The Active Roles Setup wizard facilitates the evaluation, deployment, upgrade and configuration of Active Roles. The key highlights of the wizard include the following:
-
Unified setup process: Active Roles is shipped with a single wizard for installing all core product components, including the Administration Service, the Web Interface, and the Console (also known as the MMC Interface).
-
Configuration Center: After installation, Active Roles launches the Configuration Center, an application that you can use to perform the core configuration tasks after installation, or to finish upgrading Active Roles. As such, the Configuration Center lets you configure Administration Service instances and deploy Web Interface sites. For more information on the Configuration Center, see Active Roles Configuration Center.
-
Side-by-side deployment: The Active Roles Setup allows you to deploy new Active Roles versions side-by-side on the same computers with Active Roles 6.9. This allows you to use the same hardware and infrastructure to run newer versions of Active Roles while also keeping Active Roles 6.9 deployed for your business needs.
|
|
CAUTION: Upgrading from Active Roles 6.9 to a newer version is only meant to be a temporary solution, as the side-by-side installation of two different Active Roles versions can have a negative impact on the environment.
Different versions of Active Roles are not supported in the same Active Directory domain. Different versions of Active Roles servers in the same AD domain will cause issues with dynamic groups, policies, workflows, or custom scripts, and can also cause conflicts in product functionality.
When upgrading Active Roles to a later version, One Identity recommends to upgrade all servers running Active Roles components to the same version to be in a supported configuration.
For more information, see Knowledge Base Article 4307177. |
NOTE: To avoid potential conflicts with Active Roles 6.9, newer versions of the product use a different name for the Windows service of the Administration Service and for the default Web Interface sites.
-
Separate component installation files: Although the Active Roles Setup allows you to install every major product component at once, the installation *.iso delivers each component (such as the Administration Service, the Web Interface, the Add-on Manager, the , or the Management Shell) in separate *.msi files. This allows you to install the various Active Roles components individually without the need of running the Active Roles Setup.
The Active Roles Configuration Center is a configuration application that provides a unified configuration platform for the Active Roles Administration Service and the Web Interface component. This allows administrators to perform the core Active Roles configuration tasks from a single application, including the following:
-
Performing the initial configuration of Active Roles, such as setting up the Administration Service instances and the default Web Interface sites.
-
Importing the configuration database and the management history database from earlier Active Roles versions.
-
Managing the core Administration Service resources, such as the Active Roles Admin account, service account, and database connections.
-
Creating new Web Interface sites either based on the site configuration objects of the current Active Roles version, or by importing site configuration objects from earlier Active Roles versions.
-
Managing core Web Interface site settings, such as site addresses on the web server, or the configuration object in the Administration Service.
-
Configuring secure communication for the Active Roles Web Interface through forced SSL redirection.
-
Integrating Active Roles with One Identity Starling. For more information, see One Identity Starling Join and configuration through Active Roles in the Active Roles Administration Guide.
-
Managing user login settings for the Active Roles Console (also known as the MMC Interface).
-
Configuring Federated Authentication, allowing you to access an application or website by authenticating against a certain set of rules, known as "claims".
-
Configuring log management and Solution Intelligence.
For more information on these features, see the following subsections.
Getting Started
Active Roles Configuration Center is automatically installed and started by default if you select to install either the Administration Service or the Web Interface components to a computer. Later, you can start Configuration Center again either from the Windows Start menu, or from the Apps page of the operating system.
The Configuration Center provides a unified, single, simple, wizard-based user interface for all core Active Roles configuration tasks, making it a single point of access to all management wizards for all configuration tasks.
The Configuration Center consists of the following elements.
Initial configuration wizards
After installing Active Roles, the Configuration Center allows administrators to run the initial configuration wizards and create the new Active Roles instance, including the Administration Service and the Web Interface.
Hub pages and management wizards
Once the initial configuration is completed, the Configuration Center provides a consolidated view of the core Active Roles configuration settings, and offers tools for changing those settings.
The hub pages of the Configuration Center show the current settings specific to the Administration Service and the Web Interface, including the commands to start the management wizards for changing those settings. The available hub pages are the following:
Configuration Shell
The ActiveRolesConfiguration module (also known as the Configuration Shell) of the Active Roles Management Shell allows administrators to access all Configuration Center features and functions from a Windows PowerShell command-line interface or with scripts, facilitating the unattended configuration of Active Roles components. The ActiveRolesConfiguration module provides cmdlets for key configuration tasks, such as:
-
Creating the Active Roles database.
-
Creating or modifying the Administration Service instances and the Web Interface sites.
-
Performing data exchange between Active Roles databases and between site configuration objects.
-
Querying the current state of the Administration Service.
-
Starting, stopping or restarting the Administration Service.
Configuration Center is installed as part of the Management Tools component if you install Active Roles on a 64-bit system. You can use the Management Tools package to perform configuration tasks on the local or remote computer that has the current version of the Administration Service or Web Interface installed.
Once installed, the Configuration Center looks for these components on the local computer, and if it does not find any of these components, it prompts you to connect to a remote computer. However, you can also connect to a remote computer by clicking the drop-down menu in the Configuration Center header.
NOTE: Consider the following when planning to use the Configuration Center on a remote computer:
-
When connecting to a remote computer, Configuration Center prompts you for a user name and password. The account you use to log in must match the domain user account belonging to the Administrators group on the remote computer. In addition, whether you are going to perform configuration tasks on the local computer or on a remote computer, your login account must be a member of the Administrators group on the computer running Configuration Center.
-
To perform configuration tasks on a remote computer, Configuration Center requires Windows PowerShell remoting to be enabled on that computer. PowerShell remoting is enabled by default on Microsoft Windows Server 2016 or newer operating systems; however, if it is turned off for any reason on the remote computer, you can enable it by running the Enable-PSRemoting command in Windows PowerShell. For more information, see Enable-PSRemoting in the Microsoft PowerShell documentation.
