Chat now with support
Chat mit Support

Identity Manager Data Governance Edition 9.2.1 - IT Shop Resource Access Requests User Guide

One Identity Manager Data Governance Edition IT Shop Resource Access Requests User Guide Resource access requests Share creation requests PowerShell commands

Remove-QManagedResourceType

Removes a managed resource type from the Data Governance Edition deployment.

Syntax:

Remove-QManagedResourceType -Id <String> [<CommonParameters>]

Table 27: Parameters
Parameter Description
Id

Specify the ID (GUID format) of the managed resource type to be removed.

Run the Get-QManagedResourceType cmdlet without any parameters to retrieve a list of available managed resource types and associated IDs.

Examples:
Table 28: Examples
Example Description
Remove-QManagedResourceType -Id a816fe83-6d49-4f43-9c0a-b37589e1058d Removes the specified managed resource type from the Data Governance Edition deployment.

Set-QManagedResourceType

Updates an existing managed resource type in the Data Governance Edition deployment.

Syntax:

Set-QManagedResourceType -Id <String> [-Name [<String>]] [-Description [<String>]] [-FullControlAddToGroupID [<String>]] [-RecipientAddToGroupID [<String>]] [-PublishToITShop <Boolean>]] [-SetRestrictionList [<Boolean>]] [-ServerSelectionScriptID [<String>]] [-ContainerAERole [<String>]] [-BusinessOwnerType [<Int32>]] [<CommonParameters>]

Table 29: Parameters
Parameter Description
Id Specify the ID of the managed resource type to be updated.
Name (Optional) Specify this parameter to change the name of the managed resource type.
Description (Optional) Specify this parameter to add or change the description of the managed resource type.
FullControlAddToGroupID (Optional) Specify this parameter to change the managed group template being used to build the domain-specific full control group for this managed resource type.
RecipientAddToGroupID (Optional) Specify this parameter to change the managed group template being used to build the group where the recipient is to be added when the resource is created.
PublishToITShop (Optional) Specify this parameter to change the flag that indicates whether a managed resource associated with this resource type should be published to the IT Shop after it is created.
SetRestrictionList

(Optional) Specify this parameter to change the flag that indicates whether to set a restriction list for a managed resource associated with this resource type after it is created.

  • $true: Run the SetRestrictionList subroutine to set a restriction list for this resource type. By default, the SetRestrictionList subroutine creates a restriction list based on the department, location and cost center properties defined in the requester's Person record.
  • $false: (Default) No restriction list applies to this resource type.
ServerSelectionScriptID

(Optional) Specify this parameter to change the default server selection script to be run to determine an eligible server to create the share on.

Run the Get-QServerSelectionScript cmdlet without any parameters to retrieve a list of available server selection scripts and their IDs.

ContainerAERole

(Optional) Specify this parameter to change the parent role under which new roles are to be created. That is, if the business owner type is set to role-based ownership (value of 0), then any roles created will have this container AERole set as the parent role.

BusinessOwnerType

(Optional) Specify this parameter to change the business ownership to be assigned to newly created managed resources of this type. Valid values are:

  • 0: (Default) Role-based ownership. A new role will be created to own the resource.
  • 1: Employee-based ownership. This is equivalent to the behavior in version 7.0.1.
Examples:
Table 30: Examples
Example Description
Set QManagedResourceType -Id a816fe83-6d49-4f43-9c0a-b37589e1058d -PublishToITShop $false Updates the specified managed resource type, indicating that a resource associated with this resource type should not be published to the IT shop after the resource is created.

Managed resource type domain object management

A managed resource type domain object contains various Active Directory specific settings for a managed resource type.

Note: In this release, the basic configuration includes only one managed resource type, Simple Share; therefore, for each managed domain, the managed resource type object specifies the Active Directory container where new groups are to be created and the group to be given full administrative control to the share.

The following commands are available to manage your group containers, which are used in file system share requests in the IT Shop. For full parameter details and examples, click a command in the table or see the command help, using the Get-Help command.

Table 31: Managed resource type domain object management commands

Use this command

If you want to

Add-QManagedResourceTypeDomain Add a managed resource type domain object to the Data Governance Edition deployment.
Get-QManagedResourceTypeDomain

Retrieve a managed resource type domain object from the Data Governance Edition deployment.

You can retrieve a specific object based on resource type or Active Directory domain or you can retrieve all managed resource type domain objects in the database.

Remove-QManagedResourceTypeDomain Remove a managed resource type domain object from the Data Governance Edition deployment.
Set-QManagedResourceTypeDomain Update the settings in an existing managed resource type domain object.

Add-QManagedResourceTypeDomain

Adds Active Directory domain specific settings for a managed resource type.

Syntax:

Add-QManagedResourceTypeDomain -ManagedResourceTypeID <String> -DomainID <String> [-ContainerID [<String>]] [-FullControlGroupID [<String>]] [-FileOperationsServerTagID [<String>]] [<CommonParameters>]

Table 32: Parameters
Parameter Description
ManagedResourceTypeID Specify the ID (GUID format) of the managed resource type to add.
DomainID

Specify the ID (GUID format) of the Active Directory domain this object applies to.

NOTE: The ID can be located in the ADSDomain table in One Identity Manager after Active Directory synchronization is complete (UID_ADSDomain).

ContainerID

Specify the ID (GUID format) of the Active Directory container to use for managed group creation for a given managed resource type and Active Directory domain.

NOTE: The ID can be located in the ADSContainer table in One Identity Manager after Active Directory synchronization is complete (UID_ADSContainer).

FullControlGroupID

(Optional) Specify the ID (GUID format) of the Active Directory group to give full control access.

NOTE: Only groups that have been previously synchronized with One Identity Manager are available.

FileOperationsServerTagID

(Optional) Specify the value of the Server tag (Server Function) that identifies which job servers can fulfill functions involving file operations. That is, operations involving the creation of folders and shares on managed hosts. Enter the value assigned to the server tag when it was created, which may be an ID, such as QAM-Connector-DGE, for predefined server tags or a GUID for custom server tags.

If this parameter is not specified, the Data Governance Connector (QAM-Connector-DGE server function) is used.

Examples:
Table 33: Examples
Example Description
Add-QManagedResourceTypeDomain –ManagedResourceTypeID 7ade8b8d-a400-4fb1-ab82-6d424feeb63e –DomainID 50905871-5379-455d-8b65-c4bd02360bdb –ContainerID 5d3b3e7b-926b-429c-961b-d4bbe1611cac
-FullControlGroupID 6de1fc3d-795f-41a4-b1cb-b0e1192ca547
Adds the necessary Active Directory domain settings for a managed resource type.
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen