社区

在这里,您可以找到需要的解决方案、提出问题、分享知识和经验、了解关于产品升级和新增功能的最新消息、下载最新版软件、获得专家建议和技巧、与产品团队交流,还有更多精彩等着您。

立即访问 »

ActiveRoles Server

简单安全的Active Directory

ActiveRoles Server可解决安全问题,并可通过保障和保护Active Directory的简单和高效性而始终满足永无止境的合规要求。 通过为用户和组管理以及Active Directory授权提供自动化工具,ActiveRoles Server可消除Active Directory的固有缺点,从而使您效率更高。 由于其模块化的架构,企业在今天和未来都有能力满足您的业务需求。

借助ActiveRoles Server,您可以:

  • 保护Active Directory的关键数据并制止对资源的肆意访问
  • 在AD和AD连接系统中自动创建安全用户和组管理账户

功能

安全访问——充当Active Directory的虚拟防火墙,使您可以放心地使用最低的高级权限模式分配管理访问权限。 基于规定的管理策略和相关权限可产生访问规则并加以严格执行,从而可消除AD管理方法中固有的错误和常见的不一致现象。 另外,强大的个性化审批程序建立了一整套IT流程,并监督​​与业务需求、协助目录数据自动化管理​​的责任链是否保持一致。

自动创建账户——自动完成一系列任务,其中包括:

  • 在AD中创建用户和组账户
  • 在Exchange中创建邮箱
  • 填充组
  • 在Windows中分配资源

ActiveRoles Server还可以自动化再分配和删除AD和AD连接系统中的用户访问权限(包括用户和用户组取消配置),以确保高效和安全管理用户和组寿命。 当需要更改或删除用户的访问权限时,将在AD、Exchange、SharePoint、Lync、Windows以及任何AD连接系统,如Unix、Linux和Mac OS X中自动进行更新。

日常目录管理——可简化以下管理:

  • Exchange收件人,包括邮箱/OCS分配、创建、移动、删除、权限和通讯组列表管理
  • 计算机,包括共享机、打印机、本地用户和组
  • Active Directory,包括AD LDS

ActiveRoles Server还拥有直观界面,可方便地通过嵌入式MMC和Web界面来改善日常管理和桌面操作体验。

在托管环境中管理组和用户——在客户端AD域与托管AD域的账户能够实现同步的托管环境中,可与Quick Connect串联。 ActiveRoles Server可将客户域的用户和组帐户管理应用于托管域中,同时还可同步属性和密码。

该解决方案可采用即时连接器将您的内部AD帐户与基于云的服务进行同步,如Salesforce.com、谷歌应用程序、Microsoft Office 365、Lync Online和SharePoint Online。

通过集成合并管理点——补充您的现有技术、身份和访问管理策略。 Extend All功能可轻松地与多种戴尔产品进行集成进而简化及合并管理点,其中包括Quick Connect、Identity Manager、Privilege Password Manager、Desktop Virtualization、Authentication Services、Defender、Password Manager、Webthority和ChangeAuditor。 ActiveRoles Server还可自动化和扩展PowerShell、ADSI、SPML和定制Web界面的功能。

系统要求

Quest One ActiveRoles includes the following components:

  • Administration Service
  • Console (MMC Interface)
  • Web Interface
  • Collector
  • Report Pack
  • Add-in for Outlook

The tables below outline system requirements for installing and running each of these components.

Administration Service hardware and software requirements

Platform1 GHz or higher Intel Pentium-compatible CPU.
Memory (RAM)1 GB or more recommended. The amount required depends on the total number of managed objects.
Hard Disk Space100 MB or more of free disk space. If SQL Server and Administration Service are installed on the same computer, the amount required depends on the size of the ActiveRoles database.
Operating System

You can install the Administration Service on a server running any of these operating systems:

  • Microsoft Windows Server 2008, Standard or Enterprise edition, 64-bit (x64), Service Pack 2
  • Microsoft Windows Server 2008 R2, Standard or Enterprise edition, Service Pack 1
  • Microsoft Windows Server 2012, Standard or Datacenter edition
  • Microsoft Windows Server 2012 R2, Standard or Datacenter edition
SQL Server

You can use any of these SQL Server versions to host the ActiveRoles database:

  • Microsoft SQL Server 2005, any edition, 32-bit (x86) or 64-bit (x64), Service Pack 2 or later
  • Microsoft SQL Server 2008, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack
  • Microsoft SQL Server 2008 R2, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack
  • Microsoft SQL Server 2012, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack

Microsoft SQL Server 2012 Native Client is required on the computer running the Administration Service. You can install SQL Server 2012 Native Client from the Redistributables page in the ActiveRoles DVD Autorun window.

Microsoft .NET FrameworkMicrosoft .NET Framework 4.5 (see "Installing the .NET Framework 4.5" at http://go.microsoft.com/fwlink/p/?LinkId=257868)

You can install .NET Framework 4.5 from the Redistributables page in the ActiveRoles DVD Autorun window.

Windows Management FrameworkWindows Management Framework 3.0 (see "Windows Management Framework 3.0" at http://go.microsoft.com/fwlink/p/?LinkId=272757)
ActiveRoles Management Shell for Active DirectoryAdministration Service requires version 1.7 of Quest One ActiveRoles Management Shell for Active Directory.

The Administration Service Setup program automatically installs the appropriate version of ActiveRoles Management Shell. Optionally, you can install ActiveRoles Management Shell from the Solutions page in the ActiveRoles DVD Autorun window.

Microsoft Exchange Server Management Tools
  • To manage Exchange 2010 recipients, ActiveRoles requires the Management Tools for Exchange 2010 Service Pack 3 or later to be installed on the computer running the Administration Service. Use the Exchange Server 2010 Setup program to install the Management Tools on the computer where you plan to install the Administration Service.
  • To manage Exchange 2007 recipients, ActiveRoles requires the Management Tools for Exchange 2007 Service Pack 2 or later to be installed on the computer running the Administration Service. Use the Exchange Server 2007 Setup program to install the Management Tools on the computer where you plan to install the Administration Service.
  • To perform the Move Mailbox task on Exchange 2003, ActiveRoles requires the Exchange Management Tools for Exchange 2007 to be installed on the computer running the Administration Service.
Microsoft Exchange Server 2013 Remote ShellActiveRoles uses remote Shell to manage Exchange 2013 recipients. Remote Shell requires the following software on the computer running the Administration Service:

Remote Shell also requires the following:

  • TCP port 80 must be open between the computer running the Administration Service and the remote Exchange 2013 server.
  • The user account the Administration Service uses to connect to the remote Exchange server (the service account or the override account) must be enabled for remote Shell.
  • Windows PowerShell script execution must be enabled on the computer running the Administration Service.
Operating System on Domain Controllers

ActiveRoles retains all features and functions when managing Active Directory on domain controllers running any of these operating systems, any edition, with or without any Service Pack:

  • Microsoft Windows Server 2003
  • Microsoft Windows Server 2003 R2
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2012 R2

Notes

  • Domain controllers running Microsoft Windows 2000 Server are not supported by Quest One ActiveRoles. Ensure that the Active Directory domains managed by Quest One ActiveRoles do not have Windows 2000 Server based domain controllers.
  • Quest One ActiveRoles deprecates managed domains with the domain functional level lower than Windows Server 2003. We recommend that you raise the functional level of the domains managed by Quest One ActiveRoles to Windows Server 2003 or higher.
Exchange Server

ActiveRoles is capable of managing Exchange recipients on any of these Exchange Server editions, with or without any Service Pack:

  • Microsoft Exchange Server 2003
  • Microsoft Exchange Server 2007
  • Microsoft Exchange Server 2010
  • Microsoft Exchange Server 2013

Note Microsoft Exchange 2000 Server is not supported.

Quest One ActiveRoles Console (MMC Interface) hardware and software requirements

Platform1 GHz or higher Intel Pentium-compatible CPU.
Memory (RAM)1 GB or more recommended. The amount required depends on the number of objects being administered.
Hard Disk SpaceAbout 100 MB of free disk space.
Operating System

You can install the ActiveRoles console on a computer running any of these operating systems:

  • Microsoft Windows Server 2008, Standard or Enterprise edition, 32-bit (x86) or 64-bit (x64), Service Pack 2
  • Microsoft Windows Server 2008 R2, Standard or Enterprise edition, Service Pack 1
  • Microsoft Windows 7, Ultimate, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64), Service Pack 1
  • Microsoft Windows Server 2012, Standard or Datacenter edition
  • Microsoft Windows Server 2012 R2, Standard or Datacenter edition
  • Microsoft Windows 8, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64)
  • Microsoft Windows 8.1, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64)
Web BrowserActiveRoles console requires Windows Internet Explorer 8.0 or later.
Microsoft .NET FrameworkMicrosoft .NET Framework 4.5 (see "Installing the .NET Framework 4.5" at http://go.microsoft.com/fwlink/p/?LinkId=257868)

You can install .NET Framework 4.5 from the Redistributables page in the ActiveRoles DVD Autorun window.

Quest One ActiveRoles Web Interface hardware and software requirements

Platform1 GHz or higher Intel Pentium-compatible CPU.
Memory (RAM)1 GB or more recommended. The amount required depends on the number of objects being administered.
Hard Disk SpaceAbout 100 MB of free disk space.
Operating System

You can install the ActiveRoles Web Interface on a Web server running any of these operating systems:

  • Microsoft Windows Server 2008, Standard or Enterprise edition, 64-bit (x64), Service Pack 2
  • Microsoft Windows Server 2008 R2, Standard or Enterprise edition, Service Pack 1
  • Microsoft Windows Server 2012, Standard or Datacenter edition
  • Microsoft Windows Server 2012 R2, Standard or Datacenter edition

Internet Services

ActiveRoles Web Interface requires Microsoft Internet Information Services (IIS) 7.0 or later.

On Windows Server 2008 or Windows Server 2008 R2, Web Interface requires the "Web Server (IIS)" server role with the following role services:

  • Web Server/Common HTTP Features/
    • Static Content
    • Default Document
    • HTTP Errors
    • HTTP Redirection
  • Web Server/Application Development/
    • ASP.NET
    • .NET Extensibility
    • ASP
    • ISAPI Extensions
    • ISAPI Filters
  • Web Server/Security/
    • Basic Authentication
    • Windows Authentication
    • Request Filtering
  • Management Tools/IIS 6 Management Compatibility/
    • IIS 6 Metabase Compatibility

On Windows Server 2012 or Windows Server 2012 R2, Web Interface requires the "Web Server (IIS)" server role with the following role services:

  • Web Server/Common HTTP Features/
    • Default Document
    • HTTP Errors
    • Static Content
    • HTTP Redirection
  • Web Server/Security/
    • Request Filtering
    • Basic Authentication
    • Windows Authentication
  • Web Server/Application Development/
    • .NET Extensibility 4.5
    • ASP
    • ASP.NET 4.5
    • ISAPI Extensions
    • ISAPI Filters
  • Management Tools/IIS 6 Management Compatibility/
    • IIS 6 Metabase Compatibility

You can use Server Manager to confirm that the "Web Server (IIS)" server role with the required role services is installed.

Additionally, Internet Information Services (IIS) must be configured to provide "Read/Write" delegation for the following features:

  • Handler Mappings
  • Modules

Use "Feature Delegation" in Internet Information Services (IIS) Manager to confirm that these features have delegation set to "Read/Write".

Web Browser

Any of the following Web browsers can be used to access the Web Interface:

  • Firefox 24 on Windows
  • Google Chrome 29 on Windows
  • Safari 5 on Windows
  • Windows Internet Explorer 7
  • Windows Internet Explorer 8
  • Windows Internet Explorer 9
  • Windows Internet Explorer 10
  • Windows Internet Explorer 11

A higher version of Firefox, Google Chrome, Safari or Internet Explorer can be made to work as a Web Interface client; however, the Web Interface pages of version 6.9.0 have been tested only against the Web browser versions listed above.

The Web browser should be run on a system with screen resolution of 1024x768 or higher.

Microsoft .NET FrameworkMicrosoft .NET Framework 4.5 (see "Installing the .NET Framework 4.5" at http://go.microsoft.com/fwlink/p/?LinkId=257868)

You can install .NET Framework 4.5 from the Redistributables page in the ActiveRoles DVD Autorun window.

Quest One ActiveRoles Collector hardware and software requirements

Platform500 MHz or higher Intel Pentium-compatible CPU.
Memory (RAM)512 MB or more recommended.
Hard Disk SpaceAbout 50 MB or more of free disk space. If SQL Server and Collector are installed on the same computer, the amount required depends on the size of the Collector database.
Operating System

You can install the ActiveRoles Collector on a computer running any of these operating systems:

  • Microsoft Windows Server 2008, Standard or Enterprise edition, 32-bit (x86) or 64-bit (x64), Service Pack 2
  • Microsoft Windows Server 2008 R2, Standard or Enterprise edition, Service Pack 1
  • Microsoft Windows 7, Ultimate, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64), Service Pack 1
  • Microsoft Windows Server 2012, Standard or Datacenter edition
  • Microsoft Windows Server 2012 R2, Standard or Datacenter edition
  • Microsoft Windows 8, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64)
  • Microsoft Windows 8.1, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64)
SQL Server

You can use any of these SQL Server versions to host the Collector database:

  • Microsoft SQL Server 2005, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack
  • Microsoft SQL Server 2008, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack
  • Microsoft SQL Server 2008 R2, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack
  • Microsoft SQL Server 2012, any edition, 32-bit (x86) or 64-bit (x64), with or without any Service Pack

Quest One ActiveRoles Report Pack software requirements

SQL Server Reporting Services

ActiveRoles Report Pack requires one of the following versions of SQL Server Reporting Services software:

  • Microsoft SQL Server 2005 Reporting Services, 32-bit (x86) or 64-bit (x64), with or without any Service Pack
  • Microsoft SQL Server 2008 Reporting Services, 32-bit (x86) or 64-bit (x64), with or without any Service Pack
  • Microsoft SQL Server 2008 R2 Reporting Services, 32-bit (x86) or 64-bit (x64), with or without any Service Pack
  • Microsoft SQL Server 2012 Reporting Services, 32-bit (x86) or 64-bit (x64), with or without any Service Pack
Operating System

You can install the ActiveRoles Report Pack on a computer running any of these operating systems:

  • Microsoft Windows Server 2008, Standard or Enterprise edition, 32-bit (x86) or 64-bit (x64), Service Pack 2
  • Microsoft Windows Server 2008 R2, Standard or Enterprise edition, Service Pack 1
  • Microsoft Windows 7, Ultimate, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64), Service Pack 1
  • Microsoft Windows Server 2012, Standard or Datacenter edition
  • Microsoft Windows Server 2012 R2, Standard or Datacenter edition
  • Microsoft Windows 8, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64)
  • Microsoft Windows 8.1, Professional or Enterprise edition, 32-bit (x86) or 64-bit (x64)
Quest Knowledge Portal

ActiveRoles Report Pack is compatible with:

  • Quest Knowledge Portal 2.0
  • Quest Knowledge Portal 2.5
  • Quest Knowledge Portal 2.6
  • Quest Knowledge Portal 2.7

Quest One ActiveRoles Add-in for Outlook software requirements

Microsoft Office OutlookAdd-in for Outlook requires Microsoft Office Outlook 2007 or later.
Microsoft .NET FrameworkMicrosoft .NET Framework 4.5 (see "Installing the .NET Framework 4.5" at http://go.microsoft.com/fwlink/p/?LinkId=257868)

You can install .NET Framework 4.5 from the Redistributables page in the ActiveRoles DVD Autorun window.

Other Microsoft Office Features

Add-in for Outlook also requires:

  • .NET Programmability Support for Microsoft Office Outlook
  • Microsoft Forms 2.0 .NET Programmability Support

You can install this prerequisite software by selecting the following installation options in the Setup program for the Microsoft Office system:

  • .NET Programmability Support under Microsoft Office Outlook
  • Microsoft Forms 2.0 .NET Programmability Support under Office Tools

视频

 

Access Control is Easy: Use Active Directory Groups and Manage Them Well

   

10 Steps to Cleaning Up Active Directory User Accounts and Keeping Them that Way

   

Beyond Least Privilege: How to Grant Administrator Authority without Losing Control

   

AD Audits: Top 7 Questions to Answer When Auditors Look at Account Management and Access Control in Active Directory

   

Keeping the Cloud in Sync with Your Active Directory

 
  • Keeping the Cloud in Sync with Your Active Directory

    It’s ironic that after working so hard to integrate on-premises applications with Active Directory that you are now moving applications to the cloud and encountering the same identity access control issues all over again. Thankfully many cloud vendors have anticipated this need and offer connection technologies for linking your Active

    Watch the Webcast »

 

Save Time: Use Existing Code to Create Templates, Workflows & Policies

   

Top 10 Cool Things You Can Automate in AD with PowerShell

 
  • Top 10 Cool Things You Can Automate in AD with PowerShell

    Security requires a lot of mundane, repetitive chores and hunting for needles in a haystack. PowerShell is an awesome way to automate those chores and in this webinar I’ll help you break into PowerShell and focus on automatic security related tasks with it. And that’s where the Free PowerShell Commands for Active Directory come in

    Watch the Webcast »

 

Workflow and permission capabilities in ActiveRoles Server

   

Active Directory delegation in ActiveRoles Server

   

Active Directory user and group account creation in ActiveRoles

 

Controlling Access to Cloud Entitlements to Satisfy Compliance

 

Understanding the Security Boundaries and Risks of Multiple Domains, Forests and Trust Relationships

 

Consolidating Active Directory Domains and Forests

 

截屏

管理AD对象

ActiveRoles Server

通过可自定义的Web界面管理Active Directory对象。

可自定义的Web界面

ActiveRoles Server

通过可自定义的Web界面管理Active Directory对象。

AD对象策略

ActiveRoles Server

通过将企业策略应用于Active Directory对象中,让您的Active Directory保持井井有条。

审核访问

ActiveRoles Server

实时审核用户利用被授予的访问权限进行了哪些操作。

自动工作流程

ActiveRoles Server

通过工作流程实现工作自动化。 通过点击式工作流程设计器实现。

配置和管理

ActiveRoles Server

通过一项桌面应用配置ActiveRoles Server并管理您的Active Directory对象。

PowerShell

ActiveRoles Server

使用PowerShell模块安全地管理用户账号、组、计算机账户以及ActiveRoles Server配置。

文件

白皮书

10 Steps to Cleaning up Active Directory User Accounts and Keeping Them That Way Access Control Is Easy, Use Active Directory Groups and Manage Them Well Active Directory’s Security Challenges Solved Be the Master of your Domain - Understanding WS08 and ADDS Better Together: How the Quest One Identity Solution Products Enhance Each Other Business Brief: Making Your Job—and the Job of Compliance—Easier Than You Ever Imagined Dell Connected Security - Software Solutions IAM for the Real World: Access Governance IAM for the Real World: Access Management IAM for the Real World: Access Management IAM for the Real World: Privileged Account Management IAM for the Real World: Simplifying Complexity IAM for the Real World: User Activity Monitoring Identity and Access Management for the Real World: The Fundamentals Identity and Access Management: You Have to Be Compliant, You Want Security and Efficiency. Why Not Get It All? Improving Identity and Access Management in an SAP Environment IT in the Financial Sector - The Key to Thriving in a Challenging Economy Kuppinger Cole Vendor Report - Quest Software Meeting Change Management and Monitoring Compliance Needs in a Microsoft-Centric Network PowerShell in the Enterprise: Best Practices and Recommendations Securing Access to Cloud Entitlements to Satisfy Compliance Simplifying IT Administration and Automation with Quest Six Steps to Achieving Data Access Governance Tenets of Identity Management The 12 Essential Tasks of Active Directory Domain Services The Active Directory Management and Security You’ve Always Dreamed Of The Keys to the Kingdom: Limiting Active Directory Administrators Top Ten Troublesome Tweets about Active Directory User Provisioning: Getting The Most Bang for the IT Buck Windows 2012 Dynamic Access Control (DAC) 返回页首

案例分析

A Leading National Health Insurer Chooses Quest Software to Protect Active Directory ADT Stays Secure With Quest's Active Directory Management Solutions Azaleos Chooses Quest Service Provider Partner Program to Offer Fully Managed, Secure and Compliant Exchange 2010 Environments Barry University Adapts Quickly to Changes Using ActiveRoles Server to Automate Its Provisioning Process and Manage Active Directory Blaenau Gwent County Borough Council Automates and Secures User Provisioning as well as Reduces Helpdesk Calls by 67 Percent Brasfield & Gorrie Gets Active Directory Administration Under Control with Quest Software Brighter Future for Knox County Schools Children’s Hospital simplifies account management Cornell University Manages and Centralizes a Distributed AD Environment with Quest ActiveRoles Server DaimlerChrysler Speeds to Active Directory with ActiveRoles Gwinnett County Public Schools Finds a Better Way to Manage Electronic Accounts and Provisioning Independence Community Bank of New York Takes Control of Access Rights with ActiveRoles Server Insurance company saves 75 percent of a service desk FTE within nine months of launch Johnson Matthey accelerates AD consolidation Large Global Bank Relies on Quest to Save More than $1 Million Each Year on User Password Resets Large University Understands Importance of AD Management Migros Implements Quest One for Secure and Automated Identity Management Migros Turns to Quest to Easily Automate SAP Synchronization with AD/Exchange Environments - A4 NUI Galway Gets an Education from Quest in Consolidating its IT Platforms on Time and Automating User Provisioning, Saving €40K Annually Oldham Council Learns Quest has the Answer for Efficient and Secure AD Management PT Thiess Contractors Indonesia Boosts Accuracy of data and Reduces its Costs with ActiveRoles® Server Quest Email Migration and Provisioning Tools Save UK Utility Hundreds of Hours Quest Exchange and Active Directory Migrations Deliver a Great Performance at Arts Council England with Minimal User Impact Quest Improves the Efficiency and Security of La Caja De Canarias' Operations and Customer Transactions Quest Provides Healthy Solution to Help Rotherham PCT Remove IT Security Risks and Achieve Full ROI in Eight Months Quest Software Achieves Compliance and Improves Efficiency with Quest ActiveRoles Server Quest Solutions Help Georgian College Graduate to a More Secure, Easily Managed Active Directory and Exchange Environment San Bernardino County Streamlines Identity and Access Management For Greater Efficiency Siemens Power Generation Turns to Aelita for Active Directory Management Spanish university improves IT efficiency by 60 percent State of Vermont IT Staff Uses Toad DBA Suite for Oracle to Easily Find Bottlenecks, Saving 10 Hours of DBA Time Each Week Swedish council enjoys secure user athentication Swiss Post Speeds Delivery of Active Directory with ActiveRoles The National College of Ireland Gets a Higher Education on Identity Management - and Greater Productivity - from Quest The W. P. Carey School of Business Makes a Smart Investment in Quest ActiveRoles™ Server Thiess Chooses ActiveRoles Server and Receives Immediate Return on Investment TMB improves AD management and security U.S. Army Europe Drives Defense Transformation Program With Quest Software's Microsoft Windows And Migration Tools Universidad de La Rioja manages AD more efficiently University delivers fast, low-impact systems migration Vallentuna kommun automates and secures its Active Directory management for government and HR systems Working Together to Improve Public Safety: Wake County, NC Sherriff's Office 返回页首