Background operations view
Selecting Background operations in the Data Governance navigation view allows you to view the progress of various background operations, including:
- Log export operations
- Account access operations submitted from the Manage access view.
The following table describes the information displayed for current background operations.
Table 22: Background operations view: Default columns
| Description |
A description of the background operation being processed by Data Governance Edition. |
| Status |
The status of the background operation. |
| Resource |
The resource involved in the operation. |
| Operation |
The background operation being processed. |
| Start Time |
The date and time (UTC) the operation began. |
| End Time |
The date and time (UTC) the operation completed. |
In addition to the default columns, you can add the following columns to the view using the Column Chooser command.
NOTE: Right-click the column header and select Column Chooser to add hidden columns to the display. In the Customization dialog, double-click the required column or drag and drop it onto the column header bar.
To hide a column, right-click the column header and select Remove This Column. The column is now listed in the Customization dialog and can be re-added to the view as explained above.
Table 23: Background operations view: Hidden columns
| Enqueued Time |
The date and time (UTC) the operation was added to the background queue. |
| Error |
Any errors encountered during the background operation. |
Resource browser
The Resource browser provides a live view of the data on the selected managed host. Using the Resource browser, you can browse through the supported files system to view and manage security information for folders and shares on the target managed host.
The Resource browser displays the following information:
- For a Windows computer, the shares and file system display.
- For a SharePoint farm, each farm is represented as a hierarchy, with the farm as the top level, followed by web applications, site collections, sites and then the contents of the site. The contents of a list are shown as “list item”, regardless of the type of item in SharePoint. The Resource browser displays a list of the web applications on the selected farm.
- For a Distributed File System Root, links are displayed at the top level. Browsing into a link shows its target paths and browsing into a target path takes you to the appropriate backing folder. While browsing a backing folder, the Distributed File System path is shown in the Location field at the top of the page.
-
For Cloud managed hosts, each site is represented by a folder hierarchy, with the Home top level site displayed as Site contents folder, followed by all other subsites. Each site contains a Site contents folder encompassing other nested folders. The contents of a site and document library are shown as "folder" type, whereas, files are shown as "file" type items. No other resource types are managed for Cloud managed hosts.
NOTE: The Resource browser and resource access reports do not display the limited access users or "previewer" accounts.
You can display the Resource browser from the following views:
- Managed hosts view
- Accounts view
- Governed data view
Double-click through the resources to locate a resource. Depending on the resource type, you can perform the following tasks against the selected resource.
Table 24: Resource browser: Resource tasks
| Calculate perceived owners |
Calculates and provides a list of the perceived owners for the selected resource using the resource activity history or security information. |
Calculating perceived owner |
| Copy resource path |
Copies the full path of the selected resource to the clipboard. |
|
| Copy Share Path |
Copies the path of the selected Share to the clipboard. |
|
| Edit host settings |
Launches the Managed Host Settings dialog allowing you to view or edit the configuration settings for the selected managed host. |
Editing managed host settings |
|
Place resource under governance |
Places the selected resource under governance, making it available for use in policies and attestations.
NOTE: Only applies to folders and shares. That is, you cannot place a file under governance. |
Placing a resource under governance |
| Publish to IT Shop |
Publishes the selected resources to the IT Shop, making it available for employees and business owners to request and grant access to it. If applicable, also places the resources under governance.
NOTE: Only applies to folders and shares. That is, you cannot publish a file to the IT Shop.
NOTE: Not available for resources on NFS managed hosts.
NOTE: Not available for resources on Cloud managed hosts. |
Publishing resources to the IT Shop |
| Refresh |
Retrieves and displays the latest details in the Resource browser. |
|
| Remove resources from governance |
Removes the selected resources from governance. |
Removing resources from governance |
| Resource access report |
Generates a report that identifies the accounts that have access to specific resources within your environment. |
Resource access report
Viewing selected reports within the Manager |
| Resource activity report |
Generates a report that provides a list of activities recorded over a period of time to verify proper resource usage and decide whether to remove access for particular accounts.
NOTE: Not available for resources on Cloud managed hosts. |
Resource activity report
Viewing selected reports within the Manager |
| Toggle layout options |
Shows or hides the Layout controls at the top of the view, allowing you to change the layout displayed. |
Toggle layout options |
| Unpublish from IT Shop |
Removes a previously published resource from the IT Shop.
NOTE: Not available for resources on NFS managed hosts.
NOTE: Not available for resources on Cloud managed hosts. |
Publishing resources to the IT Shop |
| View deviations |
Displays a tree view of all resources and all sub-resources below the root that have explicit security applied to them and any deviation warnings or errors encountered for the selected resource. As you select resources in the tree, you can view and manage their security.
NOTE: Not available for resources on NFS managed hosts.
NOTE: Not available for resources on Cloud managed hosts. |
Managing security deviations |
| View governed data details |
Displays a graphical representation of the details available for governed resources. |
|
When an account in the resource's permissions pane (lower pane) is selected, you can perform the following tasks against the selected account.
Note: These account tasks are not available for resources on NFS managed hosts.
In addition, you can access the following views from the Resource browser.
Table 26: Resource browser: Views
| Governed data |
Displays the Governed data view to view all the resources within the selected host that have been placed under governance. |
Governed data view
Managing resources under governance |
| Accounts view |
Displays the security index information returned by Data Governance agents for the selected managed host.
NOTE: Not available for NFS managed hosts. |
Accounts view |
Related Topics
Add permissions dialog
Permission levels dialog
Add permissions dialog
The Add Permissions dialog allows you to add rights to a given account. This dialog appears when you select the Add rights task from the Resource browser or Deviations view.
This dialog contains the following controls.
Table 27: Add permissions dialog: Controls
| Select Accounts |
Select Accounts list |
Displays the list of selected user and group accounts. Use the Add and Delete buttons to populate this list. |
|
Add |
Click Add to locate and select the users or groups to be included in the Selected Accounts list. Clicking Add displays the Select User or Group dialog allowing you to search for and select one or more user or group accounts. |
|
Delete |
Click Delete to remove the selected account from the Selected Accounts list. |
| Permissions |
Apply onto |
Use this field to specify the scope of coverage. Valid options are:
- This folder only
- This folder, subfolders and files (default)
- This folder and subfolders
- This folder and files
- Subfolders and files only
- Subfolders only
- Files only
|
| Permission |
Select the corresponding check box to apply or deny a particular permission. |
|
Apply these permissions to objects and/or containers within this container only |
Select this option to apply the selected permissions to objects and containers within the selected container only. |
Use the buttons across the bottom of the dialog to navigate through the dialog and to save your selections.
Table 28: Add Permissions dialog: Buttons
|
Next |
After selecting one or more accounts on the Select Accounts page, click the Next button to display the Permissions page to select the permissions to be applied to the selected accounts. |
|
Back |
If you need to return to the Select Accounts page, click the Back button on the Permissions page. |
|
Finish |
Once you have chosen the permissions to be applied to the selected accounts, click the Finish button to save your selections and close the dialog. |
|
Cancel |
Click the Cancel button to close the dialog without saving your selections. |
Select User or Group dialog
The Select User or Group dialog allows you to construct queries to search for users and groups from domains and servers. This dialog is used throughout the Data Governance Edition solution allowing you to locate and select accounts related to the selected task.
This dialog contains the following controls.
Table 29: Select User or Group dialog: Controls
| From this location |
This field is pre-populated with the local domain to be searched.
Click the drop-down button to the right of this field to change the domain or server to be searched. Clicking this button displays a list of domains and servers. |
|
Show Active Directory containers |
Select this check box to include Active Directory containers in the location drop-down menu. |
| Name |
Use these controls to define queries to search for user and group accounts. The search is conducted against the account's samAccountName, displayName, and cn attributes.
In the first field, select the expression to be used to match an account's name:
- Starts With (default)
- Ends With
-
Is Exactly
- Contains
In the second field, enter the string (partial or full account name) to be used in the query.
NOTE: Leaving the second field blank will return all accounts found in the selected domain or container. For searches returning a large number of accounts, the first 2000 accounts found during the SQL query are returned. |
|
Find Now |
After entering your query, select the Find Now button to initiate the search. |
| Search results |
The bottom pane displays the search results. From this pane, select one or more accounts to be included in the selected accounts list.
NOTE: You can select multiple accounts using the CTRL or SHIFT keys. |
|
OK |
Click the OK button to save your selections and close the dialog. |
|
Cancel |
Click the Cancel button to close the dialog without saving your selections. |
