Browse By Tags

  • Access denied managing two domains on single ARS server

    I have ARS configured on one of our domain (abc.com), we had a request to setup ARS for an another domain. We want to have both the domain setup on the same ARS Server & both the domain appear & manage under the same ARS website.

    I've added the…

  • if we made changes in spmlschema.config file is restart needed

    HI,

    We added virtual attribute in spmlschema.config. is Active Roles restart is need?

    Regards,

    Vinod.

  • Need help to get special information from user as powershell script

    Hello Community. 

    Following problem i have.

    We useing Blackberry Server as MDM.

    I need a script that get the Username which have activated Blackberry UEM Android for Wor, Blackberry Work Dynamics and Blackberry allowExport Contacts.

    Those information…

  • How to call a remote powershell script from within a ARS workflow?

    Hi all, 

    Using ARS 7.4.3. I have a rather long Powershell script which I would like to start from a workflow. Meaning the workflow starts an Active Roles Powershell script which then fires the external script. In a normal powershell command windows, I…

  • addRequest was not working in Active Roles server

    addRequest was not working in Active Roles server

  • ARS - Replication status "unknown" / Publisher - Subscriber

    Hi, 

    I have two ARS servers and two DBs, configured one of the ARS servers and promoted it as Publisher.
    I then added the second server as subscriber.

    Both ARS servers 2016 are running under version 7.4.3.110, SQL servers are 2016.

    In the ARS console, under…

  • ActiveRoles removal from One Identity Manager

    Hi,

    After over a year away from OIM, I've returned to handling the product and tasked to remove or decommission ActiveRoles.  What are some best practices/aspects to accomplish removing ARS from OIM, and replacing it with native Active Directory updates…

  • ActiveRoles Management Shell for Active Directory version 1.6

    Hi team,

    I know that ActiveRoles Management Shell for Active Directory version 1.5 was last free version post that they have mentioned it should be commercial software but however no details on version 1.6 if it is free or commercial, because 1.7 mentioned…

  • (edsaisdynamicgroup=True)

    Helo,

    I'm having an issue with seeing all dynamic groups using this query. I query and not all show. When i look up and individual group that does not show in the query I check edsaisdynamicgroup and it is showing true.

    Anyone know how to correct…

  • Integrating ARS with BambooHR (3rd party HRIS software)

    Hi! We are looking to integrate ARS with BambooHR. We would like to use BambooHR (3rd party cloud based HRIS software) to create our user accounts, then push them to ARS so all the policies, workflows, etc are used when the user is created in AD. Is this…

  • Exchange Properties of users are not getting open for some users

    Hello,

    We are recently facing the issue on few users for whom we are not able to open exchange properties. Other tabs are working fine, but when we select exchange properties in ARS portal after opening user general properties, it takes time and finally…

  • Active Roles Upgrade - Slow SQL Replication

    During Active Roles upgrade to 7.2 version we caught such a problem:

    After deploying new change history databae on new server and configuring it as publisher we added a subscriber. 95% of database on publisher migrated during first hours, but the rest…

  • Error while undo-deprovisioning users

    I got ARS upgraded to 7.4.3 upgraded to our test environment, during testing i found out i get an error while doing a undo-deprovionsing user from the Disabled Users - deprovionsined users container

    The error says 'Built-in Policy - Dynamic Groups' failed…

  • Populate attribute with list of Server Names

    I am trying to build a Workflow for User Logon restrictions. I need the workflow to search for servers that exist in different groups, OU's or managed Unit. If necessary i can consolidate them into 1. The issue is I need to then populate the user attribute…

  • Password Generation Script (Latest) (296930)

    Password Generation Script (Latest) (296930)

    As per the below KB, I'm trying to modify our password generation script to remove obscure characters such as "^-')({" from the ARS password generation action, i tried to use the the script in the KB and modified…

  • Stale User Deprovision and Undoing deprovision

    I have a workflow that runs ever night. It will automatically deprovision any user with a certain timeframe of inactivity. Every now and then, a user does attempt to use their account and we have a process to undo the deprovisioned status in place. However…

  • Get-QADuser - Odd Behavior - Using SerializeValues switch alters datetime values

    Hey Community,

    Ran into an odd behavior when utilizing the SerializeValues switch for Get-QADUser.

    Whenever it is used in a query that includes an DateTime values, it reformats it and changes the value by an hour or two in the past.

    Example.

    Get-QADUser…

  • Getting msExchRecipientDisplayType values via $dirObj, returns a System.__ComObject reference, not the integer.

    I am writing a powershell policy script to detect remote mailbox types (EXO), ARS is not connected to Azure.
    $DirObj.GetInfoEx(@("msExchRemoteRecipientType","msExchRecipientTypeDetails","mail"),0)
    $msExchRecipientTypeDetails…

  • Web Interface Command Filter on Group Member

    So I am trying to see if it is possible to only show a custom group command to a user only if that user is NOT a member. I am aware of the AVFilter in the <IsCommandAllowedFilter> tag, but that seems like it only takes hard-coded strings, in which my…

  • Issue: clearing edsva-ScheduledLink-Endtime - unintended consequence

    Hi - We leverage temporal group membership to control the length of time a user can remain password allowed before being flipped back to smartcard required.

    When we need to reset the edsva-ScheduledLink-Endtime  for entries in the group, we clear that value…

  • Any possibility to import configuration from 6.9 to a non-newly created 7.4 database ?

    Dear All,

    We built a new ARS farm of 2 servers in 7.4 using 2 mutualized databases (one for config and one for history) 6 monthes ago.

    Our old farm in 6.9 is still in production and we made some changes on it during these 6 monthes (Policies, dynamic…

  • try catch not working

    I wrote a custom powershell script and have it run in a workflow.

    I'm having an issue with the try catch statement. If I remove try catch and just run the command inside the try method, the workflow executes fine. However, when a try catch is added,…

  • Policies for Custom Form on the Web Interface

    Greetings!

    So I have been "handed" a website that uses the Active Roles Server software and I was curious on if anybody could shed some light on how policies are incorporated within a custom web form. Our company has created a form that allows admins…

  • ARS: The specified Domain is not available for Management. The specified Domain either does not exist or could not be contacted.

    Hi,

    I've installed ARS on a on a separated Domain and now try to add managed Domains in other non-trusted Domains. All ports form the ARS documentation are open against the specific Domains, but I am still facing the error that the Domain can't be contacted…

  • Quickconnect Deprovision from DB2 Table to Active Roles

    Source System: DB2 Table

    Destination: Active Roles Server

    I have the synchronization service read data from a table. This table is formed by user submission to deprovision accounts. From the sync server, I send a deprovision job over to Active Roles…