Chat now with support
Chat mit Support

Identity Manager Data Governance Edition 9.2.1 - Technical Insight Guide

One Identity Manager Data Governance Edition Technical Insight Guide Data Governance Edition network communications Data Governance service Data Governance agents Resource activity collection in Data Governance Edition Cloud managed hosts permission level to role mapping QAM module tables Configurable configuration file settings
Data Governance service configuration file settings Data Governance agent configuration file settings
Configurable registry settings PowerShell commands
Adding the PowerShell snap-ins Finding component IDs Data Governance Edition deployment Service account management Managed domain deployment Agent deployment Managed host deployment Account access management Resource access management Governed data management Classification management

QAM views

The following One Identity Manager views (queries) retrieve Data Governance Edition resource activity and security information.

Table 12: QAM module: Views
View name Description
QAMResourceActivitySummary

Contains a summary view of who has generated activity events on what resources. The summary contains information about the trustee account, the managed host, and the activity the account generated on the resource.

Example:

Gary performed a delete operation on governed resource X located on managed host Y.

QAMResouceSecuritySummary

Contains a summary view of who has what security permissions on what resources. The summary contains information about the trustee account, the resource under governance, the managed host, and the access information that the account has on the resource.

Example:

Gary has AllowFullControlAccess on governed resource X located on managed host Y.

Resource types

The following resource types are referenced in Data Governance Edition data.

Table 13: Resource types
Value Resource type
0101 Windows Computer\Share
0102 Windows Computer\Local User Rights
0103 Windows Computer\Operating System Administrative Rights
0201 NTFS\File
0202 NTFS\Folder
0301 Service Identities\Windows Service Identity
0401 SharePoint\Farm
0402 SharePoint\FarmAdminRight
0403 SharePoint\WebAppPolicy
0404 SharePoint\SiteCollectionAdminRight
0405 SharePoint\ServiceApplicationPermission
0406 SharePoint\ResourceItem
0407 SharePoint\WebApplication
0408 SharePoint\SiteCollection
0409 SharePoint\Site
0410 SharePoint\List
0411 SharePoint\Folder
0412 SharePoint\ListItem
0601 DFS\Link
0701 NFS\File
0702 NFS\Folder
0801 Cloud\File
0802 Cloud\Folder

Trustee types

This table lists the types of accounts that Data Governance Edition is aware of.

Table 14: Trustee types
Value Trustee type
1 Domain User
2 Domain Group
3 Domain
4 Alias
5 Wellknown
6 Deleted
7 Invalid
8 Unknown
9 Computer
60000 Broadway
60001 Machine Local User
60002 Machine Local Group
60003 SharePoint Identifying Claim
60004 SharePoint Group
60005 SharePoint Claim
60006 Unix Owner
60007 Unix Group
60008 Unix Other
70001 AzureAD User
70002 AzureAD Group
70003 SharePointOnline User

70004

SharePointOnline Group

Configurable configuration file settings

Data Governance Edition provides configuration files for the Data Governance service and the Data Governance agents.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen