Chat now with support
Chat with Support

Identity Manager Data Governance Edition 8.0 - Deployment Guide

Introduction Data Governance Edition system requirements Install One Identity Manager Data Governance Edition Deploy Data Governance Edition components Post installation configuration Authentication using service accounts and managed domains Working with managed hosts and agents Upgrade Data Governance Edition Remove Data Governance Edition Troubleshooting Appendix: NetApp managed host deployment Appendix: EMC managed host deployment Appendix: SharePoint managed host deployment About us

Cannot add security index roots to my EMC server

Cannot add managed paths to my EMC server

Probable cause

When adding managed paths for an EMC server, you may receive the following error:
Resource: \\Server_Name\, Error Message: The network path was not found. NetAPI32 Error: 53.

This error means that Data Governance Edition could not resolve the EMC server or any of the shares of the server.

Resolution

Review and verify that the DNS settings are up-to-date, ensure you can ping the EMC server, ensure that the proper ports are open, etc.

Reboot the server having the problem and try again.

No activity data

When you run a Resource Activity, Account Activity, or Perceived Owner report, you may not immediately see an action in the report that you know you have performed.

Probable cause
  • There is lag time between when an action occurs, such as a file read or write, and when the data is sent from the agent to the server. This delay is dependent upon the following:
    • The aggregation setting on the Resource Activity page of the Managed Host Settings dialog
    • The update schedule. By default, resource activity is synchronized into the One Identity Manager database, once a day, after the first initial synchronization. The initial synchronization happens a few minutes after resource activity collection is enabled. This update schedule is controlled by a Data Governance server configuration setting (PerceivedOwnershipCalcUpdateRefreshIntervalMinutes). See the One Identity Manager Data Governance Edition Technical Insight Guide for more information on this configuration file setting.
    • Various internal processes.
  • It is possible that you did not have resource activity collection enabled for that managed path during the time span covered in the report.
  • If you have enabled resource activity collection, it is possible you have excluded some accounts, files or folders where the activity occurred.
  • If Quest Change Auditor is installed and you are collecting resource activity directly from Change Auditor, Change Auditor may not be capturing the events you are expecting.
Resolution
  • Verify the managed host type. Resource activity collection is only available for local managed Windows servers, SharePoint farms, and supported NetApp and EMC managed hosts.
  • Use the Edit Host Settings task from the Managed hosts view to verify that the required paths are being managed:
    • Open the Managed Paths page of the Managed Host Settings dialog. Are the required managed paths listed?
  • Use the Edit Host Settings task from the Managed hosts view to verify that resource activity collection is enabled:
    • Open the Resource Activity page of the Managed Host Settings dialog.
      • Is the Collect and aggregate events option selected?

      • Are the required events selected?
  • Verify the accounts, files or folders that are being tracked

    • Click the Resource Activity Exclusions button on the Resource Activity page of the Managed Host Settings dialog.
    • Check each tab to see what objects are being excluded.
  • Collaborate with the Change Auditor administrator to determine what data Change Auditor is collecting.

No activity data available for SharePoint 2010 managed host

Probable Cause

For SharePoint 2010 managed hosts, the DataGovernance.SPShim.exe process is required and may not be running on the SharePoint server.

Resolution

Check to ensure that the DataGovernance.SPShim.exe process is running on the SharePoint 2010 farm server. If it is not running, start the process or re-deploy the agent.

NOTE: This only applies to SharePoint 2010 because in SharePoint 2013, this is not a separate process.

Resource activity is not displaying in the web portal for a business owner

Probable cause

Activity for owned data may not display in the web portal if:

  • Resource activity collection has not been enabled on the selected managed host.
  • Resource activity collection is not supported on the selected managed host (such as, remote managed Windows computers, Windows clusters, Generic or Cloud managed hosts).
  • Resource activity collection is enabled, but the data is not included within a specified managed paths.
Resolution

To ensure resource activity is being collected:

  1. From the Managed hosts view, select the required managed host.
  2. Select Edit host settings from the Tasks view or right-click menu.
  3. On the Managed Host Settings dialog, open the Resource Activity page.
  4. Ensure Collect and aggregate events is selected.
  5. Also, ensure the appropriate events are selected.
  6. Click the Resource Activity Exclusion button and review each tab to see what objects are being excluded.

To check what managed paths are selected for activity collection:

  1. From the Managed hosts view, select the required managed host.
  2. Select Edit host settings from the Tasks view or right-click menu.
  3. On the Managed Host Settings dialog, open the Managed Paths page.
  4. Activity is only being collected for the paths listed on this page.

NOTE: For all managed host types, when placing a resource under governance, the resource must be a managed path or a folder or share under a managed path.

  • For remote managed hosts, if you select to place a resource under governance that is not yet defined as a managed path, the path is automatically added to the managed paths list. If the managed host has more than one agent assigned, you are prompted to select which agent to add the managed path to.
  • For local managed hosts, if you are scanning managed paths (that is, there are paths in the managed paths list), and you select to place a resource under governance that is not yet defined as a managed path, the path is automatically added to the managed paths list. However, if you are scanning the entire server (that is, the managed paths list is empty) and you place a resource under governance, no changes are made to the managed paths list and you continue to scan the entire server.

For more information about these pages on the Managed Host Settings dialog, see Managed paths page and Resource activity page.

Related Documents