www.oneidentity.com
Open in
urlscan Pro
2600:9000:2134:1000:8:5879:3840:93a1
Public Scan
Submitted URL: http://powergui.org/downloads.jspa
Effective URL: https://www.oneidentity.com/products/active-roles/
Submission: On August 16 via manual from US — Scanned from GB
Effective URL: https://www.oneidentity.com/products/active-roles/
Submission: On August 16 via manual from US — Scanned from GB
Form analysis 0 forms found in the DOM
Text Content
For the best web experience, please use IE11+, Chrome, Firefox, or Safari
* Resources
* All Resources
* Learning Hub
* Blog
* Communities
* * United States (English)
* Brazil (Português)
* France (Français)
* Germany (Deutsch)
* Japan (日本語)
* Mexico (Español)
*
* * Account Settings
* Sign Out
* Sign In
* Create Account
* United States (English)
* Brazil (Português)
* France (Français)
* Germany (Deutsch)
* Japan (日本語)
* Mexico (Español)
Products
Main Menu Products
PRODUCTS
PRIVILEGED ACCESS MANAGEMENT
* Safeguard
* Safeguard On Demand
* Safeguard for Privileged Analytics
* Safeguard for Privileged Passwords
* Safeguard for Privileged Sessions
* Safeguard Remote Access
ENDPOINT PRIVILEGE MANAGEMENT
* Privilege Manager for Windows
* Privilege Manager for Unix
* Safeguard Authentication Services
* Safeguard for Sudo
ACCESS MANAGEMENT
* OneLogin Workforce Identity
* OneLogin Customer Identity
* Password Manager
* Defender
IDENTITY GOVERNANCE AND ADMINISTRATION
* Identity Manager
* Identity Manager On Demand
* Identity Manager On Demand Starling Edition
* Identity Manager Data Governance
* Starling Connect
ACTIVE DIRECTORY MANAGEMENT
* Active Roles
LOG MANAGEMENT
* Log Management Appliance
* Log Management Software
* Open Source Log Management
View All Products
Solutions
Main Menu
SOLUTIONS
Achieve identity-centric cybersecurity to protect the people, applications and
data that are essential to business
All Solutions
All Integrations
Solutions
* CYBER INSURANCE
Level up your identity security and satisfy the demands of your cyber
insurance coverage.
* PRIVILEGED ACCESS GOVERNANCE
Close the gap between privileged access and standard user identities across
the enterprise.
* ADVANCED AUTHENTICATION
Fortify your defenses with strong and adaptive authentication, preventing
unauthorized access to your most critical systems, applications and sensitive
data.
* ENHANCE LOG MANAGEMENT
Reliably collect, store and manage logs from hundreds of systems across the
enterprise.
* SUPPORT DIGITAL TRANSFORMATION
Take measured steps to ensure digital transformation initiatives stay in line
with identity security best practices.
* DRIVE OPERATIONAL EFFICIENCIES
Streamline process, reduce errors and minimize complexity associated with
managing identities.
Public Sector
Enable government processes to satisfy regulatory requirements, surpass
operational efficiency goals and improve service delivery.
Support & Services
Main Menu
* Support Portal
* Contact Support
* Communities
* Services
Partners
Main Menu
* Partner Portal
* Deal Alert
* Partner Locator
* MSP Partners
* Partner Blog
About
Main Menu
* About Us
* Our Perspective
* Leadership
* Customer Stories
* News
* Careers
* Contact Us
Resources
Resources
Main Menu
* All Resources
* Learning Hub
Blogs
Communities
United States (EN)
Main Menu
* United States (English)
* Brazil (Português)
* France (Français)
* Germany (Deutsch)
* Japan (日本語)
* Mexico (Español)
Free Trials Request Pricing
Home / Products / Active Roles
ACTIVE ROLES
Simplify identity management and security with visibility of all Azure AD
tenants and Active Directory domains from a single pane of glass. Ensure users
and objects have granular privileged access only when they need it with dynamic
delegation across your identity landscape. Automate manual processes to increase
efficiency and security while accelerating account, group and directory
management.
03:13
Virtual Trial Questions? Contact us Calculate ROI
KEY BENEFITS
INCREASE SECURITY
Deploy Zero Trust Least Privilege for AD
Delegate permissions based on role to ensure only those who should have access
to a given application do, and only for as long as they need it. Find out more
ENSURE DATA INTEGRITY AND COMPLIANCE
Maintain accurate data and reporting
Use automation to ensure accuracy and consistency. Audit capabilities provide
compliance reporting at your fingertips.
SIMPLIFY THE MANAGEMENT OF COMPLEX ENVIRONMENTS
Consolidate onto a single console
Consolidate all AD domains and Azure AD tenants onto a single console, ensuring
better visibility and control over your entire AD/AAD environments.
ESTABLISH AND MAINTAIN CONSISTENCY
Synchronize Directories
Sync multiple data sources across the organization for data consistency and
improved security and efficiency.
BOLSTER EFFICIENCY
Automate AD tasks and group management
Automate tasks to ensure accuracy and consistency and reduce manual demands.
Easily manage identities and groups and move identities and objects among groups
when needed, to accommodate role changes.
CAPABILITIES
HYBRID AD READY
Active Roles is optimized to serve the needs of both on-prem AD and Azure AD in
a hybrid deployment. This Active Directory management tool offers a single
console, unified workflows and a consistent administrative experience across
your entire hybrid environment. With support for multi-tenant, Active Roles
eliminates the cumbersome, error-prone, and unnecessary challenges that come
with using separate native tools and manual processes.
SECURE ACCESS WITH ROLE-BASED DELEGATION AND LEAST-PRIVILEGE ACCESS
Active Roles provides comprehensive privileged account management for Active
Directory and Azure Active Directory. With Active Roles you can implement
rule-based delegation and a least-privilege model for all objects within AD and
Azure AD, including users and groups. Based on defined administrative policies
and associated permissions, Active Roles generates and strictly enforces access
rules, eliminating the errors and inconsistencies common with native approaches
to hybrid AD management. With this approach you can define who should access
what at a granular level for strong security.
AUTOMATES AD ADMINISTRATION
Active Roles excels at automating provisioning of user access rights in AD, AAD
and AD-joined systems (including user and group de-provisioning) to ensure an
efficient and secure administrative process over the user and group lifecycles.
Active Roles automates a wide variety of tasks, including:
* Creating user accounts and groups in AD and AAD
* Extending AD/AAD-based account administrative actions to non-Windows systems
* Creating mailboxes in Exchange and Exchange Online
* Populating groups across AD and AAD
* Assigning resources in Windows
When a user’s access needs to be changed or removed, updates are made
automatically across all relevant systems and applications in the hybrid AD/AAD,
and AD-joined environment. This includes UNIX, Linux and Mac OS X.
SIMPLIFIES ADMINISTRATION AND ACCOUNT LIFECYCLE MANAGEMENT AND SECURITY
Active roles allows you to view and manage multiple AD domains, Azure AD and
O365 tenants from a single pane of glass, simplifying administration across your
identity ecosystem. With Active Roles, you can manage objects, users and groups,
securely synchronizing attributes and passwords from the client domain to the
hosted domain. The following can be managed for on-prem, cloud and hybrid
environments:
* Exchange recipients, including mailbox/OCS assignment, creation, movement,
deletion, permissions and distribution list management
* Groups
* Computers (including shares) printers
* Active Directory security
* Cloud-based Azure AD provisioning
Active Roles includes intuitive interfaces to optimize day-to- day
administration and help-desk operations of the hybrid AD/AAD environment via
both an MMC snap-in and a web interface.
ENSURES AD DATA INTEGRITY AND COMPLIANCE
With Active Roles you can establish consistency and accountability through
automation. Audit capabilities support compliance reporting. Along with modern
authentication using OAUTH, Active Roles has robust and personalized approval
procedures that establish an IT process and oversight consistent with business
requirements, with responsibility chains that complement the automated
management of directory data.
Active Roles allows you to Sync multiple data sources across the organization
for consistency and improved security and efficiency.
