Active Roles installation.

Hi,

This surely a silly question but is there a way to install and testing Active Roles in our infrastructure without making any changes to it during the installation?

I know there is a free virtual trial option but was wondering if I can install it without making/registering anything in our AD infrastructure. 

Thank you, 
Ignacio

  • Strictly speaking, installation of Active Roles does not HAVE to "mark" your environment in any way.  Indeed, unless you expressly give its service account the ability to do so, it cannot even stamp its Service Connection Points into the System container of your AD.  This only becomes a "problem" if you want to run Powershell scripts "through" your Active Roles server without explicitly connecting to it in your code.

    Hope this helps.

  • Thanks a lot Johnny. 

    I read this on the configuration steps: 

    Configuring the Administration Service account
    When installing the Administration Service, you are prompted for the name and password of the Administration Service account—the account the Administration Service logs on to. This account must have sufficient permissions to:
    
    Gain administrative access to the computer running the Administration Service.
    Publish the Administration Service in Active Directory.
    Access any managed domain for which an override account is not specified.


    https://support.oneidentity.com/technical-documents/active-roles/7.2/quick-start-guide/2#TOPIC-856735

    You mean that I can install it with an unprivileged account and will work just enough to see it up and running but not performing any changes? :)

  • The privileges needed are:

    1) Ability to run the service on the AR Server

    2) Ability to read/write the AR configuration database in SQL (DBOwner) - (SA needed for initial app setup but can be rolled back)

    3) Ability to read AD (normal user)

    If you can supply all of the above, you can setup a "read only" version of AR that will only be able to make changes to its internal configuration.