Chat now with support
Chat with Support

Active Roles 8.0.1 LTS - Feature Guide

Introduction Administrative rules and roles Using Active Roles Configuring and administering Active Roles FIPS compliance LSA protection support

Active Roles Log Viewer

The Active Roles Log Viewer tool allows you to browse and analyze:

  • Diagnostic log files created by the Active Roles Administration Service.

  • Event log files created by saving the Active Roles event logs in the Windows Event Viewer on the computer running the Administration Service.

The Log Viewer tool can help you to:

  • Check the sequence or hierarchy of requests processed by the Administration Service.

  • Identify error conditions that the Administration Service encountered during request processing.

  • Find Knowledge Base (KB) Articles for specific log messages and errors.

You can open Active Roles diagnostic log files (ds.log) or saved event log files (*.evtx) with the Log Viewer tool, allowing you to check:

  • The errors encountered by the Administration Service and recorded in the log file.

  • Requests processed by the Administration Service and traced in the log file.

  • All trace records found in the diagnostic log file.

  • All events found in the event log file.

When you select an error from the list, you can also look for applicable One Identity KB Articles to learn more about the log entry or troubleshoot selected errors.

In addition, the Active Roles Log Viewer tool also allows you to:

  • Search in the loaded log file for a particular text string, such as an error message.

  • Filter the list by various conditions to narrow the listed items to those you are actually interested in.

  • View detailed information about each list item, such as error details, request details or stack trace.

Getting started

To start using Active Roles Log Viewer, see the following resources:

  • For more information on how to install Active Roles Log Viewer, see Steps to install Diagnostic Tools in the Active Roles Quick Start Guide.

  • For more information on using Active Roles Log Viewer, see Using the Log Viewer tool in the Active Roles Administration Guide.

Voluntary threshold for managed object count

By default, Active Roles does not limit the number of managed objects you can manage. However, as the license fee is based on the managed object count, you may need to verify that the object count stays under a certain threshold. To do so, you must specify a threshold value for the number of managed objects.

Once you configure this voluntary threshold, the scheduled task that counts the managed objects will raise an alert whenever it detects that the current number of managed objects exceeds the configured threshold value. Active Roles will indicate this alert in the Product Usage Statistics page of the Active Roles Console, and can also send a notification over email.

Getting started

For more information on how to configure the threshold, see Voluntary thresholds for the managed object count in the Active Roles Administration Guide.

Installation label

To identify your Active Roles installation in the Managed Object Statistics report, you can set a label for your deployment in the Active Roles Console.

This is useful, for example, if you have several Active Roles deployments installed in your organization (for example, separate pilot, non-production and production environments) and you want to easily distinguish them visually.

Once configured, the installation label appears in the title of the Managed Object Statistics report.

Getting started

For more information on how to configure an installation label for Active Roles, see Installation label in the Active Roles Administration Guide.

Safe mode

Active Roles provides a troubleshooting mode called "Safe mode" that starts Administration Service in a limited state.

When you enable Safe mode, Administration Service:

  • Disregards all custom policies, workflows, scripts, scheduled tasks and other custom-made assets that may prevent Active Roles from starting and operating normally.

  • Rejects connections from any users that do not have Active Roles Admin privileges.

While Safe mode is active, only Active Roles Admins can connect to Administration Service, so that they can troubleshoot problems by changing the existing Active Roles configuration or removing any customizations that could cause issues. Once troubleshooting is finished, Active Roles Admins can also turn off Safe mode and resume normal Active Roles operation.

Getting started

You can enable Safe mode from the Active Roles Management Shell.

To enable or disable Safe mode

  1. On the computer running the Active Roles Administration Service, log in with a user account that has administrator rights on the computer.

    NOTE: You can enable or disable Safe mode only with a user account that has local administrator rights on the computer running Administration Service.

  2. Start the Active Roles Management Shell from the Windows Start menu or the Apps page of the operating system.

  3. To enable safe mode, enter the following commands in the Management Shell command-line interface:

    Set-ARService -SafeModeEnabled $true

    Restart-ARService

  4. To enable safe mode, enter the following commands in the Management Shell command-line interface:

    Set-ARService -SafeModeEnabled $false

    Restart-ARService

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating