Hi All
I need a way of deleting the users ini file as part of the deprovision or when I delete the account from AD. Any Ideas?. I assume it will have to be a script but i've yet to use a script as part iof Activeroles. We're using Activeroles Server version 6.8.
Thanks
Does anyone know if there is a way to encrypting source code within the Script Modules within ARS. I am currently running ARS 6.8.
Please let me know
Hey Everyone!
At long last, we are proud to present the technical preview for ActiveRoles Server version 6.8
Join us for this webinar to have an actual full end-to-end demonstration of the live code in webinar format, with a review of the roadmap and Q&A afterwards.
Please go ahead and register at the following link. If you have specific use cases you would like to see demonstrated, please feel free to email me directly: jason.remillard@quest.com
Hope to see you there!
Jason
REGISTER HERE: http://www.quest.com/events/ListDetails.aspx?ContentID=15905
I am troubleshooting an issue with OCS 2.0 and ARS 6.5. I have created a OCS provisioning policy that applies to a managed unit.
When I attempt to provision a new user that meets the criteria of the MU I get an error indicating that the msRTCSIP-PrimaryUserAddress must be specified.
In the policy I have configured the User SIP URI Generating parameter to equal the samAccountName. I have also tried UPN and e-mail address, but I continue to get the same error.
Does anyone know if this is a bug in the 2.0 version? Perhaps an issue with specifying a scope of an Managed Unit for the OCS provisioning policy? Perhaps a user error? :)
Thanks,
Joe
Hi,
is there a way to replace Umlaute(ä, ü, ö) in a request directly. I have tested something but nothing works
e.g.
function onGetEffectivePolicy($Request)
{
$string = "%<sn>%<givenname>"
$string.replace("ü","ue")
$Request.SetEffectivePolicyInfo("cn", $Constants.EDS_EPI_UI_POLICY_VALUE, $string)
}
It would be nice to see the result directly.
Thanks!!
Hi
I would like to configure a workflow that sends a welcome message to the user when their mailbox is created. I think the way to do this is a notification workflow? I am cutomising the message to include links to the relevant Intranet resources to help the user get started, however, the notification messages do not seem to like the usual HTML Code.
Is there a way that I can add my own links to a Notification Message?
Thanks
Guys.
I am provisioning my users and once the user is created i have a workflow that then sends out a notification message.
Within the notification message i would like to include the users email address. I have used the following token in the message but when the user is created and the email message go out the email address is not present.
<% =Operation.Target["mail"] %>
Now i think that when the notification message is sent out the Exchange RUS has not applied the email address to the account. So i then thought i would schedule the email notification to be sent 10 minutes after the account was created but again it did not include the email address.
Any ideas as to what i could do here?
Hi,
I was wondering if there is a way to see the virtual attributes that have been created in the user properties via ARS mmc console.
Thanks
Hi Team,
I have created an MU(Managed unit), TestMU with list of users in it. I have try to Delegate control of this MU(TestMU) with Access template Read/Write group members and assigned another group GroupA as Trustee. But to check this feature working, I have login to webconsole as user from GroupA, but I am not able to view any contents of Active Directory (AD). It shows "no contents to display". So please let us know how to check the functionality of using Access template to a particular group or ou. Guide us where we went wrong.
Thanks
Vadivel
We recently switched to require approvals from the specified group manager for additions to groups. Interactively this works fine and prompts you for a reason for the request. This reason is included in the e-mail to the manager.
How can we specify a reason when adding a user to a group with add-QADGroupMember in a script so that the manager gets the reason in the e-mail?
We are currently on ARS 6.7.
Thanks.
IADsOpenDSObject iADsOpenDSObject = null;
IADs iads = null;try
{
iADsOpenDSObject = (IADsOpenDSObject)Marshal.BindToMoniker("EDMS:");iads = (IADs)iADsOpenDSObject.OpenDSObject("EDMS://XXXXXXXXXXX.xxxxxx.com/OU=XX,OU=XXX,DC=xxxxxx,DC=com", @"domain\adminid", "XXXXXXXXXX", 32768);
if (newway){
dirEntry = new DirectoryEntry(iads);DateTime datetimer = DateTime.Today.Date;
string searchFilter = "(&(edsvaDeprovisionDeletionDate>= " + datetimer.ToShortDateString() + " 12:00AM)(edsvaDeprovisionDeletionDate<= " + datetimer.ToShortDateString() + " 11:59PM))";DirectorySearcher searcher = new DirectorySearcher(dirEntry, searchFilter, new string[] { "samaccountname", "sn", "givenname" }, SearchScope.Subtree);
SearchResultCollection src = searcher.FindAll();
Hello,
I'm working in an environment with two separate/non-connected installations of ARS - one v6.7, the other v6.0.4. Consequently it will be necessary for me to make sure that my code is binding to the correct instance of ARS. In my own VMWare environment, following the instructions in the SDK works just fine.
$BoundObject = [ADSI]"EDMS://server.domain.com/CN=Configuration"
When I attempt the same in the production environment, I receive the following error:
format-default : The following exception occurred while retrieving member "PSComputerName": "Unknown error (0x80041452)"
+ CategoryInfo : NotSpecified: (:) [format-default], ExtendedTypeSystemException
+ FullyQualifiedErrorId : CatchFromBaseGetMember,Microsoft.PowerShell.Commands.FormatDefaultCommand
That happens whether executing locally on the ARS server or remotely, and on both ARS versions.
I experimented with the equivalent in VBS, and interestingly, that works under the right circumstances. When logged in to one of the 6.7 servers, the VBS will succeed if connecting to another 6.7 server (either local or remote) but will fail against the 6.0.4 servers. Conversely, if logged in to a 6.0.4 server, the VBS will succeed when connecting to another 6.0.4 server and fail for 6.7.
I can learn to deal with the fact that I may not be able to connect to an ARS server that doesn't match the vesion of my client, but that doesn't explain why the PowerShell version fails under all circumstances.
Any thoughts would be most appreciated!
Hello,
I'm trying to download the ActiveRoles Management Shell for AD 32-bit from http://www.quest.com/powershell/activeroles-server.aspx and when I try to install it, it always fails with a message that the file is corrupt:
Quest ActiveRoles Management Shell for Active Directory
---------------------------
Extracting file failed. It is most likely caused by low memory (low disk space for swapping file) or corrupted Cabinet file.
I tried on two separate computers with the same result. I attempted to extract the EXE contents using 7-Zip and it reported the file "ps.1.2.0.1228.msi" was corrupt as well. Additionally, there seems to be a problem with the digital signature on the file; both my machines (XP Pro SP3) complained that the signature was bad though I was able to view the certificate signing chain back to Thawte.
Can someone check the download and fix it please?
Hey Group,
I am new here, but this is a great community! We have a need to notify some people when accounts will be deleted and this report has to include a couple of attributes of the user account. We've been searchin for a way to do this and the only value that seems to make sense to use for the report is the "evsadeletiondate" that is stamped on accounts after they run through the deprov process.
ANyone know if there is a script or report that will do this, but it has to be the same day or just before the account is deleted as we log certain information like fax numbers, mobile, office location, and so forth.
I am new to powershell so I haven't figured out how to write a script that would pull the info and then filter out the items I need, etc.
Thank you!
Jake
The following test script is producing unexpected results. It seems that if I use the -IncludedParameters qualifier on the Get-QADUser command, and then store the resulting object in a hash table (associative array), the included properties get stripped from the object.
$hashTable = @{}
$objUser = Get-QADUser guest -IncludedProperties employeeID,employeeType
Write-Host $objUser.employeeID
Write-Host $objUser.employeeType
Write-Host $objUser.samAccountName
$hashTable.Add($objUser.samAccountName,$objUser)
$objFromHash = $hashTable.Get_Item($objUser.samAccountName)
Write-Host $objFromHash.samAccountName
Write-Host $objFromHash.employeeType
Write-Host $objFromHash.employeeID
What I would expect to get would be:
12345
Staff
GUEST
GUEST
Staff
12345
However, what I actually get is:
12345
Staff
GUEST
GUEST
The default parameters returned on the object from the Get-QADUser seem to survive just fine when the object is stored in the hash table; but the 2 parameters that are part of the object via the -IncludedProperties, which are on the object before being added to the hash table, are gone from the object when it is retrieved from the hash table.
Anyone have a clue as to what might be going on here? It has me baffled.
Thanks.
Can Web Interface show New User Form as default page or first page after login?
The intention is for the "account provisionng team" where roles is only provisioning AD account
Can we leverage ARS 6.9 to show AD password in “clear texts”? preferrably on the webconsole?
this needs to be only visible for authorized users?