Active Roles 7.3.1 - Whats New

Enhancements

Enhancements

Active Roles 7.3 Release includes the following enhancements to some of the existing features:

  • Display of the number of members including the indirect members and pending members in the group on the Active Roles Web interface.
  • SPML Extension Enhancement to Modify Shared Mailbox User permissions.
  • Active Roles Back Sync Improvements: The Azure Backsync Configuration feature allows you to configure the backsync operation in Azure with on-premises Active Directory objects through the Synchronization Service Web interface. The required connections, mappings, and sync workflow steps are created automatically.
  • Password generation policy enhancement
    • Revamped Password Generation Script module from VB Script to PowerShell module.
    • Inclusion of mandatory use of special characters in every password.

    • Provision to configure password length .

    NOTE: During Active Roles upgrade, the new Password Generation script in PowerShell is set as the default script. However, the VB script that was used earlier is still retained in the same container.
  • Active Roles Sync Service enhancements
    • Support for Microsoft Share Point 2016
    • Support for Microsoft Exchange 2016
    • Support for Microsoft SQL Server 2017
    • Support for Windows PowerShell version 5.1
  • Web interface security enhancements: Any Web interface is prone to security issues such as Cross-Site Request Forgery (CSRF) and Cross-site Scripting (XSS ) attacks. To prevent and protect against such attacks Active Roles can now be configured to enable CSRF and XSS for the Web interface.

    For more information on the Web interface security enhancements see the Active Roles Web Administration Guide.

  • Active Roles now provides enhanced Web interface accessibility for disabled users. However, these settings are not available by default.

    To enable these settings that provide enhanced Web interface accessibility, perform the below configuration:

    1. In the right pane, click Configuration Editor.
    2. In the Section drop-down, select <appSettings>, and open the Collection Editor.
    3. Set the key508compliance value to 1, and apply the changes.
    4. Open the IIS Manager, expand the default website, and click the Active Roles Application (Default is ARWebAdmin).
    5. Restart IIS.

Upgrade issues

Upgrade issues

Impact on Active Roles replication

The upgrade process of the Administration Service does not preserve the replication settings. An upgrade can only be performed if the Administration Service is not configured for replication. Before upgrading the Administration Service, you should ensure that its database server is not configured as a Subscriber or Publisher. Replication for the new Administration Service needs to be configured after the upgrade.

Impact_on_custom_solutio

Impact on custom solutions

An upgrade of Active Roles components may affect custom solutions that build upon the functions of Active Roles. Custom solutions (such as scripts or other modifications) that work fine with the earlier version of Active Roles may cease to work after the upgrade. Prior to attempting an upgrade, test the existing solutions with the new version of Active Roles in a lab environment to verify that the solutions continue to work. For any compatibility issues arising during the test process, contact One Identity Software Professional Services for paid assistance with those solutions.

Impact_on_unmanaged_doma

Impact on unmanaged domains

Upgrade of the Administration Service converts unmanaged domains to regular managed domains. If you have any domains registered as unmanaged domains with Active Roles version 6.8 or earlier, then, after the upgrade, you will need to make them unmanaged by applying the built-in Policy Object Exclude from Managed Scope. For further information and instructions, see “Configuring an unmanaged domain” in the Active Roles Administration Guide.

Related Documents