The Active Roles Administration Guide is designed for individuals who are responsible for creating and maintaining Active Roles’ administrative structure. This document provides conceptual information about the product, and includes instructions for deploying a secure, distributed administrative structure that combines administrative policy enforcement, role-based delegation of administration, and flexible administrative views.
This guide also provides information for performing administrative tasks using the Active Roles web interface for Azure Active Directory and Office 365. The document includes instructions to help delegated administrators and help-desk operators perform day-today Azure AD administrative activities.
Active Roles facilitates administrators to configure and monitor Active Roles replication using Microsoft SQL Server tools. This guide details the SQL Server agents used during replication, accounts and logins used to access SQL Server, and strategies for monitoring and troubleshooting replication.
The Active Roles Administration Guide is supplemented with the Active Roles User Guide that provides information about the Active Roles console user interface, and includes instructions to help delegated administrators perform day-to-day administrative activities using the Active Roles console.
Active Roles (formerly known as ActiveRoles®), delivers a reliable, policy-based administration and provisioning solution, allowing enterprises to fully benefit from Active Directory and Microsoft Exchange deployment.
One of the most valuable features of the product is the ability to automate provisioning tasks on directory objects in compliance with corporate administrative policies in corporate Active Directory and Exchange environments.
Active Roles provides consistent enforcement of corporate policies, a role-based administrative model, and flexible, rule-based administrative views, creating a reliable and secure environment for distributed administration and account provisioning.
|NOTE: For information on the Active Roles 7.4 features see the Active Roles What's New Guide.|
Active Roles (formerly known as ActiveRoles®) provides out-of-the-box user and group account management, strictly enforced administrator-based role security, day-to-day identity administration and built-in auditing and reporting for Active Directory and Azure Active Directory (AD) environments. The following features and capabilities make Active Roles a practical solution for secure management of objects in Active Directory and Active Directory-joined systems:
Active Roles also automates the process of reassigning and removing user access rights in AD and AD-joined systems (including user and group de-provisioning) to ensure an efficient and secure administrative process over the user and group lifetimes. When a user’s access needs to be changed or removed, updates are made automatically in Active Directory, Azure AD, Exchange, Exchange Online, SharePoint, Skype for Business, and Windows, as well as any AD-joined systems such as Unix, Linux, and Mac OS X.
Figure 1: Active Roles Components
The presentation components include client interfaces for the Windows platform and the Web, which allow regular users to perform a precisely defined set of administrative activities. The reporting solution facilitates automated generation of reports on management activities.
The service components constitute a secure layer between administrators and managed data sources. This layer ensures consistent policy enforcement, provides advanced automation capabilities, and enables the integration of business processes for administration of Active Directory, Microsoft Exchange, and other corporate data sources.
On a very high level, the Active Roles components work together as follows to manipulate directory data:
Let us examine the three component layers.