ACTIVE ROLES AND ONELOGIN WORKFORCE IDENTITY WORKING TOGETHER
The powerful combination of Active Roles and OneLogin helps:
* Increase efficiency and consistency of user and group access management
across legacy and cloud applications to help accelerate IT admin and user
productivity
* Empower organizations to adopt a least-privilege model, strengthening overall
security
* Provision role-based access to applications (OneLogin) based on real-time
sync with AD (managed by Active Roles) to ensure AD admins and users have
only the rights necessary to do their job
Watch Webcast: One Identity Active Roles and OneLogin: Unlocking the value of
this powerful combination
INTEGRATION WITH OTHER AD-CONNECTED SOLUTIONS
Offering seamless integration as a privilege access management solution for AD,
Active Roles complements your existing technology and IAM strategy. It
simplifies and consolidates management points by ensuring easy integration with
many One Identity products, including Identity Manager, Safeguard,
Authentication Services, Password Manager and Change Auditor. Active Roles also
automates and extends the capabilities of PowerShell, ADSI, SPML and
customizable web interfaces.
SECURE PRIVILEGE ACCESS MANAGEMENT FOR AD/AAD
Active Roles provides automated user, group and object privilege access with
delegation for secure, efficient and consistent identity management.
SUPPORTED PLATFORMS
To find out what platforms are supported
Please click here
TOUR
You’ll only need one Active Directory management tool to control your hybrid AD
environment.
Previous Next
Single Pane of Glass
Access Templates
Drag and Drop Workflows
Security Policy
Change History
Microsoft/Office 365 Licensing
Microsoft/Office 365 Roles
SINGLE PANE OF GLASS
You'll only need one management tool to control your hybrid AD/Azure AD
environment.
ACCESS TEMPLATES
Accelerate provisioning with simple, easily managed access templates
DRAG AND DROP WORKFLOWS
Enjoy simplicity with drag-and-drop workflows for user, admin and group tasks
SECURITY POLICY
With enhanced Active Directory security features, places 'guard rails' around
data
CHANGE HISTORY
Single-mouse-click view of the "who/what/when/where" of particular objects. No
other Active Directory management tool offers such simplicity and
effectiveness.
MICROSOFT/OFFICE 365 LICENSING
Assign and manage Microsoft/Office 365 licensing directly in Active Roles.
MICROSOFT/OFFICE 365 ROLES
Assign and manage Microsoft/Office 365 tenant roles directly in Active Roles.
Read user reviews from the tech community.
slide 5 to 6 of 3
* Easy to use and Provides granular control from a single pane of glass
Having a tool to manage all changes to AD from a single pane of glass is
awesome
Willie C.
Director Identity & Access Management at a tech services company with
1,001-5,000 employees
Full Review »
* ARS has been instrumental in ensuring accounts get cleaned up when they get
deprovisioned
Active Roles saves a lot of man-hours in keeping groups up-to-date manually
or trying to write some sort of script that you have to run, so we don't have
to reinvent the wheel
IT Lead, Security services
IT Lead, Security services at a aerospace/defense firm with 10,001+ employees
Full Review »
* Flexibility and extensibility of the platform allowed us to achieve far more
efficiencies than we ever expected
Flexibility and extensibility of the platform allowed us to achieve far more
efficiencies than we ever expected
Becky P.
Sr Business Analyst at George Washington University
Full Review »
* Easy to use and Provides granular control from a single pane of glass
Having a tool to manage all changes to AD from a single pane of glass is
awesome
Willie C.
Director Identity & Access Management at a tech services company with
1,001-5,000 employees
Full Review »
* ARS has been instrumental in ensuring accounts get cleaned up when they get
deprovisioned
Active Roles saves a lot of man-hours in keeping groups up-to-date manually
or trying to write some sort of script that you have to run, so we don't have
to reinvent the wheel
IT Lead, Security services
IT Lead, Security services at a aerospace/defense firm with 10,001+ employees
Full Review »
* Flexibility and extensibility of the platform allowed us to achieve far more
efficiencies than we ever expected
Flexibility and extensibility of the platform allowed us to achieve far more
efficiencies than we ever expected
Becky P.
Sr Business Analyst at George Washington University
Full Review »
* Easy to use and Provides granular control from a single pane of glass
Having a tool to manage all changes to AD from a single pane of glass is
awesome
Willie C.
