Is it possible to create a query based distribution group where the LDAP query compares two attributes and adds a user to the group if they are not the same?

The two attributes that I want to compare are 'mail' and a virtual attribute 'edsvaFirstEmailAddress…

Hi everyone,

Does anyone know how I can set an attribute of my choice, to the e-mail address of the secondary owner of the workflow target? 

So far, I have the following: 

>>Operation execution: Create User; where secondary owner of workflow target is not…

We are looking for a solution to the following. We have employees that are assigned managers in ARS. We have found that if the Manager account deprovisions, the user account is not updated to reflect that the Manager account has been deprovisioned. What…

Hello ,

To test a scenario out where I have a single Managed unit with all users. Only want admins from same department to see and modify users from same department.

Enabled AD claim rules on domain and ARS server, setspns as described in the admin guide…

Hello im hoping one of you fine people can help me with a dilemma..

I have a workflow where if the user selects a Virtual Attribute say "edsvaCreateADM" it will go and create the Admin Account with all the attributes populated... however, I have put a…

Hello, Im hoping someone can give me a hand.

Im trying to update the users Deprovision Report record in a script after I have performed a function.. the script is being called by a workflow.

This is an example what I tried..

Function Oninit($Request)

We've got Okta provisioning users, soon to be from Workday, through Okta, and then into AR. However, the issue that I'm running into is that when a user is created in Okta that then is replicated to ARS, ARS isn't seeing it as a new user creation. Because…

Active Roles 7.3.1 is now live on the Support Portal!

Software and documentation are available at the following locations:

https://support.oneidentity.com/active-roles/7.3.1/download-new-releases

https://support.oneidentity.com/active-roles/7.3.1/technical…

I have a bunch of users who have (quite properly) the ability to reset passwords.  Unfortunately, a number of them are abusing this ability by resetting (rather than changing) their own passwords so that they keep the same password in spite of the password…

Active Roles 7.2.1 public hotfix is now available on the Support portal (KB 250838).

https://support.oneidentity.com/kb/250838

This hotfix package addresses several issues with Active Roles 7.2.1 and the Collector and Report pack.

Currently using ARS 7.2.1 in a hybrid environment with on-premise Exchange and O365.  ARS is currently detecting the on-prem exchange environment and causing a few minor issues.  Is there a way to stop ARS from detecting the on-prem exchange environment…

Hello, 

I am trying to create a new button within ARS web. 

This button would need to , Expire the user account. Disable the account, Change the password and also write a description, 

Is there anyway to do this or would we need to create a new script for…

After upgrading to ARS 7.2.1 some users are no longer able to be disabled. The option is gone from the right click context menu for the user in the console. There is an option to deprovision, but not disable. I'm unable to figure out why. Two different…

Active Roles 7.2.1 public hotfix, KB 247276, is now available on the Support Portal:

https://support.oneidentity.com/kb/247276

This hotfix package address several issues with both Active Roles and the Sync Service.

We recently updated 2 servers to patch 4 for ARS 6.9 and since then, when attempting to reset passwords of users using the ARS MMC or web interface, the password reset dialog hangs and the session becomes unusable. This can be remedied by resetting the…

Hello,

We just upgraded to 7.2 and seem to be having some dynamic group issues.

Object are not getting added to dynamic groups right away as they were in 6.9.

An object will get added instantly when you create the object in ARS but when created in AD…

Hi, I've installed the new ARS 7.0.3.2320 version, old version is 6.7.0. I am using the exact same scripts for the new version.

When I am now unlock a locked account over ARS web, the event viewer on the ARS server shows:

operation: modification on…

I'm disappointed to see that in ARS 7.2, still, the Generate Password function does not take into account Fine Grained Password Policies.

Has anyone else found a way to get around this? I have different departments that need to have different length…

We would like to use Synch Service to update user's group membership from a SQL DB, instead of manually adding groups. We get the below message and found a KB article that says to create a virtual attribute for each group, but this workflow will apply…

I would like to automate the KRBTGT user password reset via a workflow as a countermeasure to the Golden ticket problem.

I've tried to set up a workflow that makes works as follow

search activity looks for users  in active directory with condition samaccountname…

 Hey guys,

is it possible to give a user-group permissons (eg PW-reset) on all user in another user-group? Further we need do design this delegation dynamic.

An example:

All members of the group "APW123" can reset the password for each user, that is member…

I would like to create a managed unit to find Inactive users, I know there is a workflow that can search inactive users.  I was thinking a managed unit with a custom search but not sure.

I am recreating all my site and want to know how to remove breadcrumbs and the tree view Tab in the new web interface in version 7.2

This is an advisory notification on changes to current product version support status in line with our life cycle policy.

Support for Active Roles 7.0.2 will be in discontinued support on November 30, 2017. To ensure your product is eligible for full…