Active Directory-based Security And Management For Mac
Hybrid Active Directory, simple and secure Administrators struggle to keep up with requests to create, change or remove access with today’s hybrid AD environments and the limited capabilities of native tools of Microsoft Active Directory (AD) and Azure Active Directory (AAD). Thankfully, help has arrived. With One Identity Active Roles, you can solve your security issues and meet those never-ending compliance requirements by securing and protecting on-prem and cloud AD resources simply and efficiently. Wft utility 3.5 for mac mac. Overcomes native-tools limitations. Manages identities for Exchange Online, Lync, SharePoint Online and many more.
Provides a single, intuitive tool for hybrid environment. Active Roles provides comprehensive privileged account management for Active Directory and Azure Active Directory, enabling you to control access through delegation using a least-privilege model.
Based on defined administrative policies and associated permissions, it generates and strictly enforces access rules, eliminating the errors and inconsistencies common with native approaches to hybrid. Plus, robust and personalized approval procedures establish an IT process and oversight consistent with business requirements, with responsibility chains that complement the automated management of directory data. Active Roles automates a wide variety of tasks, including:. Creating user and group accounts in AD and AAD. Creating mailboxes in Exchange and Exchange Online. Populating groups across AD and AAD. Assigning resource in Windows It also automates the process of reassigning and removing user access rights in AD, AAD and AD-joined systems (including user and group de-provisioning) to ensure an efficient and secure administrative process over the user and group lifecycles.
When a user’s access needs to be changed or removed, updates are made automatically across all relevant systems and applications in the hybrid AD/AAD environment, as well as any AD-joined systems such as Unix, Linux and Mac OS X. With Active Roles, you can easily manage all of the following for both the on-prem and Azure AD environments:.
Exchange recipients, including mailbox/OCS assignment, creation, movement, deletion, permissions and distribution list management. Groups.
Computers, including shares, printers, local users and groups. Active Directory and Azure Active Directory Active Roles also includes intuitive interfaces for improving day-to- day administration and help-desk operations of the hybrid AD/AAD environment via both an MMC snap-in and a web interface.
Active Roles complements your existing technology and identity and access management strategy. It simplifies and consolidates management points by ensuring, including Identity Manager, Privileged Password Manager, Authentication Services, Defender, Password Manager, Cloud Access Manager and Quest ChangeAuditor. Active Roles also automates and extends the capabilities of PowerShell, ADSI, SPML and customizable web interfaces. Active Roles comes with all the synchronization technology necessary to manage and secure:. Lync. Exchange. SharePoint.
AD LDS. Office 365. Azure AD. Microsoft SQL Server. OLE DB (MS Access). Flat file.
Expand the capabilities of Active Roles with the One Identity Hybrid Subscription, and get immediate access to cloud-delivered features and services, including all-you-can-eat Starling Two-Factor Authentication to protect administrative access, Starling Identity Analytics & Risk Intelligence so that you can pre-emptively detect risk; as well as Active Roles access analysis. These offerings can also be extended to additional target systems and use cases. A single subscription enables all One Identity solution deployments, including identity management, directory management, predictive analytics and more. Active Roles does not support domain controllers running Microsoft Windows 2000 Server.
Ensure that the Active Directory domains managed by Active Roles do not have Windows 2000 Server based domain controllers. Active Roles deprecates managed domains with the domain functional level lower than Windows Server 2008. We recommend that you raise the functional level of the domains managed by Active Roles to Windows Server 2008 or higher. Exchange Serve Active Roles is capable of managing Exchange recipients on. Microsoft Windows 8, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64). Microsoft Windows 8.1, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64).
Microsoft Windows 10, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64). Microsoft Windows Server 2016, Standard or Datacenter edition Microsoft.NET Framework Active Roles console requires Microsoft.NET Framework 4.5 (see “Installing the.NET Framework” at ). Web browser Active Roles console requires Internet Explorer 11. Microsoft Windows 8, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64). Microsoft Windows 8.1, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64). Microsoft Windows 10, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64). Microsoft Windows Server 2016, Standard or Datacenter edition Microsoft.NET Framework Management Tools require Microsoft.NET Framework 4.5 (see “Installing the.NET Framework” at ).
Windows Management Framework On Windows Server 2008 R2 or Windows 7, Management Tools require Windows Management Framework 3.0 (see “Windows Management Framework 3.0” at ). Remote Server Administration Tools (RSAT) To manage Terminal Services user properties by using Active Roles Management Shell, Management Tools require Remote Server Administration Tools (RSAT) for Active Directory. See Microsoft’s documentation for instructions on how to install Remote Server Administration Tools appropriate to your operating system. Microsoft Active Directory Domain Services with the domain or forest functional level of Windows Server 2008 or higher. Microsoft Active Directory Lightweight Directory Services running on any Windows Server operating system supported by Microsoft.
Microsoft Exchange Server version 2013, 2010 or 2007. Microsoft Lync Server version 2013 or 2010. Microsoft Windows Azure Active Directory using the Azure AD Graph API version 2013-04-05. Microsoft Office 365 directory. Microsoft Exchange Online service. Microsoft Lync Online service.
Microsoft SharePoint Online service. Microsoft SQL Server, any version supported by Microsoft. Active Roles version 7.1, 7.0, and 6.9. Quest One Identity Manager version 6.1 or 6.0 (Q1IM 6.01 or 6.0). One Identity Manager version 7.0 (D1IM 7.0). Data sources accessible through an OLE DB provider. Delimited text files Legacy Active Roles ADSI Provider To connect to Active Roles version 6.9, 6.8 or 6.7, the Active Roles ADSI Provider of the respective version must be installed on the computer running the Synchronization Service.
For installation instructions, see the Quick Start Guide for the appropriate Active Roles version. Microsoft Exchange Server Management Tools To connect to Exchange Server 2007, the Exchange 2007 SP3 management tools must be installed on the computer running the Synchronization Service. For installation instructions, see “How to Install the Exchange 2007 Management Tools” at. Azure AD Module for Windows PowerShell To connect to the Office 365 directory, the following software must be installed on the computer running the Synchronization Service.
Azure Active Directory Module for Windows PowerShell For installation instructions, see “Install the Azure AD Module” at. Windows PowerShell Module for Lync Online To connect to the Lync Online service, Windows PowerShell Module for Lync Online must be installed on the computer running the Synchronization Service. For installation instructions, see “Windows PowerShell Module for Lync Online” at. SharePoint Online Management Shell To connect to the SharePoint Online service, SharePoint Online Management Shell must be installed on the computer running the Synchronization Service. For installation instructions, see “SharePoint Online Management Shell” at. One Identity Manager API To connect to One Identity Manager 7.0, One Identity Manger Connector must be installed on the computer running the Synchronization Service. This connector works with RESTful web service and SDK installation is not required.
To connect to One Identity Manager 6.0, the Quest One Identity Manager Connector must be installed on the computer running the Synchronization Service. This connector works only when the Q1IM API SDK is installed on the system. For installation instructions, see Knowledge Article 100525 at. Internet Connection To connect to cloud directories or online services, the computer running the Synchronization Service must have a reliable connection to the Internet. For instructions on how to upgrade Active Roles, refer to the Active Roles Quick Start Guide. When performing the upgrade, keep in mind that the components of the earlier version may not work in conjunction with the components you have upgraded.
To ensure smooth upgrade to the new version, you should first upgrade the Administration Service and then upgrade the client components (Console and Web Interface). Custom solutions (scripts or other modifications) that rely on the functions of Active Roles may fail to work after an upgrade due to compatibility issues. Prior to attempting an upgrade, you should test your existing solutions with the new version of the product in a lab environment to verify that the solutions continue to work. Impact on add-ons After an upgrade of Active Roles components to the Active Roles 7.1, the add-ons which were supported in the earlier versions of Active Roles, cease to work.
Active Directory-based Security And Management For Mac Os
Hence, it is recommended to uninstall the add-ons prior to the upgrade of Active Roles. Note: Office 365 add-ons are not supported on the Active Roles 7.1.