Browse By Tags

  • Active Roles scheduled script dies on access denied


    I have a Active Roles script module to move dormant objects using Move-QADObject and -ErrorAction SilentlyContinue.

    When i run it as a scheduled task the script dies when access is denied to move an object.

    I can run the job in ISE no problem and…

  • Group Owner unable to remove secondary owner from Web Portal


    I have "ActiveRoles Built-in\Primary Owner (Managed By)" setup for users to Read / Write Secondary Owners.

    Users are able to add but the remove button is grayed out. I cannot see where the permission need to be applied to allow the user…

  • One Identity EMEA Partner Awards 2020 -- WINNERS

    One of the highlights of the year for One Identity is the Annual Partner Awards.  Usually, we coincide this with the EMEA UNITE Partner Conference, but this year since our event in Barcelona, Spain was postponed, we want to celebrate our 2020 award winners…

  • Error while undo-deprovisioning users

    I got ARS upgraded to 7.4.3 upgraded to our test environment, during testing i found out i get an error while doing a undo-deprovionsing user from the Disabled Users - deprovionsined users container

    The error says 'Built-in Policy - Dynamic Groups' failed…

  • Create Dynamic Group in PowerShell

    The script creates a brand new Group and converts it to Dynamic upon setting the MemberShip rules.

    If the group already exists, remove the "New-QADGroup" command.

    This was tested in Active Roles 7.4.1.

    NOTE: This is provided "AS IS" and is not…

  • Is Active Directory obsolete?

    What’s all this talk about Active Directory being obsolete?

    You may have heard rumblings that Microsoft Active Directory – lovingly acronymed as ‘AD’ – is “becoming obsolete and should be replaced”. You may have also heard that “you should reduce…

  • Active Roles Rapid recovery campaign

    Campaign description 

    The theme of this campaign is focused on readiness and efficiency in Active Directory management as we prepare for the end of the crisis.  As organizations furloughed employees, reduced work-forces, or switched users to remote status…

  • Help exporting list of OS versions for multiple machines using Active Roles Management Shell

    Hi all,

    Apologies if this is in the wrong place,

    I'm very new to Active Roles and have been tasked with obtaining the OS of multiple machines throughout the business.I have the list in a .CSV format and I would like to run a script that will ask Active…

  • One Identity Support Product Public RSS Feeds

    We have recently made several improvements to our product RSS feeds. They are now updating in real time so that you can immediately see any new content posted for the product you have an interest in.

    From our Support portal, when viewing a product, you…

  • Dark Present but Brighter Future for AD Account Lifecycle Management

    From onboarding new hires to quickly removing access of fired employees, tracking promotions, third-party access and an organization in constant flux, account lifecycle management can turn into a security nightmare for enterprises. High maturity – high…

  • You Can Live a Dual Life – Use Cases and Solutions for a Hybrid World

    Hannah Montana was right: you can have the best of both worlds. Though the late 2000s teen queen was singing about her secret double life as a high-flying pop star and a down-to-earth high school student, it turns out that that life goal now also applies…

  • Can Pauline Find Productivity without AD-Centered Identity Management?

    Which introductory experience do new hires to your organization get? Are they able to login on their first day and access all necessary resources to do their basic job? Or… are they temporarily assigned a left-over cubicle with no phone, computer or network…

  • Starling Connect extends your identity administration and governance capabilities to the cloud

    You already know the amazing capabilities of One Identity Active Roles and how it simplifies and centralizes provisioning and deprovisioning processes for your Active Directory and Azure Active Directory-controlled identities. You know that it provides…

  • PowerShell Library Source Code

    # *****************************************************************************
    # Best Practices Library For PowerShell
    # *****************************************************************************\
    # Copyright One Identity
    # Last modified: July 5, 20…

  • ARS upgrade path from 6.8 to 7.3?

    I've been tasked with upgrading our Quest ARS environment.  Is there any documentation or recommendation on an upgrade path from ARS 6.8 to 7.3?  Our 6.8 environment is a just single server and management wants to go with a full HA/DR solution with…

  • UnDeprovision In ActiveRoles Sync Engine


    So I can see in the Sync Engine workflows (Old QC)  we have the ability to deprovision a user. we can deprovision if the user doesn't exist in the CSV file.. or trigger a Deprovision based on Field if we are pulling from SQL.

    However, I don…

  • ARS Quesry Based Distribution Group

    Is it possible to create a query based distribution group where the LDAP query compares two attributes and adds a user to the group if they are not the same?

    The two attributes that I want to compare are 'mail' and a virtual attribute 'edsvaFirstEmailAddress…

  • Perform batch operations on User objects from the web client

    Has anyone been able to create a custom command that can be performed against multiple selected objects?  I created a custom command that would set the edsvaProtectFromDeletion attribute to 'TRUE', but this command only appears when a single objects is…

  • difference between active roles version.


    Can anybody provide the details about the difference between active roles version 6.9 vs version 7.3.



  • Web customization not replicating to users - ARS 7.2.1


    We recently made a change the group form in Directory.

    The changes don't seem to be replicating to users.

    I see the changes when i logon to the admin console and login as the ARS Admin.

    I've save and reloaded the portal for publishing several…

  • Does Active Roles support Hybrid Joins to Starling Services?

    Yes, starting with Active Roles 7.3.1, we added support for Hybrid Joins to Starling Services.

    Please see the following article for the latest information on what products and minimum versions are required to take advantage of the Starling Services Hybrid…

  • Unable to set edsvaSecondaryOwnersCanUpdateMembershipList attribute on a group object using PowerShell

    Hello all,

    I have run into another snag when trying to modify objects in ARS with PowerShell. Currently, I am working on scripting DL creation but am hung up on changing one attribute. My current code is as follows:

    Connect-QADService -Proxy


  • If you are a One Identity customer you really should read this post!

    One Identity Hybrid Subscription

    Recently, we have released a new version of One Identity Safeguard, Password Manager and Active Roles. Each of these releases now offers the One Identity Hybrid Subscription enabling you to ‘join’ your on-prem product…