The following resource types are referenced in Data Governance Edition data.
| Value | Resource type |
|---|---|
| 0101 | Windows Computer\Share |
| 0102 | Windows Computer\Local User Rights |
| 0103 | Windows Computer\Operating System Administrative Rights |
| 0201 | NTFS\File |
| 0202 | NTFS\Folder |
| 0301 | Service Identities\Windows Service Identity |
| 0401 | SharePoint\Farm |
| 0402 | SharePoint\FarmAdminRight |
| 0403 | SharePoint\WebAppPolicy |
| 0404 | SharePoint\SiteCollectionAdminRight |
| 0405 | SharePoint\ServiceApplicationPermission |
| 0406 | SharePoint\ResourceItem |
| 0407 | SharePoint\WebApplication |
| 0408 | SharePoint\SiteCollection |
| 0409 | SharePoint\Site |
| 0410 | SharePoint\List |
| 0411 | SharePoint\Folder |
| 0412 | SharePoint\ListItem |
| 0601 | DFS\Link |
| 0701 | NFS\File |
| 0702 | NFS\Folder |
| 0801 | Cloud\File |
| 0802 | Cloud\Folder |
This table lists the types of accounts that Data Governance Edition is aware of.
| Value | Trustee type |
|---|---|
| 1 | Domain User |
| 2 | Domain Group |
| 3 | Domain |
| 4 | Alias |
| 5 | Wellknown |
| 6 | Deleted |
| 7 | Invalid |
| 8 | Unknown |
| 9 | Computer |
| 60000 | Broadway |
| 60001 | Machine Local User |
| 60002 | Machine Local Group |
| 60003 | SharePoint Identifying Claim |
| 60004 | SharePoint Group |
| 60005 | SharePoint Claim |
| 60006 | Unix Owner |
| 60007 | Unix Group |
| 60008 | Unix Other |
| 70001 | Cloud User |
| 70002 | Cloud SPOGroup (that is, SharePoint Online group) |
| 70003 | Cloud ODBGroup (that is, OneDrive for Business group) |
Data Governance Edition provides configuration files for the Data Governance service and the Data Governance agents.
The following Data Governance service configuration settings can be configured in the DataGovernanceEdition.Service.exe.config file in the server directory: %ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Server.
| Configuration setting | Description |
|---|---|
| AgentLeaseRenewPeriod | Sets the agent lease renewal interval. |
| DfsDataSyncInterval | Sets the default DFS synchronization interval. |
| DisablePerceivedOwnershipUpdate | Can be used to disable the automatic perceived owner calculation for governed data. |
| FolderSecurity.UseAdminPathsForShareFolders | Controls how the Data Governance server deals with the security that backs folders. |
| ManagedHostDeleteBatchSize | Defines the batch size used to delete managed hosts and their associated resources and resource activity records from the database. |
| MessagingCacheFolder | Defines the server messaging cache location. |
| Metrics.CollectionIntervalInSeconds | Sets the metrics collection interval. |
| MinimumSupportedModuleMigrationVersion | Specifies the minimum supported module migration version. |
| OracleBulkImportBatchSize | Specifies the number of records to be imported at a time during a bulk import for an Oracle database. |
| PerceivedOwnershipActivityPeriod | Defines the time period (in days) to look for past resource activity to determine perceived owners. |
| PerceivedOwnershipByResourceActivity | Indicates the primary source for calculating perceived owners: resource activity history or security information. |
|
Indicates whether the access control list owner within the target system should be considered as a perceived owner suggestion. | |
| PerceivedOwnershipCalcUpdatesRefreshIntervalMinutes | Sets the perceived ownership update interval. |
| PerceivedOwnershipMaxReturnValue | Defines the maximum number of perceived ownership suggestions returned as a result of calculating perceived owners for a resource. |
| RemoteExecutor.WaitResultTimeout | Defines how long the Data Governance service should wait for results from the RemoteExecutor before timing out. |
| RestServicePort | Sets the communication port for HTTP protocol and REST services. (Communications with PowerShell and One Identity Manager clients and web server.) |
| SuggestedAgentCap | Defines the suggested maximum number of agent instances on a given computer. |
| SyncDomainPasswordInterval | Sets the managed domain and security information cache refresh interval. |
| VerboseHostForTrusteeLogging | Debug setting used to log the complete Alias table used for the query. |
| Configuration setting | Description |
|---|---|
| SelfService.AllowNonPublishedGroups | Indicates whether groups not published to the IT Shop are displayed in self-service web portal. |
| SelfService.AllowUnsychronizedGroups | Indicates whether groups not synchronized with One Identity Manager are displayed in self-service web portal. |
| SelfService.EnableSelfServiceRequest | Indicates whether self-service requests are enabled. |
| SelfService.IncludeSuitabilityTraceInfo | Indicates whether the suitability trace information is to be included as a property in the self-service request results. |
| SelfService.MarkSuitabilityTraceInfo | Indicates whether the suitability integer is to be shown in the user interface when self-service groups are returned. |
| SelfService.MaximumMethodsCount | Defines the maximum number of self-service groups that can be returned for consideration. |
| SelfService.SuitabilityThreshold | Specifies the lowest possible suitability score to be used when returning self-service groups. |
| Configuration setting | Description |
|---|---|
| CollectPoi.CheckFrequencyInMinutes | Sets the stale POI information check interval. |
| CollectPoi.IgnoreChangedResourceSynchronization | Indicates whether the changed resource synchronization should be ignored. |
| CollectPoi.IncludeDeviations | Indicates whether deviations are to be included in POI query. |
| CollectPoi.MaxConcurrentQueries | Defines the maximum number of simultaneous POI queries to be performed. |
| CollectPoi.OverdueThresholdInMinutes | Sets the amount of time before a resource is considered to be overdue for POI collection. |
| CollectPoi.QueryBatchSize | Defines the threshold on which a query is sent to the agent. |
| CollectPoi.QueryTimeoutInMinutes | Sets the amount of time before a POI query expires. |
| CollectPoi.QueryUpperBound | Defines the maximum number of resources to be returned from a POI query. |
| Configuration setting | Description |
|---|---|
|
Allows you to specify additional operating systems so that those hosts can be added as generic managed hosts |
In addition to the server, POI collection, and self-service settings listed above, you will find the following settings in the Data Governance service configuration file:
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy
