Active Roles 7.5.1 introduces support for Azure AD Security Groups, allowing you to create, read, update or delete Azure AD Security Groups via the Active Roles Web Interface.
-
For more information on Azure AD Security Groups, see Groups in Microsoft 365 and Azure in the official Microsoft 365 documentation.
-
For more information on how to create, modify or delete an Azure AD Security Group, see Managing Azure Security Groups in the Active Roles 7.5.1 Administration Guide.
You can create, manage and delete room mailboxes in the Active Roles Web Interface. Room mailbox is a type of Exchange Online resource mailbox assigned to a physical location, such as a meeting room. Using room mailboxes that an administrator creates, users can reserve rooms by adding room mailboxes to meeting requests.
For more information, see Managing room mailboxes in the Active Roles Administration Guide.
This Active Roles release includes the following enhancements to the existing features:
Enhancements in the 7.5 release
Azure O365 groups received two enhancements:
-
You can now configure dynamic membership rules for new and existing O365 groups in the Active Roles Web Interface, enabling Active Roles to automatically add or remove members based on the configured attribute-based rules.
-
For more information on setting up a new dynamic O365 group, see Creating a new O365 group in the Active Roles 7.5.1 Administration Guide.
-
For more information on modifying an existing O365 group to dynamic membership, see Viewing or modifying an O365 group in the Active Roles 7.5.1 Administration Guide.
-
You can now view the change history of existing O365 groups in the Active Roles Web Interface. For more information, see Viewing the change history of an O365 group in the Active Roles7.5.1 Administration Guide.
In the Active Roles Web Interface, in Settings, you can now enable Show objects owned by inheritance or secondary ownership. Selecting this check box allows Self-Administration Web Interface users to view objects in My Managed Resources even if the user is not assigned to the objects as the primary owner (manager), but as a secondary or inherited owner.
Previously, administrators had to select this check box every time the Web Interface home page displayed to make My Managed Resources appear for users with secondary or inherited ownership, but now once it is selected, it remains the default setting.
Enhancements in the 7.4.4 release
The Enable SQL auto shrink option in the Connection to Database > Advanced Database Properties page of the Configure Administration Service wizard is now disabled by default, as enabling it may result in performance issues. For more information, see Recommendations and guidelines for setting the AUTO_SHRINK database option in SQL Server in the official Microsoft SQL Server 2008 Enterprise documentation.
Enhancements in the 7.4.3 release
-
New Builtin workflows and scripts are provided for Create Office 365 shared mailbox and Enabling Azure Roles . Initial template scripts are available under script modules that can be configured as per the user requirement for running the workflows.
-
Active Roles now gives provision to Edit or Update exchange or extension properties of the Master account even in the absence of the corresponding shadow account in the Exchange Forest.
-
In-place upgrade and import database process is enhanced with additional configurable option to copy database users, permissions, SQL logins, and roles from the old SQL database to a new database. For more details refer Upgrade section in Active Roles Quick Start Guide.
-
Active Roles now give precedence to Fine-Grained policy over Domain policy while evaluating the User account and password information. The User account information and Account Policies are displayed based on the Fine-Grained policy applied on the container.
-
Active Roles Configuration provides a new setting for enabling or disabling auto-shrink on SQL databases when configuring a new Configuration Database or Management History Database. The new Enable SQL auto shrink option is available in the Connection to Database > Advanced Database Properties page of the Configure Administration Service wizard.
-
Active Roles now allow to use the substitute attribute mail as optional in ERFM policy so that we set different mail ids for master and shadow account.
-
Support for new connectors through Synchronization Service:
-
Oracle Unified Directory Connector
-
Oracle Database User Accounts Connector
-
Oracle Database Connector
-
Micro Focus NetIQ Directory Connector
- IBM AS/400 Connector
For details on the new connectors refer Active Roles Synchronization Service Administration Guide.
-
Supports installation of Synchronization Service Management Shell component individually via command prompt. For more details refer How to install Synchronization Service Management Shell in Active Roles Synchronization Service Administration Guide.
-
Builtin Azure policy is enhanced with the additional provisioning of the attribute edsvaAzureOffice365Enabled. This will automatically assign the attribute edsvaAzureOffice365Enabled on the OU on which the Azure policy is applied instead of manual assignment as done in earlier versions of Active Roles.
-
Active Roles now provides support for Modern Authentication while communicating with Exchange Online from the service. The feature now gives the user option to configure Basic or Modern Authentication. By default, Modern Authentication is enabled in Active Roles Synchronization Service and administrators must enable Basic authentication manually.
-
Optimized policy evaluation for Azure license management, Office 365 roles management.
Table 1: New connectors and supported versions
Oracle Database Connector |
The computer running Synchronization Service must have the following software installed:
- Oracle Database version 19C.
|
Oracle Database User Accounts Connector |
The computer running Synchronization Service must have the following software installed:
- Oracle Database User Accounts version 19.3.
|
Micro Focus NetIQ Directory Connector |
Version 9.2 |
Oracle Unified Directory Connector |
Version 12.2.1.3 |
IBM AS/400 |
Version 7 r1 |
Enhancements in the 7.4.1 release
Table 2: New connectors and supported versions
Generic LDAP Connector
|
Version 3 |
MY SQL Connector |
MySQL database hosted on MySQL Community Server MySQL 8.0.12 |
Open LDAP Connector |
Version 3 |
IBM Db2 Connector |
IBM Db2 11.5 Edition for Windows |
Salesforce Connector |
Internet access to the data system you want to participate in data synchron-ization operations |
Service now Connector |
Internet access to the data system you want to participate in data synchron-ization operations |
IBM RACF Connector |
Version 1.13 or later. Optionally with LDAPX exit version 2.10 or later |
The upgrade process of the Administration Service has impact on the following:
- Replication
- Custom Solutions
- Unmanaged domains
- Add-on components
- Management history data