Active Roles is optimized to serve the needs of both on-prem AD and Azure AD in a hybrid deployment. It offers a single console, unified workflows and a consistent administrative experience across your entire hybrid environment. With support for multi-tenant, Active Roles eliminates the cumbersome, error-prone, and unnecessary challenges that come with using separate native tools and manual processes.
Active Roles provides comprehensive privileged account management for Active Directory and Azure Active Directory, enabling you to control access through delegation using a least-privilege model. Based on defined administrative policies and associated permissions, it generates and strictly enforces access rules, eliminating the errors and inconsistencies common with native approaches to hybrid AD management. Along with modern authentication using OAUTH, Active Roles has robust and personalized approval procedures establish an IT process and oversight consistent with business requirements, with responsibility chains that complement the automated management of directory data.
Active Roles automates a wide variety of tasks, including:
It also automates the process of reassigning and removing user access rights in AD, AAD and AD-joined systems (including user and group de-provisioning) to ensure an efficient and secure administrative process over the user and group lifecycles. When a user’s access needs to be changed or removed, updates are made automatically across all relevant systems and applications in the hybrid AD/AAD environment, as well as AD-joined systems, including UNIX, Linux, Mac OS X rich (replace ‘as well as’ with ‘and’) and a growing collection of popular SaaS applications via the One Identity Starling Connect solution.
With Active Roles, you can easily manage all of the following for both the on-prem and Azure AD environments:
Active Roles includes intuitive interfaces to optimize day-to- day administration and help-desk operations of the hybrid AD/AAD environment via both an MMC snap-in and a web interface.
Active Roles supports the SCIM standard, which allows any SCIM-enabled SaaS application (via One Identity Starling Connect) to be embraced in the AD-based account and group administration capabilities of Active Roles.
Synchronize AD domain clients with host AD domain in hosted environments. Active Roles enables user and group account management from the client domain to the hosted domain, while also synchronizing attributes and passwords. Utilize out-of-the-box connectors to synchronize your on-premises AD accounts to Microsoft Office 365, Lync Online / Skype for Business and SharePoint Online.
Active Roles complements your existing technology and IAM strategy. It simplifies and consolidates management points by ensuring easy integration with many One Identity products, including Identity Manager, Safeguard, Authentication Services, Password Manager and ChangeAuditor. Active Roles also automates and extends the capabilities of PowerShell, ADSI, SPML and customizable web interfaces.
Active Roles comes with all the synchronization technology necessary to manage and secure:
Manage all systems in your hybrid AD environment with a single pane of glass
Accelerate provisioning with simple, easily managed access templates
Enjoy simplicity with drag-and-drop workflows for user, admin and group tasks
Place 'guard rails' around data in AD for efficiency and security
Single-mouse-click view of the "who/what/when/where" of particular objects
Self-service tools will help you to install, configure and troubleshoot your product.
Find the right level of support to accommodate the unique needs of your organization.
Training courses delivered through online web-based, on-site or virtual instructor-led.