立即与支持人员聊天
与支持团队交流

Active Roles 8.1.1 - Evaluation Guide

Introduction Test lab setup Managing users and groups Delegating administration Using Managed Units Using Active Roles policies Managing Exchange recipients Managing permissions in Active Directory Using dynamic groups Delegating computer resource management Using audit trail and reporting Using Active Roes replication Customizing the Web Interface

Using Active Roes replication

Active Roles uses the replication functionality of Microsoft SQL Server to copy and distribute configuration data from one Administration Service database to another, and to synchronize between configuration databases for consistency.

Administration Service database servers synchronized by using the SQL Server replication function are referred to as replication partners. Each replication partner hosts a writable copy of the Active Roles configuration data. Whenever changes are made on one replication partner, the changes are propagated to the other replication partners.

This section outlines the procedures to follow in order for you to configure replication and see how replication works in Active Roles. To use these procedures, you must install Active Roles on two network computers, as described in the Test lab setup section earlier in this document. Two Active Roles instances will be configured to replicate configuration data with each other.

NOTE:

  • Due to limited replication-related capabilities of SQL Server Express (may hold only the Subscriber role), the scenario discussed in this section requires a different edition of SQL Server (such as Enterprise, Standard, or Workgroup) to be used as the Publisher role holder.
  • For the purposes of this evaluation scenario, you may use the same SQL Server to host the databases for both the Administration Services participating in the scenario.
  • When installing the second Administration Service, specify a database name that is different from the name of the database used by the first Administration Service. This ensures that each Administration Service uses a separate database, so two databases could be synchronized with each other via replication of data.

Configure replication

When configuring Active Roles replication, you first create a replication group by designating the database server of a particular Administration Service as the Publisher.

When planning to assign the Publisher role to the database server of a certain Administration Service, ensure that the following requirements are met:

  • The SQL Server Agent service is started on SQL Server that hosts the database of that Administration Service, and configured to log on as a domain user account with administrator rights on SQL Server.
  • The Administration Service is configured to log on as a domain user account with administrator rights on SQL Server.

For evaluation purposes, you may configure both the SQL Server Agent service and the Administration Service to log on as a user account that belongs to the Domain Admins group of your test domain.

To assign the Publisher role to the database server of a certain Administration Service, perform the following steps using the Active Roles console.

To create the Publisher

  1. Open the Active Roles console and connect to the Administration Service whose database server you want to designate as the Publisher.
  2. In the console tree, expand Configuration, expand Server Configuration, and then select Configuration Databases.
  3. In the details pane, right-click the database server and click Promote.
  4. In the confirmation message box, click Yes.
  5. Wait while Active Roles completes the operation.

The new replication group now has a single member—the Publisher. You can add replication partners—Subscribers. To add a Subscriber, perform the following steps using the Active Roles console.

To add a Subscriber

  1. Open the Active Roles console and connect to the Administration Server whose database server you have designated as the Publisher.
  2. In the console tree, expand Configuration, expand Server Configuration, and then select Configuration Databases.
  3. In the details pane, right-click the Publisher, and then click Add Replication Partner.
  4. Follow the instructions in the New Replication Partner wizard.
  5. On the Database Selection page, click Browse.
  6. Use the Connect to Administration Service dialog box to specify the Administration Service whose database server you want to add to the replication group. Click OK.
  7. Click Next two times, and then click Finish.

Test replication

To see how replication works, create a Managed Unit on one of the Administration Services you have configured to be replication partners. Then, connect to the other Administration Service and verify that the new Managed Unit has been replicated to that Service.

To create a Managed Unit

  1. Open the Active Roles console and connect to one of the Administration Services.
  2. In the console tree, expand Configuration, right-click Managed Units, and select New | Managed Unit.
  3. Complete the New Object - Managed Unit wizard.

Wait a few minutes and then use the Active Roles console to verify that the new Managed Unit is also created on the other Administration Service.

To verify replication of the Managed Unit

  1. Open the Active Roles console and connect to the other Administration Service.
  2. In the console tree, expand Configuration, and click Managed Units: the newly created Managed Unit appears in the details pane.

You can create, modify, or delete Active Roles configuration objects, such as Managed Units, Access Templates or Policy Objects, on one of the replication partners, regardless of whether it is the Publisher or a Subscriber, and then connect to other replication partners and see that your changes are propagated to all replication partners.

NOTE: Although Active Roles replication is configured to initiate the propagation of changes immediately after the changes are made, it may take a few minutes for SQL Server to propagate the changes between the Publisher and Subscribers.

Customizing the Web Interface

The Active Roles Web Interface allows you to customize menus, commands, and forms used to administer directory objects. You can add and remove commands or entire menus, assign tasks and forms to commands, modify existing forms, and create new commands, tasks, and forms.

To use the customization capabilities of the Web Interface, you must be logged on as Active Roles Admin. If you have used the default settings when installing the Administration Service, the Active Roles Admin account is set to the Administrators local group on the computer running the Administration Service. So, to customize the Web Interface in your test environment, log on with any user account that is a member of that group.

This section provides an example of how to customize the Site for Administrators. By default, the Web Interface pages for user account creation do not include the box where you could specify the user’s telephone number. After you complete the following steps, a new field—Telephone Number—is added on the Web page for user account creation. When you fill in that field, the number is saved in the telephoneNumber property of the user account.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级