Chat now with support
Chat mit Support

Identity Manager Data Governance Edition 8.1.1 - Deployment Guide

Introduction Data Governance Edition system requirements Install One Identity Manager Data Governance Edition Deploy Data Governance Edition components Post installation configuration Authentication using service accounts and managed domains Working with managed hosts and agents Upgrade Data Governance Edition Remove Data Governance Edition Troubleshooting Appendix: NetApp managed host deployment Appendix: EMC managed host deployment Appendix: SharePoint managed host deployment

Data Governance service

Table 1: Data Governance service
Service Name DataGovernanceService
Display Name One Identity Manager Data Governance Edition Service
Description The central authority that receives and indexes information from agent services. Acts as the intermediary between the agents and the databases where information is stored.
Default Path %ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Server\DataGovernanceEdition.Service.exe
Startup Type Automatic
Exe Name DataGovernanceEdition.Service.exe

Data Governance agent

Table 2: Data Governance agent service
Service Name

The service name varies depending on the host type:

  • Local: DGE_<DeploymentName>_LocalHost
  • SharePoint farm: DGE_<DeploymentName>_Sharepoint_<nn>

    Where <nn> is the number appended to the service name when multiple agent services are being used to manage a SharePoint farm.

  • Remote: DGE_<DeploymentName>_<FQDN of managed host>

    Where the periods in the FQDN are replaced with underscores.

  • NFS: DGE_<DeploymentName>_NFS_<ManagedHostName>
  • SharePoint Online: DGE_<DeploymentName>_SharePointOnline_<Office 365 Domain>
  • OneDrive for Business: DGE_<DeploymentName>_OneDriveBusiness_<Office 365 Host>
Display Name

The display name varies depending on the host type:

  • Local: One Identity Manager Data Governance Edition - Local Agent
  • SharePoint farm: One Identity Manager Data Governance Edition - SharePoint Agent - <nn>

    Where <nn> is the number appended to the display name when multiple agent services are being used to manage a SharePoint farm.

  • Remote: One Identity Manager Data Governance Edition - Agent for <HostName/DNSName>
  • NFS: One Identity Manager Data Governance Edition - Agent for NFS_<ManagedHostName>
  • SharePoint Online: One Identity Manager Data Governance Edition - SharePointOnline (<Office 365 Domain>)
  • OneDrive for Business: One Identity Manager Data Governance Edition - OneDriveBusiness (<Office 365 Domain>)
Description Provides capabilities for indexing and managing resources for Data Governance Edition.
Default Path %ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Agent Services\DataGovernance.Agent.exe
Startup Type Automatic (Delayed Start)
Exe Name DataGovernance.Agent.exe

One Identity Manager service

Note: The One Identity Manager service refers to a One Identity Manager network server that is declared as a "job server" in the One Identity Manager database to handle the processing of tasks.

Table 3: One Identity Manager service (job server)
Service Name OneIMService
Display Name One Identity Manager Service
Description The job server is used to process some of the Data Governance Edition report requests from the web portal.
Default Path %ProgramFiles%\One Identity\One Identity Manager\viNetworkService.exe
Startup Type Automatic
Exe Name viNetworkService.exe

Deployment overview

The following activities must be performed to have a fully functional Data Governance Edition deployment:

  • Install One Identity Manager Data Governance Edition
  • Create and configure the One Identity Manager database
  • Install and configure the One Identity Manager service (job server)

  • Run the Data Governance Configuration wizard to:
    • Deploy the Data Governance server
    • Create the Data Governance Resource Activity database
  • Configure the Data Governance service accounts for managed domains
  • Add managed hosts and deploy agents
  • Install the web portal

NOTE: New in 7.0: Active Directory synchronization via the One Identity Manager service (job server) is not required for managed host deployment.

In the absence of One Identity Manager target system synchronization, the Data Governance service automatically harvests the forest topology. It creates Employee records for all members found in each domain's Domain Admins group and for the current account running the Data Governance configuration wizard. It also links these accounts to the correct Data Governance application roles, which allows you to add managed hosts and deploy agents.

When additional One Identity Manager functionality is required, including generating complete Data Governance Edition reports, perform the following steps:

  • Run the One Identity Manager Synchronization Editor to synchronize your target environments (Active Directory, and if applicable, SharePoint and Unix).

    IMPORTANT: Active Directory synchronization MUST be complete before starting the SharePoint synchronization.

  • Assign Data Governance application roles to Employees.
Verwandte Dokumente