Hello,

I want to create a dynamic group including all computers with a Distinguished Name containing "CRETEIL".
Unfortunately, the membership rule "Computer distinguishedName Contains CRETEIL" doesn't return any items while many computers have…

Hello,

I have two ARS managed domains which are in the same forest. Let's pretend domain1 and domain2.

I also have two groups, domain1\read-domain1 and domain2\read-domain2 which have the rights "All Objects - Read All Properties" respectiv…

How can I explicitly instruct ARS to execute scripts in PowerShell v7

During Active Roles upgrade to 7.2 version we caught such a problem:

After deploying new change history databae on new server and configuring it as publisher we added a subscriber. 95% of database on publisher migrated during first hours, but the rest…

I got ARS upgraded to 7.4.3 upgraded to our test environment, during testing i found out i get an error while doing a undo-deprovionsing user from the Disabled Users - deprovionsined users container

The error says 'Built-in Policy - Dynamic Groups' failed…

Source System: DB2 Table

Destination: Active Roles Server

I have the synchronization service read data from a table. This table is formed by user submission to deprovision accounts. From the sync server, I send a deprovision job over to Active Roles…

Hello, 

So I can see in the Sync Engine workflows (Old QC)  we have the ability to deprovision a user. we can deprovision if the user doesn't exist in the CSV file.. or trigger a Deprovision based on Field if we are pulling from SQL.

However, I don…

Hi,

I have a workflow that finds inactive user accounts, this has two filters to exclude accounts that have "NODEL" in the comment filed, OR the account password is set to never expire, but the password expiration filter does not seem to be…

I need to implement a workflow/policy script that triggers onPostModify of the mail attribute, both for new users and changes to the mail attribute of existing users, and writes the user's employeeID and mail attribute to a CSV file and uploads it to…

Active Roles 7.2.1 public hotfix is now available on the Support portal (KB 250838).

https://support.oneidentity.com/kb/250838

This hotfix package addresses several issues with Active Roles 7.2.1 and the Collector and Report pack.

Currently using ARS 7.2.1 in a hybrid environment with on-premise Exchange and O365.  ARS is currently detecting the on-prem exchange environment and causing a few minor issues.  Is there a way to stop ARS from detecting the on-prem exchange environment…

The Active Roles 7.2 Language Pack is now available for download here:

https://support.oneidentity.com/active-roles/7.2/download-new-releases

I have a bunch of O365 Distribution Groups that I used to bring down into ARS via the sync tool.  The issue is whenever I add someone to the group it doesn't update in O365.  When I add someone to the managed by field it doesn't update the owner field…

We have a postcreate script (powershell) that we run to set permissions for a users home directory. I am attempting to convert the script from using the users samaccountname to use the users sid. The problem is that from the $Request I am only able to…

We would like to use Synch Service to update user's group membership from a SQL DB, instead of manually adding groups. We get the below message and found a KB article that says to create a virtual attribute for each group, but this workflow will apply…

When creating an account in ActiveRoles and then creating that same account in the tenant, where is the password stored?  Is it also stored in the tenant?  If it is, what process updates that password if the synchronization service is not setup to sync…

I am recreating all my site and want to know how to remove breadcrumbs and the tree view Tab in the new web interface in version 7.2

In the process of upgrading our v6.9 to the latest version but there is a burning issue for which our Operations team is looking for a report. The requirement is to gather the list of all user accounts in AD with their EmployeeIDReference and Division…

I am creating a user and trying to use the notification task in a workflow but i need a way to add a different person other than a manager to send to.  I have a virtual attrib that has a sam account name that would like to send the notification to.  the…

Good day to all..

We got a request from the customer saying.. If a user added to a specific group, workflow trigger a approvals mail to user's manager.

We selected "Manager of person being added or removed from a Target group", in "Approvers…

Hi,

We want to add 2 new policy's on user creation these are

Property Generation and Validation

. accountExpires (accountExpires)

.edsaMemberOf (edsaMemberOf)

But we want them to be optional not Must be specifed, how can this be done?

regards,

B…

We use the lousy nested structure for shared folder ntfs permissions where a domain local group contains a universal which contains a global and the global has the users.  I want to find a way to create the 3 groups required when a new folder is setup…

We've recently had to remove the ARS svc account from the local admin of the server, but this causes the service account to fail with an access denied. If there a minimum amount of granular perms required to offset the need for a local admin? thanks!…

I would like to do the following with AD accounts:

Export the following fields from Active Directory to an Excel sheet with the appropriate headers:

Under AD Account's General Tab: First Name, Last name, Display Name, Description, Office, Telephone Number…