Chat now with support
Chat mit Support

Identity Manager Data Governance Edition 8.1.1 - Technical Insight Guide

Introduction Data Governance Edition Network Communications Data Governance service Data Governance agents Resource activity collection in Data Governance Edition Cloud managed hosts permission level to role mapping QAM module tables Configurable configuration file settings
Data Governance service configuration file settings Data Governance agent configuration file settings
Configurable registry settings PowerShell commands
Adding the PowerShell snap-ins Finding component IDs Data Governance Edition deployment Service account management Managed domain deployment Agent deployment Managed host deployment Account access management Resource access management Governed data management Classification management

Clear-QResourceActivity

Clears the resource activity for a given managed host. This enables you to remove activity data from the Data Governance Resource Activity database on demand when it is no longer required.

Note: Once activity data is cleared from the database, it cannot be recovered.

Syntax:

Clear-QResourceActivity [-ResourceNodeId] <Int32> [<CommonParameters>]

Table 161: Parameters
Parameter Description
ResourceNodeId

Specify the resource node ID of the managed host for which resource activity is to be cleared. This ID is used to link the managed host back to the activity database.

NOTE: Run the Get-QManagedHosts cmdlet to retrieve a list of managed hosts and associated IDs.
Examples:
Table 162: Examples
Example Description
Clear-QResourceActivity -ResourceNodeId 21 Clears the resource activity from the database for the specified managed host.

Get-QHostsForTrustee

Returns a selected user or group's access on all managed hosts in your environment.

Syntax:

Get-QHostsForTrustee [-TrusteeSid] <String> [-IncludeIndirectAccess] [<SwitchParameter>]] [<CommonParameters>]

Table 163: Parameters
Parameter Description
TrusteeSid Specify the security identifier (SID) of the account (trustee) whose access you are interested in.
IncludeIndirectAccess

(Optional) Specify this parameter if you want to include indirect access in the results.

If this parameter is not specified, the results only includes the managed hosts where the specified account has direct access.

Examples:
Table 164: Examples
Example Description
Get-QHostsForTrustee -TrusteeSid S-1-5-21-3765505745-248418262-535198764-500 Returns a list of the managed hosts where the specified account has direct access.
Details retrieved:
Table 165: Details retrieved
Detail Description
HostName The name of the host to which the account has access.
HostDomainName The full domain name of the domain to which the managed host computer belongs.
ManagedHostId The value (GUID) assigned to the managed host computer.
ResourceType The type of resource to which the account has access.
ViaAccount For indirect access, the name of the account through which access is being granted.

Get-QManagedHosts

Retrieves a list of managed hosts currently registered with the Data Governance server.

Syntax:

Get-QManagedHosts [-HostName [<String>]] [-ManagedHostId [<String>]] [<CommonParameters>]

Table 166: Parameters
Parameter Description
HostName (Optional) Specify the pre-Windows 2000 name for the host to be retrieved.
ManagedHostId

(Optional) Specify the ID (GUID format) of the managed host to be retrieved.

NOTE: Run this cmdlet without any parameters to retrieve a list of available managed hosts and their IDs.
Examples:
Table 167: Examples
Example Description
Get-QManagedHosts Retrieves a list of all the managed hosts for a given Data Governance Edition deployment.
Get-QManagedHosts -HostName QAMAUTOMEM2 Retrieves the details for the selected managed host.
Details retrieved:
Table 168: Details retrieved
Detail Description (Associated key or property in QAMManagedHosts table)
Agents

The name and ID (GUID) of agents installed on the managed host.

