Browse By Tags

  • Managed Domains

    We have setup ARS on domain ABC and its working fine using a service account with domain admin permission. 

    Additionally we have added domain XYZ with a separate domain admin account however when we try to create a user we get the following error: 

    "Ad…

  • Automating user process - retrieve initial password

    Hi, 

    We have setup some new user automation however we would like to store the users initial password somewhere so that we can then send this via email to the IT Technician setting up the users account.

    Does anyone know where this attribute is stored…

  • ARS 7.4.3 Slow WebUI Performance

    We've been noticing slow WebUI performance, particularly in the chromium browsers.  The search results, and action panes take a long time to render (20 seconds or so).  There does not seem to be any real load on the web/admin servers (6 CPU's/24GB of…

  • How to access container in Active Directory using PowerShell

    Hello,

    I would like to restore the deleted objects from the Deleted Objects container. I'm looking for a PowerShell script cmdlet or script.

    Appreciate for the help in advance.

    Thanks 

  • Alternative of Email attribute

    Hi All,

    when we add approvers for group membership additions in Active role. it will trigger email to Primary/Secondary owners to that group for approval. Probably when we add Primary/Secondary owners to groups it automatically read their email attribute…

  • Remove Attribute from Accounts if Deprovisioned

    Hi! I am trying to figure out the best way to handle this situation. When we create accounts, we set 2 virtual attributes (edsvaLMSManager and edsvaLMSApprover). Both of these virtual attributes use the DN of the users that are set for their LMSManager…

  • Quest Powershell to Remove Leading Zero

    How can I remove the first leading zero using powershell?

    I have the following numbers and need them to have the first zero removed.

    00010 >> 0010
    05812>>5812

    Any suggestions?

  • Setting Kerberos delegation on AD user account from Linux via Active Roles

    Hello

    I am wondering if anyone has a solution or ideas on how to use Active Roles to set values for msds-AllowedToDelegateTo attributes (used in Kerberos Delegations ) for an 3rd party application's Active Directory Service account - setting the values…

  • ARS scheduled task script cannot use a script scope variables

    I need to SET a script scope variable value within a function but it appears that the ARS scheduled task environment command shell does not have these available. Here's a simple script to demonstrate the issue ( if you run this in a powershell or even…

  • Computer Dynamic Group Membership Rule Distinguished Name

    Hello,

    I want to create a dynamic group including all computers with a Distinguished Name containing "CRETEIL".
    Unfortunately, the membership rule "Computer distinguishedName Contains CRETEIL" doesn't return any items while many computers have…

  • Get current logged in user

    Hello,

    How to get current logged in user through custom script in ARS?

    Thanks

  • 'Connect-ExchangeOnline' cmdlet from the ARS MMC script module

    Hello,

    I've installed the ExchangeOnline powershell package. Through powershell command prompt ExchangeOnline is connecting. When I tried same cmdlet from ARS MMC script module then its not connecting. Here below is the cmdlet I've used.

    Connect…

  • Uncheck and Disable 'Creation of Mailbox' option in Contact creation wizard

    Hello,

    I'm have tried below script in policy to uncheck and disable 'Create a mailbox' option in the contact creation wizard but its not reflecting on the screen.

    function onGetEffectivePolicy($Request)
    {
    if($Request.Class -ne "contact"){return…

  • "Connect failed: path" error message encountered when opening the Active Roles Configuration Center on 7.4

    Hi Guys, Need help. I cannot connect to Active Roles Configuration Center on 7.4. Showing me "Connect failed: path" error message.

    Please advice how to troubleshoot this. I tried this solution from this link (https://support.oneidentity.com/kb…

  • Cross domain members don't inherit group delegated rights

    Hello,

    I have two ARS managed domains which are in the same forest. Let's pretend domain1 and domain2.

    I also have two groups, domain1\read-domain1 and domain2\read-domain2 which have the rights "All Objects - Read All Properties" respectiv…

  • How to create user validation on a web form.

    I have a form where I want to fill out a requester field which is a custom attribute that field will be the SamAccountName of a user would like a way to do a user picker or something.  maybe like a java lookup tool.

  • Prompt for value during user deprovision

    Hello,

    While deprovisioning user object I would like to prompt to enter custom virtual attribute value.

    Can anyone please let me know how can it will achieved, do I've to do any level customization Active Roles Console for prompting or any policy helps…

  • Stop user creation in OnPreCreate event with PS script

    Hello,

    I'm having a requirement to stop creating the user in OnPreCreate of powershell script.

    If my condition is not satisfied then I have to stop the default user creation.

    Thanks in Advance,

  • Error executing O365 Script "MSOnline"

    Hello community,

    i can not run exchange online cmdlets in the script environment of Active Roltes 7.4.3 

    I use the following code snippet:

    $context.O365ImportModules("msonline")

    $res = $context.O365ExecuteScriptCmd("get-mailbox test@test…

  • How to enable change history rights on the web site

    what are the rights to enable or settings to give access to change history.  I have a helpdesk site but as admin I can access change history on objects i would like helpdesk staff to be able to see that.

  • Azure AD Questions

    Hi all,

    I am new to One Identity products and possibly looking at purchasing Active Roles to automate new user requests from Service Now but I have a few questions that i hope you can help me with:

    Environment

    We currently create users on our on premise…

  • web interface tree menu edit.

    I am running 7.4 and would like to remove a few links from the menu/Views.   I was able to see a forum post on Tree but Not Views.   Another idea was to get rid of this whole section or collapse and not be able to expand.

    Example all i would like is.

    • Active…
  • How to grant SELF to access template with new-qarsaccesstemplatelink

    I am looking for the syntax or if it's even possible to use the NEW-QARSAccessTemplateLink powershell to apply with a trustee of "nt authority\self".  I need to apply some permissions in AD and we prefer to do it all with ARS and sync them…

  • ARWebAdmin and ARS Console shows different information for groups

    Hello my Active Roles Server it is running version 7.4.3 with hotfix 330592 installed.

    Here the issue, logged in Active Roles Server from ARS Console when I select one group it is configured as Global Security Group, but surprise when I access the ARWebAdmin…

  • Set Active Roles (ARS) Scheduled (PowerShell) Script Modules to Execute in PWSH.exe (v6+) vs POWERSHELL.exe

    How can I explicitly instruct ARS to execute scripts in PowerShell v7