Chat now with support
Chat with Support

Active Roles On Demand Hosted - What's New


Active Roles (formerly known as ActiveRoles®) simplifies and streamlines creation and ongoing management of user accounts, groups, and contacts in Windows Active Directory (AD) and Azure Active Directory environments.

Active roles automates:

  • Creating user, groups, and contacts in Active Directory and Azure AD
  • Creating and managing Office 365 groups
  • Managing Office 365 roles for hybrid users
  • Creating mailboxes on Exchange Server and assigning licenses in Office 365
  • Managing on-premise Exchange and Exchange Online properties
  • Creating Remote Mailbox for hybrid users
  • Provisioning OneDrive for hybrid users
  • Provisioning users in Starling Connectors

  • Support for Federated Authentication
  • Support to configure Web Interface for secure communication
  • Support to provide product feedback from the Web Interface

It provides strictly enforced security, rich capabilities for automating directory management tasks, change approval and easy-to-use Web interfaces, to achieve practical user and group account management for the Windows enterprise.

Active Roles also facilitates administration and provisioning for Active Directory, Exchange, and Azure Active Directory (Azure AD) in a hybrid environment.

Active Roles supports connecting to One Identity Starling and accessing Starling Services such as Two-factor Authentication, Starling Connect, and Identity Analytics and Risk Intelligence.

Key new features

The new release of Active Roles extends and enhances the capabilities of the product with the following changes.

Major new features in Active Roles Version 7.5:

Major new features in Active Roles Version 7.4.5:

Major new features in Active Roles Version 7.4.4:

  • Support for Azure SQL database.
  • Support for cloud-only Azure objects (Azure Users, Azure Guest Users, Azure Contacts).

Major new features in Active Roles Version 7.4.3:

  • Support for multiple Azure tenants.
  • Support for Modern Authentication.

Major new features in Active Roles Version 7.4.1:

  • Additional Hybrid Directory features:

    • Support for Office 365 Group CRUD activities.
    • Support for Office 365 roles and reporting for Office 365 users.
  • Support for provisioning objects in SaaS products through Starling Connect.
  • Separate configuration and management history databases during installation or in-place upgrade, confirming to Microsoft standards and best practices for replication.
  • Support for Azure AD Graph 1.6 for Active Roles Synchronization Services.
  • Use of Group Managed Service Account (gMSA) for Active Roles Service account.
  • Bulk attribute operations for multiple users.
  • Reset the password for multiple users at one time.

  • Solution Intelligence for Active Roles.
  • Log in to MMC interface through 2FA authentication.
  • Support for Federated authentication feature.
  • Support to provide product feedback from the Web Interface

Major enhancements Active Roles Version 7.4:

  • New built-in workflow and script added for the following

    • Create Office 365 shared mailbox

    • Enabling Azure Roles

  • Edit or update exchange or extension properties of the Master account even in the absence of the corresponding shadow account in the Exchange Forest.

  • Automate the process of copying the database users, permissions, SQL logins, and roles from the old SQL database to a new database during the in-place upgrade and import database.

  • In Active Roles, the Fine-Grained policy takes precedence over Domain policy in evaluating the User account and password information. The User account information and Account Policies are displayed based on the Fine-Grained policy applied on the container.

  • Auto-shrink option can be customized for new Active Roles database (configuration and management history) during the configuration of Active Roles.

  • In ERFM policy, the substitute attribute, mail can now be used optionally instead of using it as a hard-coded attribute.

  • Support for new connectors through Synchronization Service. For more information, refer Enhancements.

  • Supports installation of Synchronization Service Management Shell component individually via command prompt. For more details refer How to install Synchronization Service Management Shell in Synchronization Service Admin Guide

  • Builtin Azure policy is enhanced with the additional provisioning of the attribute edsvaAzureOffice365Enabled.

  • Support for Modern Authentication while communicating with Exchange Online from Active Roles service.

  • Optimized policy evaluation for license management, Office 365 roles management.

  • Support for the multiSubnetFailOver feature of MS SQL Server to maximize internal availability.

  • Support for the Security Identity Mappings functionality as available in Active Directory Users and Computers (ADUC) Snap-in.

  • Workflow enhancements that enable you to add Azure or Office 365 modules in PowerShell and run the Office 365 services such as Skype for Business, Azure AD, Azure RM, AZ, and Sharepoint Powershell scripts within existing Active Roles workflows.

  • Restrict MMC interface access to users, by enabling the MMC Interface access settings using the Configuration Center. By default, on installing Active Roles, all users are enabled to log in to the MMC interface. You can now enable the MMC interface access setting to restrict users from accessing the MMC interface.

  • Enhancement of SPML operation to get ObjectSid to retrieve the value in the SID format along with the base64Binary format.

  • Creation of OneDrive for Azure AD users using OneDrive Provisioning Policy.
  • Configuring secure communication for Active Roles Web Interface using Force SSL Redirection.

  • Support to modify the following Exchange Online properties in Synchronized Identity and Federated environments using the Active Roles Web interface:
    • Mail Flow Settings properties: Message Size Restrictions and Delivery Options

    • Mailbox Feature properties: Exchange ActiveSync, Outlook Web App, MAPI, IMAP, POP3, and Archive

    • Delegation: Send As, Full Access

    • Mail Settings: Messaging records Management

  • Creation of Remote Mailbox for hybrid users
  • Support for Federated Authentication.
  • Support for new connectors through Synchronization Service. For more information, refer Enhancements topics.
  • Restructured product documentation that consolidates content in lesser number of documents.

    For more information, see Enhancements topic.

Additional Hybrid Directory features

Active Roles supports the following additional features for hybrid directory support:

  • Support for Office 365 Group CRUD activities.

  • Support for Office 365 roles and reporting for Office 365 users.


Office 365 Group CRUD activities

Active Roles provides the facility to perform administrative tasks such as create, read, update, and delete groups in Office 365 through the web interface. You can also perform other operations such as add and remove members to Office 365 groups. Some of the group operations can be performed using the Management Shell in addition to the web interface. For more information on managing Office 365 groups using the Active Roles web interface and Management Shell, see the following sections in the latest Active Roles Administration Guide.

  • Office 365 Group management tasks using the Web interface
  • Office 365 Group management tasks using Management Shell interface


Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating