I am currently using a workflow to update from field EmployeeID to EmployeeNumber. Basically I am adding a letter in front of the employeeID to create employeeNumber.
Ex. employeeID "123456" become employeeNumber "A123456"
it working…
Hello,
I'm having a requirement, we created couple of Virtual attributes in Active Roles and if we change a value of VA1 and then dynamically update the value of VA2.
VA1 - Dropdown field
VA2 - String field
Do let me know if you need more information…
Searching the forum returned a buffet of 'not exactly it' -
in a nutshell "How do I access the policy parameter from within the script module called by the policy under the administration node"
I have a policy, calling a policy script…
Hello Community,
Does anyone know if there is a way for a virtual attribute to have a default value when a user get's synced in from AD?
I have a need for a boolean value for users and when a new user is created from One Identity manager to make that…
Our Service Account wasdomain admin until the earth moved. Now we run as builtin administrators. What native granular permissions are required on object to deprovision, the losing OU and then winning OU as part of the deprovision process.
We see a failure…
Hi,
We're currently working on our user deprovisioning processes and have an issue I am hoping someone can help us with.
We are currently in a hybrid model (on premise AD synced to Azure using AD Connect).
The issue we face is that when a user leaves…
The disk space in Active Roles Server is getting low in storage.
The disk space in Active Roles Server is getting low in storage , we have upgraded to 2TB , but the logs are increasing , below are the logs that is filling up the disk…
I've a requirement to set the edsvaDeprovisionDeletionDate attribute value with future datetime using powershell code and its GeneralizedTime datatype. So I'm unable to set the value to the attribute using powershell. Could anyone please help me to…
Hi
We are running Active Roles Server via 2 web servers which connect to 2 backend application servers, all running Windows Server 2016. Every 2-3 days we're getting an error on one of the web servers that "An error occurred during the last operation…
We have setup ARS on domain ABC and its working fine using a service account with domain admin permission.
Additionally we have added domain XYZ with a separate domain admin account however when we try to create a user we get the following error:
"Ad…
Hi,
We have setup some new user automation however we would like to store the users initial password somewhere so that we can then send this via email to the IT Technician setting up the users account.
Does anyone know where this attribute is stored…
We've been noticing slow WebUI performance, particularly in the chromium browsers. The search results, and action panes take a long time to render (20 seconds or so). There does not seem to be any real load on the web/admin servers (6 CPU's/24GB of…
Hello,
I would like to restore the deleted objects from the Deleted Objects container. I'm looking for a PowerShell script cmdlet or script.
Appreciate for the help in advance.
Thanks
Hi All,
when we add approvers for group membership additions in Active role. it will trigger email to Primary/Secondary owners to that group for approval. Probably when we add Primary/Secondary owners to groups it automatically read their email attribute…
Hi! I am trying to figure out the best way to handle this situation. When we create accounts, we set 2 virtual attributes (edsvaLMSManager and edsvaLMSApprover). Both of these virtual attributes use the DN of the users that are set for their LMSManager…
How can I remove the first leading zero using powershell?
I have the following numbers and need them to have the first zero removed.
00010 >> 0010
05812>>5812
Any suggestions?
Hello
I am wondering if anyone has a solution or ideas on how to use Active Roles to set values for msds-AllowedToDelegateTo attributes (used in Kerberos Delegations ) for an 3rd party application's Active Directory Service account - setting the values…
I need to SET a script scope variable value within a function but it appears that the ARS scheduled task environment command shell does not have these available. Here's a simple script to demonstrate the issue ( if you run this in a powershell or even…
Hello,
I want to create a dynamic group including all computers with a Distinguished Name containing "CRETEIL".
Unfortunately, the membership rule "Computer distinguishedName Contains CRETEIL" doesn't return any items while many computers have…
Hello,
How to get current logged in user through custom script in ARS?
Thanks
Hello,
I've installed the ExchangeOnline powershell package. Through powershell command prompt ExchangeOnline is connecting. When I tried same cmdlet from ARS MMC script module then its not connecting. Here below is the cmdlet I've used.
Connect…
Hello,
I'm have tried below script in policy to uncheck and disable 'Create a mailbox' option in the contact creation wizard but its not reflecting on the screen.
function onGetEffectivePolicy($Request)
{
if($Request.Class -ne "contact"){return…
Hi Guys, Need help. I cannot connect to Active Roles Configuration Center on 7.4. Showing me "Connect failed: path" error message.
Please advice how to troubleshoot this. I tried this solution from this link (https://support.oneidentity.com/kb…
Hello,
I have two ARS managed domains which are in the same forest. Let's pretend domain1 and domain2.
I also have two groups, domain1\read-domain1 and domain2\read-domain2 which have the rights "All Objects - Read All Properties" respectiv…
I have a form where I want to fill out a requester field which is a custom attribute that field will be the SamAccountName of a user would like a way to do a user picker or something. maybe like a java lookup tool.