Agents is an array that can be expanded to display the following details about each agent:

  • Id
  • ManagedHostId
  • Management
  • AgentComputer
  • AgentComputerDnsName
  • AgentComputerActiveDirectorySid
  • AgentComputerManagedDomainId
  • AgentDetails
  • UserNotes
  • PublicKey
  • ServiceAccountId
  • IsPrimaryAgent
  • ConfigurationSettings - this is an array that can be expanded to display the individual configuration settings for the agent.
  • ScannerStates
  • LastDugUpdateTimestamp
  • BelongsToAnotherDeployment
ManagedHostId The value (GUID) assigned to the managed host computer (ManagedHostId).
ManagedHostSid The security identifier (SID) assigned to the managed host computer (ManagedHostSid).
ComputerSamSid Deprecated.
ManagedDomainId The value (GUID) assigned to the managed domain in which the managed host belongs (ManagedDomainId).
HostName The name of the host (HostName).
DfsRoot For DFS managed hosts, the value (GUID) assigned to the dfs root to be scanned (DfsRoot).
SamAccountName The login name for the managed host computer (SAMAccountName).
HostDnsName The full DNS name of the managed host computer (HostDnsName).
HostDomainName The full domain name of the domain to which the managed host computer belongs (HostDomainName).
SiteName If available, the name of the site to which the managed host belongs.
HostType

The physical configuration of the host (HostType).

Management

Indicates whether the host is managed by a local or remote agent (Management):

  • Local
  • Remote
Features

The features that a given managed host supports and will allow, such as SecurityIndex and ResourceManagement.

Status The status of the managed host, based on all the agents monitoring the host.
Internal Status The status of the managed host, based on all the agents monitoring the host.
ResourceNodeId

The ID used to link the managed host back to the activity database (ResourceNodeId).

NOTE: The ResourceNodeId is used in the Clear-QResourceActivity cmdlet.
Keywords Optional keywords entered when the managed host was added to Data Governance Edition (Keywords).
HostContainerId Deprecated.
SharePointFarmId For SharePoint managed hosts, the value (GUID) assigned to the SharePoint farm to be scanned (SharePointFarmId).
SharePointFarmObjectGuid For SharePoint managed hosts, the value (GUID) assigned to the SharePoint object to be scanned (SharePointFarmObjectGuid).
IsManagedResourceHost

Indicates whether this managed host can be used to host managed resources (for example, file shares created through the IT Shop self-service request functionality):

  • False: Can not host a managed resource.
  • True: Can host a managed resource.
ApiUserName

The user account used to connect to the target NAS storage device.

NOTE: Only applies to NFS managed hosts and NetApp OnTap Cluster Mode CIFS managed hosts.
ApiPortNumber

The destination port used for communication between the agent and the target NAS storage device.

NOTE: Only applies to NFS managed hosts and NetApp OnTap Cluster Mode CIFS managed hosts.
ResourceActivityTrackingSupported

Indicates whether resource activity collection is enabled.

IsNfsHost

Indicates whether this is an NFS managed host.

IsEmcHost

Indicates whether this is an EMC managed host.

IsNetAppHost

Indicates whether this is a NetApp managed host.

Remove-QManagedHost

Removes a managed host from the list of registered managed hosts.

Note: When unregistered, any agent instances associated with the managed host are also removed. If a computer no longer hosts any agent instances, the Data Governance agent software is also removed.

Syntax:

Remove-QManagedHost [-ManagedHostIds] <String[]> [[-DeleteDuGFirst] [<SwitchParameter>]] [[-SkipAgentUninstall] [<SwitchParameter>]] [<CommonParameters>]

Table 169: Parameters
Parameter Description
ManagedHostIds

Specify one or managed hosts to be deleted. If you specify multiple managed host ids, separate then with commas.

NOTE: Run the Get-QManagedHosts cmdlet without any parameters to retrieve a list of available managed hosts and their IDs.

DeleteDuGFirst (Optional) Specify this parameter if you want to remove the entry in the QAMDuG table prior to removing the specified managed hosts.
SkipAgentUninstall (Optional) Specify this parameter if you want to force the removal of the managed host from the One Identity Manager database, without uninstalling the managed host's agent.

If this parameter is not specified, the agent will be removed as part of the host removal process.

Examples:
Table 170: Examples
Example Description
Remove-QManagedHost -ManagedHostIds A293B96E-9620-4879-8FC7-FB3393E72768 Removes a single managed host from the Data Governance Edition deployment.
Remove-QManagedHost -ManagedHostIds 29F1D9AD-C87A-4F82-830C-0A7CD1088D84,E4A0B8B8-F021-4509-9648-B4C313E542C0 Removes two managed hosts from the Data Governance Edition deployment.
Verwandte Dokumente