Browse By Tags

  • Active Roles Upgrade - Slow SQL Replication

    During Active Roles upgrade to 7.2 version we caught such a problem:

    After deploying new change history databae on new server and configuring it as publisher we added a subscriber. 95% of database on publisher migrated during first hours, but the rest…

  • Error while undo-deprovisioning users

    I got ARS upgraded to 7.4.3 upgraded to our test environment, during testing i found out i get an error while doing a undo-deprovionsing user from the Disabled Users - deprovionsined users container

    The error says 'Built-in Policy - Dynamic Groups' failed…

  • Populate attribute with list of Server Names

    I am trying to build a Workflow for User Logon restrictions. I need the workflow to search for servers that exist in different groups, OU's or managed Unit. If necessary i can consolidate them into 1. The issue is I need to then populate the user attribute…

  • Password Generation Script (Latest) (296930)

    Password Generation Script (Latest) (296930)

    As per the below KB, I'm trying to modify our password generation script to remove obscure characters such as "^-')({" from the ARS password generation action, i tried to use the the script in the KB and modified…

  • Stale User Deprovision and Undoing deprovision

    I have a workflow that runs ever night. It will automatically deprovision any user with a certain timeframe of inactivity. Every now and then, a user does attempt to use their account and we have a process to undo the deprovisioned status in place. However…

  • Get-QADuser - Odd Behavior - Using SerializeValues switch alters datetime values

    Hey Community,

    Ran into an odd behavior when utilizing the SerializeValues switch for Get-QADUser.

    Whenever it is used in a query that includes an DateTime values, it reformats it and changes the value by an hour or two in the past.



  • Getting msExchRecipientDisplayType values via $dirObj, returns a System.__ComObject reference, not the integer.

    I am writing a powershell policy script to detect remote mailbox types (EXO), ARS is not connected to Azure.

  • Web Interface Command Filter on Group Member

    So I am trying to see if it is possible to only show a custom group command to a user only if that user is NOT a member. I am aware of the AVFilter in the <IsCommandAllowedFilter> tag, but that seems like it only takes hard-coded strings, in which my…

  • Issue: clearing edsva-ScheduledLink-Endtime - unintended consequence

    Hi - We leverage temporal group membership to control the length of time a user can remain password allowed before being flipped back to smartcard required.

    When we need to reset the edsva-ScheduledLink-Endtime  for entries in the group, we clear that value…

  • Any possibility to import configuration from 6.9 to a non-newly created 7.4 database ?

    Dear All,

    We built a new ARS farm of 2 servers in 7.4 using 2 mutualized databases (one for config and one for history) 6 monthes ago.

    Our old farm in 6.9 is still in production and we made some changes on it during these 6 monthes (Policies, dynamic…

  • try catch not working

    I wrote a custom powershell script and have it run in a workflow.

    I'm having an issue with the try catch statement. If I remove try catch and just run the command inside the try method, the workflow executes fine. However, when a try catch is added,…

  • Policies for Custom Form on the Web Interface


    So I have been "handed" a website that uses the Active Roles Server software and I was curious on if anybody could shed some light on how policies are incorporated within a custom web form. Our company has created a form that allows admins…

  • ARS: The specified Domain is not available for Management. The specified Domain either does not exist or could not be contacted.


    I've installed ARS on a on a separated Domain and now try to add managed Domains in other non-trusted Domains. All ports form the ARS documentation are open against the specific Domains, but I am still facing the error that the Domain can't be contacted…

  • Quickconnect Deprovision from DB2 Table to Active Roles

    Source System: DB2 Table

    Destination: Active Roles Server

    I have the synchronization service read data from a table. This table is formed by user submission to deprovision accounts. From the sync server, I send a deprovision job over to Active Roles…

  • When launching ActiveRoles74, we receive the following message. Cannot retrieve the Two-Factor Authentication configuration information from the Active Roles Administration Service. This is new installation of 7.4 on new server with new database.

    We have installed version 7.4 on a new server connected to a new database. When launching the ARS console, we get the following message.

    Cannot retrieve the Two-Factor Authentication configuration information from the Active Roles Administration Service…

  • SQL Publisher/Subscriber mode

    Does anyone have any experience with running ARS in a distributed architecture? I'm currently testing a viable solution and have a few questions. 

    1) I have run into an issue with syncing the History database. Our lab history database is 50gb and…

  • Create Workflow with input form for collecting input data

    Hello All,

    I am relatively new to AR, and I have to create a worklow for new users. If the User is created, a multi admin workflow should start. Initialision of the workflow is clear for me. Now the challenge, where I did not know how to achieve this…

  • Does anyone have a slick way to duplicate ADUC aes128/256 checkboxes?

    I've done my share of web customizations to feed the hungry monster help desk … reducing the number of clicks required to assist customers.

    This one - I don't have a warm fuzzy about.   Unless there is some hidden control I'm unaware of.…

  • ARS Script Wiki and Best Practices. Still existing on Quest Website? Or only dead links to Dell Software?

    Hello All,

    I have to implement a solution, where I have to use Workflows with partly User Input and also getting Workflow information in Scripting (prefered PowerShell). I searched these forum for Knowledge about it, but I could not find much. And the…

  • Azure Tenant Global Admin and MFA

    Is there any way to add an Azure tenant to Active Roles when the admin user has MFA enabled?

  • Add-PSSnapin : No snap-ins have been registered for Windows PowerShell version 5.


    I am trying to access Quest AD server via Powershell PSSession which is running in windows 7, powershell 5.1. But the Quest AD server running in Windows 12, Powershell 3.1.

    I am facing  the below error when add-snapin from PSSession

    "Add-PSSnapin …

  • Synchronisation Service SDK/APIs


    While I realise that the bona fide Quick Connect SDK was "delisted" (the CHM help file removed) way back in QC v5.4, the SDK libraries are still present, available, and are updated (e.g., the class library is called ActiveRoles.SyncService…

  • Create secondary alias in à create mailbox policy


    I want to be able to add a secondary email adresse to all my new user account so that I can migrate them to my Office365 during the night.

    I have a policy that creates new exchange account.  I tried to add a new secondary…