Chat now with support
Chat with Support

We are currently experiencing issues on our phone support and are working diligently to restore services. For support, please sign in and create a case or email for assistance

Identity Manager Data Governance Edition 8.1.4 - Technical Insight Guide

One Identity Manager Data Governance Edition Technical Insight Guide Data Governance Edition network communications Data Governance service Data Governance agents Resource activity collection in Data Governance Edition Cloud managed hosts permission level to role mapping QAM module tables Configurable configuration file settings
Data Governance service configuration file settings Data Governance agent configuration file settings
Configurable registry settings PowerShell commands
Adding the PowerShell snap-ins Finding component IDs Data Governance Edition deployment Service account management Managed domain deployment Agent deployment Managed host deployment Account access management Resource access management Governed data management Classification management

Finding component IDs

Many of the Windows PowerShell commands you can use to manipulate your deployment require that you know the component’s ID.

To determine the managed host, container parent, container, resource node, or agent ID

To determine the service account or managed domain ID

To determine the deployment name

Data Governance Edition deployment

The following commands in the OneIdentity.DataGovernance snap-in can be used to deploy and configure the Data Governance Edition. For full parameter details and examples, click a command hyperlink in the table or see the command help, using the Get-Help command.

Table 100: Data Governance Edition deployment commands

Use this command

If you want to


View deployment information for your Data Governance server including the deployment name.

For more information, see Get-QDeploymentInfo.


Retrieve the current encryption options used by One Identity Manager and show whether Data Governance Edition has been configured to use encryption.

For more information, see Get-QEncryptionOptions.


Export all server logs to the designated folder.

For more information, see Get-QServerAllLogs.


View the version of the currently running Data Governance server.

For more information, see Get-QServerVersion.


Initialize a database to store data generated when a managed host has resource activity tracking enabled.

NOTE: This information is required for several reports, including the Resource Activity report.

This is separate from the One Identity Manager database that stores configuration and security information.

For more information, see Initialize-QDataGovernanceActivity.


Establish the database connection between One Identity Manager and Data Governance Edition. The Data Governance server must be initialized before you can use Data Governance Edition to manage your resources.

For more information, see Initialize-QDataGovernanceServer.


Register service connection points in an Active Directory domain.

NOTE: This can be helpful when the service account registered for a domain does not have sufficient permissions to create a service connection point (SCP).

For more information, see Register-QServiceConnectionPoint.


Remove the DataGovernance.Server Service Connection Point (SCP) from an Active Directory domain.

NOTE: This cmdlet can be helpful when you want to remove all Data Governance Edition SCPs from a single Data Governance Edition deployment or all deployments. To recreate an SCP which you inadvertently removed, restart your Data Governance service.

For more information, see Remove-QServiceConnectionPoint.


Change the deployment parameters for the Data Governance server including the deployment name.

NOTE: Changing this value can prevent the Data Governance service from communicating with existing agents. It is not recommended to change the deployment name of an existing server.

For more information, see Set-QDeploymentInfo.


Encrypt the Data Governance service account.

NOTE: Only use this command if you have enabled encryption for the One Identity Manager database.

For more information, see Set-QEncryptionOptions.


Set the server name and port information used by the Data Governance Edition commands to connect to the Data Governance server.

NOTE: You must run this command before you can use any of the Data Governance Edition commands.

For more information, see Set-QServiceConnection.


Retrieves deployment parameters, including the deployment name, for a Data Governance server.


Get-QDeploymentInfo [<CommonParameters>]

Table 101: Examples
Example Description
Get-QDeploymentInfo Returns the current deployment parameters for the Data Governance server.
Details retrieved:
Table 102: Details retrieved
Detail Description
DeploymentId Name assigned to the deployment when the Data Governance server was installed. The default deployment name is "DEFAULT".
RestServicePort Port used by the Data Governance server for HTTP protocol and REST services. Used for communication with PowerShell and One Identity Manager clients and web server.
DatabaseMigrationVersion The module and migration version assigned to the QAM module.


Retrieves the current encryption options that One Identity Manager uses and indicates whether Data Governance Edition has been configured to use encryption.


Get-QEncryptionOptions [<CommonParameters>]

Table 103: Examples
Example Description
Get-QEncryptionOptions Retrieves the current encryption information.
Details retrieved
Table 104: Details retrieved
Detail Description
IsDGEConfigured Indicates whether Data Governance Edition is configured to use encryption.
Scheme The algorithm currently being used for One Identity Manager encryption.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating