• Active Roles 7.4 SAML configuration

    Recently we configured our dev ARS 7.4 environment with SAML pointing at AzureAD.  We followed the instructions in Active Roles 7.4 Administration guide, creating an App Pool service domain account with kerberos constrained delegation with the required…

  • Group membership approval not working for DL

    HI team,

    We have separate user domain and resource domain. Exchange is in resource domain for which users master accounts is in user domain. so linked mailboxes in resource domain.

    Few Distribution list in resource domain's exchange has owners defined…

  • Component Object Model (COM) File System Object Disablement?

    Forgive me if this is a simple question, but does Active Roles Server 7.3 use the File System Object at all? Been asked to see if this would impact our ARS operations if we were to disable the registry key that is associated with the File System Object…

  • Quickconnect Deprovision from DB2 Table to Active Roles

    Source System: DB2 Table

    Destination: Active Roles Server

    I have the synchronization service read data from a table. This table is formed by user submission to deprovision accounts. From the sync server, I send a deprovision job over to Active Roles…

  • Update description field on a managed unit fail

    Hi

    In the Helpdesk site I have created custom form with access to the description attribute and linked this to the directory object type of a Managed Unit. I have also created a user account with limited permissions in ARS but enough to allow changes…

  • ARS upgrade path from 6.8 to 7.3?

    I've been tasked with upgrading our Quest ARS environment.  Is there any documentation or recommendation on an upgrade path from ARS 6.8 to 7.3?  Our 6.8 environment is a just single server and management wants to go with a full HA/DR solution with…

  • Perform batch operations on User objects from the web client

    Has anyone been able to create a custom command that can be performed against multiple selected objects?  I created a custom command that would set the edsvaProtectFromDeletion attribute to 'TRUE', but this command only appears when a single objects is…

  • Is it possible to generate a Managed Unit on the fly based on a users department or site code?

    Hello,

    Is it possible to generate a Managed Unit on the fly based on a users department or site code?

    Client has large number of AD user accounts, wants to limit the view and modification to only users in same department or site code.

    I was looking…

  • Get-QADuser not returning values for edsvaHomeDirectory

    Hello,

        Quest is populating this value for us for every new user created.  I would like to pull a report containing username and edsvaHomeDirectory for all users in AD.

    This is what I am running:

    get-qaduser -Identity * -Sizelimit '0' -IncludedProperties…

  • Does Active Roles support Hybrid Joins to Starling Services?

    Yes, starting with Active Roles 7.3.1, we added support for Hybrid Joins to Starling Services.

    Please see the following article for the latest information on what products and minimum versions are required to take advantage of the Starling Services Hybrid…

  • After upgrading to ARS 7.2.1 some users are no longer able to be disabled.

    After upgrading to ARS 7.2.1 some users are no longer able to be disabled. The option is gone from the right click context menu for the user in the console. There is an option to deprovision, but not disable. I'm unable to figure out why. Two different…

  • Workflow to add a user to an Admin group, then automatically remove them in X days.

        Management has asked that we limit the time a user is a member of the Enterprise Admins group.  I am copying a workflow that we use for approval of membership in the Domain Admins group, however I see no way to add a time component to the workflow.  Is…

  • Active Roles Customize Error message in Web Interface

    Hello all,

    I have a script running some checks as part of the PreModify function and throwing and exception if an ID is not unique forest wide, this is working nicely but I was wondering if it is possible to customize what is shown on screen.

    What I mean…

  • Group Approvals

    We have a group that we want to have group approvals. This will computers addded to a group. The problem is the OU is sits in has been excluded from approvals. How can i make this one group have approval

  • finding an attribute from within a scheduled workflow with powershell - msds-userpasswordexpirytimecomputed

    Hi, 

    I'm working on a password expiry notification, using ARS 7.0 workflow interface.

    First, I use a find activity to scope certain users.

    Then, I'd like to use an if-then branch, to evaluate the msds-userpasswordexpirytimecomputed property.

    From…

  • import-csv giving file not found error

     i am getting file not found error on the below line 

    $file=import-csv c:\temp\input.csv

     

    file is already in place 

    when i run the same script from windows powershell it is working , but giving error when run the same from ARS scheduled task .

     

    any idea…

  • Active Roles Server 7.0.2 workflow for automatically assign Office 365 license to AD user

    Hi, I want to specific assign Office 365 license to Active Directory user accounts depending on group membership or OU location.

    What is the best way to perform this process and can you help me by providing information about how to do it.

  • UPN Suffix does not respect the default value

    A customer use Active Roles and I'm following the switch between Quest 6.9 and Dell 7.0. In the new user form, in the UPB Suffix field, the operator can choose between two values, one default and one optional. In the 7.0 installation strangely in the…

  • Use ARS and/or powershell to create groups - nested & add members automatically?

    We use the lousy nested structure for shared folder ntfs permissions where a domain local group contains a universal which contains a global and the global has the users.  I want to find a way to create the 3 groups required when a new folder is setup…

  • Can no longer grab homedirectory through powershell

    Hi Guys,

    So this is kind of an odd one. We're running ARS 6.9, and recently one of our scripts stopped working. Right now I have a script set up that, on deprovision, copies a user's home folder to our archives. This script has been working for a few…

  • Searching and exporting account information from Active Directory

    I would like to do the following with AD accounts:

    Export the following fields from Active Directory to an Excel sheet with the appropriate headers:

    Under AD Account's General Tab: First Name, Last name, Display Name, Description, Office, Telephone Number…