For the best web experience, please use IE11+, Chrome, Firefox, or Safari
video 02:59
One Identity Active Roles On Demand delivers automated user account and group management that overcomes the shortcomings of native Microsoft Active Directory and Azure Active Directory tools in a SaaS-delivery. These enhanced identity-management capabilities enable you to do your job more efficiently, more accurately, and with less manual intervention. ISO 27001 certified, Active Roles On Demand is designed with a modular architecture, so your organization can easily meet your business requirements today and in the future. With Active Roles On Demand, you can automate tedious and error-prone administrative tasks and solve security issues by protecting and controlling all-important administrative access.

Key benefits

Automate AD/AAD administration
Regulate admin access
Overcome native AD tool limitations
Expand AD control beyond Windows

One Identity ISO/IEC Certifications

One Identity SaaS solutions are developed, operated, and supported within the scope of the One Identity Information Security Management System, which has achieved ISO/IEC 27001:2013 certification, and is aligned to meet the additional control implementation guidance in ISO/IEC 27017:2015 and ISO/IEC 27018:2019. For our customers, meeting the requirements of these important industrial standards can provide confidence that our cloud infrastructure has been independently verified to effectively manage information security and privacy.

Capabilities

Hybrid AD ready

Hybrid AD ready

Active Roles On Demand is optimized to serve the needs of both on-prem AD and Azure AD in a hybrid deployment. It offers a single console, unified workflows and a consistent administrative experience across your entire hybrid environment. With support for multi-tenant, Active Roles eliminates the cumbersome, error-prone, and unnecessary challenges that come with using separate native tools and manual processes.
Secure access

Secure access

Active Roles On Demand provides comprehensive privileged account management for Active Directory and Azure Active Directory, enabling you to control access through delegation using a least-privilege model. Based on defined administrative policies and associated permissions, it generates and strictly enforces access rules, eliminating the errors and inconsistencies common with native approaches to hybrid AD management. Along with modern authentication using OAUTH, Active Roles On Demand has robust and personalized approval procedures establish an IT process and oversight consistent with business requirements, with responsibility chains that complement the automated management of directory data.
Automate account administration

Automate account administration

Active Roles On Demand automates a wide variety of tasks, including:

  • Creating user accounts and groups in AD and AAD
  • Extending AD/AAD-based account administrative actions to non-Windows systems and SaaS applications
  • Creating mailboxes in Exchange and Exchange Online
  • Populating groups across AD and AAD
  • Assigning resource in Windows

It also automates the process of reassigning and removing user access rights in AD, AAD and AD-joined systems (including user and group de-provisioning) to ensure an efficient and secure administrative process over the user and group lifecycles. When a user’s access needs to be changed or removed, updates are made automatically across all relevant systems and applications in the hybrid AD/AAD environment, as well as AD-joined systems, including UNIX, Linux, Mac OS X rich (replace ‘as well as’ with ‘and’) and a growing collection of popular SaaS applications via the One Identity Starling Connect solution.

Day to day directory management

Day to day directory management

With Active Roles On Demand, you can easily manage all of the following for both the on-prem and Azure AD environments:

  • Exchange recipients, including mailbox/OCS assignment, creation, movement, deletion, permissions and distribution list management
  • Groups
  • Computers, including shares, printers, local users and groups
  • Active Directory and Azure Active Directory

Active Roles On Demand includes intuitive interfaces to optimize day-to- day administration and help-desk operations of the hybrid AD/AAD environment via both an MMC snap-in and a web interface.

Extend the administrative scope

Extend the administrative scope

Active Roles On Demand supports the SCIM standard, which allows any SCIM-enabled SaaS application (via One Identity Starling Connect) to be embraced in the AD-based account and group administration capabilities of Active Roles.
Manage groups and users in a hosted environment

Manage groups and users in a hosted environment

Synchronize AD domain clients with host AD domain in hosted environments. Active Roles On Demand enables user and group account management from the client domain to the hosted domain, while also synchronizing attributes and passwords. Utilize out-of-the-box connectors to synchronize your on-premises AD accounts to Microsoft Office 365, Lync Online / Skype for Business and SharePoint Online.
Consolidate management points through integration

Consolidate management points through integration

Active Roles On Demand complements your existing technology and IAM strategy. It simplifies and consolidates management points by ensuring easy integration with many One Identity products, including Identity Manager, Safeguard, Authentication Services, Password Manager and ChangeAuditor. Active Roles also automates and extends the capabilities of PowerShell, ADSI, SPML and customizable web interfaces.

Active Roles On Demand comes with all the synchronization technology necessary to manage and secure:

  • Oracle Database
  • Oracle Unified Directory
  • Micro Focus NetIQ Directory
  • IBM AS/400
  • Lync / Skype for Business
  • Exchange
  • One Drive
  • SharePoint
  • AD LDS
  • Office 365 (including roles and groups)
  • Azure AD
  • Microsoft SQL Server
  • OLE DB (MS Access)
  • Flat file

Automatic, consistent, and complete management

Automatic, consistent, and complete management
Active Roles overcomes the shortcomings of native tools for hybrid Active Directory management and security

Supported platforms

Lync / Skype for Business
Exchange
One Drive
SharePoint
AD LDS
Office 365
Azure AD
Microsoft SQL Server
OLE DB (MS Access)
Flat file

    Single Pane of Glass

  • Manage all systems in your hybrid AD environment with a single pane of glass

    Single Pane of Glass
  • Access Templates

  • Accelerate provisioning with simple, easily managed access templates

    Access Templates
  • Drag and Drop Workflows

  • Enjoy simplicity with drag-and-drop workflows for user, admin and group tasks

    Drag and Drop Workflows
  • Security Policy

  • Place 'guard rails' around data in AD for efficiency and security

    Security Policy
  • Change History

  • Single-mouse-click view of the "who/what/when/where" of particular objects

    Change History

Specifications

Before installing Active Roles 7.4, ensure that your system meets the following minimum hardware and software requirements.