Director Identity & Access Management at a tech services company with
1,001-5,000 employees
Full Review »
* ARS has been instrumental in ensuring accounts get cleaned up when they get
deprovisioned
Active Roles saves a lot of man-hours in keeping groups up-to-date manually
or trying to write some sort of script that you have to run, so we don't have
to reinvent the wheel
IT Lead, Security services
IT Lead, Security services at a aerospace/defense firm with 10,001+ employees
Full Review »
* Flexibility and extensibility of the platform allowed us to achieve far more
efficiencies than we ever expected
Flexibility and extensibility of the platform allowed us to achieve far more
efficiencies than we ever expected
Becky P.
Sr Business Analyst at George Washington University
Full Review »
* Easy to use and Provides granular control from a single pane of glass
Having a tool to manage all changes to AD from a single pane of glass is
awesome
Willie C.
Director Identity & Access Management at a tech services company with
1,001-5,000 employees
Full Review »
* ARS has been instrumental in ensuring accounts get cleaned up when they get
deprovisioned
Active Roles saves a lot of man-hours in keeping groups up-to-date manually
or trying to write some sort of script that you have to run, so we don't have
to reinvent the wheel
IT Lead, Security services
IT Lead, Security services at a aerospace/defense firm with 10,001+ employees
Full Review »
Read more reviews
RESOURCES
View All
Datasheet
ACTIVE ROLES AD MGMT
Secure and automate the administration, access and provisioning of users and
groups for AD/AzureAD
White Paper
KUPPINGERCOLE REPORT EXECUTIVE VIEW ON ACTIVE ROLES
Read the KuppingerCole Executive View report from analyst Martin Kuppinger on AD
account lifecycle management and One Identity ...
Datasheet
KICKSTART ZERO TRUST WITH ACTIVE ROLES AND ONELOGIN MFA
Organizations should view Zero Trust as a journey that begins with the
protection of identities, many of which reside in Active...
White Paper
10 STEPS TO ENHANCE THE AGILITY, SECURITY AND PERFORMANCE OF ACTIVE DIRECTORY
In this document, you will learn 10 steps to enhance the agility, security, and
performance of Active Directory. Each step will...
White Paper
IDC SPOTLIGHT: FORTIFY ACTIVE DIRECTORY TO IMPROVE SECURITY AND EFFICIENCY
Read this analyst Technology Spotlight, written by IDC’s Jay Bretzmann and Frank
Dickson, to get an overview of how organizatio...
E-book
UNIFIED HYBRID ACTIVE DIRECTORY
Managing on-prem AD is hard enough, but when you throw Azure AD into the mix
things can get out of control quickly. This eBook ...
White Paper
4 BENEFITS OF JUST-IN-TIME (JIT) PRIVILEGE
Active Directory (AD) is a prime target for bad actors. Learn about the 4
benefits of Just-In-Time Privilege, and how they help...
Case Study
THE CITY OF COPPELL SECURES CITIZEN AND EMPLOYEE INFORMATION WITH ACTIVE ROLES
Active Roles removes cumbersome and error-prone manual processes from Active
Directory user lifecycle management
Previous
*
*
*
*
*
*
*
*
Next
GET STARTED NOW
Simplify the security of your Active Directory
Virtual Trial Questions? Contact us Calculate ROI
RELATED PRODUCTS
SAFEGUARD AUTHENTICATION SERVICES
Leverage AD bridging to unify policy-based management across Unix, Linux, and
Mac systems
View Product
STARLING CONNECT
Extend identity governance and AD/AAD strategy to cloud application onboarding
and governance
View Product
PASSWORD MANAGER
Enable end-user self-service to reset passwords and unlock accounts in a secure
password solution
View Product
Previous
*
*
*
Next
SUPPORT AND SERVICES
PRODUCT SUPPORT
Self-service tools will help you to install, configure and troubleshoot your
product.
SUPPORT OFFERINGS
Find the right level of support to accommodate the unique needs of your
organization.
EDUCATION SERVICES
Training courses delivered through online web-based, on-site or virtual
instructor-led.
