Active Roles is an administrative platform that facilitates administration and provisioning for Active Directory, Exchange, and Azure Active Directory (Azure AD) in a hybrid environment. Active Roles enables the organization to manage through the web interface and to develop a flexible administrative structure that suits their needs, while ensuring secure delegation of tasks, reduced workloads, and lower costs.
Active Roles enables synchronization of the on-premises Active Directory objects to the Azure AD.
This guide is designed for individuals responsible for performing administrative tasks using the Active Roles web interface for Azure Active Directory and Office 365. The document includes instructions to help delegated administrators and help-desk operators perform day-today Azure AD administrative activities.
|
NOTE: Azure AD related operations are supported only on Active Roles web interface with sites for Administrators template. Some of the operations are also supported through the Management Shell. This guide provides detailed information on the Azure AD operations. |
When a user signs up for a Microsoft cloud service such as Azure Active Directory, details about the user’s organization and the organization’s Internet domain name registration are provided to Microsoft. This information is then used to create a new Azure AD instance for the organization. The same directory is used to authenticate sign in attempts when you subscribe to multiple Microsoft cloud services.
The Azure AD instance of the organization, also called the Azure AD tenant, stores the users, groups, applications, and other information pertaining to an organization and its security. To access the Azure AD tenant, we need an application that is registered with the tenant. Active Roles uses this application, also called the Azure AD application, to communicate to Azure AD tenant after providing the required consent.
The Active Roles Web Interface and Management Shell can be used to perform the Azure AD configuration tasks. The new feature in Active Roles enables you to add or modify existing tenants and applications to the management scope through the web interface and Management Shell.
|
NOTE: Administrative users or users with sufficient privileges only can view Azure configuration. |
The following section guides you through the Active Roles web interface and Management Shell to configure Azure AD tenants and applications and synchronize existing AD objects to Azure AD.
Active Roles Web interface enables you to perform the following configuration tasks to manage Hybrid AD:
You can use the Active Roles Web Interface to add an Azure AD tenant.
|
NOTE: Currently, Active Roles supports single Azure AD tenant model. Make sure to add only one tenant with correct Azure AD related details. |
To add an Azure AD tenant
|
NOTE:
|
The Azure AD Tenant Type properties wizard is displayed with the following types of domains:
The newly added Azure AD tenant is displayed in the Azure Tenants list.
|
NOTE: If the Tenant type is selected as Federated Domain or Synchronization Identity domain, the Azure properties fields on Azure properties wizard of the Azure User, Group, or Contacts that are created are greyed out and cannot be edited. |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy