立即与支持人员聊天
与支持团队交流

Active Roles 8.1.1 - Administration Guide

Introduction Getting started Rule-based administrative views Role-based administration
Access Templates as administrative roles Access Template management tasks Examples of use Deployment considerations Windows claims-based access rules
Rule-based autoprovisioning and deprovisioning
Provisioning Policy Objects Deprovisioning Policy Objects How Policy Objects work Policy Object management tasks Policy configuration tasks
Property Generation and Validation User Logon Name Generation Group Membership AutoProvisioning Exchange Mailbox AutoProvisioning AutoProvisioning in SaaS products OneDrive Provisioning Home Folder AutoProvisioning Script Execution Microsoft 365 and Azure Tenant Selection E-mail Alias Generation User Account Deprovisioning Office 365 Licenses Retention Group Membership Removal Exchange Mailbox Deprovisioning Home Folder Deprovisioning User Account Relocation User Account Permanent Deletion Group Object Deprovisioning Group Object Relocation Group Object Permanent Deletion Notification Distribution Report Distribution
Deployment considerations Checking for policy compliance Deprovisioning users or groups Restoring deprovisioned users or groups Container Deletion Prevention policy Picture management rules Policy extensions
Using rule-based and role-based tools for granular administration Workflows
Key workflow features and definitions About workflow processes Workflow processing overview Workflow activities overview Configuring a workflow
Creating a workflow definition for a workflow Configuring workflow start conditions Configuring workflow parameters Adding activities to a workflow Configure an Approval activity Configuring a Notification activity Configuring a Script activity Configuring an If-Else activity Configuring a Stop/Break activity Configuring an Add Report Section activity Configuring a Search activity Configuring CRUD activities Configuring a Save Object Properties activity Configuring a Modify Requested Changes activity Enabling or disabling an activity Enabling or disabling a workflow Using the initialization script
Approval workflow Email-based approval Automation workflow Activity extensions
Temporal Group Memberships Group Family Dynamic groups Active Roles Reporting Management History Entitlement profile Recycle Bin AD LDS data management One Identity Starling Join and configuration through Active Roles Managing One Identity Starling Connect Configuring linked mailboxes with Exchange Resource Forest Management Configuring remote mailboxes for on-premises users Azure AD, Microsoft 365, and Exchange Online Management
Configuring Active Roles to manage Hybrid AD objects Managing Hybrid AD users
Creating a new Azure AD user with the Web Interface Viewing or updating the Azure AD user properties with the Web Interface Viewing or modifying the manager of a hybrid Azure user Disabling an Azure AD user Enabling an Azure AD user Deprovisioning of an Azure AD user Undo deprovisioning of an Azure AD user Adding an Azure AD user to a group Removing an Azure AD user from a group View the change history and user activity for an Azure AD user Deleting an Azure AD user with the Web Interface Creating a new hybrid Azure user with the Active Roles Web Interface Converting an on-premises user with an Exchange mailbox to a hybrid Azure user Licensing a hybrid Azure user for an Exchange Online mailbox Viewing or modifying the Exchange Online properties of a hybrid Azure user Creating a new Azure AD user with Management Shell Updating the Azure AD user properties with the Management Shell Viewing the Azure AD user properties with the Management Shell Delete an Azure AD user with the Management Shell Assigning Microsoft 365 licenses to new hybrid users Assigning Microsoft 365 licenses to existing hybrid users Modifying or removing Microsoft 365 licenses assigned to hybrid users Updating Microsoft 365 licenses display names
Unified provisioning policy for Azure M365 Tenant Selection, Microsoft 365 License Selection, Microsoft 365 Roles Selection, and OneDrive provisioning Microsoft 365 roles management for hybrid environment users Managing Microsoft 365 contacts Managing Hybrid AD groups Managing Microsoft 365 Groups Managing cloud-only distribution groups Managing cloud-only dynamic distribution groups Managing Azure security groups Managing cloud-only Azure users Managing cloud-only Azure guest users Managing cloud-only Azure contacts Changes to Active Roles policies for cloud-only Azure objects Managing room mailboxes Managing cloud-only shared mailboxes
Modern Authentication Managing the configuration of Active Roles
Connecting to the Administration Service Managed domains Using unmanaged domains Evaluating product usage Creating and using virtual attributes Examining client sessions Monitoring performance Customizing the Console Using Configuration Center Changing the Active Roles Admin account Enabling or disabling diagnostic logs Active Roles Log Viewer
SQL Server replication Using regular expressions Administrative Template Communication ports Active Roles and supported Azure environments Integrating Active Roles with other products and services Active Roles Language Pack Active Roles Diagnostic Tools Active Roles Add-on Manager

Customize approval action buttons

You can configure the Approval activity to specify the actions the approver can take on the approval task. On the pages for performing the approval task, in the Approval section of the Web Interface, the task header contains the action buttons that are intended to apply the appropriate resolution to the task, such as Approve or Reject. The action buttons are located at the bottom of the header area. Which buttons are displayed depends upon configuration of the Approval activity.

To rename or hide an action button

  1. Go to the Customization tab in the Properties dialog for the Approval activity.

  2. Click Customize action buttons.

  3. Click the title of the button in the list, and then click Edit.

  4. In the Action Button Properties dialog, perform the following tasks:

    • To rename the button, type the appropriate name in the Button title box.

    • The new name will appear on the action button in the Web Interface.

    • To hide the button, clear the Is visible on the pages for performing the approval task check box.

    • As a result, the Web Interface will not display the action button.

You can restore the action button in the Web Interface by selecting the Is visible on the pages for performing the approval task check box.

NOTE: This option is unavailable for the Escalate and Delegate action types. The Web Interface displays the Escalate or Delegate button only if the Approval activity allows the approver to escalate or reassign (delegate) the approval task, respectively.

Action buttons appear on the pages for performing the approval task. Each button applies a certain action to the task. You can add buttons to create custom actions. Clicking a custom action button allows (Complete action type) or denies (Reject action type) the operation that is subject to approval. If-Else activities can refer to a custom action button by title and elect the appropriate branch of the workflow when the approver clicks that button.

To add a custom action button

  1. Navigate to the Customization tab in the Properties dialog for the Approval activity.

  2. Click Customize action buttons.

  3. Click Add.

  4. In the Action Button Properties dialog, do the following:

    1. In the Button title box, type the appropriate name of the button.

      This name will appear on the action button in the Web Interface.

    2. From the Action type list, select the appropriate type of the action button.

      When applied to an approval task, the Complete action type, causes the workflow to continue, allowing the operation that is subject to approval; the Reject action type button denies the operation.

    3. Select the Is visible on the pages for performing the approval task check box.

TIP: When adding a custom action button, One Identity recommends including instructions explaining the meaning and purpose of the custom action. You can enter these instructions in the Properties > Customization > Customize action buttons > Show this instruction for action buttons field of the Approval activity. The approver will see that text above the action buttons on the pages for performing the approval task in the Web Interface.

To complete an approval task, the approver normally has to fill in a confirmation dialog box. You can configure the Approval activity to prevent the confirmation dialog from appearing: Select the Suppress the confirmation dialog upon completion of approval task check box in the Customize action buttons area on the Customization tab in the Properties dialog for the Approval activity.

Configuring a Notification activity

When configuring a Notification activity, you can specify notification settings such as workflow events to notify of, notification recipients, and notification message template. The same settings apply to the Notification section of other activities such as an Approval activity, a Search activity, and CRUD activities.

To view or change notification settings

  1. In the Active Roles Console tree, expand Configuration > Policies > Workflow, and select the workflow containing the activity you want to configure.

    This opens the Workflow Designer in the Details pane, representing the workflow definition as a process diagram.

  2. In the process diagram, right-click the name of the activity and click Properties.

  3. Navigate to the Notification tab in the Properties dialog.

The page for configuring notifications includes three areas:

  • Events, recipients, messages: In this area you can add, view, change, or remove notifications, each of which determines an event to notify of, the recipients of the notification message, the message delivery options, and the message template.

  • Active Roles Web Interface URL in Notifications: This area is used to specify the address (URL) of the Active Roles Web Interface, for constructing hyperlinks in the notification messages.

  • Email server settings: In this area you can view or change the name and other settings of the email server that is used for delivery of notification messages.

Events, recipients, messages

To add a notification

  1. In the Events, recipients and messages area, click Add.

  2. In the Notification Settings dialog, in the Select an event, list click the event to notify of.

  3. On the Notification Recipients tab, select check boxes to specify the notification recipients.

    The email addresses of the recipients you select on the Notification Recipients tab appear in the To field of the notification email messages. To add recipient addresses to the Cc or Bcc field, click Cc Recipients or Bcc Recipients, respectively. This opens a page that is similar to the Notification Recipients tab, allowing you to view or change which recipient addresses will appear in the Cc or Bcc field.

  4. On the Notification Delivery tab, select the delivery options you want:

    • Select the Immediate option for the notification message to be sent immediately, on every occurrence of the event.

    • Select the Scheduled option for the notification messages within a certain time period to be grouped and sent as a single message; then, specify the desired period. This option is available only for the Task created event in an Approval activity.

  5. On the Notification Message tab, click Modify to view or change the message template, including the subject and the body of the notification message.

  6. In case of a Notification activity, choose additional options on the Notification Message tab as needed:

    • If you want the notification message to include the Change History report (in case of a change workflow) or Run History report (in case of an automation workflow), select the Attach a report of workflow execution to notification message check box.

    • For the activity to send plain-text notification messages, select the Format notification message as plain text check box. Otherwise, the activity sends notification messages in HTML format.

  7. Click OK to close the Notification Settings dialog.

For the Task created event in an Approval activity, notification can be configured so that notification messages are grouped together and sent out on a scheduled basis. If you select the Scheduled option on the Notification Delivery tab, the messages within a certain, scheduled period are accumulated in a temporary storage instead of being sent out immediately upon event occurrences. Upon the expiration of that period, all the collected messages are sent out as a single message. You can configure the activity to deliver notification on a daily or hourly schedule.

Clicking Modify on the Notification Message tab opens a window where you can view and modify e-mail notification templates. For each event type, the notification configuration defines a default template based on which Active Roles composes email notification messages. Each template includes XHTML markup along with the text and tokens representing information about the event.

To make notification messages more meaningful to the recipients, notification templates provide the option for the messages to include tokens representing additional information about the event. Click Insert Token to view a list of the available tokens. The list provides a brief description for each token.

You can edit templates in order to customize the contents and format of notification e-mails. The changes to templates are notification-specific and event-specific: When you modify the template for a certain event within the configuration of a certain notification, your changes have no effect on the other notifications or events. This allows different notifications and events to have different, custom notification templates.

To view or change a notification

  • Click an entry in the Events, recipients and messages list, click Edit, and use the Notification Settings dialog as described earlier in this topic.

To delete a notification

  • Click an entry in the Events, recipients, and messages list, and then click Remove.

Active Roles Web Interface URL in Notifications

The address (URL) specified in this area is used to construct hyperlinks in the notification messages so that notification recipients can easily access the Web Interface pages for performing workflow tasks.

To specify the address of the Active Roles Web Interface

  1. In the edit box under Active Roles Web Interface, type the address (URL) of the Active Roles Web Interface site (for example, http://<server>/ARServerAdmin).

  2. Click Test to verify the address. If the address is correct, this opens the Web Interface site in your web browser.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级