Return
-
Title
One Identity Manager Data Governance Edition 7.0.0.1621 Cumulative Hotfix -
Description
About this hotfix
This hotfix addresses error handling and logging issues and provides additional Windows PowerShell® commands to retrieve trustee and account information. The minimum version required for installing this hotfix is One Identity Manager Data Governance Edition 7.0.0.NOTE: This hotfix contains all resolved issues since the general release of One Identity Manager Data Governance Edition 7.0.0.Determining if this hotfix is needed
This hotfix for One Identity Manager Data Governance Edition may receive additional testing. If you are not severely affected by the issues addressed by this hotfix, it is recommended that you wait for the next release of One Identity Manager Data Governance Edition as it will include this hotfix. -
Resolution
Please download One Identity Manager Data Governance Edition 7.0.0.1621 Cumulative Hotfix by Clicking Here.
The following is a list of issues resolved in this hotfix.
NOTE: Not all of the builds mentioned below were public releases; however, you can guarantee that you have the fix if you have a build number greater than or equal to the “Fixed In” build number associated with the Issue ID.
Resolved Issues
Resolved Issue Issue ID Fixed In New and enhanced Windows PowerShell® commands for retrieving trustee and Active Directory account information. For full parameter details, see the command help, using the Get-Help command.
- Get-QHostsForTrustee
This cmdlet was expanded to include the following optional parameter:- -IncludeIndirectAccess: Include indirect access in the results. If not specified, the results include the managed hosts where the specified account has direct access.
- Get-QADAccount
New cmdlet that retrieves Active Directory objects from One Identity Manager and QAM tables: ADSAccount, ADSGroup, ADSOtherSID, QAMLocalUser, and QAMLocalGroup.
The results can be filtered with optional parameters:- Name: The object name.
- Domain: The object domain.
- Get-QAllTrustees
New cmdlet that retrieves all of the entries from the QAMTrustee table.
The results can be filtered with optional parameters:- TrusteeName: The name of the trustee to be searched.
- Domain: The domain of the trustee to be searched.
- Get-QIndexedTrustees
New cmdlet that retrieves all of the entries from the QAMTrustee table who are also listed within the QAMSecurityIndex table, denoting an indexed trustee.
The results can be filtered with optional parameters:- TrusteeName: The name of the trustee to be searched.
- Domain: The domain of the trustee to be searched.
- Get-QAccountAccess
This cmdlet was expanded to include additional SharePoint resource types.
Valid resource types now include: Files, Folders, Shares, LocalOSRights,AdminRights, ServiceIdentities, SharePointResources, SharePointFarmAdminRights, SharePointWebAppPolicies, and SharePointSiteCollectionAdminRights. - Get-QAccountAccessOnHosts
For a given account (Domain\SAMAccountName), this new cmdlet retrieves the account’s resource access across all available hosts. The data retrieved is in the form of:- RightType: The access right type.
- ItemResourceType: The resource type.
- ResourceURI: The URI of the resource to which the trustee has access.
- TrusteeDisplayName: The display name of the trustee.
- TrusteeSid: The SID of the trustee.
- HostName: The host where the resource resides.
- Rights: The specific access rights assigned.
- AppliesTo: What the rights apply to.
- Inheritance: The inheritance type.
There are several parameters for the Get-QAccountAccessOnHosts cmdlet:- -AccountName: (Mandatory) The account name to perform the access report on.
- -AccountDomain: (Mandatory) The account domain to perform the access report on.
- -ManagedHostList: (Optional) Limits the results to the specified managed hosts. If not specified, all managed hosts are included.
- -ResourceTypes: (Optional) Limits the results to the specified resource types: Files, Folders, Shares, LocalOSRights, AdminRights, SharePoint, SharePointResourceItems, SharePointFarmAdminRights, SharePointWebAppPolicies, and SharePointSiteCollectionAdminRights.
If not specified, all resource types are included. - -UriFilterPattern: (Optional) Limits the results to resources whose URI contain the given string.
- -DirectOnly: (Optional) Switch parameter to exclude indirect access to a resource from the results.
- -OutputDirectory: (Optional) An absolute path to a directory where the results are to be saved. If the directory does not exist, it will be created.
- -VerboseLogging: (Optional) Switch parameter to turn on verbose logging.
598375 7.0.0.1620 Improved error handling around DFS enumeration. 598373 7.0.0.1621 Updated internal error handling around resource type mismatch exceptions. 604494 7.0.0.1621 Fixed account access report “[1123010] Missing value for mandatory parameter ManagedHosts” error. 595664
6066887.0.0.1621 Applicability of this hotfix
Product Name Version One Identity Manager Data Governance Edition 7.0.0 and any hotfix build since Installing this hotfix
To install the hotfix
- Run the DataGovernance_ServerComponentInstall_x64.msi (7.0.0.1621) on the computer hosting the Data Governance server.
- Confirm that the Data Governance service is started.
NOTE: No agent upgrade is required.
Verifying successful completion
To determine if this hotfix is installed
- Locate the Quest.Titan.Common.Interfaces.dll in the Data Governance server installation directory (%ProgramFiles%\Dell\Data Governance\Server).
- Right-click the .dll and select Properties.
- Open the Details tab to check the File version (7.0.0.1621) of the assembly.
OR
- Open the “Data Governance Service Log.txt” file (which is also located in the Data Governance server
installation directory). - Check for the latest entry with the header “Message: Server startup - Logging file versions”.
You should see file version 7.0.0.1621 listed for many of the files.
Removing this hotfix
To remove this hotfix- Use Add-Remove Programs to remove Quest One Identity Manager Data Governance Server 7.0.0.1621.
- Redeploy an older version of Data Governance Edition if required.
- Get-QHostsForTrustee