager of a hybrid Azure user Disabling an Azure AD user Enabling an Azure AD user Deprovisioning of an Azure AD user Undo deprovisioning of an Azure AD user Adding an Azure AD user to a group Removing an Azure AD user from a group View the change history and user activity for an Azure AD user Deleting an Azure AD user with the Web Interface Creating a new hybrid Azure user with the Active Roles Web Interface Converting an on-premises user with an Exchange mailbox to a hybrid Azure user Licensing a hybrid Azure user for an Exchange Online mailbox Viewing or modifying the Exchange Online properties of a hybrid Azure user Creating a new Azure AD user with Management Shell Updating the Azure AD user properties with the Management Shell Viewing the Azure AD user properties with the Management Shell Delete an Azure AD user with the Management Shell Assigning Microsoft 365 licenses to new hybrid users Assigning Microsoft 365 licenses to existing hybrid users Modifying or removing Microsoft 365 licenses assigned to hybrid users Updating Microsoft 365 licenses display names Microsoft 365 roles management for hybrid environment users
Managing Hybrid AD groups Managing Microsoft 365 Groups Managing cloud-only distribution groups Managing cloud-only dynamic distribution groups Managing Azure security groups Managing cloud-only Azure users Managing cloud-only Azure guest users Managing cloud-only Azure contacts Viewing or modifying the Exchange Online properties of a remote mailbox Managing room mailboxes Managing cloud-only shared mailboxes Deleting or changing the remote mailbox of an on-premises user
Managing AD LDS data Managing computer resources Restoring deleted objects
Using Approval workflows

Adding an Azure AD user to a group

You can use the Active Roles Web Interface to add an existing Azure AD user to a group.

To add an Azure AD user to a group

  1. On the Active Roles Web Interface navigation bar, click Directory Management.

  2. On the Views tab in the Browse pane, click Active Directory.

    The list of Active Directory domains is displayed.

  3. Click the specific domain, container or the Organizational Unit, and then the specific user that you want to add to a group.

  4. Select the user and in the Command pane click Member Of.

    The existing Group information for the user is displayed.

  5. To add the user to another group, in the <User> (objects found) wizard, click Add.

  6. In the Select Object wizard, search and select the group to which you want to add the user.

  7. In details pane, right-click the user, and then click Add to a Group.

    The <User> (objects found) wizard displays all the groups to which the account has been added as a member.

If you want to remove an existing Azure AD user from a group, see Removing an Azure AD user from a group.

Removing an Azure AD user from a group

You can use the Active Roles Web Interface to remove an existing Azure AD user from a group.

To remove an Azure AD user from a group

  1. On the Active Roles Web Interface navigation bar, click Directory Management.

  2. On the Views tab in the Browse pane, click Active Directory.

    The list of Active Directory domains is displayed.

  3. Click the specific domain, container or the Organizational Unit, and then the specific user that you want to remove from a group.

  4. Select the user and in the Command pane click Member Of.

    The existing Group information for the user is displayed.

  5. In the <User> (objects found) wizard, select the group from which you want to remove the user and click Remove.

    A message prompts you to confirm the action.

  6. Click Yes to continue.

    The group information is removed from the <User> (objects found) wizard.

If you want to add an existing Azure AD user to a group, see Adding an Azure AD user to a group.

View the change history and user activity for an Azure AD user

You can use the Active Roles Web Interface to view the change history and user activity of an Azure AD user.

To view the change history and user activity of an Azure AD user

  1. On the Active Roles Web Interface navigation bar, click Directory Management.

  2. On the Views tab in the Browse pane, click Active Directory.

    The list of Active Directory domains is displayed.

  3. Click the specific domain, container or the Organizational Unit, and then the specific user.

  4. In the Command pane, click Change History or User Activity.

    • Change History displays the information on changes that were made to the user through Active Roles.

    • User Activity displays information on management actions that were performed by a given user.

    NOTE: Modifying the Exchange Online properties of a hybrid Azure AD user via the Exchange Online Properties action of the Active Roles Web Interface only appears in the Change History of the user within either the Active Directory node or the Azure node of the Views tab, depending on where you modified the Exchange Online properties.

Deleting an Azure AD user with the Web Interface

You can use the Active Roles Web Interface to delete a user for logon to Azure.

Prerequisites

Only Global Admins can delete Azure users with any roles assigned to them.

CAUTION: Hazard of data loss!

Deleting a user is a destructive operation that cannot be undone. A new user with the same name as a deleted user does not automatically get the same permissions and memberships as the deleted account. Because of this, One Identity recommends to disable rather than delete accounts.

To delete an Azure AD user with the Web Interface

  1. On the Active Roles Web Interface navigation bar, click Directory Management.

  2. On the Views tab in the Browse pane, click Active Directory.

    The list of Active Directory domains is displayed.

  3. Click the specific domain, container or the Organizational Unit, and then the specific user that you want to delete.

  4. In the Command pane, click Delete.

    The account is deleted.

Note: In a hybrid environment, the user must be deleted in the on-premises AD first and then the changes must be synchronized with Azure AD. In case, the user is deleted in Azure AD first, the Active Roles Web Interface still displays the Azure properties link for the deleted user but with no information. Further modification of the Azure properties for the deleted user will not be valid.

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택