立即与支持人员聊天
与支持团队交流

Active Roles 8.2.1 - Web Interface User Guide

Getting Started Web Interface Basics Performing Management Tasks
Managing your personal account Managing Active Directory objects Running an automation workflow Managing temporal group memberships Managing Azure AD, Microsoft 365, and Exchange Online objects
Managing cloud-only Azure contacts Managing Hybrid AD users
Creating a new Azure AD user with the Web Interface Viewing or updating the Azure AD user properties with the Web Interface Viewing or modifying the manager of a hybrid Azure user Disabling an Azure AD user Enabling an Azure AD user Deprovisioning of an Azure AD user Undo deprovisioning of an Azure AD user Adding an Azure AD user to a group Removing an Azure AD user from a group View the change history and user activity for an Azure AD user Deleting an Azure AD user with the Web Interface Creating a new hybrid Azure user with the Active Roles Web Interface Converting an on-premises user with an Exchange mailbox to a hybrid Azure user Licensing a hybrid Azure user for an Exchange Online mailbox Viewing or modifying the Exchange Online properties of a hybrid Azure user Creating a new Azure AD user with Management Shell Updating the Azure AD user properties with the Management Shell Viewing the Azure AD user properties with the Management Shell Delete an Azure AD user with the Management Shell Assigning Microsoft 365 licenses to new hybrid users Assigning Microsoft 365 licenses to existing hybrid users Modifying or removing Microsoft 365 licenses assigned to hybrid users Updating Microsoft 365 licenses display names Microsoft 365 roles management for hybrid environment users
Managing Hybrid AD groups Managing Microsoft 365 Groups Managing cloud-only distribution groups Managing cloud-only dynamic distribution groups Managing Azure security groups Managing cloud-only Azure users Managing cloud-only Azure guest users Managing cloud-only Azure contacts Viewing or modifying the Exchange Online properties of a remote mailbox Managing room mailboxes Managing cloud-only shared mailboxes Deleting or changing the remote mailbox of an on-premises user
Managing AD LDS data Managing computer resources Restoring deleted objects
Using Approval workflows

Running an automation workflow

Workflow refers to a sequence of actions that leads to the completion of a certain task. Active Roles allows administrators to configure various workflows that can be started on a scheduled basis or on user demand. This workflow type is called automation workflow. For more information, see Automation workflow in the Active Roles Administration Guide.

If an automation workflow is configured so that running it on demand is allowed, then such a workflow can be run from the Web Interface.

To run an automation workflow from the Web Interface

  1. On the Navigation bar, click Directory Management.

  2. On the Tree tab in the Browse pane, expand the Workflow branch and click the container that holds the desired workflow.

  3. In the list of objects, select the desired workflow.

  4. In the Command pane, click Run.

  5. If prompted, review or change the values of the workflow parameters.

  6. Click OK in the confirmation message box.

The Web Interface prompts you for parameter values if the workflow has any parameters that need to be supplied by the user running the workflow on demand. If the workflow has no parameters that require user input, then the Web Interface starts the workflow without prompting you for parameter values.

Once you have started an automation workflow, the Web Interface opens a run history report allowing you to examine the progress of the workflow run. The report displays the workflow run status along with information about the activities performed during the run. For a workflow that is in progress, you can cancel its run by clicking Terminate.

After the workflow is completed, the report retains history information about the workflow run. For each completed run of the workflow, the report allows you to identify when and by whom the workflow was started, when the workflow was completed, and what parameter values were used.

The report also lists the workflow activities that were initiated during the workflow run. For each activity, you can determine whether the activity was completed successfully or returned an error. In case of error, the report provides an error description. For activities requesting changes to directory data (for example, activities that create new objects or modify existing objects), you can examine the requested changes in detail by clicking the Operation ID number in the run history report.

To view run history of an automation workflow in the Web Interface

  1. On the Navigation bar, click Directory Management.

  2. On the Tree tab in the Browse pane, expand the Workflow branch and click the container that holds the desired workflow.

  3. In the list of objects, select the desired workflow.

In the Command pane, click Run History.

Managing temporal group memberships

By using temporal group memberships, you can manage group memberships of objects such as user or computer accounts that need to be members of particular groups for only a certain time period. This feature gives you flexibility in deciding and tracking what objects need group memberships and for how long.

This section guides you through the tasks of managing temporal group memberships in the Web Interface. If you are authorized to view and modify group membership lists, then you can add, view and remove temporal group members as well as view and modify temporal membership settings on group members.

Adding temporal members

A temporal member of a group is an object, such as a user, computer or group, scheduled to be added or removed from the group. You can add and configure temporal members using the Web Interface.

To add temporal members to a group

  1. In the Web Interface, select the group, and then choose the Members command.

  2. On the Members page, click Add.

  3. In the Select Object dialog, find and select the objects that you want to make temporal members of the group, then click Temporary Access.

  4. In the Temporal Membership Settings dialog, select the appropriate options, then click OK:

    • To have the temporal members added to the group on a certain date in the future, select On this date under Add to the group, and choose the date and time you want.

    • To have the temporal members added to the group at once, select Now under Add to the group.

    • To have the temporal members removed from the group on a certain date, select On this date under Remove from the group, and choose the date and time you want.

    • To retain the temporal members in the group for indefinite time, select Never under Remove from the group.

    NOTE: You can make an object a temporal member of particular groups by managing the object rather than the groups. Select the object, and then choose the Member Of command. On the Member Of page, click Add. In the Select Object dialog box, find and select the groups, and specify the temporal membership settings as appropriate for your situation.

Viewing temporal members

In the list of group members displayed by the Web Interface, you can distinguish between regular and temporal group members. It is also possible to hide or display so-called pending members, the temporal members that are scheduled to be added to the group in the future but are not actual members of the group so far.

To view temporal members of a group

  1. In the Web Interface, select the group, and then choose the Members command.

  2. Review the list on the Members page:

    • An icon of a small clock overlays the icon for the temporal members.

    • If the Show pending members check box is selected, the list also includes the temporal members that are not yet added to the group.

The list of group memberships for a particular object makes it possible to distinguish between the groups in which the object is a regular member and the groups in which the object is a temporal member. It is also possible to hide or display so-called pending group memberships, the groups to which the object is scheduled to be added in the future.

To view groups in which an object is a temporal member

  1. In the Web Interface, select the object, then choose the Member Of command.

  2. Review the list on the Member Of page:

    • An icon of a small clock overlays the icon for the groups in which the object is a temporal member.

    • If the Show pending group memberships check box is selected, the list also includes the groups to which the object is scheduled to be added in the future.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级