Chat now with support
Chat mit Support

Identity Manager Data Governance Edition 9.2.1 - Technical Insight Guide

One Identity Manager Data Governance Edition Technical Insight Guide Data Governance Edition network communications Data Governance service Data Governance agents Resource activity collection in Data Governance Edition Cloud managed hosts permission level to role mapping QAM module tables Configurable configuration file settings
Data Governance service configuration file settings Data Governance agent configuration file settings
Configurable registry settings PowerShell commands
Adding the PowerShell snap-ins Finding component IDs Data Governance Edition deployment Service account management Managed domain deployment Agent deployment Managed host deployment Account access management Resource access management Governed data management Classification management

usageFlushIntervalInSeconds

Use this configuration setting to define the frequency (in seconds) at which auditing information being held in memory is flushed to disk.

Table 83: Agent configuration setting: usageFlushIntervalInSeconds
Configuration file %ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Agent Services\DataGovernance.Agent.exe.config
Section name

<Section name="Agent">

  <Section name="Services">

    <Section name="ResourceUsage">

Setting <Setting name ="usageFlushIntervalInSeconds" type="dword">
Value

Default: 10 seconds

How to modify

Replace value as required.

Notes The shorter the interval, the smaller the window in which potential data loss can occur. Each flush operations causes disk access, which may lead to undue disk space usage it if the value is set too low.

windowsComputerResourceResolutionInSeconds

Use this setting to change the number of seconds between full scans of the various resources within the Windows Computer resource namespace.

Table 84: Agent configuration setting: windowsComputerResourceResolutionInSeconds
Configuration file %ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Agent Services\DataGovernance.Agent.exe.config
Section name

<Section name="Agent">

  <Section name="Services">

    <Section name="windowsComputer">

Setting <Setting name ="windowsComputerResourceResolutionInSeconds" type="dword">
Value

Default: 60 seconds

How to modify

Replace value as required.

Configurable registry settings

There are registry settings that can be configured for the Data Governance service.

NOTE: Legacy Data Governance agent registry settings are no longer available. Use the agent's configuration file to modify agent configurations that are not available in the Manager client. For more information, see Data Governance agent configuration file settings.

IMPORTANT: One Identity does not provide support for problems that arise from improper modification of the registry. The Windows registry contains information critical to your computer and applications. Make sure you back up the registry before modifying it. For more information on the Windows Registry Editor and how to back up and restore it, refer to Microsoft Article ID 256986: Windows registry information for advanced users, on the Microsoft support site.

Data Governance service registry settings

The following Data Governance service settings can be altered or created in the registry to modify the default behavior.

Note: After modifying a registry key, restart the Data Governance service and Manager to apply the changes.

Table 85: Registry key settings: HKEY_CURRENT_USER
Registry key setting Description
Agent query timeout (AsyncQueryTimeoutInMinutes) Specifies the maximum amount of time (in minutes) an agent query can run before it times out.
Resource access data points (MaxDataPoints) Specifies the maximum number of data points to be included in a Resource Access report.
View deviations data points (MaxDataPoints) Specifies the maximum number of data points to be included when viewing deviations.
Data governance overview results (MaxResults) Specifies the maximum number of records to be returned and displayed on the Data governance overview.
WCF timeouts (wcfTimeoutInMinutes) Specifies the maximum amount of time it should take a WCF command to complete before it times out.
Reporting timeout (WcfTimeoutReportingInMinutes) Specifies the maximum amount of time it should take to generate a report before it times out.
Table 86: Registry key settings: HKEY_LOCAL_MACHINE
Registry key setting Description
Write default classification level data to database (ClassificationLevelDefaultData) Indicates whether the default classification level data is to be written to the One Identity Manager database.
Default employee SID (DefaultEmployeeSid) Specifies the SID of the default employee used by the Data Governance topology harvest process.
Explicit exclusion of groups (ExclusionByDN) Indicates whether to exclude groups from self-service group selection.
Filter accounts from Manage Access view (FilterNoisyAccounts) Determines whether to filter out noisy accounts (that is, built-in accounts (Administrators and Users)) from the Manage Access view.
Global agent installation location (GlobalAgentInstallLocation) Specifies the default installation location for deploying Data Governance agents.
Manual FPolicy creation (ManualFPolicyCreation) Determines whether to manually create the FPolicy for a NetApp filer.
Resource Activity database connection string (QAMAuditActivityDBConnectionString) Specifies the connection string to the Data Governance Resource Activity database.
Deployment name (QAMDeploymentId) Specifies the deployment name assigned to the Data Governance Edition deployment.
Oracle deployment: Resource Activity database (QDGDBPlatformOracle)

Indicates whether you are using a SQL Server or Oracle database for the Resource Activity database.

NOTE: Oracle Database support was deprecated beginning with One Identity Manager 8.1. Do not use.

One Identity Manager database connection string (Q1IMDBConnectionString) Specifies the connection string to the One Identity Manager database.
Oracle deployment: One Identity Manager database (Q1IMDBPlatformOracle)

Indicates whether you are using a SQL Server or Oracle database for the One Identity Manager database.

NOTE: Oracle Database support was deprecated beginning with One Identity Manager 8.1. Do not use.

Write default managed resource data to database (ResourceTemplateDefaultData) Indicates whether the default managed resource data is written to the One Identity Manager database.
Agent start/stop timeout (StartStopServiceTimeout) Sets the amount of time to wait for the agent service to start or stop before it times out.
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen