Chat now with support
Chat with Support

Active Roles 7.4.1 - Release Notes

Synchronization Service

 

Table 5: Synchronization Service requirements

Requirement

Details

Platform

Any of the following:

  • Intel 64 (EM64T)
  • AMD64
  • Processor speed: 2.0 GHz or faster

For best results, a multi-core processor recommended.

Memory

At least 2 GB of RAM. The amount required depends on the number of objects being synchronized.

Hard disk space

250 MB or more of free disk space. If SQL Server and Synchronization Service are installed on the same computer, the amount required depends on the size of the Synchronization Service database.

Operating system

You can install the Synchronization Service on a computer running:

  • Microsoft Windows Server 2019, Standard or Datacenter edition
  • Microsoft Windows Server 2016, Standard or Datacenter edition
  • Microsoft Windows Server 2012 R2, Standard or Datacenter edition
  • Microsoft Windows Server 2012, Standard or Datacenter edition

NOTE: Active Roles is not supported on Windows Server Core mode setup.

Microsoft .NET Framework

Synchronization Service requires Microsoft .NET Framework 4.7.2 (see “Installing the .NET Framework” at http://go.microsoft.com/fwlink/?LinkId=257868).

SQL Server

You can host the Synchronization Service database on:

  • Microsoft SQL Server 2019, any edition
  • Microsoft SQL Server 2017, any edition
  • Microsoft SQL Server 2016, any edition
  • Microsoft SQL Server 2014, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack
  • Microsoft SQL Server 2012, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack

Windows Management Framework

On all supported operating systems, the Synchronization Service requires Windows Management Framework 5.1 (see  “Windows Management Framework 5.1” at

https://www.microsoft.com/en-us/download/details.aspx?id=54616

).

Supported connections

The Synchronization Service can connect to:

  • Microsoft Active Directory Domain Services with the domain or forest functional level of Windows Server 2012 or higher
  • Microsoft Active Directory Lightweight Directory Services running on any Windows Server operating system supported by Microsoft
  • Microsoft Exchange Server version 2019, 2016, 2013, or 2010

    NOTE: Microsoft Exchange 2013 CU11 is no longer supported. Refer KB article 202695.
  • Microsoft Lync Server version 2013 with limited support
  • Microsoft Skype for Business 2019, 2016 or 2015
  • Microsoft Windows Azure Active Directory using the Azure AD Graph API version 1.6.
  • Microsoft Office 365 directory
  • Microsoft Exchange Online service
  • Microsoft Skype for Business Online service
  • Microsoft SharePoint Online service
  • Microsoft SQL Server, any version supported by Microsoft
  • Microsoft SharePoint 2019, 2016, or 2013
  • Active Roles version 7.4, 7.3, 7.2, 7.1, 7.0, and 6.9
  • One Identity Manager version 7.0 (D1IM 7.0)
  • One Identity Manager version 8.0
  • Support for Generic LDAP Connector, MY SQL Connector, Open LDAP Connector, IBM Db2 Connector, Salesforce Connector, Service now Connector, and RACF Connector.
  • Data sources accessible through an OLE DB provider
  • Delimited text files

Legacy Active Roles ADSI Provider

To connect to Active Roles version 6.9, the Active Roles ADSI Provider of the respective version must be installed on the computer running the Synchronization Service. For installation instructions, see the Quick Start Guide for the appropriate Active Roles version.

Azure AD Module for Windows PowerShell Version 2

To connect to the Office 365 directory, the following module must be installed on the computer running the Synchronization Service:

  • Azure Active Directory Module for Windows PowerShell

For installation instructions, see “Install the Azure AD Module” at https://docs.microsoft.com/en-us/powershell/azure/active-directory/install-adv2?view=azureadps-2.0.

Windows PowerShell Module for Skype for Business Online

To connect to the Skype for Business Online service, Windows PowerShell Module for Skype for Business Online must be installed on the computer running the Synchronization Service. For installation instructions, see “Windows PowerShell Module for Skype for Business Online” at http://go.microsoft.com/fwlink/?LinkId=294688.

SharePoint Online Management Shell

To connect to the SharePoint Online service, SharePoint Online Management Shell must be installed on the computer running the Synchronization Service. For installation instructions, see “SharePoint Online Management Shell” at http://go.microsoft.com/fwlink/?LinkId=255251.

One Identity Manager API

To connect to One Identity Manager 7.0, One Identity Manager Connector must be installed on the computer running the Synchronization Service. This connector works with RESTful web service and SDK installation is not required.

Internet Connection

To connect to cloud directories or online services, the computer running the Synchronization Service must have a reliable connection to the Internet.

Synchronization Service Capture Agent

 

Table 6: Synchronization Service Capture Agent

Requirement

Details

Microsoft .NET Framework

Synchronization Service requires Microsoft .NET Framework 4.7.2 (see “Installing the .NET Framework” at http://go.microsoft.com/fwlink/?LinkId=257868).

Additional Requirements

To synchronize passwords from an Active Directory domain to some other connected data system, you must install the Sync Service Capture Agent on all domain controllers in the source Active Directory domain.

The domain controllers on which you install Sync Service Capture Agent must run one of the following operating systems with or without any Service Pack (both x86 and x64 platforms are supported):

  • Microsoft Windows Server 2019
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2012

For more information, see the Active Roles Synchronization Service Administration Guide.

New Features

The new release of Active Roles extends and enhances the capabilities of the product .

Major new features in Active Roles Version 7.4:

  • Additional Hybrid Directory features:

    • Support for Office 365 Group CRUD activities.
    • Support for Office 365 roles and reporting for Office 365 users.
    • Support for Exchange Online Mailbox Properties for Office 365 users in Federated and Synchronized environment.
  • Support for provisioning objects in SaaS products.
  • Separate configuration and management history databases during installation or in-place upgrade, confirming to Microsoft standards and best practices for replication.
  • Support for Azure AD Graph 1.6 for Active Roles Synchronization Services.
  • Use of Group Managed Service Account (gMSA) for Active Roles Service account.
  • Bulk attribute operations for multiple users.
  • Reset the password for multiple users at one time.

  • Solution Intelligence for Active Roles.
  • Log in to MMC interface through 2FA authentication.
  • Support for Transport Layer Security (TLS) 1.2 in Synchronization Service.
  • Support for remote mailbox creation and modification.

    NOTE: The ‘Remote mailbox migration (RemoteMailbox.ps1)’ script has been provided as a sample script only, to illustrate the steps required, and should not be used as-is in a production situation without modification and enhancement. The use of security credentials within a script in clear text should never be considered appropriate or secure. In testing this script, care and consideration should be given to the authentication and use of credentials, and clear text credentials should not be left in the script once testing is complete.

    For more details refer the KB article: https://support.oneidentity.com/kb/310525 .

  • Support for Federated authentication feature.
  • Support to provide product feedback from the Web Interface.

See also Resolved issues.

Enhancements

The following is a list of enhancements implemented in Active Roles Version 7.4.

 

 

Table 7: General enhancements

Enhancement

Issue ID

Support for the multiSubnetFailOver feature of MS SQL Server to maximize internal availability.

90802

Support for Archive Mailbox-Exchange Online functionality.

90758

Workflow enhancements that enable you to add Azure or Office 365 modules in PowerShell and run the Office 365 services such as Skype for Business, Azure AD, Azure RM, AZ, and Sharepoint Powershell scripts within existing Active Roles workflows.

726038

Support to restrict MMC interface access for a user. On installing Active Roles 7.4 on a computer, any user is enabled to log in to the MMC interface. You can now set the Active Roles MMC interface user access using the Active Roles Configuration Center. 90765
Enhancement of SPML operation to get ObjectSid to retrieve the value in the SID format in addition to the base64Binary format. 90764
Support for creation of OneDrive for Azure AD users using OneDrive Provisioning Policy. 90797
Support for configuring secure communication for Active Roles Web interface using Force SSL Redirection. 90768

Support to modify the following Exchange Online properties in Synchronized Identity and Federated environments using the Active Roles Web interface:

  • Archive mailbox
  • Message records management
  • Mail flow settings
90758
Active Roles Sync Service enhancements
  • Support for Microsoft Share Point 2019
  • Support for Microsoft Exchange 2019
  • Support for Microsoft Skype for Business 2019

 

99916

99897

99910

In-place upgrade enhancements 102832
Support for federated authentication 90820

Restructured product documentation for Active Roles. Documentation set now consists of the following guides:

  • Administration Guide

  • Evaluation Guide

  • Feature Guide

  • Predefined Access template guide

  • Quick Start

  • Release Notes

  • Solutions guide

  • Synchronization Service Guide

  • User's Guide

  • Web Interface Admin Guide

  • Web Interface User's Guide

  • Whats New Guide

  • Diagnostics Tools Release Notes

  • How-to Guide

  • Add-on Manager Readme

The following guides from earlier releases are deprecated and the content is made available in the documents available for the current release:

  • Management Pack for SCOM

  • Configuration transfer Wizard Guide
  • Exchange Resource Forest Management Guide
  • Skype for Business Guide
  • SPML Guide
  • Azure AD and Office 365 Administration Guide
  • Replication Guide
  • Product Overview Guide

90791

Support for Transport Layer Security (TLS) 1.2 in Synchronization Service.

127770

Supported Connectors

Support has been added for the following connectors through the Synchronization Service - 124068

Table 8: New connectors and supported versions
Connectors Supported version

Generic LDAP Connector

Version 3

MY SQL Connector

MySQL database hosted on MySQL Community Server MySQL 8.0.12

Open LDAP Connector

Version 3

IBM DB2 Connector

IBM Db2 11.5 Edition for Windows

Salesforce Connector

Internet access to the data system you want to participate in data synchronization operations

Service now Connector

Internet access to the data system you want to participate in data synchronization operations

RACF Connector

Version 1.13 or later. Optionally with LDAPX exit version 2.10 or later

NOTE:For information on the new connectors added to the Synchronization Service, please refer to the Quick Connect guides for Cloud Systems, Base systems, and RACF connector are available with the Active Roles product documentation. The Quick Connect branding style is retained for the Quick Connect guides available in the ARS 7.4 release.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating