Managed domain deployment
Before you can gather information on the data in your enterprise, you must specify the domain that contains the computers and data that you want to manage. Then assign the service account to access the resources within them.
The following commands are available to you to deploy managed domains. For full parameter details and examples, click a command hyperlink in the table or see the command help, using the Get-Help command.
Add-QManagedDomain
Adds a new domain to the Data Governance Edition deployment.
The Data Governance server constructs an in-memory map of the Active Directory forest and domain structure where it is deployed. Administrators responsible for the Data Governance Edition deployment must register Service Accounts with the system and link them with domains. The link between a Service Account and an Active Directory domain makes it a "managed domain".
Note: Only domains that have been previously synchronized into the One Identity Manager database are available to be managed by Data Governance Edition.
Syntax:
Add-QManagedDomain [-ServiceAccountID] <String> [-DomainName] <String> [<CommonParameters>]
Table 142: Parameters
| ServiceAccountID |
Specify the ID (GUID format) of the service account that will manage the domain.
Run the Get-QServiceAccounts cmdlet to retrieve a list of all service accounts registered with your Data Governance Edition deployment. |
| DomainName |
Specify the DNS name of the domain to be added as a managed domain. |
Examples:
Table 143: Examples
| Add-QManagedDomain -ServiceAccountID 7dd2eb51-e1cb-47f2-8c76-093fd4e0459e -DomainName mydomain.local |
Adds a new managed domain. |
Get-QManagedDomains
Retrieves information, including the service account and managed domain IDs, for a managed domain from the Data Governance Edition deployment.
Syntax:
Get-QManagedDomains [-ManagedDomainId [<String>]] [<CommonParameters>]
Table 144: Parameters
| ManagedDomainId |
(Optional) Specify the ID (GUID format) of the managed domain to be retrieved. |
Examples:
Table 145: Examples
| Get-QManagedDomains |
Returns all managed domains in the database. |
| Get-QManagedDomains -ManagedDomainId 50905871-5379-455d-8b65-c4bd02360bdb |
Returns information on the specified managed domain. |
Details retrieved:
Table 146: Details retrieved
| ManagedDomainID |
The value (GUID) assigned to the managed domain. (UID_ADSDomain) |
| DomainDnsName |
The full DNS name of the managed domain. (ADSDomainName) |
| ForestDnsName |
The full DNS name of the forest where the domain resides. (UID_ADSForest) |
| Status |
The status of the managed host, based on all the agents monitoring the host. |
| NetbiosName |
The Netbios name of the managed domain. |
| DomainSid |
The security identifier (SID) assigned to the managed domain. |
| ServiceAccountId |
The value (GUID) of the service account assigned to the managed domain. (UID_QAMServiceAccount) |
| AccessGroupSid |
Deprecated. |
| ServiceAccountInfo |
The name of the service account assigned to the managed domain. |
| DomainControllerName |
The name of the domain controller hosting the managed domain. |
| ExtendedRightsCreated |
Indicates whether extended rights were created by Data Governance Edition in the Active Directory environment. |
Remove-QManagedDomain
Removes a managed domain from the Data Governance Edition deployment.
Note: Remove all managed hosts associated with a managed domain BEFORE removing a managed domain. Run the Remove-QManagedHost cmdlet to remove a managed host.
Syntax:
Remove-QManagedDomain [-ManagedDomainId] <String> [<CommonParameters>]
Table 147: Parameters
| ManagedDomainId |
Specify the ID (GUID format) of the managed domain to be removed.
Run the Get-QManagedDomains cmdlet without any parameters to retrieve a list of managed domains, including the managed domain ID. |
Examples:
Table 148: Examples
|
Remove-QManagedDomain -ManagedDomainId 830b1e48-c682-4d3e-965c-d96ee6db6262 |
Removes the specified managed domain from Data Governance Edition. |
