立即与支持人员聊天
与支持团队交流

Active Roles 8.2 - Web Interface User Guide

Getting Started Web Interface Basics Performing Management Tasks
Managing your personal account Managing Active Directory objects Running an automation workflow Managing temporal group memberships Managing Azure AD, Microsoft 365, and Exchange Online objects
Managing cloud-only Azure contacts Managing Hybrid AD users
Creating a new Azure AD user with the Web Interface Viewing or updating the Azure AD user properties with the Web Interface Viewing or modifying the manager of a hybrid Azure user Disabling an Azure AD user Enabling an Azure AD user Deprovisioning of an Azure AD user Undo deprovisioning of an Azure AD user Adding an Azure AD user to a group Removing an Azure AD user from a group View the change history and user activity for an Azure AD user Deleting an Azure AD user with the Web Interface Creating a new hybrid Azure user with the Active Roles Web Interface Converting an on-premises user with an Exchange mailbox to a hybrid Azure user Licensing a hybrid Azure user for an Exchange Online mailbox Viewing or modifying the Exchange Online properties of a hybrid Azure user Creating a new Azure AD user with Management Shell Updating the Azure AD user properties with the Management Shell Viewing the Azure AD user properties with the Management Shell Delete an Azure AD user with the Management Shell Assigning Microsoft 365 licenses to new hybrid users Assigning Microsoft 365 licenses to existing hybrid users Modifying or removing Microsoft 365 licenses assigned to hybrid users Updating Microsoft 365 licenses display names Microsoft 365 roles management for hybrid environment users
Managing Hybrid AD groups Managing Microsoft 365 Groups Managing cloud-only distribution groups Managing cloud-only dynamic distribution groups Managing Azure security groups Managing cloud-only Azure users Managing cloud-only Azure guest users Managing cloud-only Azure contacts Viewing or modifying the Exchange Online properties of a remote mailbox Managing room mailboxes Managing cloud-only shared mailboxes Deleting or changing the remote mailbox of an on-premises user
Managing AD LDS data Managing computer resources Restoring deleted objects
Using Approval workflows

Updating Microsoft 365 licenses display names

To update the names of the licenses displayed on Azure properties > Licenses page of a hybrid user

  1. On the system running the Active Roles Service, navigate to ...\One Identity\Active Roles\8.2.0\Service\AzureLicenses.xml.

  2. Open the AzureLicenses.xml file and edit the required SKU with the new license display name.

    NOTE: If the AzureLicenses.xml file with Azure licenses is not available or it is not well formed, then the default SKUs as derived from Azure Graph APIs are displayed on the Azure Properties > Licenses page for the Azure AD user.

    The updated license display names can be viewed on the user's Azure Properties > Licenses page.

Microsoft 365 roles management for hybrid environment users

Active Roles allows you to perform the following Microsoft 365 roles management tasks for hybrid users:

  • Assign Microsoft 365 roles to existing hybrid users

  • Modify or remove Microsoft 365 roles assigned to hybrid users

  • Microsoft 365 user roles management

IMPORTANT: The Active Roles Web Interface only displays Azure roles that have been enabled. To list the Microsoft 365 Roles on the Web Interface, run the following commands.

  • To get the guest inviter directory role template, run $roleTemplate = Get-AzureADDirectoryRoleTemplate | ? { $_.DisplayName -eq "Guest Inviter" }.

  • To enable an instance of the DirectoryRole template, run Enable-AzureADDirectoryRole -RoleTemplateId $roleTemplate.ObjectId.

For more information on allowing the Azure roles to be listed on the Web Interface, see Enabling Azure Roles in the Active Roles Administration Guide.

Assigning Microsoft 365 roles to existing hybrid users

To assign Microsoft 365 roles to existing hybrid users

  1. On the Active Roles Web Interface navigation bar, click Directory Management.

  2. On the Views tab in the Browse pane, click Active Directory.

    The list of Active Directory domains is displayed.

  3. Click the specific domain, Container or the Organizational Unit, and then select the specific user for which you want to view or update the properties.

  4. In the Command pane, click Azure properties.

    The Azure Properties of the user are displayed.

  5. Click O365 Roles tab.

    The O365 Roles wizard displays the Microsoft 365 roles, for example, the Helpdesk Administrator, Directory Readers, and more.

  6. Select the Microsoft 365 roles that you want to assign to the user, and click Finish.

To check the Microsoft 365 roles assigned to the user, select the user, then navigate to Azure Properties > O365 wizard.

Modifying Microsoft 365 roles assigned to hybrid users

To modify the Microsoft 365 roles assigned to existing hybrid users

  1. On the Active Roles Web Interface navigation bar, click Directory Management.

  2. On the Views tab in the Browse pane, click Active Directory.

    The list of Active Directory domains is displayed.

  3. Click the specific domain, Container or the Organizational Unit, and then select the specific user for which you want to view or update the properties.

  4. In the Command pane, click Azure properties.

  5. In the Azure Properties dialog, click O365 Roles tab.

  6. Click the specific domain, Container or the Organizational Unit, and then select the specific user for which you want to view or update the properties.

NOTE: When a user is deprovisioned, all the roles that were assigned to the user are retained.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级