Chat now with support
Chat with Support

Identity Manager Data Governance Edition 8.0 - Technical Insight Guide

Introduction Data Governance Edition Network Communications Data Governance service Data Governance agents Resource activity collection in Data Governance Edition QAM module tables Configurable configuration file settings
Data Governance service configuration file settings Data Governance agent configuration file settings
Configurable registry settings PowerShell commands
Adding the PowerShell snap-ins Finding component IDs Data Governance Edition deployment Service account management Managed domain deployment Agent deployment Managed host deployment Account access management Resource access management Governed data management Classification management
About us

Classification management

Classification is included in Data Governance Edition, however you should first define the classification levels in Data Governance Edition to match those defined by your company. Once defined, you can use these classification levels to classify governed resources.

The following commands are available to manage the classification levels used in your Data Governance Edition deployment and to assign a classification level to a governed resource. For full parameter details and examples, click a command hyperlink in the table or see the command help, using the Get-Help command.

Table 244: Group template management commands

Use this command

If you want to

Add-QClassificationLevel

Define a new classification level for use in your Data Governance Edition deployment.

For more information, see Add-QClassificationLevel.

Get-QClassificationLevelConfiguration

Retrieve details about the classification levels configured in your Data Governance Edition deployment.

For more information, see Get-QClassificationLevelConfiguration.

Get-QDataUnderGovernanceByClassificationLevel

Retrieve a list of governed resources assigned a specific classification level.

For more information, see Get-QDataUnderGovernanceByClassificationLevel.

Remove-QClassificationLevel

Remove a classification level from your Data Governance Edition deployment.

For more information, see Remove-QClassificationLevel.

Set-QClassificationLevel

Update an existing classification level in your Data Governance Edition deployment.

For more information, see Set-QClassificationLevel.

Set-QClassificationLevelOnDug

Assign a classification level to a governed resource.

For more information, see Set-QClassificationLevelOnDuG.

Add-QClassificationLevel

Defines a new classification level for use in your Data Governance Edition deployment.

Syntax:

Add-QClassifictionLevel [-Name] <String> [-Description] <String> [[-SortOrder] <Int>] [<CommonParamters>]

Table 245: Parameters
Parameter Description
Name

Specify the name to be associated with the new classification level.

The length of the name is limited to 512 characters. Any text is allowed, including spaces and other 'special characters'.

Description

Enter descriptive text to be associated with the new classification level.

Any text is allowed, including spaces and other 'special characters'.

SortOrder

Optionally, specify the display order of the new classification level.

NOTE: The classification levels are displayed in ascending order based on SortOrder. If no SortOrder value is specified, the classification level will appear at the top of the list.
Examples:
Table 246: Examples
Example Description

Add-QClassificationLevel -Name "Internal Eyes Only" -Description "Intended for internal distribution within the organization." -SortOrder 1

Adds a new "Internal Eyes Only" classification level.

Get-QClassificationLevelConfiguration

Retrieves details about the classification levels configured in your Data Governance Edition deployment.

Syntax:

Get-QClassificationLevelConfiguration [<CommonParameters>]

Examples:
Table 247: Examples
Example Description
Get-QClassificationLevelConfiguration Returns details about each classification levels previously configured, including the classification ID.
Details retrieved:

For each classification level configured, this cmdlet returns the following details.

Table 248: Details retrieved
Detail Description (Associated property in QAMClassificationLevel table)
Id The identifier assigned to the classification level by Data Governance Edition (UID_QAMClassificationLevel).
Name The name of the classification level. For example: Critical Handling (Name).
Description The descriptive text associated with the classification level (Description).
SortOrder The display order value assigned to the classification level (SortOrder).

Get-QGovernedDataByClassificationLevel

Get-QDataUnderGovernanceByClassificationLevel

Retrieves a list of governed resources assigned a specific classification level.

Syntax:

Get-QDataUnderGovernanceByClassificationLevel [-ClassificationLevelId] <String> [<CommonParameters>]

Table 249: Parameters
Parameter Description
ClassificationLevelId

Specify the identifier assigned to the classification level.

NOTE: Run the Get-QClassificationLevelConfiguration cmdlet to retrieve a list of configured classification levels, including their assigned identifiers.
Examples:
Table 250: Examples
Example Description

Get-QDataUnderGovernanceByClassificationLevel -ClassificationLevelId 51442B53-A9BE-4EE0-8A89-B5D5ED3CF387

Returns a list of the governed resources associated with the specified classification level.
Details retrieved:
Table 251: Details retrieved
Detail Description (Associated key or property in QAMDuG table)
ManagedHostId Value (GUID) assigned to the managed host computer.
IsForITShop Indicates if the resource is available for requests through the IT Shop.
DatePublishedToITShop The date (UTC) when the resource was published to the IT Shop.
IsPublishable Indicates that the resource is able to be published to the IT Shop.
IsPointOfInterest Indicates that a point of interest was intentionally placed under governance.
RequiresOwnership Indicates that the resource requires that an owner be assigned.
DisplayName Name of the governed resource.
DisplayPath Path and name of the governed resource.
Description Descriptive information entered for the governed resource.
FullPath Full path of the governed resource.
FullPathHashSHA1 Hash value over the full path for unique identification.
Justification The reason for assigning this owner to the resource.
OwnershipSetBy Name of the account that set the owner.
PlacedUnderGovernanceBy Name of the account that placed the resource under governance.
RiskIndex Calculated risk index of all assignments to this data.
ActivityResourceId The value that relates the roots in this database to data in the Data Governance activity resource database.
DateOwnershipSet The date (UTC) when the ownership of the resource was set.
UID_QAMDuG The identifier assigned to the governed resource by Data Governance Edition.
IsStale Indicates whether the resource was renamed or deleted.
LastEncounteredTime The time detailed security information was successfully collected.
PersonOwnerKey If you have assigned a person as the business owner of this resource, this is the primary key of that person.
PersonOwnerDisplay If a person is assigned as the business owner, the name of that employee.
RoleOwnerKey If you have assigned a role as the business owner of this resource, this is the primary key of that role.
RoleOwnerDisplay If an application role is assigned as the business owner, the name of that application role.
ResourceType The governed data type.
ManagedHostName The name of the managed host computer.
UseBackingFolderSecurity Indicates to use the backing folder of a share.
LastPoiCollection The date (UTC) when the POI was last collected.
LastPoiSubmission The date (UTC) when the POI was last submitted.
Security The security used for governance. (SecurityForGovernance)
ClassificationLevelId If a classification level is assigned, the identifier assigned to the classification level. (UID_QAMClassificationLevelMan Value)
ClassificationLevelName If a classification level is assigned, the name assigned to the classification level. (UID_QAMClassificationLevelMan)
Related Documents