• Extended controls


    i discovered Extended Controls a while ago in Active Role Web Gui and i thought that might be a good way to control code but i guess i havent really thought about using it with onGetEffectivePolicy.

    1. For Example i have simple Form with onGetEffectivePolicy…
  • 'Parsing WS-Trust response failed' error_Connecting to Azure from PowerShell


    I'm seeing below error when I connect Azure AD. Using 'Connect-AzureAD -Credential $credObj' from PowerShell ISE.

    Could anyone please help me here.

    Connect-AzureAD : One or more errors occurred.: parsing_wstrust_response_failed: Parsing…

  • Get-QARSOperation not working in Prod OnPostUndelete Event


    I'm unable to run the 'Get-QARSOperation' cmdlet in production active roles console in the onpostundelete event. Do I need to do anything before run the cmdlet.

    But I'm able to run same in Powershell command prompt and Powershell ISE…

  • How to execute worfklow per operation?



    My goal is to limit the number of members added to a group, for example: I have a group with 4 members, and I set a limitation value of 5 (the value is set in extension attribute 1)

    I created a workflow with the operation: “add member to group…

  • How to change one common attribute for multiples groups using csv.

    How to change one common attribute for multiples groups using csv.

    i have around 2000+ groups which need to have a attribute updated. How can we achieve this.

  • How do I call the value of a policy object custom parameter value inside the script called from the policy?

    Searching the forum returned a buffet of 'not exactly it' - 

    in a nutshell "How do I access the policy parameter from within the script module called by the policy under the administration node"

    I have a policy, calling a policy script…

  • Update AD users based on csv file

    Hi There, 

    I am trying to bulk update few users based on CSV file and got the following working script:

    $users = Import-Csv "UserDetails.csv"
    foreach ($user in $users) {
         $userEmail = $user."Email"
         $UPN = get-qaduser $userEmail…

  • Assign add/remove group members permissions to AD group via script

    Hi Guys, how do I assign add/remove group members permissions to AD group via script? I know we can do it via set-acl command in Powershell, however how can we do it via script in QAD?

    I need to assign permissions to over 100 groups, and thus much easier…

  • Displaying multiple columns in Web Interface

    I have a script which queries a SQL table I created to add new users to a selected AD group on creation.

    The table originally had 1 column - AD Group Name, which returned all possible groups for the helpdesk to select from in a dropdown list in the web…

  • Pull a value out of policy or enforce a policy on one user.

    My goal is to look at the policy applied to an object and pull a value the policy would set.

    Specifically, I'd like to pull homePath and homeDirectory out of the Home Folder and AutoProvisioning Policy applied to a user object.

    This looks close to…

  • Script module to send out emails

    Hi Team,

    My issue is with the script module to send out emails.The objective is to use a secure way to call the password in the script module rather than using plain text password.

    I have encrypted the plain text password using the command


  • SMTP relay-Script

    Hi ,

    We are using  script in Active roles to send emails to the users. currently the script uses a username and a password to connect to exchange office365 as per below, we would like to use SMTP relay  to modify the below script , can you please let me…

  • Temporary group membership

    HI,  I would like to add a group by midnight through a script, I know the GUI has the setting to set date and time but how would I do it using a script.


    Add-QADgroupmember -identity "groupname" -member $ADuser   (tonight at midnight)

  • Sync servicenow with active roles cannot get certain attributes

    Good Morning.

    I am new to the forum and has been working for some time now in Active Roles although without more education that the little information that i can find in the web.

    We are trying to automatize certain tasks by synchronizing Servicenow and…

  • Set-QADUser failing with variable??

    I have this script in a workflow and this line fails when I use a variable

    set-Qaduser -identity agntest\$usr -ObjectAttributes @{employeetype = $UserEmpType}

    If I put text it works fine.

    set-Qaduser -identity agntest\$usr -ObjectAttributes @{employeetype…

  • Create Virtual Attribute Script?

    Need to create a bunch of Virtual Attributes. All single value Directory String, User attributes. Does any one have a script to create virtual attributes of a csv file or similar?

    I am not finding any of the Quest CmdLets that do it. 

  • Dynamic Group - Recursive membership based on nested manager chain...

    Imagine a single manage is over 12 managers who in-turn all have 12 subordinate managers who all have teams of 10+ people - is there an easy native way to create a dynamic group membership query that encompasses ALL those people?

    Head-Manager Jill <- Sub…

  • Set Active Roles (ARS) Scheduled (PowerShell) Script Modules to Execute in PWSH.exe (v6+) vs POWERSHELL.exe

    How can I explicitly instruct ARS to execute scripts in PowerShell v7

  • Detect changes that occur in Active Directory (not AR) and trigger an action?


    Is it at all possible for Active Roles to trigger off of a change made in the underlying Active Directory as opposed to within Active Roles itself?


    • A computer has BitLocker enabled and the keys are transferred to associated Active Directory…
  • Get Current Domain Controller in ARS script


    I need to write a script which provisions a new user account in another application as part of provisioning a new user in ARS.  The application has PowerShell CMDLETS for doing this.  The application is located in another AD site and frequently the…

  • How do I set a boolean virtual attribute from set-qaduser


    I've created a custom virtual attribute of type boolean in ARS that I would like to set using the set-qaduser commandlet.  It doesn't seem to work though

    If I use the following command.

    Set-QADUser -Proxy -Identity 'bob.dobbsn@example.com…

  • Auto Generate a password in a script


    I need to generate a password for a user in a policy script.  I'd like the password to be compliant with the password policy I've already setup in ARS, and which is generated if I use the New User wizard from the ARS MMC console.  I don't…

  • New-QADUser cmdlet Issue when logging the account creation event

    So when using the new-qaduser cmdlet, see below, The Event Log for event 4720 on the DC its connecting to to create the user account shows:

    Security ID: Domain\testing3
    Account Name: $2RG100-UU7PKQ1Q51GA
    Account Domain: Domain

    SAM Account…

  • need help to list users with second owner in a csv file


    My Problem is, i have to list all Users in a specified OU, with entries in the Second Owner field.

    How i can do this and export in a CSV File?

    Would be great if someone could help.

    Thanks and best regard


  • Help exporting list of OS versions for multiple machines using Active Roles Management Shell

    Hi all,

    Apologies if this is in the wrong place,

    I'm very new to Active Roles and have been tasked with obtaining the OS of multiple machines throughout the business.I have the list in a .CSV format and I would like to run a script that will ask Active…