Chat now with support
Chat with Support

Identity Manager Data Governance Edition 8.1.1 - User Guide

Introduction Data Governance navigation node and views Administering Data Governance Edition Managing unstructured data access
Managing resource access Managing account access Working with security permissions Working with SharePoint security permissions Account access modeling Bringing data under governance
Classifying governed resources Managing governed resources using the web portal Data Governance Edition reports Troubleshooting Appendix: EMC, NetApp Filer, and SharePoint configuration details Appendix: PowerShell commands Appendix: Governed data attestation policies Appendix: Governed data company policies Appendix: Governed data risk index functions About us

Introduction

This guide contains the information required to administer One Identity Manager Data Governance Edition to manage the unstructured data in your organization. It contains detailed information about the Data Governance Edition features and includes instructions to help administrators perform day-to-day administration activities.

Before you can gather information on the unstructured data in your organization, you must:

This initial setup information is also covered in the One Identity Manager Data Governance Edition Deployment Guide and should already be completed.

Once you have added a managed host, you can:

Available documentation

Data Governance Edition documentation includes the following manuals:

  • One Identity Manager Data Governance Edition User Guide

    This guide includes Data Governance Edition administration information.

  • One Identity Manager Data Governance Edition Deployment Guide

    This guide includes Data Governance Edition installation, configuration, and deployment information.

  • One Identity Manager Data Governance Edition IT Shop Resource Access Requests User Guide

    This guide includes details about the self-service resource requests related to resources that are governed, including the file system share creation request in the IT Shop.

  • One Identity Manager Data Governance Edition Technical Insight Guide

    This guide is intended for advanced audiences who want a deeper understanding of the Data Governance Edition components and how they communicate with each other. It also provides a description of the configuration file settings, registry key settings and PowerShell commands.

Online versions of the Data Governance Edition guides are available on the technical support web portal: https://support.oneidentity.com/identity-manager-data-governance-edition/technical-documents

For supporting One Identity Manager information, see the One Identity Manager documentation. Online versions of the One Identity Manager guides are available on the technical support web portal: https://support.oneidentity.com/identity-manager/technical-documents

Data Governance navigation node and views

The Data Governance Edition elements are embedded into the Manager client application. The user interface elements communicate with the Data Governance service and directly with the One Identity Manager database. Communication with the database is performed in the same way as any other One Identity Manager database communication, using the authentication information provided when the user launches the client tools.

The Manager is the main administration tool for configuring Data Governance Edition components and governing unstructured data to secure and control access to your organization's data. The Data Governance node in the Manager's navigation view provides access to the data required to perform the following tasks:

  • Configure Data Governance Edition, including:
    • Configuring Data Governance service accounts for managed domains
    • Adding and configuring managed hosts
    • Deploying Data Governance agents
  • Manage resource access
  • Manage account access
  • Manage and set security permissions for network objects
  • Manage and set SharePoint security permission levels
  • Bring data under governance
  • Define classification levels for use in classifying governed data

From the Data Governance navigation view, the following main views become available to configure and manage your Data Governance Edition deployment:

In addition to these main views, the following Data Governance Edition views are available to manage resource access, account access and governed data:

Related Topics

Customizing your view

Toggle layout options

Info system view

Selecting Info system in the Data Governance navigation view displays dashboards for viewing general statistics and the overall status of your Data Governance Edition deployment in real-time.

Note: In addition, you can view these dashboards using the Data Governance server landing page (https://<DGEServerIPAddress>:8723/server/home).

Note: The Data Governance Edition statistics displayed in these dashboards are calculated on an hourly schedule. To change the schedule, edit the hourly schedule defined in the QAM statistics schedule in the Designer (Getting Started | Edit schedules or Base Data | General | Schedules).

The Info system view in the Manager includes three One Identity Manager statistics (as indicated in the table) and these are calculated based on the schedule defined in the Calculate statistics schedule. The Calculate statistics schedule is disabled by default and must be enabled in order to calculate these One Identity Manager statistics. These statistics are not available on the Data Governance server landing page.

Table 1: Data Governance Edition statistics
Statistic / Metric Description
Managed Hosts

Pie chart shows the number of computer objects found in your environment, indicating the number that are managed hosts and the number that are not yet managed (unmanaged).

NOTE: This statistic does not include SharePoint Farm, DFS Root or NFS managed hosts.
Managed Host Status

Pie chart shows the number of managed hosts by status (OK vs. Not OK).

NOTE: This statistic does not include SharePoint Farm or DFS Root managed hosts.
Managed Host Type

Pie chart shows the number of managed hosts defined in your Data Governance Edition deployment, broken down by host type.

Managed Hosts with Resource Activity

Pie chart shows the number of managed hosts that are collecting resource activity (Enabled) and the number of managed hosts that are not collecting resource activity (Disabled).

NOTE: Since resources on Cloud managed hosts cannot collect resource activity, those resources are always included as Disabled.
Managed Hosts Without Governed Data

Graphic shows managed hosts that have resources that have not been placed under governance. The graphic uses the following thresholds:

  • Green: Less than 25% of all managed hosts have data that is not being governed.
  • Orange: Between 25% and 75% of all managed hosts have data that is not being governed.
  • Red: More than 75% of all managed hosts have data that is not being governed.

The total number of managed hosts with ungoverned data is displayed under the graphic.

NOTE: On the Data Governance server landing page, this is a pie chart showing managed hosts with data that has not been placed under governance.
Governed Data Without Business Owners

Graphic shows governed data without an assigned business owner. The graphic uses the following thresholds:

  • Green: Less than 25% of all governed data does not have a business owner assigned.
  • Orange: Between 25% and 75% of all governed data does not have a business owner assigned.
  • Red: More than 75% of all governed data does not have a business owner assigned.

The total number of governed data without an assigned business owner is displayed under the graphic.

NOTE: On the Data Governance server landing page, this is a pie chart showing governed data without an assigned business owner.
Governed Data by Resource Type

Pie chart shows the number of governed resources, broken down by resource type.

Published vs Unpublished Governed Data

Pie chart shows the number of governed resources that are published to the IT Shop and the number of governed resources that are not published.

NOTE: Since resources on NFS and Cloud managed hosts cannot be published to the IT Shop, those resources are always included as Unpublished.
Published Data with Organizational Restrictions

Pie chart shows the number of published resources belonging to a restriction list, broken down by organizational structure (department, location, or cost center).

Security Index by Account Type

Pie chart shows the number of accounts with direct access points that have been scanned by a Data Governance agent, broken down by account type:

  • Azure AD Group
  • Azure AD User
  • Domain Group
  • Domain User
  • Machine Local Group
  • Machine Local User
  • Other
  • SharePoint Group
  • SharePoint Identity
  • SharePoint Online Group
  • SharePoint User
  • Unix Group
  • Unix Owner
Attestations

Pie chart shows the number of attestations cases, broken down by Overdue, Outstanding, Closed overdue, and Closed in time cases.

NOTE: This statistic does not include Cloud managed hosts.

NOTE: This is a One Identity Manager statistic. In order to calculate and update this statistic, you must enable the Calculate statistics schedule in the Designer (Getting Started | Edit schedules or Base Data | General | Schedules). Once enabled, data for this graphic is updated based on the defined schedule.

Policy violations (current)

Graphic shows the number of current policy violations. The graphic uses the following thresholds:

  • Green: Zero violations
  • Red: One or more violations

The total number of violations is displayed below the graphic.

NOTE: This statistic does not include Cloud managed hosts.

NOTE: This is a One Identity Manager statistic. In order to calculate and update this statistic, you must enable the Calculate statistics schedule in the Designer (Getting Started | Edit schedules or Base Data | General | Schedules). Once enabled, data for this graphic is updated based on the defined schedule.

Compliance Rule Violations (current)

Graphic shows the number of current compliance rule violations. The graphic uses the following thresholds:

  • Green: Zero violations
  • Red: One or more violations

The total number of violations is displayed below the graphic.

NOTE: This statistic does not include Cloud managed hosts.

NOTE: This is a One Identity Manager statistic. In order to calculate and update this statistic, you must enable the Calculate statistics schedule in the Designer (Getting Started | Edit schedules or Base Data | General | Schedules). Once enabled, data for this graphic is updated based on the defined schedule.

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents