Hello,

I am in version 7.4.3 with all the fixes.

I want to create a form to edit people in our AD with multiple tabs and dynamic lists. The anomaly is that when creating the form, I only have the choice to save and not next to go to the next tab. So dynamic…

Is there a way to specify a friendly name for the service connection point that ARS Administration service creates in AD?  We name our servers in a complex way (like aaa-bbb-ccc-###) and it would be nice if I could specify a name like (ars01 or ADManagement01…

Hello.

I need to generate a password for a user in a policy script.  I'd like the password to be compliant with the password policy I've already setup in ARS, and which is generated if I use the New User wizard from the ARS MMC console.  I don't…

Hello,

I'm hoping someone can provide any information or experience on syncing a GAL between two Exchange environments.

Right now I am just creating a contact in the target domain using a user account info from the source and giving the contact the…

We continue to see the error described here support.oneidentity.com/.../error-unable-to-uniquely-identify-the-user-using-provided-claims-federation-authentication-with-azure-ad

Our on-prem UPN and AzureAD UPN are different, so we are using the feature…

Is there a way to trigger a map operation and commit for a password sync pair without using the GUI console?  The admin guide explains how to do it with console, but I'd prefer to send a command to the QARS server to trigger that, instead (preferably from…

Is there a way in the ARS web ui to set a virtual attribute boolean value to a default?  I have a boolean VA on a web form that isn't populated.  Not all users are created by the sync service, so I need this attribute to default to true, regardless…

I tried to create an access template for granting self write access to the ms-Mcs-AdmPwd attributes and it seemed to do nothing.  I had to manually set the rights using powershell.  It would be so much easier to do this with an ARS Access Template.  This…

I have ARS configured on one of our domain (abc.com), we had a request to setup ARS for an another domain. We want to have both the domain setup on the same ARS Server & both the domain appear & manage under the same ARS website.

I've added the…

Hi, 

I have two ARS servers and two DBs, configured one of the ARS servers and promoted it as Publisher.
I then added the second server as subscriber.

Both ARS servers 2016 are running under version 7.4.3.110, SQL servers are 2016.

In the ARS console, under…

Hello,

We are recently facing the issue on few users for whom we are not able to open exchange properties. Other tabs are working fine, but when we select exchange properties in ARS portal after opening user general properties, it takes time and finally…

Is there a way to create a command from the ARS website that would have a remote computer run GPUPDATE /FORCE ??

I am picturing finding the Computer in ARS Web Site, putting in a check mark then having the command available. Out of the box you can choose…

HI team,

We have separate user domain and resource domain. Exchange is in resource domain for which users master accounts is in user domain. so linked mailboxes in resource domain.

Few Distribution list in resource domain's exchange has owners defined…

Hi all,

I am relatively new to ARS and tried to set up a MU with explicit permission to some groups, this worked well and I have added the specific group with builtin "Managed Units View" and "Group - Read all Properties" access.
Now…

I tried with the below code but it gives error.

powershell.exe -command New-QADComputer -Name <Name of the new computer> -ParentContainer "<OU-Copied the distinguishedName of an earlier computer object from the AD>" -ObjectAttr…

Morning all,

Currently within ARS, you write sript modules of various types and trigger them via policies, schedules, events, etc. Those scripts however must live within the ARS environment, specifically written in the inline script window ARS provides…

It seams UndoDeprovison is not possible in a work flow when you have Quest Change auditor integration.

See this KB for details: UndoDeprovision with Workflow fails with error "Specified method is not supported" if Change Auditor Deprovision policy is applied…

I have a workflow that runs ever night. It will automatically deprovision any user with a certain timeframe of inactivity. Every now and then, a user does attempt to use their account and we have a process to undo the deprovisioned status in place. However…

I am writing a powershell policy script to detect remote mailbox types (EXO), ARS is not connected to Azure.
$DirObj.GetInfoEx(@("msExchRemoteRecipientType","msExchRecipientTypeDetails","mail"),0)
$msExchRecipientTypeDetails…

The script only seems to be working if the first condition is met. It is not working if the User2 is met.  ($Session.Username -ne "user2") Is there some reason why the -OR isn't working in the IF statement. Any ideas?

function onGetEffectivePolicy…

Dear All,

We built a new ARS farm of 2 servers in 7.4 using 2 mutualized databases (one for config and one for history) 6 monthes ago.

Our old farm in 6.9 is still in production and we made some changes on it during these 6 monthes (Policies, dynamic…

Hello Guys,

I'm in need of a powershell script to get all dynamic groups in our environment with the membership rules. 

I can get the list using the below script but the membership rules i get is the membership rules plus GUID & SID of the OU's with…

I wrote a custom powershell script and have it run in a workflow.

I'm having an issue with the try catch statement. If I remove try catch and just run the command inside the try method, the workflow executes fine. However, when a try catch is added,…

Hi,

I've installed ARS on a on a separated Domain and now try to add managed Domains in other non-trusted Domains. All ports form the ARS documentation are open against the specific Domains, but I am still facing the error that the Domain can't be contacted…