QuestDrive
Virtual Trial
ActiveRoles Server provides out-of-the-box user and group account management, strictly enforced administrator-based role security, day-to-day identity administration and built-in auditing and reporting for Windows-centric environments.
Take a virtual trial »

White Paper

This white paper explains the challenges of managing Active Directory provisioning using native tools, and the challenges of provisioning in a heterogeneous environment. It also describes the features and functionality that would be desirable in a comprehensive provisioning solution such as Quest One.

Read now »

Community

Here, you can find solutions, ask questions, share your knowledge and experience, get the latest information on new features and enhancements, download the latest releases, get expert tips and techniques, be in touch with the product teams, and much more.

Visit it now »

Webcast on Demand

ActiveRoles Server- Simplify Active Directory Provisioning

Watch now »
ActiveRoles Server Wins Award
TechXtend customers chose ActiveRoles Server as their favorite Networking Infrastructure – System Management solution – maybe you will, too!
Read story »

ActiveRoles Server

Identity Administration, Delegation and Security for Active Directory

ActiveRoles Server provides out-of-the-box user and group account management, strictly enforced role-based security, day-to-day identity administration and built-in auditing and reporting for Windows-centric environments.

ActiveRoles Server offers point-and-click modular configuration for easy deployments, along with rules and a delegated administration model to ensure correct access and tight security. A multi-level workflow, Web interfaces for self service and integration points reduce costs associated with user provisioning, with no custom coding required.

ActiveRoles Server is part of the Quest One Identity Solutions.

Activeroles Server
  • Identity Administration - Automates user and group account management by automating account creation in AD, mailbox creation in Exchange, group population and resource provisioning in Windows. Also automates the process of reassigning and removing user access rights in AD and AD-joined systems. 
  • Directory Management - Provides Exchange recipient management, group management and computer management (shares, printers, local users/groups), and unifies Active Directory (AD LDS) management. Also includes an intuitive interface that improves day-to-day administration, help desk operations and user-driven information changes. 
  • Self-Service - Enables end users to carry out tasks such as modifying their personal data with an intuitive, self-service Web interface.
  • Security - Acts as a firewall around Active Directory so you can reliably delegate control using a least privilege model. Also provides rule-based, customizable approval workflows for change control, which decreases errors and inconsistencies in AD data management while allowing you to establish efficient responsibility chains consistent with your business requirements.
  • Cloud Services - Supports hosted environments where accounts from a client Active Directory domain are synchronized with a hosted AD domain.
  • Extensibility - Supports PowerShell, ADSI, SPML and customizable Web interfaces.
  • Integration - Integrates with many Quest products to simplify and consolidate management points, including: Quest One Quick Connect, Quest One Identity Manager, Access Manager, vWorkspace, Quest Authentication Services, Defender, Password Manager and Webthority.

ActiveRoles Server includes the following components:

  • Administration Service
  • Console (MMC Interface)
  • Web Interface
  • Collector
  • Report Pack

The tables below outline system requirements for installing and running each of these components.

Administration Service hardware and software requirements

 
Platform1 GHz or higher Intel Pentium-compatible CPU.
Memory (RAM)1 GB or more recommended. The amount required depends on the total number of managed objects.
Hard Disk Space100 MB or more of free disk space. If SQL Server and Administration Service are installed on the same computer, the amount required depends on the size of the ActiveRoles Server database.
Operating SystemAdministration Service can be run on any of these operating systems:
 - Microsoft Windows Server 2003, including x64 editions, updated with Service Pack 2 or a later Service Pack
 - Microsoft Windows Server 2003 R2
 - Microsoft Windows Server 2008, Standard or Enterprise edition, 32-bit (x86) or 64-bit (x64) architecture
 - Microsoft Windows Server 2008 R2
SQL ServerActiveRoles Server database can be hosted by:
 - Microsoft SQL Server 2005, any edition for x86 (32-bit) or x64 (64-bit) platform, updated with Service Pack 2 or a later Service Pack
 - Microsoft SQL Server 2008, any edition for x86 (32-bit) or x64 (64-bit) platform, with or without any Service Pack

Note  Microsoft SQL Server 2008 Native Client is required on the computer running the Administration Service. You can install SQL Server 2008 Native Client from the Redistributables page in the ActiveRoles Server CD Autorun window.
Microsoft .NET FrameworkAdministration Service requires Microsoft .NET Framework version 3.5 or later. Microsoft .NET Framework 3.5 Service Pack 1 is strongly recommended. You can install .NET Framework 3.5 Service Pack 1 from the Redistributables page in the ActiveRoles Server CD Autorun window.
Microsoft Windows PowerShellAdministration Service requires Windows PowerShell 1.0 or 2.0. On a Windows Server 2003 based computer, you can install Windows PowerShell 1.0 from the Redistributables page in the ActiveRoles Server CD Autorun window. On a computer running a later version of the Windows Server operating system, the Windows PowerShell feature can be installed by using Server Manager.
Quest ActiveRoles Management Shell for Active DirectoryAdministration Service requires ActiveRoles Management Shell for Active Directory 1.3. You can install ActiveRoles Management Shell from the Solutions page in the ActiveRoles Server CD Autorun window.
Microsoft Exchange Server 2000/2003 System Management ToolsTo perform the Move Mailbox task on Exchange 2000 Server or Exchange Server 2003, ActiveRoles Server requires Microsoft Exchange System Management Tools to be installed on the computer running the Administration Service. Use the Setup program of Microsoft Exchange 2000 Server or Microsoft Exchange Server 2003 to install Microsoft Exchange System Management Tools on the computer where you plan to install the Administration Service.
Microsoft Exchange Server 2007 Management ToolsTo manage Exchange recipients on Exchange 2007, ActiveRoles Server requires the Exchange 2007 Management Tools to be installed on the computer running the Administration Service, and updated with Update Rollup 1 for Exchange Server 2007 Service Pack 1 or a later update rollup for Exchange Server 2007 Service Pack 1.

Use the Exchange Server 2007 Setup program to install the Management Tools on the computer where you plan to install the Administration Service. Next, update the Management Tools by installing Exchange Server 2007 Service Pack 1 on that computer. Then, update Management Tools by installing the update rollup.

The latest update rollup for Exchange Server 2007 Service Pack 1 is strongly recommended. For instructions on how to obtain the latest update rollup, see Microsoft's Knowledge Base article "How to obtain the latest service pack or update rollup for Exchange 2007" at http://support.microsoft.com/kb/937052.
Microsoft Exchange Server 2010 Management ToolsTo manage Exchange recipients on Exchange 2010, ActiveRoles Server requires the Exchange 2010 Management Tools to be installed on the computer running the Administration Service. Use the Exchange Server 2010 Setup program to install the Management Tools on the computer where you plan to install the Administration Service.
Operating System on Domain ControllersActiveRoles Server retains all features and functions when managing Active Directory on domain controllers running any of these operating systems:
 - Microsoft Windows 2000 Server
 - Microsoft Windows Server 2003, including x64 editions
 - Microsoft Windows Server 2003 R2
 - Microsoft Windows Server 2008, 32-bit or 64-bit architecture
 - Microsoft Windows Server 2008 R2
Exchange ServerAdministration Service is capable of managing Exchange recipients on:
- Microsoft Exchange 2000 Server, with or without any Service Pack
- Microsoft Exchange Server 2003, with or without any Service Pack
- Microsoft Exchange Server 2007, with or without any Service Pack
- Microsoft Exchange Server 2010, with or without any Service Pack

Note  Microsoft Exchange 5.5 Server is not supported.
 

ActiveRoles Server Console (MMC Interface) hardware and software requirements

 
Platform500 MHz or higher Intel Pentium-compatible CPU.
Memory (RAM)512 MB or more recommended. The amount required depends on the number of objects being administered.
Hard Disk SpaceAbout 50 MB of free disk space.
Operating SystemActiveRoles Server Console can be run on any of these operating systems:
 - Microsoft Windows XP, with or without any Service Pack
 - Microsoft Windows Server 2003, including x64 editions, with or without any Service Pack
 - Microsoft Windows Server 2003 R2
 - Microsoft Windows Vista Business, Enterprise or Ultimate edition, 32-bit or 64-bit architecture
 - Microsoft Windows Server 2008 Standard or Enterprise edition, 32-bit or 64-bit architecture
 - Microsoft Windows Server 2008 R2
 - Microsoft Windows 7
Web BrowserMicrosoft Internet Explorer 6.0, or Windows Internet Explorer 7.0 or 8.0.
Microsoft .NET FrameworkMMC Interface requires Microsoft .NET Framework version 3.5 or later. Service Pack 1 for .NET Framework 3.5 is strongly recommended. You can install .NET Framework 3.5 Service Pack 1 from the Redistributables page in the ActiveRoles Server CD Autorun window.
 

ActiveRoles Server Web Interface hardware and software requirements

 
Platform1 GHz or higher Intel Pentium-compatible CPU.
Memory (RAM)1 GB or more recommended. The amount required depends on the number of objects being administered.
Hard Disk SpaceAbout 50 MB of free disk space.
Operating SystemActiveRoles Server Web Interface can be run on a Web server with any of these operating systems:
 - Microsoft Windows Server 2003, including x64 editions, with or without any Service Pack
 - Microsoft Windows Server 2003 R2
 - Microsoft Windows Server 2008 Standard or Enterprise edition, 32-bit or 64-bit architecture
 - Microsoft Windows Server 2008 R2
Internet ServicesOn the Web server, the Web Interface requires Microsoft Internet Information Services (IIS) 6.0 or later.

On IIS 7.0, the Web Interface requires the following Web server role services to be installed:
- Static Content
- Default Document
- HTTP Errors
- HTTP Redirection
- ASP.NET
- ASP
- Basic Authentication
- Windows Authentication
- IIS 6 Metabase Compatibility
Web BrowserMicrosoft Internet Explorer 6.0, or Windows Internet Explorer 7.0 or 8.0, with screen resolution of at least 800x600. Screen resolution of 1024x768 or higher is recommended.
Microsoft .NET FrameworkWeb Interface requires Microsoft .NET Framework 3.5 Service Pack 1 or later. You can install .NET Framework 3.5 Service Pack 1 from the Redistributables page in the ActiveRoles Server CD Autorun window.
 

ActiveRoles Server Collector hardware and software requirements

 
Platform500 MHz or higher Intel Pentium-compatible CPU.
Memory (RAM)512 MB or more recommended.
Hard Disk SpaceAbout 50 MB or more of free disk space. If SQL Server and Collector are installed on the same computer, the amount required depends on the size of the Collector database.
Operating SystemActiveRoles Server Collector can be run on any of these operating systems:
 - Microsoft Windows XP, with or without any Service Pack
 - Microsoft Windows Server 2003, including x64 editions, with or without any Service Pack
 - Microsoft Windows Server 2003 R2
 - Microsoft Windows Vista Business, Enterprise or Ultimate edition
 - Microsoft Windows Server 2008 Standard or Enterprise edition, 32-bit or 64-bit architecture
 - Microsoft Windows Server 2008 R2
 - Microsoft Windows 7
SQL ServerCollector database can be hosted by:
 - Microsoft SQL Server 2005, any edition, with or without any Service Pack
 - Microsoft SQL Server 2008, any edition, with or without any Service Pack
Data Access ComponentsActiveRoles Server Collector also requires:
 - Microsoft Data Access Components (MDAC) version 2.7 or later
You can install MDAC 2.8 from the Redistributables page in the ActiveRoles Server CD Autorun window.
 

ActiveRoles Server Report Pack software requirements

 
SQL Server Reporting ServicesActiveRoles Server Report Pack requires Microsoft SQL Server 2005 Reporting Services or Microsoft SQL Server 2008 Reporting Services.
Operating SystemActiveRoles Server Report Pack can be installed on a computer running any of these operating systems:
 - Microsoft Windows XP, with or without any Service Pack
 - Microsoft Windows Server 2003, including x64 editions, with or without any Service Pack
 - Microsoft Windows Server 2003 R2
 - Microsoft Windows Vista Business, Enterprise or Ultimate edition
 - Microsoft Windows Server 2008, Standard or Enterprise edition, 32-bit or 64-bit architecture
 - Microsoft Windows Server 2008 R2
 - Microsoft Windows 7
Quest Knowledge PortalActiveRoles Server Report Pack is compatible with:
 - Quest Knowledge Portal 1.1
 - Quest Knowledge Portal 2.0

Language Supported:

  • Chinese (Simplified)
  • Chinese (Traditional)
  • Danish
  • Dutch
  • French
  • German
  • Italian
  • Japanese
  • Korean
  • Portuguese (Brazil)
  • Portuguese (Portugal)
  • Spanish
  • US English

ActiveRoles Server

 
  • Using Provisioning and Administration for Active Directory and Beyond

    ActiveRoles Server provides:

    • Role-Based administration for Active Directory and Active Directory LDS
    • Faster user provisioning with AutoProvision policies
    • Automated user provisioning
    • A self-service, web-based UI
    • Centralized reporting
    • Protection of critical data with business policies

    Watch the Video »

  • SPML Support Demo

    Quest offers, free of charge, an SPML 2.0 (service provisioning markup language) provider that enables any system that generates an SPML formatted request to connect through a web service and provision Active Directory. This software, exclusively from Quest, can also be used in tandem with ActiveRoles Server to better integrate ActiveRoles Server into heterogeneous environments.

    Watch the Video »

 

Quick Connect

 
  • Provisioning in 10 Min. or Less

    With Quick Connect administrators can:

    • Synchronize identities to other systems allowing an Active Directory user to log-on to non-Active Directory applications or data sources
    • Synchronize authorization objects between Active Directory HR and non-Active Directory data sources
    • Automatically reconcile associated objects between source and target systems

    Watch the Demo »

 

SharePoint Provisioning

   

ActiveRoles Self Service Manager

   

ActiveRoles Management Shell for Active Directory

 
  • ActiveRoles Server Management Shell for Active Directory Demo

    The ActiveRoles Management Shell for Active Directory is a set of predefined commands for Windows PowerShell, the new command line and scripting language developed by Microsoft. These commands are designed to help administrators automate common, repetitive and bulk management tasks such as creating, removing or updating objects in Active Directory.

    Watch the Demo »

  • ActiveRoles Server Management Shell for Active Directory Demo

    In large organizations, managing the authorization permissions of hundreds or even thousands of users creates a significant problem. One way that Active Directory addresses this issue is through the use of groups that provide a way to classify users according to their roles or activities. These groups can be used as the basis for authorization permissions.

    Watch the Demo »

 

Simplified Directory Consolidation

   

Quest vWorkspace and ActiveRoles Server

   

Integrated Two-Factor Authentication

   

Simplified IBM RACF Provisioning

   

How to Create Add-ons for ActiveRoles Server

   

How to Publish Add-ons for ActiveRoles Server

 

Take a tour of ActiveRoles Server

Screenshots 1 of 6

Screenshot #2 Screenshot #3 Screenshot #4Screenshot #5Screenshot #6

ActiveRoles Server

Securely know what users can view, the resources they can access and what they can do with that access.
Image 1 of 6 ActiveRoles Server

ActiveRoles Server

Find out who owns what resources and what they can access in Active Directory.
Image 2 of 6 ActiveRoles Server

ActiveRoles Server

Audit in real time what users did with the access they were granted.
Image 3 of 6 ActiveRoles Server

ActiveRoles Server

Automate views that are specific to your business.
Image 4 of 6 ActiveRoles Server

ActiveRoles Server

Reduce errors by standardizing directory information in the central policy engine.
Image 5 of 6 ActiveRoles Server

ActiveRoles Server

Reduce errors by standardizing directory information in the central policy engine.
Image 6 of 6 ActiveRoles Server

Case Studies

A Leading National Health Insurer Chooses Quest Software to Protect Active Directory ADT Stays Secure With Quest's Active Directory Management Solutions Azaleos Chooses Quest Service Provider Partner Program to Offer Fully Managed, Secure and Compliant Exchange 2010 Environments Barry University Adapts Quickly to Changes Using ActiveRoles Server to Automate Its Provisioning Process and Manage Active Directory Blaenau Gwent County Borough Council Automates and Secures User Provisioning as well as Reduces Helpdesk Calls by 67 Percent Brasfield & Gorrie Gets Active Directory Administration Under Control with Quest Software Cornell University Manages and Centralizes a Distributed AD Environment with Quest ActiveRoles Server DaimlerChrysler Speeds to Active Directory with ActiveRoles Gwinnett County Public Schools Finds a Better Way to Manage Electronic Accounts and Provisioning Independence Community Bank of New York Takes Control of Access Rights with ActiveRoles Server Large University Understands Importance of AD Management Migros Implements Quest One for Secure and Automated Identity Management Oldham Council Learns Quest has the Answer for Efficient and Secure AD Management PT Thiess Contractors Indonesia Boosts Accuracy of data and Reduces its Costs with ActiveRoles® Server Quest Email Migration and Provisioning Tools Save UK Utility Hundreds of Hours Quest Exchange and Active Directory Migrations Deliver a Great Performance at Arts Council England with Minimal User Impact Quest Improves the Efficiency and Security of La Caja De Canarias' Operations and Customer Transactions Quest Provides Healthy Solution to Help Rotherham PCT Remove IT Security Risks and Achieve Full ROI in Eight Months Quest Software Achieves Compliance and Improves Efficiency with Quest ActiveRoles Server Quest Solutions Help Georgian College Graduate to a More Secure, Easily Managed Active Directory and Exchange Environment Quest Solutions Make User Access and Provisioning Child's Play for Children's Memorial Hospital San Bernardino County Streamlines Identity and Access Management For Greater Efficiency Siemens Power Generation Turns to Aelita for Active Directory Management State of Vermont IT Staff Uses Toad DBA Suite for Oracle to Easily Find Bottlenecks, Saving 10 Hours of DBA Time Each Week Swiss Post Speeds Delivery of Active Directory with ActiveRoles The National College of Ireland Gets a Higher Education on Identity Management - and Greater Productivity - from Quest The W. P. Carey School of Business Makes a Smart Investment in Quest ActiveRoles™ Server Thiess Chooses ActiveRoles Server and Receives Immediate Return on Investment U.S. Army Europe Drives Defense Transformation Program With Quest Software's Microsoft Windows And Migration Tools University of the West of Scotland Gives Quest High Marks for Simplified Exchange/AD Migration from Novell Environment back to top

Support Docs, Notes and Guides

Release Notes and User Guides back to top
 

Learn More

Related Products

Support for This Product