Before you can gather information on the data in your enterprise, you must set up and configure the Data Governance Edition components. Open the Manager application to configure the following Data Governance Edition components:
Service accounts
Add and assign the credentials (service account) to ensure that you can access resources on the computers within the domain. For more information, see Authentication using service accounts and managed domains.
Managed domains
Assign a service account to the domains that contain the computers hosting the data you want to manage. This link between a service account and an Active Directory domain makes it a "managed domain." For more information, see Readying a service account and domains for deployment.
Managed hosts
Add managed hosts which are network objects that can host resources and can be assigned an agent to monitor security and collect resource activity. For more information, see Working with managed hosts and agents.
In order to process some of the Data Governance Edition report requests and to process self-service requests for governed data from the web portal, a One Identity manager service must be running as an account that is able to access the Data Governance service (that is, either a Data Governance service account or an account mapped to an employee with the appropriate One Identity Manager application roles). The job servers that host these One Identity Manager services must be marked in the database with the "Data Governance connector" flag using the job server editor in the Designer application.
To set the connector flag in the database
To get a complete view of your environment, you must first run the One Identity Manager Synchronization Editor to configure the synchronize between the One Identity Manager database and your target environments (Active Directory and if applicable, SharePoint, UNIX, Azure Active Directory, and SharePoint Online).
Run the One Identity Manager Synchronization Editor to set up a synchronization project to load Active Directory objects into the One Identity Manager database.
For more information, see Setting up synchronization with an Active Directory environment in the One Identity Manager Administration Guide for Connecting to Active Directory.
If applicable, once your Active Directory synchronization projects have completed, set up a synchronization project to load SharePoint objects into the One Identity Manager database.
|
Important: Active Directory synchronization MUST be complete before beginning the SharePoint synchronization project. |
For more information, see Setting up synchronization with a SharePoint environment in the One Identity Manager Administration Guide for Connecting to SharePoint.
Azure Active Directory to configure the synchronization between the One Identity Manager database and Azure Active Directory.
|
NOTE: To have One Identity Manager automatically create employees for Azure Active Directory users at synchronization time, ensure that the TargetSystem | AzureAD | PersonAutoFullSync configuration setting is set to SEARCH AND CREATE. If this configuration setting is set to NO, use the Designer to change it BEFORE you run the Azure Active Directory synchronization project. |
For more information on setting up a synchronization project for an Azure Active Directory tenant, see the One Identity Manager Administration Guide for Azure Active Directory.
SharePoint Online to configure the synchronization of data between the SharePoint Online database and the One Identity Manager Service.
|
NOTE: Azure Active Directory synchronization MUST be complete before beginning the SharePoint Online synchronization project. |
For more information, see the One Identity Manager Administration Guide for Connecting to SharePoint Online.
In order to assign ownership to an NFS Export resource, ensure that an Active Directory employee is assigned to the UNIX account.
To assign a One Identity Manager Employee to a UNIX account
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback 이용 약관 개인정보 보호정책