Chat now with support
Chat with Support

Identity Manager Data Governance Edition 8.0 - User Guide

Introduction Data Governance navigation node and views Administering Data Governance Edition Managing unstructured data access
Managing resource access Managing account access Working with security permissions Working with SharePoint security permissions Account access modeling Bringing data under governance
Classifying governed resources Managing governed resources using the web portal Data Governance Edition reports Troubleshooting Appendix: EMC, NetApp Filer, and SharePoint configuration details Appendix: PowerShell commands Appendix: Governed data attestation policies Appendix: Governed data company policies Appendix: Governed data risk index functions About us

Managed host settings dialog

The Managed Host Settings dialog allows you to define the configuration settings for new managed hosts. This dialog appears when you select one of the following tasks from the Managed hosts view:

  • Manage host
  • Manage multiple hosts
  • Manage NFS host
  • Manage Cloud host
  • Edit host settings

This dialog contains the following controls:

Table 45: Managed Host Settings dialog: Controls
Control Description
Managed Host

Specifies the managed host to be added.

  • For local managed hosts, this is a read-only field that displays the name of the host computer selected in the Managed hosts view.
  • For remote managed hosts, including supported EMC and NetApp storage devices with CIFS file system protocol enabled, this is a read-only field that displays the name of the host computer selected in the Managed hosts view.
  • For cloud managed hosts, this field is blank when using the Manage Cloud host task. However, it displays the <DomainName>.onmicrosoft.com host name when using the Edit host settings task.
  • If multiple hosts are selected, <Multiple Managed Hosts> appears in this field.
  • For NFS managed hosts, enter the IP address or fully qualified domain name of the NFS host computer to be managed.
Host Type

Select the type of managed host to be added to the Data Governance Edition deployment.

When using the Manage host or Manage multiple hosts task, the options available depend on the host computer selected in the Managed hosts view. Valid managed host types include:

  • EMC Celerra/VNX Device
  • EMC Isilon Device
  • Generic Host Type
  • Local Windows Computer
  • NetApp OnTap Cluster Mode CIFS Device
  • NetApp OnTap 7-Mode CIFS Device
  • SharePoint Farm
  • Windows Cluster/Remote Windows Computer

When using the Manage NFS host task, you must select one of the following host types:

  • EMC Isilon NFS Device
  • NetApp Cluster NFS Device
  • NetApp 7-Mode NFS Device

When using the Manage Cloud host task, you must select one of the following host types:

  • SharePoint Online
  • OneDrive for Business

When using the Edit host settings task, this is a read-only field that specifies the type of host.

Agent Install Path

By default, the agent will be installed in the Data Governance Server installation directory (%ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Agent Services).

When you deploy an individual agent, you can use this field to specify an alternate agent installation. To specify an alternate installation directory, enter a local path (for example C:\Mypath) that does not exceed 512 characters.

 NOTE: If there is an existing agent on the machine, you cannot install another agent with a different installation directory. All agents must be installed in the same directory.

 NOTE: If required, use the Customize default host settings task to define an alternate default installation directory for deploying new agents. When you opt to set the installation directory for an individual agent using the Agent Install Path field on the Managed Host Settings dialog, it will take precedence over the default agent installation location defined on the Customize default host settings dialog.
Keywords Optionally, enter a keyword which can then be displayed and used to group your managed hosts on the Managed hosts view.
NIS Host

Use the NIS Host page to select the Network Information Systems (NIS) server whose users and groups have been synchronized with One Identity Manager.

 NOTE: This page only applies to NFS managed hosts.

For more information, see NIS Host page.

Credentials page

Use the Credentials page to provide user credentials that can establish a connection with the NAS device.

  • For NetApp hosts, the user must have the 'ontapi' User Login Method application.
  • For EMC hosts, this account must have the 'Platform API' privileges applied.

NOTE: This page only applies to NFS managed hosts and NetApp OnTap Cluster Mode CIFS managed hosts.

For more information, see Credentials page.

Cloud Provider

Use the Cloud Provider page to enter the Office 365 domain and login credentials of the administrative account to be used to authenticate with the Data Governance Edition API cloud proxy.

 NOTE: This page only applies to Cloud managed hosts.

For more information, see Cloud Provider page.

Agents page

Use the Agents page to configure the agents to be used to monitor a remote managed host or SharePoint managed host.

 NOTE: This page only applies to remote managed hosts and SharePoint managed hosts.

For more information, see Agents page.

Managed Paths page

Use the Managed Paths page to define the paths to be managed by Data Governance Edition. These managed paths will be scanned for security access information and if enabled, for collecting resource activity.

Click the Add button to display the Managed Paths Picker dialog, where you can then navigate to and select the paths to be scanned.

For more information, see Managed paths page.

Security Scanning page

Use the Security Scanning page to set the schedule and settings for scanning agents for changes to the structure and security of the file system.

For more information, see Security Scanning page.

Resource activity page

Use the Resource Activity page to configure the collection and aggregation of resource activity for the target managed host.

NOTE: Not available for Windows Cluster/Remote Windows Computer, Generic or Cloud managed hosts.

For more information, see Resource activity page.

OK

Click the OK button to save your selections and close the dialog.

Cancel

Click the Cancel button to close the dialog without saving your selections.

Related Topics

Adding a local managed host (Windows computer)

Adding a Windows cluster / Windows computer as a remote managed host

Adding a generic managed host

Adding a Distributed File System (DFS) root managed host

Adding a SharePoint farm managed host

Adding a NetApp CIFS device as a managed host

Adding an EMC CIFS device as a managed host

Adding an NFS managed host

Adding a Cloud managed host

Editing managed host settings

NIS Host page

Select a Network Information Service (NIS) server whose users and groups have been synchronized with One Identity Manager.

 NOTE: This page only applies to NFS managed hosts.
Table 46: NIS Host page: Controls and settings
Control/setting Description
NIS Host

Select the NIS server to be managed.

The NIS server(s) previously synchronized with One Identity Manager (UNIX synchronization project) are listed in the drop-down menu.

Credentials page

Provide the credentials of a user which can establish a connection to the NAS storage device.

  • For NetApp devices, this user account must have the 'ontapi' User Login Method application.
  • For EMC Isilon devices, this user account must be assigned the 'Platform API' privilege.

Note: This page only applies to NFS managed hosts and NetApp OnTap Cluster Mode CIFS managed hosts.

Table 47: Credentials page: Controls and settings
Control/setting Description
User Name

Enter the name of a user account with access to the target NAS storage device.

Password Enter the password associated with the specified user account.
Port

Enter the destination port to be used for communication between the agent and target NAS storage device.

  • NetApp filers: The default value is 443.
  • EMC devices: The default value is 8080.
Host EndPoint

Optionally, enter the API endpoint for the NetApp Cluster Mode connection. This could be an FQDN, host name or IP address.

 NOTE: The default is to use the FQDN of the targeted host. You would only use this setting if the API connection needs to be specified as something other than the FQDN of the targeted host.

NOTE: Only applies to NetApp Cluster Mode devices.
Test API Credentials Click this button to verify that the credentials entered are valid.

Cloud Provider page

The Cloud Provider page appears when managing a cloud resource. Use this page to enter the Office 365 domain and administrator account login credentials to be used to authenticate with the Data Governance Edition API cloud proxy. This API cloud proxy provides a consistent method for Data Governance Edition to interface with different cloud providers. When valid login credentials are provided, the system issues an access token which is used during the current and subsequent sessions to access resources hosted by the specified cloud provider.

Note: This page only applies to Cloud managed hosts.

Table 48: Cloud Provider page: Controls
Control Description
<DomainName> .onmicrosoft.com

Enter the name of the Office 365 domain to be used.

For example: Enter MyDomain as the domain name.

 NOTE: Data Governance Edition only supports one Office 365 domain per cloud provider at this time. That is, you can deploy only one managed host for the SharePoint Online administrator account and one managed host for the OneDrive for Business administrator account. Data Governance Edition does not currently block you from deploying a second SharePoint Online or OneDrive for Business managed host; however, it will not work.
Email

Enter the email address of the administrator account to be used to authenticate with the cloud proxy.

For example: Administrator@MyDomain.onmicrosoft.com

NOTE: You must create a separate administrator account for this purpose. This administrator account must be, or have equal access as, a SharePoint Online Administrator. Each site will be modified to list this account as a Site Collection Administrator for the site. This provides the account with access to the site's contents.

For SharePoint Online, create a separate Global Administrator account.

Password Enter the password associated with the specified email account.
Continue

After entering the Office 365 domain and administrator account login credentials, clicking the Continue button redirects you to Microsoft to sign in to your account and grant access to Office 365 data.

  1. The administrator account previously entered is displayed.
  2. Re-enter the password associated with the specified administrator account.
  3. Click Sign In.
  4. Click Accept to agree to the access required by the Data Governance Edition API cloud proxy.

Data Governance Edition will then have access to the specified resources for all users in your organization; no other user will be prompted to enter credentials.

Related Documents