This glossary outlines foundational terms used throughout the Activate IAM platform. Understanding these terms will help stakeholders and technical users navigate the product, architecture, and implementation materials with clarity.

A digital representation of a user (employee, contractor, service account, etc.) within an organization. Each identity is typically linked to a unique identifier, such as an email address or employee ID.

The automated process of creating accounts and granting access to systems or applications based on a user’s role or attributes.

The removal or disabling of user accounts and access when they are no longer required — for example, when an employee leaves the organization.

A specific access right or permission within a system (e.g., "Read-only access to Salesforce Reports"). Entitlements can be grouped into roles.

A collection of entitlements assigned based on a user’s job function or department. Roles simplify access management and are often tied to policies (e.g., "Finance Analyst Role").

An access control model where users receive permissions based on assigned roles. This model helps enforce least privilege.

An access control model that uses user, resource, or environment attributes (e.g., department = "HR", location = "US") to make access decisions dynamically.

The authoritative system from which identity data is imported (e.g., HRIS like Workday or SAP SuccessFactors).

Any downstream application or service where identities need access (e.g., Active Directory, Okta, Salesforce).

A user-initiated process to gain access to new systems or roles, often requiring manager or system owner approval.

A periodic process where managers or data owners validate that users still require their existing access — critical for compliance.

The component that defines and evaluates access rules (e.g., who gets what access under which conditions).

An integration module that enables Activate to read/write data from external systems (e.g., provisioning accounts in Azure AD).

A complete, immutable log of identity-related events, including provisioning actions, access approvals, and policy evaluations.

What is Activate?

Key terms

Microsoft’s cloud platform providing infrastructure, networking, storage, and application services. In Activate, it’s used as the hosting environment or for integration with Microsoft 365 and Entra ID services.

Azure

DotNetVersion

Microsoft Entra Connect (formerly Azure AD Connect) is a tool that syncs on-premises Active Directory identities with Microsoft Entra ID, enabling hybrid identity and seamless access to cloud resources.

Microsoft_Entra_Connect

Active Directory (AD) is Microsoft’s directory service that stores and manages user accounts, devices, and permissions, enabling secure authentication and centralized access control within a Windows network.

Active_Directory

ActivateJobService

ActivateAdministrator

SupportedPowerShellVersions

SupportedOSVersions

SupportedSQLVersions

Name that identifies the instance of Activate.  This is only used by Administrators and isn't displayed to end users.

instance_name

An installation type of Activate where there is no local domain connection, all authentication, authorisation and identity management is handled by Entra ID.

Cloud_Only

Microsoft Entra ID (formerly Azure Active Directory) is Microsoft’s cloud-based identity and access management service, providing secure authentication, user lifecycle management, and access control for Microsoft 365 and other apps.

Microsoft_Entra_ID

A software switch that enables or disables functionality at runtime without redeploying code. In Activate, they are configured under //Resources/Configuration/FeatureFlags.

feature_flag

Microsoft module for managing Exchange Online, using modern authentication and REST API–based cmdlets for faster, more reliable automation of mailboxes, compliance, and organisation settings.

EXO_V3_PowerShell_Module

An Organizational Unit (OU) is a container in Active Directory used to organise users, groups, computers, and other objects within a domain. OUs help structure resources logically and apply group policies for easier management and administration.

A User Type is a template in Activate that defines rules, attributes, and behaviours for a category of users (e.g., Employee, Contractor), ensuring consistent user account setup and configuration.

User_Type

A resource object in Activate representing a physical or virtual Exchange Server

Exchange_Server_Resource

Defines the object type that the resource will emulate or operate as.

Class_parameter

Clonesthe selected inherited parameter to make a local copy to override the value

Override

Runs the Activate Provisioning Server and performs actions across target systems.

Orchestrator_Account

Audit_Trail

Connector

Access_Certification_and_Review

Access_Request

Target_System

Identity_Source

ABAC_Attribute-Based_Access_Control

RBAC_Role-Based_Access_Control

Role

Entitlement

Deprovisioning

Provisioning

Identity

This is the process of bringing on a new user

Onboarding

Hierarchical Role-Based Provisioning automates user access by assigning roles based on organisational structure, ensuring users inherit the correct permissions and resources aligned to their position or function.

Hierarchical_Role-Based_Provisioning

A group email address that automatically forwards messages to all its members, allowing you to send emails to multiple recipients at once.

Distribution_List

An expression is a conditional statement using Activate expression syntax.

expression

AzureProductName

System Overview

Activate Knowledge Centre

For Engineers

For Architects

For Service Desk

For C-Suite and Decision Makers

For Partners & Analysts

Welcome to Activate Knowledge Centre

Introduction

Solution Architecture Overview

Overview

Key Components

Deployment Models

Security Architecture Overview

Azure/EntraID and Activate

Workflow Designer

Platform Governance and Operations

Core Architecture

System Requirements

Activate Application Server Azure Requirements

Deployment Infrastructure

High Availability Introduction

High Availability Architecture Strategies

Capacity Planning & Sizing

Scalability & Availability

Supported Integrations

Integrations

Architecture

8.3.13

8.3.12

8.3.11

8.3.10

8.3.9

8.3.8

8.3.7

8.3.6

8.3.5

8.3.4

8.3.3

8.3.2

8.3.1

8.3.0

8.2.9

8.2.8

8.2.7

8.2.6

8.2.5

8.2.4

8.2.3

8.2.2

8.2.1

8.2.0

8.1.8

8.1.7

8.1.6

8.1.5

8.1.4

8.1.3

8.1.2

8.1.1

8.1.0

8.0.2

8.0.1

8.0.0 Previous Releases

Release Notes

Features

Identity Manager

Capabilities

Distribution List Manager

Supported Deployment Models

Shared Mailbox Manager

Privileged Access Manager

Automated Provisioning

Service Management

Microsoft Teams Manager

How To

Role Manager

Folder Manager

Currently Supported Providers

Connection Integration

ITSM Service Desk Integrations Manager

Asset and License Manager

Architecture Overview

Security Group Compliance Manager

Security Group Manager

Password Policy & Reset Manager

Hosting Models

Identity and Infrastructure Deployment Models

Server Requirements

SQL Server Requirements

Exchange Requirements

Network Requirements

Service Accounts and Groups

Active Directory Permissions

Anywhere Standalone Server Requirements

Azure SQL Database Requirements

Getting Started

1. Prepare for Installation

2. Provision Activate Server

3. Install Activate

4. Install Anywhere

5. Test

Installation

Unable to grant Database admin rights

Adjust Anywhere Target Server

Legacy mailboxes displayed in Outlook even after permissions removed

Error During Activate Installation: Access is Denied

Activate install wizard cannot find the domain

Error  Common Language Runtime detected an invalid program.

Browser prompts for Username/Password

Write Access Denied on new install

Troubleshooting

Directory Connection Configuration

Configuration Wizard Help

Installation & Setup

Get Started with Distribution Lists

Configure Create DL

Manage Cloud Only Distribution Lists

Minimum Permissions Required to Manage Distribution Lists

Distribution List Find Owner

Advanced Search for DL Membership

Distribution Lists

Setup & Configuration

Identity & Access Manager

Active Directory

LDAP

Microsoft Exchange

Okta

Environment Connections

Configuration