• I want to create computer objects without accessing the ARS console

    I tried with the below code but it gives error.

    powershell.exe -command New-QADComputer -Name <Name of the new computer> -ParentContainer "<OU-Copied the distinguishedName of an earlier computer object from the AD>" -ObjectAttr…
  • Setting Virtual Attribute on the fly when user Properties are opened

    Hey Everyone,

    First post and still quite a newb with Active Roles so don't mind the brief ignorance you may see :)

    Basically my end goal is to make a Tab in the web interface User Object properties window only visible when a virtual attribute is…

  • Upgrade ARS 6.8 and Upgrad Server OS and SQL-Version - All in one step possible?

    Hello All,

    I have to upgrade ARS from Version 6.8 to an up-to-date Version. And I also have to update the Server OS and SQL-Version. For my understanding of the ARS update path document I first have to update to Version 6.9 before I can go to Version…

  • UnDeprovision In ActiveRoles Sync Engine

    Hello, 

    So I can see in the Sync Engine workflows (Old QC)  we have the ability to deprovision a user. we can deprovision if the user doesn't exist in the CSV file.. or trigger a Deprovision based on Field if we are pulling from SQL.

    However, I don…

  • ARS Quesry Based Distribution Group

    Is it possible to create a query based distribution group where the LDAP query compares two attributes and adds a user to the group if they are not the same?

    The two attributes that I want to compare are 'mail' and a virtual attribute 'edsvaFirstEmailAddress…

  • Workflow - How to set an attribute to the secondary owner's e-mail address of workflow target?

    Hi everyone,

    Does anyone know how I can set an attribute of my choice, to the e-mail address of the secondary owner of the workflow target? 

    So far, I have the following: 

    >>Operation execution: Create User; where secondary owner of workflow target is not…

  • Active Roles 7.2.1 and Collector public hotfix (KB 250838)

    Active Roles 7.2.1 public hotfix is now available on the Support portal (KB 250838).

    https://support.oneidentity.com/kb/250838

    This hotfix package addresses several issues with Active Roles 7.2.1 and the Collector and Report pack.

  • How can I stop ARS from detecting my on-premise exchange environment? I do NOT want any mail options available at all.

    Currently using ARS 7.2.1 in a hybrid environment with on-premise Exchange and O365.  ARS is currently detecting the on-prem exchange environment and causing a few minor issues.  Is there a way to stop ARS from detecting the on-prem exchange environment…

  • ActiveRoles Managed DLs in O365

    Is there a way or ARS Powershell script to bulk change on-prem MS Exchange DLs to ActiveRole managed DLs in O365.
  • Is there a way to successfully update the MemberOf field using Synchronization Service?

    We would like to use Synch Service to update user's group membership from a SQL DB, instead of manually adding groups. We get the below message and found a KB article that says to create a virtual attribute for each group, but this workflow will apply…

  • change user password via workflow

    I would like to automate the KRBTGT user password reset via a workflow as a countermeasure to the Golden ticket problem.

    I've tried to set up a workflow that makes works as follow

     

    search activity looks for users  in active directory with condition samaccountname…

  • How to remove breadcrumbs

    I am recreating all my site and want to know how to remove breadcrumbs and the tree view Tab in the new web interface in version 7.2

  • Script a different person in a notification other than manager

    I am creating a user and trying to use the notification task in a workflow but i need a way to add a different person other than a manager to send to.  I have a virtual attrib that has a sam account name that would like to send the notification to.  the…

  • New Active Roles Policy

    Hi,

    We want to add 2 new policy's on user creation these are

    Property Generation and Validation

    . accountExpires (accountExpires)

    .edsaMemberOf (edsaMemberOf)

     

    But we want them to be optional not Must be specifed, how can this be done?

     

    regards,

    B…

  • New Active Roles Policies

    Hi,

    We want to add 2 new policy's on user creation these are

    Property Generation and Validation

    . accountExpires (accountExpires)

    .edsaMemberOf (edsaMemberOf)

     

    But we want them to be optional not Must be specifed, how can this be done?

     

    regards,

    B…

  • Self Service Manager - My groups delegation

    We have been using the Admin and Self Service sites for delegated group management within IT and we now have a need to delegate a few groups outside of IT.  I've run into a problem in testing where delegated group managers are not able to search for objects…

  • Notification email: including properties of objects added/removed from groups

    Hi all,

    I seem to recall this being discussed before but I havent managed to find the thread.  I need to send a custom email notification when users are removed from a particular group.  The notification email needs to contain certain attribute data from…

  • Access Denied to Web and Admin Console

    Hi all,

    I have been haveing an issue and am hoping to get some insight.

    I have a user account that should have access to both the web console and the admin console but they keep getting prompted for username and password for the webpage. if they type…

  • Dynamic Groups - Membership Rule Strategies

    Hi all,

    We've been having some discussions within our org about our deployment of Dynamic Groups.   Our deployment strategy has been gradual where we have been converting existing groups and issuing Dynamic Groups for all new requests where possible…

  • Cleanup pending temporal group membership operations

    Hi all,

    I just found that I have a half-dozen pending temporal group membership changes.  It appears that they are well outside of my management history retention and SOL61603 indicates that management history is required for temporal group functionality…

  • Help with Renaming sAMAccountName

    Hi All

    We have a ARS Administration Policy that along with the few standard PVG policies has a policy which forces the UPN Prefix and sAMAccountName to be the same.  This is fine during an account creation, as we supply the givenName and sn and then let…

  • Workflow - Link to Target Object

    I am working on a new workflow notification and would like to include a link to the target object. This would allow the recipient to quickly open the target object in the web console and view the object's properties.   I dont see an OOB token to handle…

  • ARS 6.7.0 - Workflow notification native changes

    All,

    we have implemented a Workflow notification once the groupmembership for the 'Domain Admins' group changes. However this will only be triggered if the change was done with the use of ActiveRoles.

    Does anyone know if this can be achieved as…

  • ARS build best practice

    I'm wondering if anyone has some suggestions on whether they separate out the mgmt servers from the web interface role for ARS and also what you do for failover/high availability?  I also have multiple sites and does anyone have suggestions on how…

  • ARS & Quick Connect - same servers?

    Hi,

    Does anyone have ARS and Quest Quick connect running on the same servers for synching the ad to different databases or in my case I have to synch to a ms sql db but then also add another quick connect job to sync to 1 or 2 lab environments so that…