Previous
*
*
*
Next
SPECIFICATIONS
Before installing Active Roles 7.4, ensure that your system meets the following
minimum hardware and software requirements.
Active Roles includes the following components:
* Administration Service
* Web Interface
* Console (MMC Interface)
* Management Tools
* Synchronization Service
This section lists the hardware and software requirements for installing and
running each of these components.
ADMINISTRATION SERVICE
Platform
Any of the following:
* Intel 64 (EM64T)
* AMD64
* Processor speed: 2.0 GHz or faster
For best results, a multi-core processor recommended.
Memory
At least 2 GB of RAM. The amount required depends on the total number of managed
objects.
Hard Disk Space
100 MB or more of free disk space. If SQL Server and Administration Service are
installed on the same computer, the amount required depends on the size of the
Active Roles database.
Operating System
You can install Administration Service on a computer running:
* Microsoft Windows Server 2019, Standard or Datacenter edition
* Microsoft Windows Server 2016, Standard or Datacenter edition
* Microsoft Windows Server 2012 R2, Standard or Datacenter edition
* Microsoft Windows Server 2012, Standard or Datacenter edition
NOTE: Active Roles is not supported on Windows Server Core mode setup.
Microsoft .NET Framework
Administration Service requires Microsoft .NET Framework 4.7.2 (see “Installing
the .NET Framework” at http://go.microsoft.com/fwlink/?LinkId=257868).
SQL Server
You can host the Active Roles database on:
* Microsoft SQL Server 2017, any edition
* Microsoft SQL Server 2016, any edition
* Microsoft SQL Server 2014, any edition, 32-bit (x86) or 64-bit (x64), with or
without any Service Pack
* Microsoft SQL Server 2012, any edition, 32-bit (x86) or 64-bit (x64), with or
without any Service Pack
* Microsoft OLE DB Driver for SQL Server (MSOLEDBSQL)
Windows Management Framewor
On all supported operating systems, the Administration Service requires Windows
Management Framework 5.1 (see “Windows Management Framework 5.1” at
http://go.microsoft.com/fwlink/?LinkId=272757).
Operating system on domain controllers
Active Roles retains all features and functions when managing Active Directory
on domain controllers running any of these operating systems, any edition, with
or without any Service Pack:
* Microsoft Windows Server 2019
* Microsoft Windows Server 2016
* Microsoft Windows Server 2012 R2
* Microsoft Windows Server 2012
Active Roles deprecates managed domains with the domain functional level lower
than Windows Server 2012. We recommend that you raise the functional level of
the domains managed by Active Roles to Windows Server 2012 or higher.
NOTE: Active Roles is not supported on Windows Server Core mode setup.
Exchange Server
Active Roles is capable of managing Exchange recipients on:
* Microsoft Exchange Server 2019
* Microsoft Exchange Server 2016
* Microsoft Exchange Server 2013
* Microsoft Exchange Server 2010 Service Pack 3
* Microsoft Exchange 2013 CU11 is no longer supported. Refer KB article 202695.
WEB INTERFACE
Platform
Any of the following:
* Intel 64 (EM64T)
* AMD64
* Processor speed: 2.0 GHz or faster
Memory
At least 2 GB of RAM. The amount required depends on the total number of managed
objects.
Hard Disk Space
About 100 MB of free disk space.
Operating System
You can install Web Interface on a computer running:
* Microsoft Windows Server 2019 Standard or Datacenter edition
* Microsoft Windows Server 2016, Standard or Datacenter edition
* Microsoft Windows Server 2012 R2, Standard or Datacenter edition
* Microsoft Windows Server 2012, Standard or Datacenter edition
NOTE:Active Roles is not supported on Windows Server Core mode setup.
Microsoft .NET Framework
Web Interface requires Microsoft .NET Framework 4.7.2 (see “Installing the .NET
Framework” at http://go.microsoft.com/fwlink/?LinkId=257868).
Internet Services
On Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows
Server 2019 Web Interface requires the Web Server (IIS) server role with the
following role services:
* Web Server/Common HTTP Features/
* Default Document
* HTTP Errors
* Static Content
* HTTP Redirection
* Web Server/Security/
* Request Filtering
* Basic Authentication
* Windows Authentication
* Web Server/Application Development/
* .NET Extensibility
* ASP
* ASP.NET
* ISAPI Extensions
* ISAPI Filters
* Management Tools/IIS 6 Management Compatibility/
* IIS 6 Metabase Compatibility
Internet Information Services (IIS) must be configured to provide Read/Write
delegation for the following features:
* Handler Mappings
* Modules
Use Feature Delegation in Internet Information Services (IIS) Manager to
confirm that these features have delegation set to Read/Write.
Web browser
You can access Web Interface using:
* Firefox 36 on Windows
* Google Chrome 61 on Windows
* Windows Internet Explorer 11
* Microsoft Edge on Windows 10
You can use a later version of Firefox, Google Chrome or Internet Explorer to
access Web Interface; however, Web Interface 7.4 has been tested only against
the browser versions listed above.
Minimum screen resolution
Web Interface is optimized for screen resolutions of 1280 x 800 or higher. The
minimum supported screen resolution is 1024 x 768.
CONSOLE (MMC INTERFACE)
Platform
Any of the following:
* Intel x86
* Intel 64 (EM64T)
* AMD64
* Processor speed: 1.0 GHz or faster
Memory (RAM)
At least 1 GB of RAM. The amount required depends on the total number of managed
objects.
Hard Disk Space
About 100 MB of free disk space.
Operating System
You can install Active Roles console on a computer running:
* Microsoft Windows Server 2019, Standard or Datacenter edition
* Microsoft Windows Server 2016, Standard or Datacenter edition
* Microsoft Windows Server 2012 R2, Standard or Datacenter edition
* Microsoft Windows Server 2012, Standard or Datacenter edition
* Microsoft Windows 8.1, Professional or Enterprise edition, 32-bit (x86) or
64-bit (x64)
* Microsoft Windows 7 Ultimate, Professional, or Enterprise edition, 32-bit
(x86) or 64-bit (x64) Service Pack 1
* Microsoft Windows 10, Professional or Enterprise edition, 32-bit (x86) or
64-bit (x64)
NOTE: Active Roles is not supported on Windows Server Core mode setup.
Microsoft .NET Framework
Active Roles console requires Microsoft .NET Framework 4.7.2 (see “Installing
the .NET Framework” at http://go.microsoft.com/fwlink/?LinkId=257868).
Web browser
Active Roles console requires Internet Explorer 11.
MANAGEMENT TOOLS
Management Tools is a composite component that includes the Active Roles
Management Shell, ADSI Provider, and SDK. On a 64-bit (x64) system, Management
Tools also include the Active Roles Configuration Center.
Platform
Any of the following:
* Intel x86
* Intel 64 (EM64T)
* AMD64
* Processor speed: 1.0 GHz or faster
Memory (RAM)
At least 1 GB of RAM.
Hard Disk Space
About 100 MB of free disk space.
Operating System
You can install Management Tools on a computer running:
* Microsoft Windows Server 2019, Standard or Datacenter edition
* Microsoft Windows Server 2012 R2, Standard or Datacenter edition
* Microsoft Windows Server 2012, Standard or Datacenter edition
* Microsoft Windows Server 2016, Standard or Datacenter edition
* Microsoft Windows 8.1, Professional or Enterprise edition, 32-bit (x86) or
64-bit (x64)
* Microsoft Windows 10, Professional or Enterprise edition, 32-bit (x86) or
64-bit (x64)
NOTE: Active Roles is not supported on Windows Server Core mode setup.
Microsoft .NET Framework
Management Tools require Microsoft .NET Framework 4.7.2 (see “Installing the
.NET Framework” at http://go.microsoft.com/fwlink/?LinkId=257868).
Windows Management Framework
On all supported operating systems, Management Tools require Windows Management
Framework 5.1 (see “Windows Management Framework 5.1” at
https://www.microsoft.com/en-us/download/details.aspx?id=54616).
Remote Server Administration Tools (RSAT)
To manage Terminal Services user properties by using Active Roles Management
Shell, Management Tools require Remote Server Administration Tools (RSAT) for
Active Directory. See Microsoft’s documentation for instructions on how to
install Remote Server Administration Tools appropriate to your operating system.
SYNCHRONIZATION SERVICE
SYNCHRONIZATION SERVICE REQUIREMENTS
Platform
Any of the following:
* Intel 64 (EM64T)
* Processor speed: 2.0 GHz or faster
* AMD64
For best results, a multi-core processor recommended.
Memory
At least 2 GB of RAM. The amount required depends on the number of objects being
synchronized.
Hard disk space
250 MB or more of free disk space. If SQL Server and Synchronization Service are
installed on the same computer, the amount required depends on the size of the
Synchronization Service database.
Operating System
You can install the Synchronization Service on a computer running:
* Microsoft Windows Server 2019, Standard or Datacenter edition
* Microsoft Windows Server 2016, Standard or Datacenter edition
* Microsoft Windows Server 2012 R2, Standard or Datacenter edition
* Microsoft Windows Server 2012, Standard or Datacenter edition
NOTE:Active Roles is not supported on Windows Server Core mode setup.
Microsoft .NET Framework
Synchronization Service requires Microsoft .NET Framework 4.7.2 (see “Installing
the .NET Framework” at http://go.microsoft.com/fwlink/?LinkId=257868).
SQL Server
You can host the Synchronization Service database on:
* Microsoft SQL Server 2017, any edition
* Microsoft SQL Server 2016, any edition
* Microsoft SQL Server 2014, any edition, 32-bit (x86) or 64-bit (x64), with or
without any Service Pack
* Microsoft SQL Server 2012, any edition, 32-bit (x86) or 64-bit (x64), with or
without any Service Pack
Windows Management Framework
On all supported operating systems, the Synchronization Service requires Windows
Management Framework 5.1 (see “Windows Management Framework 5.1” at
https://www.microsoft.com/enus/download/details.aspx?id=54616).
Supported connections
The Synchronization Service can connect to:
* Microsoft Active Directory Domain Services with the domain or forest
functional level of Windows Server 2012 or higher
* Microsoft Active Directory Lightweight Directory Services running on any
Windows Server operating system supported by Microsoft
* Microsoft Exchange Server version 2019, 2016, 2013, or 2010
NOTE: Microsoft Exchange 2013 CU11 is no longer supported. Refer KB article
202695.
* Microsoft Lync Server version 2013 with limited support
* Microsoft Skype for Business 2019, 2016 or 2015
* Microsoft Windows Azure Active Directory using the Azure AD Graph API version
1.6.
* Microsoft Office 365 directory
* Microsoft Exchange Online service
* Microsoft Skype for Business Online service
* Microsoft SharePoint Online service
* Microsoft SQL Server, any version supported by Microsoft
* Microsoft SharePoint 2019, 2016, or 2013
* Active Roles version 7.4, 7.3, 7.2, 7.1, 7.0, and 6.9
* One Identity Manager version 7.0 (D1IM 7.0)
* One Identity Manager version 8.0
* Support for Generic LDAP Connector, MY SQL Connector, Open LDAP Connector,
IBM Db2 Connector, Salesforce Connector, Service now Connector, and RACF
Connector.
* Data sources accessible through an OLE DB provider
* Delimited text files
Legacy Active Roles ADSI Provider
To connect to Active Roles version 6.9, the Active Roles ADSI Provider of the
respective version must be installed on the computer running the Synchronization
Service. For installation instructions, see the Quick Start Guide for the
appropriate Active Roles version.
Microsoft Exchange Server Management Tools
To connect to Exchange Server 2007, the Exchange 2007 SP3 management tools must
be installed on the computer running the Synchronization Service. For
installation instructions, see “How to Install the Exchange 2007 Management
Tools” at http://go.microsoft.com/fwlink/?linkid=88090.
Azure AD Module for Windows PowerShell Version 2
To connect to the Office 365 directory, the following module must be installed
on the computer running the Synchronization Service:
* Azure Active Directory Module for Windows PowerShell
For installation instructions, see “Install the Azure AD Module” at
https://docs.microsoft.com/en-us/powershell/azure/active-directory/install-adv2?view=azureadps-2.0.
