サポートと今すぐチャット
サポートとのチャット

Identity Manager Data Governance Edition 8.1.5 - Technical Insight Guide

One Identity Manager Data Governance Edition Technical Insight Guide Data Governance Edition network communications Data Governance service Data Governance agents Resource activity collection in Data Governance Edition Cloud managed hosts permission level to role mapping QAM module tables Configurable configuration file settings
Data Governance service configuration file settings Data Governance agent configuration file settings
Configurable registry settings PowerShell commands
Adding the PowerShell snap-ins Finding component IDs Data Governance Edition deployment Service account management Managed domain deployment Agent deployment Managed host deployment Account access management Resource access management Governed data management Classification management

Set-QDataUnderGovernance

Places a resource under governance.

Syntax:

Set-QDataUnderGovernance [-ManagedHostId] <String> [-ResourceType] <String> [-ResourceUri] <String> [[-DisplayPath] [<String>]] [[-EmployeeName] [<String>]] [[-EmployeeId] [<String>]] [[OwnerRoleFullPath] [<String>]] [[-OwnerRoleId] [<String>]] [[-PublishToITShop] [<Boolean>]] [[-UseBackingFolderSecurity] [<SwitchParameter>]] [[-Reset] [<SwitchParameter>]] [[-SharePointDisplayPath] [<String>]] [[-ManagedResourceId] [<String>]] [<CommonParameters>]

Table 245: Parameters
Parameter Description
ManagedHostId

Specify the ID (GUID format) of the managed host where the resource to be placed under governance is located.

Run the Get-QManagedHosts cmdlet without any parameters to retrieve a list of available managed hosts and their IDs.

ResourceType

Specify the type of resource to be placed under governance. Valid values include:

  • None
  • FolderType
  • ShareType
  • LocalRightType
  • AdminRightType
  • QamDeploymentType
  • WindowsServiceIdentityType
  • SharePointResourceItemType
  • SharePointWebApplicationType
  • SharePointSiteCollectionType
  • SharePointSiteType
  • SharePointListType
  • SharePointFolderType
  • SharePointListItemType
  • SharePointSiteCollectionAdminRightType
  • SharePointFarmAdminRightType
  • SharePointWebAppPolicyType
  • SharePointServiceApplicationPermissionType
  • SharePointFarmType
  • DFSLinkType
  • NFSFolderType
  • Cloud\Folder
ResourceUri

Specify the Uri for the resource to be placed under governance.

For NTFS files and folders, use the form: \\MACHINE\$DRIVELETTER\PathToResource

For SharePoint, enter the FARM GUID, Site collection GUID (that is, sp://titan/0ee296d6-dea5-4f4d-950f-27c06458cad1/57947f70-c2b0-4d76-a8b3-ac54fa5bb4ab/203a4c04-4f0e-4d6a-84a7-c2ef0a3f02e3/Dereks%20Site/Shared%20Documents/SharePoint/desktop.ini)

DisplayPath (Optional) Specify the path of the resource to be displayed in the Manager. This is useful for long paths.

EmployeeName

(Optional) Specify the name of the employee who is set as the business owner of the current governed resource.

NOTE: Specify only one of the following parameters: EmployeeName, EmployeeId, OwnerRoleFullPath, or OwnerRoleId.

EmployeeId

(Optional) Specify the ID (GUID format) of the employee who is set as the business owner of the current governed resource.

NOTE: Specify only one of the following parameters: EmployeeName, EmployeeId, OwnerRoleFullPath, or OwnerRoleId.

OwnerRoleFullPath

(Optional) Specify the full path of the application role who is set as the business owner of the current governed resource.

NOTE: Specify only one of the following parameters: EmployeeName, EmployeeId, OwnerRoleFullPath, or OwnerRoleId.

OwnerRoleId

(Optional) Specify the ID (GUID format) of the application role who is set as the business owner of the current governed resource.

NOTE: Specify only one of the following parameters: EmployeeName, EmployeeId, OwnerRoleFullPath, or OwnerRoleId.

PublishToITShop

(Optional) Specify this parameter to place the resource under governance and add it to the IT Shop.

Valid values are:

  • 0 or $false: Do not publish the resource to the IT Shop. (Default)
  • 1 or $true: Publish the resource to the IT Shop.
UsingBackingFolderSecurity

(Optional) Specify this parameter to indicate the security for the backing folder is to be used.

Reset

(Optional) Specify this parameter to indicate whether you want to reset the governed resource record if it already exists in the database.

Valid values are:

  • 0 or $false: do not reset the existing QAMDuG entry in the database. (Default)
  • 1 or $true: reset the existing QAMDuG entry in the database with the new values specified in this cmdlet.
SharePointDisplayPath (Optional) Specify the readable SharePoint path (that is, SharePoint_ConfigVmset6/SharePoint - 80/Site/Shared Documents/SharePoint) to be displayed in the Manager.
ManagedResourceId (Optional) Specify this parameter to link the QAMDuG entry to a QAMManagedResource record in the database.
Examples:
Table 246: Examples
Example Description

Set-QDataUnderGovernance -managedhostid 68CD6FFC-BA2C-4F8E-8C34-70D2C1C1995A -ResourceType "NTFS\Folder" -ResourceUri \\qamautomem1\C$\autoroot\DUG\Folder2

This example places the resource \\qamautomem1\C$\autoroot\DUG\Folder2 under governance for the managed host identified by 68CD6FFC-BA2C-4F8E-8C34-70D2C1C1995A.

