Hello Experts,
Anyone happen to have handled a domain groups sync in a situation where the groups and users are in the same forest but the groups need to be created in the sub domain but the users are in the root domain.
I was writing some code and it worked fine on my desktop. However, when I imported it into active roles, there were portions not functioning appropriately.
Turns out I was testing my code in PowerShell 7. As far as I can tell, Active Roles uses version…
I have the following function in PowerShell:
Function Get-ARSServers {
$searchRoot = "CN=Enterprise Directory Manager,CN=Aelita,CN=System,$([System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().GetDirectoryEntry() | Select-Object -ExpandProperty…
I want to do some testing for an automation that allows admins to move user accounts from one ARS managed domain to another. I know there are gotchas on this. I have tried to consider as many as I can think of.
I have form that I am using with an attribute that is a DN syntax for Group Owner lookup. The user can go into the search tool for DN syntax attributes and search for objects.
The form type is a new object with class of Group. So far it's the only way…
Hi
I was wondering when the language pack for the 8.0 LTS version also will include the Nordic languages. Is that scheduled to be added in the near future?
Best regards
Staffan
We have over 600 Dynamic Groups and some of them have a lot of members, ranging from 50-60K to a few that are over 200K. When the Dynamic Group Updater scheduled task runs at 3 am, the domain controller that the ARS server uses runs out of "Version Store…
Hello Experts,
I have a need to ensure all Dynamic groups are executing off of only 3 servers in my environment.
I have 6 ARS servers and have a script to move them to the other servers not a problem. I'm wondering if there is a policy or a workflow that…
I've opened a support request up with One Identity already but wanted to see if anyone here has seen this yet. October client patches from MS have a domain join hardening update. In a nutshell if the account doing the join to an existing object in…
I'm unable to connect to Exchange Online Management module from the Active roles.
I've used 'O365 script execution configuration' in the Active Roles Workflow.
Do let me know if you need more information around this.
Thanks,
Hello,
I've created a change workflow when 'Account Is Disabled' attribute changes, then the workflow sets an user created Virtual attribute. But in OnPostUndoDerovision of an user account workflow trigger is not happening, usually when undo deprovision…
Hello,
I am looking for ideas on how to best allow other IT team members to "unmap" Active Directory accounts from various Synchronization Service Workflows. Currently only ARS Admins have the ability to do this but I would like to extend this…
Hello,
We are having problem that layout below.
Hello,
I would like to change all the datetime stamps from UTC to Pacific in Active Roles tool. Where I configure the same to reflect the change.
For example, in change history or run history, started date or completed date. Usually it shows UTC but I…
Hello,
I'm seeing below error when I connect Azure AD. Using 'Connect-AzureAD -Credential $credObj' from PowerShell ISE.
Could anyone please help me here.
Connect-AzureAD : One or more errors occurred.: parsing_wstrust_response_failed: Parsing…
Hello,
I'm unable to run the 'Get-QARSOperation' cmdlet in production active roles console in the onpostundelete event. Do I need to do anything before run the cmdlet.
But I'm able to run same in Powershell command prompt and Powershell ISE…
Hello,
Do we have any event for restore deleted object? When I click on the restore option on right click of an object in the deleted objects container, event should trigger the event.
Thanks,
Kishore.
I am currently using a workflow to update from field EmployeeID to EmployeeNumber. Basically I am adding a letter in front of the employeeID to create employeeNumber.
Ex. employeeID "123456" become employeeNumber "A123456"
it working…
Hello,
I'm having a requirement, we created couple of Virtual attributes in Active Roles and if we change a value of VA1 and then dynamically update the value of VA2.
VA1 - Dropdown field
VA2 - String field
Do let me know if you need more information…
Searching the forum returned a buffet of 'not exactly it' -
in a nutshell "How do I access the policy parameter from within the script module called by the policy under the administration node"
I have a policy, calling a policy script…
Hello Community,
Does anyone know if there is a way for a virtual attribute to have a default value when a user get's synced in from AD?
I have a need for a boolean value for users and when a new user is created from One Identity manager to make that…
Our Service Account wasdomain admin until the earth moved. Now we run as builtin administrators. What native granular permissions are required on object to deprovision, the losing OU and then winning OU as part of the deprovision process.
We see a failure…
Hi,
We're currently working on our user deprovisioning processes and have an issue I am hoping someone can help us with.
We are currently in a hybrid model (on premise AD synced to Azure using AD Connect).
The issue we face is that when a user leaves…
The disk space in Active Roles Server is getting low in storage.
The disk space in Active Roles Server is getting low in storage , we have upgraded to 2TB , but the logs are increasing , below are the logs that is filling up the disk…
I've a requirement to set the edsvaDeprovisionDeletionDate attribute value with future datetime using powershell code and its GeneralizedTime datatype. So I'm unable to set the value to the attribute using powershell. Could anyone please help me to…