Windows PowerShell Module for Skype for Business Online
To connect to the Lync Online service, Windows PowerShell Module for Lync Online
must be installed on the computer running the Synchronization Service. For
installation instructions, see “Windows PowerShell Module for Lync Online” at
http://go.microsoft.com/fwlink/?LinkId=294688.
SharePoint Online Management Shell
To connect to the SharePoint Online service, SharePoint Online Management Shell
must be installed on the computer running the Synchronization Service. For
installation instructions, see “SharePoint Online Management Shell” at
http://go.microsoft.com/fwlink/?LinkId=255251.
One Identity Manager API
To connect to One Identity Manager 7.0, One Identity Manager Connector must be
installed on the computer running the Synchronization Service. This connector
works with RESTful web service and SDK installation is not required.
Internet Connection
To connect to cloud directories or online services, the computer running the
Synchronization Service must have a reliable connection to the Internet.
SYNCHRONIZATION SERVICE CAPTURE AGENT
Microsoft .NET Framework
Synchronization Service requires Microsoft .NET Framework 4.7.2 (see “Installing
the .NET Framework” at http://go.microsoft.com/fwlink/?LinkId=294688
Additional Requirements
To synchronize passwords from an Active Directory domain to some other connected
data system, you must install the Sync Service Capture Agent on all domain
controllers in the source Active Directory domain.
The domain controllers on which you install Sync Service Capture Agent must run
one of the following operating systems with or without any Service Pack (both
x86 and x64 platforms are supported):
* Microsoft Windows Server 2019
* Microsoft Windows Server 2016
* Microsoft Windows Server 2012 R2
* Microsoft Windows Server 2012
For more information, see the Active Roles Synchronization Service Administrator
Guide.
UPGRADE AND COMPATIBILITY
For instructions on how to upgrade Active Roles, refer to the Active Roles Quick
Start Guide.
When performing the upgrade, keep in mind that the components of the earlier
version may not work in conjunction with the components you have upgraded. To
ensure smooth upgrade to the new version, you should first upgrade the
Administration Service and then upgrade the client components (Console and Web
Interface).
Custom solutions (scripts or other modifications) that rely on the functions of
Active Roles may fail to work after an upgrade due to compatibility issues.
Prior to attempting an upgrade, you should test your existing solutions with the
new version of the product in a lab environment to verify that the solutions
continue to work.
VERSION UPGRADE COMPATIBILITY CHART
The following table shows the version upgrade path that you can take from one
version of the product to another. Source version refers to the current product
version that you have installed. Destination version refers to the highest
version of the product to which you can upgrade.
SOURCE VERSION
DESTINATION VERSION
6.9.0
7.4
7.0
7.4
7.1
7.4
7.2
7.4
7.3
7.4
Read Reviews Submit a Review
ABOUT
* Why One Identity
* Customer Stories
* News
* Careers
SUPPORT
* Support Portal
* Contact Support
* One Identity University
* Forums
CONTACT
* Contact One Identity
* Contact Sales
* Request Pricing
* Licensing Assistance
* Accounting
BLOGS
* Active Directory Management and Security
* Cloud
* Identity Governance & Administration
* Privileged Access Management
© 2023 One Identity LLC. All Rights Reserved. Legal| Terms of Use| Privacy
Policy Cookie Preference Center| Cookie Use Policy
*
*
*
*
United States of America (EN)
* United States (English)
* Brazil (Português)
* France (Français)
* Germany (Deutsch)
* Japan (日本語)
* Mexico (Español)
Please wait...
This is the end
COOKIE PREFERENCE CENTER
When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer.
Cookie Use Policy
Allow All
MANAGE COOKIE PREFERENCES
STRICTLY NECESSARY COOKIES
Always Active
These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to block
or alert you about these cookies, but some parts of the site will not then work.
These cookies do not store any personally identifiable information.
PERFORMANCE COOKIES
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collect is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.
FUNCTIONAL COOKIES
Functional Cookies
These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then some
or all of these services may not function properly.
MARKETING COOKIES
Marketing Cookies
These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.
Back Button
BACK
Search Icon
Filter Icon
Clear
checkbox label label
Apply Cancel
Consent Leg.Interest
Switch Label label
Switch Label label
Switch Label label
Confirm My Choices
Live Chat