Set-QDataUnderGovernance -managedhostid 68CD6FFC-BA2C-4F8E-8C34-70D2C1C1995A -ResourceType "NTFS\Folder" -ResourceUri \\qamautomem1\C$\autoroot\DUG\Folder2 -EmployeeName "Admin, Admin" -Reset $true

This example places the resource \\qamautomem1\C$\autoroot\DUG\Folder2 under governance for the managed host identified by 68CD6FFC-BA2C-4F8E-8C34-70D2C1C1995A. It also sets the employee whose name is "Admin, Admin" as the business owner of this governed resource. If this governed resource already exists, it would be reset.

Set-QDataUnderGovernance -managedhostid 68CD6FFC-BA2C-4F8E-8C34-70D2C1C1995A -ResourceType "NTFS\Folder" -ResourceUri \\qamautomem1\C$\autoroot\DUG\Folder2 -OwnerRoleId "81d50b9e-7ab6-43c0-8016-da972e633303" -Reset $true

This example places the resource \\qamautomem1\C$\autoroot\DUG\Folder2 under governance for the managed host identified by 68CD6FFC-BA2C-4F8E-8C34-70D2C1C1995A. It also sets the role whose Id is "81d50b9e-7ab6-43c0-8016-da972e633303" as the business owner of this governed resource. If this governed resource already exists, it would be reset.

Set-QDataUnderGovernance -managedhostid ca990043-8ffc-4eea-8e11-179a1d3505af -ResourceType SharePoint\ListItem -ResourceURI 'sp://titan/0ee296d6-dea5-4f4d-950f-27c06458cad1/57947f70-c2b0-4d76-a8b3-ac54fa5bb 3a4c04-4f0e-4d6a-84a7-c2ef0a3f02e3/Dereks%20Site/Shared%20Documents/SharePoint/desktop.ini' -Displaypath SharePoint_ConfigVmset6/SharePoint - 80/Dereks Site/Dereks Site/Shared Documents/SharePoint/desktop.ini'

This example places the resource sp://titan/0ee296d6-dea5-4f4d-950f-27c06458cad1/57947f70-c2b0-4d76-a8b3-ac54fa5bb4ab/203a4c04-4f0e-4d6a-84a7-c2ef0a3f02e3/Dereks%20Site/Shared%20Documents/SharePoint/desktop.ini under governance for the managed host identified by ca990043-8ffc-4eea-8e11-179a1d3505af.

Set-QSelfServiceClientConfiguration

Sets the options available for self-service requests within the IT Shop.

Syntax:

Set-QSelfServiceClientConfiguration [-MaximumMethodsCount] <Int32> [-EnableSelfServiceAccessRequest] <Boolean> [-AllowNonPublishedGroups] <Boolean> [-AllowUnsynchronizedGroups] <Boolean> [<CommonParameters>]

Table 247: Parameters
Parameter Description
MaximumMethodsCount Specify the maximum number of groups that are to be returned from a call to the GetMethodsToSatisfyRequest.
EnableSelfServiceAccessRequest

Specify whether self-service access requests are to be enabled in the IT Shop.

Valid values are:

  • 0: Disable self-service access requests
  • 1: Enable self-service access requests
AllowNonPublishedGroups

Specify whether groups that have not been published to the IT Shop are to be included in self-service access requests.

Valid values are:

  • 0: Unpublished groups will not be available for self-service access requests in the IT Shop.
  • 1: Unpublished groups will be available for self-service access requests in the IT Shop.
AllowUnsynchronizedGroups

Specify whether groups that have not been synchronized with One Identity Manager are to be included in self-service requests.

Valid values are:

  • 0: Unsynchronized groups will not be available for self-service access requests in the IT Shop.
  • 1: Unsynchronized groups will be available for self-service access requests in the IT Shop.
Examples:
Table 248: Examples
Example Description

Set-QSelfServiceClientConfiguration -MaximumMethodsCount 1 -EnableSelfServiceAccessRequest 1 -AllowNonPublishedGroups 1 -AllowUnsynchronizedGroups 1

Sets the self-service client configuration information:

  • Enabling self-service access requests
  • Making unpublished groups available for self-service access requests in the IT Shop
  • Making unsynchronized groups available for self-service access requests in the IT Shop

Trigger-QDataUnderGovernanceCollection

Triggers data collection on the governed resources for a specific managed host.

Syntax:

Trigger-QDataUnderGovernanceCollection [-ManagedHostId] <String> [<CommonParameters>]

Table 249: Parameters
Parameter Description
ManagedHostId

Specify the ID (GUID format) of the managed host where data collection is to take place.

Run the Get-QManagedHosts cmdlet without any parameters to retrieve a list of available managed hosts and their IDs.

Examples

Table 250: Examples
Example Description
Trigger-QDataUnderGovernanceCollection -ManagedHostId d589359a-8c51-4de0-8dcf-6b463793b0bf Triggers the collection of access information for resources under governance.

Upgrade-QDataUnderGovernanceRecords

Upgrades the format of existing governed data in the database after an upgrade from Version 6.1.1 or earlier.

Note: This is a requirement for upgrading to Data Governance Edition Version 6.1.2 or 6.1.3.

Syntax:

Upgrade-QDataUnderGovernanceRecords [<CommonParameters>]

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択