Active Roles includes the following components:

  • Administration Service
  • Web Interface
  • Console (MMC Interface)
  • Management Tools
  • Synchronization Service

This section lists the hardware and software requirements for installing and running each of these components.

Resources

Active Roles On Demand
Datasheet
Active Roles On Demand
Active Roles On Demand
Active Roles is a unified AD-management tool that secures hybrid environments and much more.
Read Datasheet
Peer Paper: 10 Ways to Manage and Secure Microsoft Active Directory in an Evolving IT World
White Paper
Peer Paper: 10 Ways to Manage and Secure Microsoft Active Directory in an Evolving IT World
Peer Paper: 10 Ways to Manage and Secure Microsoft Active Directory in an Evolving IT World
Thousands of innovative IT leaders worldwide are optimizing their Identity and Access Management programs with improve Active Directory and Azure AD management and security. Read real testimonials on how they improve their environments with Active Roles.
Read White Paper
Security Starts Here – Active Directory Account Lifecycle Management
E-book
Security Starts Here – Active Directory Account Lifecycle Management
Security Starts Here – Active Directory Account Lifecycle Management
Managing Active Directory (AD) and Azure AD accounts, objects and groups is a cumbersome and error-prone task. Often this task creates a barrier to achieving more advanced objectives, such as identity governance and administration (IGA).
Read E-book
EBook - The top five ways to relieve the pain of managing hybrid AD environments
E-book
EBook - The top five ways to relieve the pain of managing hybrid AD environments
EBook - The top five ways to relieve the pain of managing hybrid AD environments
Managing on-prem AD is hard enough, but when you throw Azure AD into the mix things can get out of control quickly. This eBook discusses the top five challenges facing those with a hybrid AD environment and offers actionable solutions to ease the pain.
Read E-book
10 Best Practices for AD Management and Security Efficiency EMEA
Online Event
10 Best Practices for AD Management and Security Efficiency EMEA
10 Best Practices for AD Management and Security Efficiency EMEA

How do real AD Admins and IT leaders manage their Active Directory and Azure AD? Learn from two experts how they combined tools to level up their security and efficiency.

Most Identity and Access Management (IAM) programs reliably center around Active Directory (AD) and Azure AD (AAD) as their foundation. However, as IAM environments move to the cloud, modernize and extend toward governance, IT managers are pained with security and efficiency gaps in native AD, and as such they seek solutions to augment the capabilities of AD which often fall short. Leading companies are defining workable approaches to securing and managing hybrid AD as identity and account governance evolve through cloud adoption and beyond.  

In this webcast, you’ll hear real users’ experiences with One Identity Active Roles and how they supercharged their AD/Azure AD environments. You’ll also learn how to: 

• Enhance your security 

• Increase efficiency and accuracy 

• Implement best practices for AD management 

• Eliminate manual processes and dramatically save time 

Speakers:

Michiel Simon, IT Infrastructure Specialist, Global TelCo

Daniel Conrad, Field Strategist, One Identity

Register for the webinar to get insider information on emerging AD best practices. 

Attend Event
10 Best Practices for AD Management and Security Efficiency
Online Event
10 Best Practices for AD Management and Security Efficiency
10 Best Practices for AD Management and Security Efficiency

How do real AD Admins and IT leaders manage their Active Directory and Azure AD? Learn from two experts how they combined tools to level up their security and efficiency.

Most Identity and Access Management (IAM) programs reliably center around Active Directory (AD) and Azure AD (AAD) as their foundation. However, as IAM environments move to the cloud, modernize and extend toward governance, IT managers are pained with security and efficiency gaps in native AD, and as such they seek solutions to augment the capabilities of AD which often fall short. Leading companies are defining workable approaches to securing and managing hybrid AD as identity and account governance evolve through cloud adoption and beyond.  

In this webcast, you’ll hear real users’ experiences with One Identity Active Roles and how they supercharged their AD/Azure AD environments. You’ll also learn how to: 

• Enhance your security 

• Increase efficiency and accuracy 

• Implement best practices for AD management 

• Eliminate manual processes and dramatically save time 

Speakers:

Tielor Robinson, IT Leader, George Washington University

Michiel Simon, IT Infrastructure Specialist, Global TelCo

Daniel Conrad, Field Strategist, One Identity

Register for the webinar to get insider information on emerging AD best practices. 

Attend Event

Get started now

Simplify the security of your Active Directory

Support and services

Product Support

Self-service tools will help you to install, configure and troubleshoot your product.

Support Offerings

Find the right level of support to accommodate the unique needs of your organization.