Chat now with support
Chat with Support

Identity Manager Data Governance Edition 8.0 - User Guide

Introduction Data Governance navigation node and views Administering Data Governance Edition Managing unstructured data access
Managing resource access Managing account access Working with security permissions Working with SharePoint security permissions Account access modeling Bringing data under governance
Classifying governed resources Managing governed resources using the web portal Data Governance Edition reports Troubleshooting Appendix: EMC, NetApp Filer, and SharePoint configuration details Appendix: PowerShell commands Appendix: Governed data attestation policies Appendix: Governed data company policies Appendix: Governed data risk index functions About us

Appendix: PowerShell commands

Appendix: PowerShell commands

This appendix provides a list of the Windows PowerShell commands available to deploy and configure Data Governance Edition components and administer Data Governance Edition to manage the unstructured data in your organization.

For full parameter details and examples, see the command help or the One Identity Manager Data Governance Edition Technical Insight Guide. For a list and full parameter details and examples of the PowerShell commands available for creating and maintaining managed resources (such as, file shares created through the IT Shop self-service request functionality), see the One Identity Manager Data Governance Edition IT Shop Resource Access Requests User Guide.

Adding the PowerShell snap-ins

Data Governance Edition comes with a Windows PowerShell snap-in for you to use to manage your environment.

If you installed Windows PowerShell on your computer after you installed the Data Governance server, you must register the cmdlets before you can start using them in Windows PowerShell.

To import the Data Governance Edition PowerShell module

  1. Open a Windows PowerShell window and type the following at the Windows PowerShell command prompt:

    Import-Module "<path>"

    Where <path> is the file path for the QAM.Client.PowerShell.dll assembly. By default, the <path> for the Data Governance server machine is "C:\Program Files\One Identity\One Identity Manager\QAM.Client.PowerShell.dll".

  2. To verify that the module was added, type the following at the Windows PowerShell command prompt:

    Get-Module -All

    The registered PowerShell modules are listed.

Note: Run the Set-QServiceConnection command before you can use any of the Data Governance Edition commands.

Adding the module automatically to new sessions

If you do not want to manually add the Data Governance Edition PowerShell module each time you start a new Windows PowerShell session, you can modify the Windows PowerShell profile file so that it is added automatically for you.

To add the Data Governance Edition PowerShell module automatically when you start a new Windows PowerShell session

  • Add the following line to the Windows PowerShell profile file (profile.ps1) file:

    Import-Module "<path>"

    The location of the Windows PowerShell profile file is as follows: WINDOWS\system32\windowspowershell\v1.0

Note: If you get the error message "...profile.ps1 cannot be loaded because the execution of scripts is disabled" the next time you start a new Windows PowerShell session, type the following at the Windows PowerShell command prompt:

Set-ExecutionPolicy RemoteSigned

Then, type the following at the Windows PowerShell command prompt to confirm that the execution policy has been changed:

Get-ExecutionPolicy RemoteSigned

Finding component IDs

Many of the Windows PowerShell commands you can use to manipulate your deployment require that you know the component’s ID.

To determine the managed host, container parent, container, resource node, or agent ID

  • Run the Get-QManagedHosts command.

To determine the service account or managed domain ID

  • Run the Get-QManagedDomains command.

To determine the deployment name

  • Run the Get-QDeploymentInfo command.

Data Governance Edition deployment

The following commands in the OneIdentity.DataGovernance snap-in can be used to deploy and configure the Data Governance Edition. For full parameter details and examples, see the command help, using the Get-Help command or the One Identity Manager Data Governance Edition Technical Insight Guide.

Table 82: Data Governance Edition deployment commands

Use this command

If you want to

Get-QDeploymentInfo

View deployment information for your Data Governance server including the deployment name.

Get-QEncryptionOptions

Retrieve the current encryption options used by One Identity Manager and show whether Data Governance Edition has been configured to use encryption.

Get-QServerAllLogs

Export all server logs to the designated folder.

Get-ServerVersion

View the version of the currently running Data Governance server.

Initialize-QDataGovernanceActivity

Initialize a database to store data generated when a managed host has resource activity tracking enabled.

NOTE: This information is required for several reports, including the Resource Activity report.

This is separate from the One Identity Manager database that stores configuration and security information.

Initialize-QDataGovernanceServer

Establish the database connection between One Identity Manager and Data Governance Edition. The Data Governance server must be initialized before you can use Data Governance Edition to manage your resources.

Register-QServiceConnectionPoint

Register service connection points in an Active Directory domain.

NOTE: This can be helpful when the service account registered for a domain does not have sufficient permissions to create a service connection point (SCP).

Remove-QServiceConnectionPoint

Remove the DataGovernance.Server Service Connection Point (SCP) from an Active Directory domain.

NOTE: This cmdlet can be helpful when you want to remove all Data Governance Edition SCPs from a single Data Governance Edition deployment or all deployments. To recreate an SCP which you inadvertently removed, restart your Data Governance service.

Set-QDeploymentInfo

Change the deployment parameters for the Data Governance server including the deployment name.

NOTE: Changing this value can prevent the Data Governance service from communicating with existing agents. It is not recommended to change the deployment name of an existing server.

Set-QEncryptionOptions

Encrypt the Data Governance service account.

NOTE: Only use this command if you have enabled encryption for the One Identity Manager database.

Set-QServiceConnection

Set the server name and port information used by the Data Governance Edition commands to connect to the Data Governance server.

NOTE: You must run this command before you can use any of the Data Governance Edition commands.
Related Documents