Data Governance Edition consolidates security information across many domains and forests by accessing these network entities using stored credentials (service accounts). These service accounts are Active Directory users granted the appropriate permissions in their respective domains and registered with Data Governance Edition.
The following commands are available to you to manage service accounts.
Use this command |
If you want to | ||
---|---|---|---|
Add-QServiceAccount |
Register an account as a service account for Data Governance Edition. When you add this service account, it is automatically granted the required Log On as a Service local user right on the Data Governance server. | ||
Get-QLogonServiceAccount |
Determine if the account can be used as a service account. | ||
Get-QServiceAccounts |
View a list of service accounts that have been created for the Data Governance server.
| ||
Remove-QServiceAccount |
Remove a service account from the deployment.
| ||
Set-QServiceAccountUpdated |
Have the Data Governance server update a service account. |
Before you can gather information on the data in your enterprise, you must specify the domain that contains the computers and data that you want to manage. Then assign the service account to access the resources within them.
The following commands are available to you to deploy managed domains.
Use this command |
If you want to | ||
---|---|---|---|
Add-QManagedDomain |
Add a new domain to the Data Governance Edition deployment. | ||
Get-QManagedDomains |
View the list of managed domains in a deployment.
| ||
Remove-QManagedDomain |
Remove a managed domain from your deployment. |
The following commands are available to you to manage your agent deployment.
Use this command |
If you want to | ||||
---|---|---|---|---|---|
Get-QAgentEvents |
View saved events for the specified agent from the One Identity Manager database. You can use this command to output the stored agent messages to the console or a text file to quickly identify issues. | ||||
Get-QAgentMetrics |
View an agent’s activity and performance. | ||||
Set-QAgentConfiguration |
Set the managed paths to be scanned.
| ||||
Set-QAgentStateUpdated |
Notify the Data Governance server that an agent has been updated and the server should process it. | ||||
Upgrade-QAgents |
Upgrade the agents in your deployment.
|
A managed host is any network object that can host resources and can be assigned an agent to monitor security and resource activity. Currently supported hosts include Windows computers, Windows clusters, NetApp storage devices, EMC storage devices, DFS, and SharePoint farms.
You can also add generic managed hosts (Server Message Block (SMB) shares running on any Active Directory joined computer) to remotely scan their resources.
The following commands are available to you to deploy managed hosts.
Use this command |
If you want to |
|||
---|---|---|---|---|
Add-QDfsManagedHost |
Register a domain-based distributed file system root. This enables you to view and manage the access on resources that are physically distributed throughout your network. |
|||
Add-QManagedHostByAccountName |
Add a managed host to your deployment and configure its settings.
|
|||
Clear-QResourceActivity |
Clear the resource activity for a given managed host. This enables you to remove activity data from the database on demand when it is no longer required. For scheduled activity cleanup, use the activity compression/deletion settings in the Data Governance server configuration file instead.
|
|||
Get-QHostsforTrustee |
View a selected user or group’s access on all managed hosts in your environment. |
|||
Get-QManagedHosts |
View a list of all the managed hosts in your deployment.
|
|||
Remove-QManagedHost |
Remove a managed host from your deployment. |
|||
Set-QManagedHostProperties |
Change the properties of a managed host.
|
|||
Set-QManagedHostUpdated |
Inform the Data Governance server that the managed host state should be updated. |
|||
Trigger-QDfsSync |
By default the Data Governance server synchronizes the DFS structure into the One Identity Manager database every 24 hours. Use this cmdlet to force a DFS synchronization of a DFS managed host, making the DFS path immediately available within the Resource browser.
|
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy