One Identity Active Roles 7.2
One Identity Active Roles 7.2
Active Roles Release Notes
These release notes provide information about the One Identity Active Roles release.
About this release
About One Identity Active Roles 7.2
|NOTE: If you are currently utilizing the Office 365 Add-on, uninstall the add-on before performing the Active Roles upgrade to version 7.2. For more information regarding the changes to Office 365 support see Impact on Office 365 add-on.|
Before proceeding with the upgrade ensure to perform a database backup.
Active Roles provides out-of-the-box user and group account management, strictly enforced administrator-based role security, day-to-day identity administration and built-in auditing and reporting for Active Directory and Azure Active Directory (AD) environments. The following features and capabilities make Active Roles a practical solution for secure management of objects in Active Directory and Active Directory-joined systems:
- Secure access Acts as a virtual firewall around Active Directory, enabling you to control access through delegation using a least privilege model. Based on defined administrative policies and associated permissions generates and strictly enforces access rules, eliminating the errors and inconsistencies common with native approaches to AD management. Plus, robust and personalized approval procedures establish an IT process and oversight consistent with business requirements, with responsibility chains that complement the automated management of directory data.
- Automate object creation Automates a wide variety of tasks, including:
- Creating user, groups, and contacts in Active Directory and Azure AD
- Creating mailboxes on Exchange Server and assigning licenses in Office 365
- Managing on-premise Exchange and Exchange Online properties
Active Roles also automates the process of reassigning and removing user access rights in AD and AD-joined systems (including user and group de-provisioning) to ensure an efficient and secure administrative process over the user and group lifetimes. When a user’s access needs to be changed or removed, updates are made automatically in Active Directory, Azure AD, Exchange, Exchange Online, SharePoint, Skype for Business, and Windows, as well as any AD-joined systems such as Unix, Linux, and Mac OS X.
- Day-to-day directory management Simplifies management of:
- Exchange recipients, including mailbox assignment, creation, movement, deletion, permissions, and distribution list management
- Computers, including shares, printers, local users and groups
- Active Directory, Azure AD, Exchange Online and AD LDS
Active Roles also includes intuitive interfaces for improving day-to-day administration and help desk operations via both an MMC snap-in and a Web interface.
- Manage users, groups, and contacts in a hosted environment Provides Synchronization Service to operate in hosted environments where accounts from client AD domains are synchronized with host domains. Active Roles enables user, group, and contact management from the client domain to the hosted domain, while also synchronizing attributes and passwords.
- Consolidate management points through integration Complements your existing technology and identity and access management strategy. Simplifies and consolidates management points by ensuring easy integration with many One Identity products and Quest products, including One Identity Manager, Privileged Password Manager, Authentication Services, Defender, Password Manager, ChangeAuditor, and GPO Admin. Active Roles also automates and extends the capabilities of PowerShell, ADSI, SPML and customizable Web interfaces.
Active Roles 7.2 is a major release, with new features and functionality. See New features for details.
Active Roles 7.2 introduces the following changes to system requirements from those for Active Roles 6.9.0:
- Active Roles can no longer be installed on Window Server 2008. Windows Server 2008 R2 SP1 or a later version of the Windows Server operating system is required to run the Administration Service or Web Interface.
- Microsoft SQL Server 2005 can no longer be used to host Active Roles databases. The following SQL Server versions are supported: Microsoft SQL Server 2008, 2008 R2, 2012, 2014, and 2016.
- You can use Configuration Center to import Active Roles databases from SQL Server 2005 to a later SQL Server version. For details, see “Upgrading the Administration Service” in the Active Roles Quick Start Guide.
- Management of Exchange recipients on Exchange Server 2003 and 2007 are no longer available. You can use Active Roles to manage Exchange recipients on Exchange Server 2010 or 2013.
- To manage Exchange recipients on Exchange Server 2010, Active Roles no longer requires the Exchange 2010 Management Tools on the computer running the Administration Service.
- Internet Explorer 7, 8, 9, and 10 are no longer supported for the Web Interface access. You can use the following Web browsers to access the Web Interface: Internet Explorer 11; Google Chrome; Mozilla Firefox; Microsoft Edge on Windows 10.
- Web Interface is optimized for screen resolutions of 1280 x 800 or higher. The minimum supported screen resolution is 1024 x 768.
- Active Roles console requires Internet Explorer 11.
See also System requirements.
Before installing Active Roles 7.2, ensure that your system meets the following minimum hardware and software requirements.
Active Roles includes the following components:
This section lists the hardware and software requirements for installing and running each of these components.