Chat now with support
Chat with Support

Identity Manager Data Governance Edition 8.0 - User Guide

Introduction Data Governance navigation node and views Administering Data Governance Edition Managing unstructured data access
Managing resource access Managing account access Working with security permissions Working with SharePoint security permissions Account access modeling Bringing data under governance
Classifying governed resources Managing governed resources using the web portal Data Governance Edition reports Troubleshooting Appendix: EMC, NetApp Filer, and SharePoint configuration details Appendix: PowerShell commands Appendix: Governed data attestation policies Appendix: Governed data company policies Appendix: Governed data risk index functions About us

Service accounts view

Selecting Service accounts in the Data Governance navigation view populates the Service Accounts result list with the service accounts registered with the Data Governance server. From the Service Accounts result list, you can add, edit or remove service accounts.

Double-clicking a service account in the Service Accounts result list displays the Service account overview which is a graphical representation of the information available, including the domains associated with the selected service account. From this view, you can also perform the following tasks against the selected service account.

Table 2: Service accounts view: Tasks
Task Description For more information
New

Use the New right-click command or tool bar button ( ) to create a new service account. Clicking the New command or tool bar button displays the Service Accounts view allowing you to define a new Data Governance Edition service account. To create a new service account, enter the following information:

  • Active Directory account: Select the Active Directory account to be used as a service account.
  • Password: Enter the password associated with the selected account.
  • Comments: Optionally, enter descriptive text regarding the selected account.

When a service account is added to Data Governance Edition, it is granted the required Log On as a Service local user rights on the Data Governance server.

Adding and editing a service account
Delete

Use the Delete right-click command or tool bar button ( ) to remove the selected service account.

 
Change master data

Use the Tasks | Change master data right-click command or Edit tool bar button ( ) to display the service account master data page to change the password or comment associated with the selected service account.

Adding and editing a service account
Assign domains Use the Tasks | Assign domains right-click command to view, add or modify the domain assignments for the selected service account. Adding a managed domain
Related Topics

Authentication using service accounts and managed domains

Readying a service account and domains for deployment

Managed domains view

Selecting Managed domains in the Data Governance navigation view populates the Managed domains result list with all the managed domains defined for the current Data Governance Edition deployment.

Note: The link between a service account and an Active Directory domain makes it a "managed domain."

For more information on the managed domains view tasks, see the One Identity Manager Administration Guide for Active Directory Domain.

Managed hosts view

Selecting Managed hosts in the Data Governance navigation view populates the Managed Hosts result list with all of the managed hosts deployed in the current Data Governance Edition deployment.

Selecting this node also displays the Managed hosts view in the right pane which lists all of the computer objects found during the topology harvest or Active Directory synchronization, and SharePoint synchronization if applicable. From this view, you can see the status of each managed host as well as the host computers that are not yet being managed by Data Governance Edition.

Double-clicking a managed host in either the result list or Managed hosts view launches the Resource browser allowing you to view data on the managed host.

The following table describes the default information displayed for each computer object found.

Table 3: Managed hosts view: Default layout

Column Title

Description

Host Name

The name of the host computer that may be the target of collection.

Domain

The domain in which the host computer belongs.

Status

The current status of the managed host. In addition to providing the current status of managed hosts, it also indicates when a host computer is not being managed by Data Governance Edition. For more information, see Verifying managed host system status.

NOTE: The Managed Hosts result list only displays computer objects that are being managed by Data Governance Edition, therefore, it does not include the computer hosts with a status of Not Managed.

Data Status

For managed hosts, the current state of the data available from the host computer. For more information, see Determining the state of the data.

Host Type

The physical configuration of the host computer:

  • Distributed File System Root
  • EMC Celerra/VNX Device
  • EMC Isilon Device
  • EMC Isilon NFS Device
  • NetApp OnTap Cluster Mode CIFS Device
  • NetApp OnTap Cluster Mode NFS Device
  • NetApp OnTap 7-Mode CIFS Device
  • NetApp OnTap 7-Mode NFS Device
  • OneDrive for Business
  • SharePoint Farm
  • SharePoint Online
  • Windows Computer
  • Unknown/Generic Host Type

NOTE: The NFS host types are displayed after they have been added as managed hosts using the Manage NFS host task.

NOTE: The cloud provider host types (for example, SharePoint Online and OneDrive for Business) are displayed after they have been added as managed hosts using the Manage Cloud host task.

NOTE: Unknown is displayed for hosts that can be added as generic managed hosts. You must update the "additionalOperatingSystems" configuration setting in order to see unknown host types. For more information, see Adding a generic managed host. After a host with an "unknown" host type is added as a generic managed host, the Host Type will change to Generic Host Type.

Agent Errors

Indicates how many critical errors are associated with an agent monitoring the selected managed host. For more information, see Viewing agent errors.

In addition to the default columns, you can add the following columns to the view using the Column Chooser command.

NOTE: Right-click the column header and select Column Chooser to add hidden columns to the display. In the Customization dialog, double-click the required column or drag and drop it onto the column header bar.

To hide a column, right-click the column header and select Remove This Column. The column is now listed in the Customization dialog and can be re-added to the view as explained above.

Table 4: Managed hosts view: Hidden columns

Column Title

Description

Forest DNS Name

Full DNS name of the forest where the host computer resides.

Host DNS Name

Full DNS name of the host computer.

Keywords

For managed hosts, free-form text tags that can be displayed to allow for arbitrary grouping and sorting of hosts.

Managed Host Id

For managed hosts, the value (GUID) assigned to the managed host.

Management Method

For managed hosts, indicates whether the host is managed locally or remotely.

Most Recent Activity

For managed hosts, the most recent time (UTC) that detailed security information was collected by any of the agents for this host.

Operating System For managed hosts, the operating system running on the host computer.

Starts With

First character from the host computer's name. This is useful for grouping or sorting.

Managed hosts view tasks

From the Managed hosts view, you can check the current state of all your managed hosts using the status column. In addition, from this view, you can add managed hosts, edit host settings, get all logs, view all resources under governance for a managed host, remove a managed host, or launch the Resource browser.

NOTE: If you are assigned the Data Governance\Operators role, you will have read-only access to this page and will not be able to perform the tasks listed below.

The following tasks are available regardless of the host computer selected in the Managed hosts view.

Table 5: Managed hosts views: Tasks always available
Task Description For more information

Customize default host settings

Launches the Customized default host settings dialog to view or modify the default settings for a given host type.

The default settings specified are used for managed hosts added in the future.

Customizing default host settings
Get All Logs Launches the Browse for Folder dialog to specify where to export the server log and agent deployment logs. Getting server logs
Manage Cloud host Launches the Managed Host Settings dialog allowing you to specify the configuration settings for defining a new cloud provider host, such as SharePoint Online. This dialog also allows you to enter the Office 365 domain and administrator login credentials to be used to authenticate to the Data Governance Edition API cloud proxy. Adding a Cloud managed host
Manage DFS host Launches the DFS Managed Host Settings dialog allowing you to specify the DFS domain and root to be managed. Adding a Distributed File System (DFS) root managed host
Manage NFS host Launches the Managed Host Settings dialog allowing you to add an NFS host to be managed for a supported EMC or NetApp storage device with NFS file system protocol enabled. Adding an NFS managed host
Refresh Retrieves and displays the latest data for managed hosts.  
Toggle layout options

Shows or hides the Layout controls at the top of the view, allowing you to change the layout displayed.

Toggle layout options

When you select a host that is not yet managed from the Managed hosts view, you can perform this additional task.

Table 6: Managed hosts view: Tasks for unmanaged hosts
Task Description For more information

Manage host

Manage multiple hosts

Launches the Managed Host Settings dialog allowing you to specify the configuration settings for defining a new managed host.

Adding and configuring managed hosts

When you select a managed host from the Managed hosts view, you can perform the additional tasks.

Table 7: Managed hosts view: Tasks for managed hosts
Task Description For more information
Accounts view

Displays the security index information returned by Data Governance agents for the selected managed host.

NOTE: Not available for NFS managed hosts.

Browsing your environment

Accounts view

Edit host settings

Launches the Managed Host Settings dialog allowing you to view or edit the configuration settings for the selected managed host.

You can also use this task to add, remove or change the agent(s) used for scanning remote managed hosts.

Editing managed host settings

Removing agents

Governed data Displays the Governed data view to view all of the resources within the selected host that have been placed under governance.

Managing governed data details

Governed data view

Refresh governed data Retrieves the latest data available for resources placed under governance on the selected managed host.  
Remove Removes the selected managed host and any associated agents from the deployment. Removing managed hosts (and associated agents)
Rescan Forces a rescan of all agents associated with the selected managed host.  
Resource browser

Launches the Resource browser which contains a live view of the data on the selected managed host. You can browse through the supported file systems and see all applied permissions and make changes where required. You can also see where the access on a resource differs from its parent and manage that access.

NOTE: Double-clicking a managed host also launches the Resource browser.
Browsing your environment

Searching for resources

Resource browser

View deviations

Displays a tree view of all resources and all sub-resources below the root that have explicit security applied to them and any deviation error(s) encountered for the selected resource. As you select resources in the tree, you can view and manage their security.

NOTE: Not available for resources on NFS managed hosts.

NOTE:Not available for resources on Cloud managed hosts.
Managing security deviations
Related Topics

Customize default host settings dialog

DFS managed host settings dialog

Managed host settings dialog

Related Documents