Please download One Identity Manager Data Governance Edition 6.1.2.1030 Cumulative Hotfix by Clicking Here.
The following is a list of issues resolved in this hotfix.
NOTE: Not all of the builds mentioned below were public releases; however, you can guarantee that you have the fix if you have a build number greater than or equal to the “Fixed In” build number associated with the Issue ID.
Resolved Issues
Resolved Issue | Issue ID | Fixed In |
Improved error handling around database connection validation. | 463404 | 6.1.2.1007 |
Improved error handling and logging around the Managed Access view in the Manager for an Active Directory account. | 458416 | 6.1.2.1008 |
Share-based groups are now available in the web portal. | 486834 | 6.1.2.1014 |
Updated Data Governance log entries to write null values. | 487475 | 6.1.2.1016 |
Fixed unhandled COMException that occurred when opening the Managed Access view for an orphaned user. | 502929 | 6.1.2.1018 |
Fixed Resource Access reports that were showing up blank in the Manager when the underlying agent was not in the Data Available state. | 509028 | 6.1.2.1019 |
New and enhanced Windows PowerShell® commands for retrieving trustee and Active Directory account information. For full parameter details, see the command help, using the Get-Help command. - Get-QHostsForTrustee
This cmdlet was expanded to include the following optional parameter:- -IncludeIndirectAccess: Include indirect access in the results. If not specified, the results include the managed hosts where the specified account has direct access.
- Get-QADAccount
New cmdlet that retrieves Active Directory objects from One Identity Manager and QAM tables: ADSAccount, ADSGroup, ADSOtherSID, QAMLocalUser, and QAMLocalGroup.
The results can be filtered with optional parameters:- Name: The object name.
- Domain: The object domain.
- Get-QAllTrustees
New cmdlet that retrieves all of the entries from the QAMTrustee table.
The results can be filtered with optional parameters:- TrusteeName: The name of the trustee to be searched.
- Domain: The domain of the trustee to be searched.
- Get-QIndexedTrustees
New cmdlet that retrieves all of the entries from the QAMTrustee table who are also listed within the QAMSecurityIndex table, denoting an indexed trustee.
The results can be filtered with optional parameters:- TrusteeName: The name of the trustee to be searched.
- Domain: The domain of the trustee to be searched.
- Get-QAccountAccess
This cmdlet was expanded to include additional SharePoint resource types.
Valid resource types now include: Files, Folders, Shares, LocalOSRights,AdminRights, ServiceIdentities, SharePointResources, SharePointFarmAdminRights, SharePointWebAppPolicies, and SharePointSiteCollectionAdminRights. - Get-QAccountAccessOnHosts
For a given account (Domain\SAMAccountName), this new cmdlet retrieves the account’s resource access across all available hosts. The data retrieved is in the form of:- RightType: The access right type.
- ItemResourceType: The resource type.
- ResourceURI: The URI of the resource to which the trustee has access.
- TrusteeDisplayName: The display name of the trustee.
- TrusteeSid: The SID of the trustee.
- HostName: The host where the resource resides.
- Rights: The specific access rights assigned.
- AppliesTo: What the rights apply to.
- Inheritance: The inheritance type.
There are several parameters for the Get-QAccountAccessOnHosts cmdlet:- -AccountName: (Mandatory) The account name to perform the access report on.
- -AccountDomain: (Mandatory) The account domain to perform the access report on.
- -ManagedHostList: (Optional) Limits the results to the specified managed hosts. If not specified, all managed hosts are included.
- -ResourceTypes: (Optional) Limits the results to the specified resource types: Files, Folders, Shares, LocalOSRights, AdminRights, SharePoint, SharePointResourceItems, SharePointFarmAdminRights, SharePointWebAppPolicies, and SharePointSiteCollectionAdminRights.
If not specified, all resource types are included. - -UriFilterPattern: (Optional) Limits the results to resources whose URI contain the given string.
- -DirectOnly: (Optional) Switch parameter to exclude indirect access to a resource from the results.
- -OutputDirectory: (Optional) An absolute path to a directory where the results are to be saved. If the directory does not exist, it will be created.
- -VerboseLogging: (Optional) Switch parameter to turn on verbose logging.
| 592697 | 6.1.2.1026 |
New agent deliverables. | | 6.1.2.1026 |
Improved error handling around DFS enumeration. | 598373 | 6.1.2.1029 |
Updated PowerShell help file. | 598375 | 6.1.2.1030 |
Applicability of this hotfix
Product Name | Version |
One Identity Manager Data Governance Edition | 6.1.2 and any hotfix build since |
Installing this hotfix
NOTE: The following steps are for Data Governance Edition version 6.1.2. If you are upgrading a previous version, refer to the Quest One Identity Manager Data Governance Edition Deployment Guide and follow the steps outlined in Upgrade Quest One Identity Manager Data Governance Edition to Version 6.1 and use the msi provided with this hotfix.
NOTE: If you have the Quest One Identity Manager Data Governance Edition Server Classification Extension installed, uninstall this module before upgrading the Data Governance server, and reinstall it prior to upgrading the Data Governance agents.
To install the hotfix
- Run the DataGovernance_ServerComponentInstall_x64.msi (6.1.2.1030) on the computer hosting the Data Governance server.
- Confirm that the Data Governance service is started.
NOTE: No agent upgrade is required.
Verifying successful completion
To determine if this hotfix is installed
- Locate the Quest.Titan.Common.Interfaces.dll in the Data Governance server installation directory
(%ProgramFiles%\Quest Software\Data Governance\Server). - Right-click the .dll and select Properties.
- Open the Details tab to check the File version (6.1.2.1030) of the assembly.
OR
- Open the “Data Governance Service Log.txt” file (which is also located in the Data Governance server
installation directory). - Check for the latest entry with the header “Message: Server startup - Logging file versions”.
You should see file version 6.1.2.1030 listed for many of the files.
Removing this hotfix
To remove this hotfix
- Use Add-Remove Programs to remove Quest One Identity Manager Data Governance Server 6.1.2.1030.
- Redeploy an older version of Data Governance Edition if required.