Chat now with support
Chat with Support

Active Roles 7.5.2 - Administration Guide

Introduction About Active Roles Getting Started Rule-based Administrative Views Role-based Administration
Access Templates as administrative roles Access Template management tasks Examples of use Deployment considerations Windows claims-based Access Rules
Rule-based AutoProvisioning and Deprovisioning
About Policy Objects Policy Object management tasks Policy configuration tasks
Property Generation and Validation User Logon Name Generation Group Membership AutoProvisioning E-mail Alias Generation Exchange Mailbox AutoProvisioning AutoProvisioning for SaaS products OneDrive Provisioning Home Folder AutoProvisioning Script Execution Office 365 and Azure Tenant Selection User Account Deprovisioning Office 365 Licenses Retention Group Membership Removal Exchange Mailbox Deprovisioning Home Folder Deprovisioning User Account Relocation User Account Permanent Deletion Group Object Deprovisioning Group Object Relocation Group Object Permanent Deletion Notification Distribution Report Distribution
Deployment considerations Checking for policy compliance Deprovisioning users or groups Restoring deprovisioned users or groups Container Deletion Prevention policy Picture management rules Policy extensions
Workflows
Understanding workflow Workflow activities overview Configuring a workflow
Creating a workflow definition Configuring workflow start conditions Configuring workflow parameters Adding activities to a workflow Configuring an Approval activity Configuring a Notification activity Configuring a Script activity Configuring an If-Else activity Configuring a Stop/Break activity Configuring an Add Report Section activity Configuring a Search activity Configuring CRUD activities Configuring a Save Object Properties activity Configuring a Modify Requested Changes activity Enabling or disabling an activity Enabling or disabling a workflow Using the initialization script
Example: Approval workflow E-mail based approval Automation workflow Activity extensions
Temporal Group Memberships Group Family Dynamic Groups Active Roles Reporting Management History
Understanding Management History Management History configuration Viewing change history
Workflow activity report sections Policy report items Active Roles internal policy report items
Examining user activity
Entitlement Profile Recycle Bin AD LDS Data Management One Identity Starling Management One Identity Starling Two-factor Authentication for Active Roles Managing One Identity Starling Connect Azure AD, Office 365, and Exchange Online management
Configuring Active Roles to manage hybrid AD objects Managing Hybrid AD Users Unified provisioning policy for Azure O365 Tenant Selection, Office 365 License Selection, and Office 365 Roles Selection, and OneDrive provisioning Office 365 roles management for hybrid environment users Managing Office 365 Contacts Managing Hybrid AD Groups Managing Office 365 Groups Managing Azure Security Groups Managing cloud-only Azure users Managing cloud-only Azure guest users Managing cloud-only Azure contacts Changes to Active Roles policies for cloud-only Azure objects Managing room mailboxes
Managing Configuration of Active Roles
Connecting to the Administration Service Adding and removing managed domains Using unmanaged domains Evaluating product usage Creating and using virtual attributes Examining client sessions Monitoring performance Customizing the console Using Configuration Center Changing the Active Roles Admin account Enabling or disabling diagnostic logs Active Roles Log Viewer
SQL Server Replication Appendix A: Using regular expressions Appendix B: Administrative Template Appendix C: Communication ports Appendix D: Active Roles and supported Azure environments Appendix E: Enabling Federated Authentication Appendix F: Active Roles integration with other One Identity and Quest products Appendix G: Active Roles integration with Duo Appendix H: Active Roles integration with Okta

Assign Office 365 licenses to existing

Assign Office 365 licenses to existing hybrid users

To assign Office 365 license to existing hybrid users

  1. On the Active Roles Web interface Navigation bar, click Directory Management.
  2. On the Views tab in the Browse pane, click Active Directory.

    The list of Active Directory domains is displayed.

  1. Click the specific domain, Container or the Organizational Unit, and then select the check-box corresponding to the specific user for which you want to view or update the properties.
  2. In the Command pane, click Azure properties.

    The Azure Propertiesdialog box for the user is displayed.

  1. In the Azure Properties dialog box, click Settings.
  2. If the usage location is not entered in the Usage Location field, enter the two-letter location code of the location where the product will be used, and click Save.

 

NOTE: The Usage Location field is a mandatory field. The licenses cannot be assigned to the user if the product usage location information is not available. The local rules and regulations for usage of the product and services may vary based on the location.

Alternatively, if the product usage location is entered for the user earlier, navigate to the Licenses wizard to assign the Office 365 license to the user.

  1. Re-open the Azure Properties dialog box for the user, and click Licenses.

    The Licenses wizard displays the Office 365 licenses, for example Office 365 Business Essentials and Business Premium licenses, that are available for assigning to the user.

  1. Select the check box corresponding to the license that is to be assigned to the user.
  2. Click the drop-down arrow corresponding to the selected license to view the products included in the license.

    By default, all the products are enabled for the user.

  1. De-select the check boxes corresponding to the products in the license that are to be disabled for the user.
  2. Click Save.

Modify or remove Office 365 licenses

Modify or remove Office 365 licenses assigned to hybrid users

To modify or remove the Office 365 license assigned to existing hybrid users

  1. On the Active Roles Web interface Navigation bar, click Directory Management.
  2. On the Views tab in the Browse pane, click Active Directory.

    The list of Active Directory domains is displayed.

  1. Click the specific domain, Container or the Organizational Unit, and then select the check-box corresponding to the specific user for which you want to view or update the properties.
  2. In the Command pane, click Azure properties.
  3. In the Azure Properties dialog box, click Licenses.

    The Licenses wizard displays the Office 365 licenses, for example Office 365 Business Essentials and Business Premium licenses, that are available and assigned to the user.

  1. Click the drop-down arrow corresponding to the available licenses.

    The products that are included and assigned to the user in the license are displayed.

  1. Select or de-select the check box corresponding to the product included in the license that needs to be enabled or removed for the user.
  2. Click Save.

NOTE:

  • When a user is de-provisioned or deleted, all the licenses that were assigned to the user are removed and can be assigned to other hybrid users.
  • On performing an undo-deprovision operation on a hybrid user, the license assignment gets restored to the user on successful completion of the operation.
  • For information on Azure AD user De-provisioning policy for Office 365 licenses management see the Office 365 Licenses Retention section in the Active Roles Administration Guide.

Update Office 365 licenses display names

To update the names of the licenses displayed on Azure properties -> Licenses page of a hybrid user

  1. On the system running the Active roles Service, go to ..\One Identity\Active Roles\7.5.2\Service\AzureLicenses.xml..
  2. Open the xml file and edit the required SKU with the new license display name.

NOTE: If the xml file with Azure licenses is not available or is not well formed, then the default SKUs as derived from Azure Graph APIs are displayed on the Azure properties | Licenses page for the Azure AD user.

    The updated licenses display names can be viewed on the user's Azure Properties| Licenses wizard.

Unified provisioning policy for Azure O365 Tenant Selection, Office 365 License Selection, and Office 365 Roles Selection, and OneDrive provisioning

The provisioning policy O365 and Azure Tenant Selection is a unified policy for all O365 user license and user role management as well as OneDrive provisioning for Azure AD users. This O365 management for users is controlled or restricted by creating a new provisioning policy and applying the policy to the Organizational Unit.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating