What are the benefits and features of DRA 9.0?

  • 7017941
  • 11-Aug-2016
  • 12-Aug-2016


NetIQ Directory & Resource Administrator 9.0


What are the benefits and features of DRA 9.0?

DRA 9.0 Release Notes


Directory and Resource Administrator and Exchange Administrator 9.0.0 includes new features, improves usability, and resolves several previous issues.

Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs. You can post feedback in the Directory and Resource Administrator and Exchange Administrator forum on NetIQ Communities, our online community that also includes product information, blogs, and links to helpful resources.

The documentation for this product is available on the NetIQ website in HTML and PDF formats on a page that does not require you to log in. If you have suggestions for documentation improvements, click comment on this topic at the bottom of any page in the HTML version of the documentation posted at the Directory and Resource Administrator and Exchange Administrator (DRA) NetIQ Documentation page. To download this product, see the Directory and Resource Administrator and Exchange Administrator Product Upgrade website.

1.0 What’s New?

The following outline the key features and functions provided by this version, as well as issues resolved in this release:

1.1 Operating System and Software Support

Directory and Resource Administrator and Exchange Administrator now supports managing Microsoft Office 365 licenses and Exchange Online mailboxes. For detailed information, see the Directory and Resource Administrator and Exchange Administrator Administrator Guide and the Directory and Resource Administrator and Exchange Administrator User Guide.

1.2 Enhancements and Software Fixes

Directory and Resource Administrator and Exchange Administrator includes the following enhancements:

New Office 365 Exchange Online Support

DRA now supports the following Exchange Online features:

  • Enable Exchange Online archive mailbox

  • Disable Exchange Online archive mailbox

  • Manage Exchange Online mailbox delegation

  • Manage Exchange Online mail flow

  • Manage Exchange Online Litigation Holds

This version also adds new DRA policies to manage Office 365 licenses via group membership.

REST API and PowerShell Module Support

This version adds two new services, NetIQ DRA Host Service and NetIQ DRA Rest Service, to support a new set of RESTful interfaces. For more information see the NetIQ Directory and Resource Administrator REST Services release notes that is packaged with the REST services installer.

Standalone Health Check Utility

This utility allows you to monitor the health of your Directory and Resource Administrator environment and can be installed or uninstalled irrespective of your DRA installation. You can also use this utility to check the health of older versions of DRA that you have currently installed—especially DRA 8.6 SP2—before upgrading to DRA 9.0.

The AD Collector Completes With a Warning

The AD Collector no longer completes with a dynamic group warning. (ENG338342)

Advanced Queries Not Working Properly

Advanced queries not return complete results. (ENG337394)

Folders Are Deleted After an Upgrade

The file transfer folder is no longer deleted from the primary DRA server after an upgrade. (ENG335738)

A Set Group Membership Approval Search Returns Incorrect Results

The Set Group Membership Approval Search now filters the results properly. (ENG338069 and ENG338367)

Memory Leak

There is no longer a memory leak from DRAExchShell.exe or MCSAdminSvc.exe. (ENG335025)

Incorrect Warning Displays

DRA now displays the correct warning when an LDS is not available on a secondary DRA server. (ENG337467)

UserCopy Operation Not Working Correctly

The UserCopy operation now performs correctly when used in a pre-task trigger script. (ENG321832)

DRA Admin Service Stops Unexpectedly When Executing a Custom PowerShell Script

The DRA admin service no longer stops unexpectedly when running a custom powershell script. (ENG337319)

Incorrect Results When Using the Exchange Administrator Command Line Tool

DRA sets the incorrect rule when using the Exchange Administrator command line tool to add a group to an ActiveView. (ENG339128)

Assistant Administrators

Assistant Administrators in nested groups from trusted domains no longer lack the appropriate powers. (ENG335887)

Cannot View Mailbox Rights After Converting from Exchange 2003 to Exchange 2007

You can now view Mailbox Rights through DRA after converting your Exchange 2003 mailboxes to Exchange 2007. (ENG243637)

Domain Cache Refresh Failure

The domain cache no longer fails when the NetBIOS name differs from the domain name. (ENG335994)

Assistant Administrator Activity Detail Report Doesn't Include Timestamp

The Date column on the AA Activity Details report now displays a timestamp along with the date. (ENG301894)

Bad Password Causes the Upgrade to Fail

Using a password that contains a space or a semi-colon no longer causes an upgrade failure. (ENG336212)

DRA Modifies Search Criteria Incorrectly

DRA no longer incorrectly modifies a search string when running an advanced search with a VA filter. (ENG338701)

API Fails to Retrieve the MemberOfAttribute for UserGetInfo

The REST API no longer fails to retrieve the MemberOfAttribute for UserGetInfo. (ENG337969)

Deleted Users Can Still Receive Email

A mail-enabled contact that has been deleted can no longer be sent email if the deleted contact is still in the sender’s local address book. (ENG338751)

The traceService Log Path in the Configuration File Restores Itself

The traceService Log path within the REST API configuration file no longer gets reset each time the service is restarted. (ENG337970)

DRA Is Unable to Create Mail-enabled Objects

DRA can now create mail-enabled objects after the service is restarted. (ENG338113)

Attempting to Create an Assistant Administrator Group Using Wildcard Rules Triggers an Error

You can now create an Assistant Administrator Group in the Win32 console using any wildcard rule. (ENG336736)

Setting DC Preferred to an Invalid DC Causes the DRA Cache Process to Fail

The DRA FACR/IACR will no longer fail if you set an invalid value for DC Preferred in the registry. (ENG338815)

2.0 System Requirements

For detailed information on hardware requirements and supported operating systems and browsers, see the NetIQ Directory and Resource Administrator and Exchange Administrator Installation Guide.

3.0 Installing Directory and Resource Administrator and Exchange Administrator

To install Directory and Resource Administrator and Exchange Administrator, see the NetIQ Directory and Resource Administrator and Exchange Administrator Installation Guide.

3.1 Installation Considerations

The following considerations apply when you install this version:

  • To manage Exchange Online mailboxes you must install DRA on Microsoft Windows 2008 R2 or above.

  • You must also install Windows Azure Active Directory Module for Windows PowerShell as well as Microsoft Online Services Sign-in Assistant. For more information, refer to the NetIQ Knowledge Base article 7016493 or contact Technical Support.

  • DRA no longer requires installation of Exchange Server 2010 or 2013 management tools on the Administration server computer. To remotely manage an Exchange Server 2010 or 2013 server, DRA now requires only Powershell 2.0 and Windows Remote Management (WinRM) 2.0 to be installed on the Administration server.

    This is not true of Exchange Server 2007 objects. You must install the Exchange 2007 management tool onto the respective DRA server and that DRA server must be installed in the same domain as the Exchange Server 2007 server in order to manage Exchange Server 2007 objects.

3.2 Post-Installation Considerations

The following considerations apply after you install this version:

  • You must apply a license using the Health Check utility or the Delegation and Configuration console. If you use the Delegation and Configuration console, you must log on as the DRA service account to apply the license.

  • To add the first managed domain in the Delegation and Configuration console, you must log on as the DRA service account. After the full accounts cache refresh completes, all DRA Admins have their assigned powers.

4.0 Known Issues

NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.

4.1 Exchange Online Policy Enabled but No Office 365 Tasks Tab for Objects

After enabling the Exchange Online policy, you must restart the DRA service to manage Office 365 mailbox properties in DRA or to manage Office 365 in DRA. (ENG337700)

4.2 DRA Server Upgrade Failed

When upgrading from DRA 8.7.x to 9.0, the DRA server does not get upgraded because the user lacks the permissions needed to modify a cached MSI file. (ENG338327)

Workaround: Go to %windir%\installer and right-click the MSI file. Select Properties from the menu and go to the Security tab. Give the Modify permission to the System and the logged-in user.

4.3 The DRA 9.0 Health Check Standalone Utility Returns an Error

The DRA 9.0 Health Check standalone utility returns an error for the AD LDS instance when run against DRA 8.6.x server and the schema check when the registry entries for the port contains junk values. (ENG338558)

Workaround: Open the registry key at HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mission Critical Software\OnePoint\Administration\Modules\ServerConfiguration\ADAMConfiguration\LDAPPort and re-enter the actual LDAPPort key value.

4.4 AD Collector Fails

If, after upgrading to DRA 9.0, the AD collector is configured or any new domain is configured for data collection, the AD collector fails. (ENG338934)

Workaround: Selecting too many attributes across all the configured classes may cause DRA to exceed the maximum SQL row size. Remove some of your attribute selections to address this problem.

4.5 Cannot Unistall DRA When Logged in to The Computer as Someone Other Than the Local Administrator

It is possible to install DRA onto a machine when logged in as someone other than the machine's domain Administrator; however, you cannot unistall DRA under the same scenario. (ENG338581)

Workaround: To uninstall DRA, launch the .msi file from the setup.exe file.

4.6 A DRA Installation Cannot Be Repaired If the Services Are Stopped

If all services—DRA, IIS, WWW—are stopped, an attempt to repair the DRA installation will fail. (ENG339202)

Workaround: Start a service before attempting to repair the installation.

4.7 User Cannot Clone Another User from the Web Console

A user cannot clone another user from the web console if that user has an Exchange 2010 Mailbox with only "Exchange Online Administration support" enabled. (ENG339423)

Workaround: Enable the Exchange 2010 policy on the domain’s Exchange server.

4.8 Apply Button Is Unpredictable

All of your changes might not be applied if you click the Apply button multiple times without closing the Mailbox Delegation tab for an Office 365 mailbox. (ENG339367)

Workaround: Close and re-open the dialog to apply additional changes.

4.9 Office 365 License Update Job Not Performing Properly

The Office 365 license update job on the Tenant properties page does not assign licenses to all users in the policy group. This can be the result of reaching your Exchange Online license limit. (ENG339333)

Workaround: If you have reached your license limit, either purchase more licenses or remove users from the policy groups. If you have sufficient licenses, run the license update job manually or wait for it to run at its next scheduled time.