Hi everybody,
In our environment we need to create temporary users in active directory and deprovision them after X hours (with a maximum of 12 hours).
We thought of using AD group temporary memberships.
Specifically, when a user is created, it is added…
My users are complaining that they can't see entire branches of the tree view. We're working on weaning users off ADUC and this is a concern because ADUC users are accustomed to working from the tree view.
Is there a security setting that exposes…
When I run below cmdlet from server "A", system returns below exception. However, another engineer runs same cmdlet from server "B", it works fine from his end. I was told that probably ARS module is missing but I do not know what ARS module is missing…
After importing ActiveRolesManagementShell module into powershell script, I was able to run Get-QADuser cmdlet successfully. From this article, Get-QADUser Reference – iTomation I found different ways of using Get-QADUser cmdlet.
I am looking for…
Hi,
I'm using the following command to set account expiration date but it is not working.
Set-QADUser -Identity username -AccountExpires date
The AccountExpires value changes, but not AccountExpirationStatus value doesn't changes. Also, on the…
Hi,
I'm using the following command to set account expiration date but it is not working.
Set-QADUser -Identity username -AccountExpires date
The AccountExpires value changes, but not AccountExpirationStatus value doesn't changes. Also, on the…
Hi,
I'm using the following command to set account expiration date but it is not working.
Set-QADUser -Identity username -AccountExpires date
The AccountExpires value changes, but not AccountExpirationStatus value doesn't changes. Also, on the…
Hello -
I've inherited an Active Roles installation on an AD domain so I'm still learning some of the ins and outs of it.
I have a need to create an OU structure, within our existing managed domain, that is not managed by Active Roles. So, effectively…
Hi guys,
I'm currently trying to build a guest account invitation process in ARS (8.1.5.) and added several new virtual attributes to the "EDS-Azure-GuestUser" class.
Is there a way to add those attributes to a policy? When I select "EDS…
Hi all. Is there a way to publish data (write-back or outbound events) from ARS to an SCIM endpoint?
AFAIK the SCIM connection can only be used as source.
Any thoughts?
So, customer is interested in using ARS to connect to a middleware through some kind of not yet defined protocol (SCIM maybe?) in order to do user management and provisioning for multiple systems.
Rules for each system will remain in middelware layer…
Hi,
I want to configure just-in-time-privileges so that when I check out an AD-account in Safeguard SPP this account will be enabled and configured as a member of a group in AD, i.e. Domain Admins. I find several videos and demos describing this, but…
Gi w og waj off fi osukh vbs kv vk kh gi gesi og zeb bheed if garib esn mg zade
Getting an issue with QAD Powershell Cmdlets in Windows 11, running ARS 8.1.5:
The below works fine when ran from the ARS (Windows 2022) Server - all Deprov tasks complete as per the deprovisioning policy based on the Managed Unit:
Connect-QADService -Service…
Hi,
I have been trying to get additional attributes (description f.e.) when copy a user from Web Interface, but with $Request method on a Powershell script it's has been impossible to get the source object.
I finally used the VB scipt that is at the…
I created a Managed Unit with multiple Include queries. The result shows me the display name, distinguished name and SAM account name of user objects.
Is it possible to export (powershell) this list to a CSV file?
Hi Team,
we are using the ARS command Get-QADUser for the target domain and the PowerShell command Get-ADUser for the source domain to synchronize UNIX attribute values from the source to the target. The script flow is as follows for UNIX attribute synchronization…
Hi Team,
we are using the ARS command Get-QADUser for the target domain and the PowerShell command Get-ADUser for the source domain to synchronize UNIX attribute values from the source to the target. The script flow is as follows for UNIX attribute synchronization…
Hello,
Hope everyone is having a good holiday season.
Does anyone know if there is a way to set the password sync rule retry option on a small delay?
Any help on this is appreciated.
Thank you,
Lu
Hello,
I am looking to Execute an Active Roles Workflow after the creation of an Entra Object. Is this supported? I don't see a place to scope in "Azure" when building out the Workflow policies.
It would be as simple as something like onPostCreate…
Someone knows how to scheduled a task to disconnect/kill Active Role server user sessions on a daily basis ?
Hi,
I had a record that out client secret was expiring soon and went to renew it but it looks like in Azure that it uses a certificate instead of a secret, and that isn't expiring for another year. Apologies for the daft question but how to I check…
Hi,
I'm looking into using Active Roles to create/update Rooms in Places/Room Finder. The main attributes and Capacity etc are fine but there are attributes for audio, video and wheelchair accessible which don't seem to be accessible to Active Roles…
Hello All, I have a need to user Active Roles cmdlets to script the mailbox disablement of DL's and Users. I have the user one but not sure what to use for Groups.
User Mailbox disablement: (This works)
Set-QADUser -Identity $userObj -Proxy -ObjectAttributes…
