Chat now with support
Chat with Support

Identity Manager Data Governance Edition 8.1.5 - Technical Insight Guide

One Identity Manager Data Governance Edition Technical Insight Guide Data Governance Edition network communications Data Governance service Data Governance agents Resource activity collection in Data Governance Edition Cloud managed hosts permission level to role mapping QAM module tables Configurable configuration file settings
Data Governance service configuration file settings Data Governance agent configuration file settings
Configurable registry settings PowerShell commands
Adding the PowerShell snap-ins Finding component IDs Data Governance Edition deployment Service account management Managed domain deployment Agent deployment Managed host deployment Account access management Resource access management Governed data management Classification management

keepQueryDocuments

This a diagnostic setting and is useful when debugging or diagnosing issues with agent queries. When this configuration setting is enabled, agents record the responses they send to the Data Governance server for ALL queries.

Table 70: Agent configuration setting: keepQueryDocuments
Configuration file %ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Agent Services\DataGovernance.Agent.exe.config
Section name

<Section name="Agent">

  <Section name="Services">

    <Section name="SecurityDataStore">

Setting <Setting name ="keepQueryDocuments" type="dword">
Value

Valid values:

  • 0: disabled (default)
  • 1: enabled
How to modify

Replace value as required.

Notes The response documents generated by this setting can be very large and will create a significant amount of data on the disk. This setting should not be turned on for more time than is necessary to diagnose any issues encountered.

localGroupResolutionInSeconds

Use this configuration setting to change the number of seconds between scans of local groups.

Table 71: Agent configuration setting: localGroupResolutionInSeconds
Configuration file %ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Agent Services\DataGovernance.Agent.exe.config
Section name

<Section name="Agent">

  <Section name="Services">

    <Section name="localGroup">

Setting <Setting name ="localGroupResolutionInSeconds" type="dword">
Value

Default: 86400 seconds (which is once a day)

How to modify

Replace value as required.

numberOfSharepointScanThreads

Use this configuration setting to define the number of threads used when the agent is scanning the SharePoint object hierarchy in the farm.

Table 72: Agent configuration setting: numberOfSharepointScanThreads
Configuration file %ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Agent Services\DataGovernance.Agent.exe.config
Section name

<Section name="Agent">

  <Section name="Services">

    <Section name="ResourceUsage">

Setting <Setting name ="numberOfSharepointScanThreads" type="dword">
Value

Default: 30 threads

How to modify

Replace value as required.

OverrideFPolicyName

When working with NetApp filer devices, it may be useful to use a shorthand name, especially when working with simulator devices. You can use this configuration setting to override the name of the policy the FPolicy change watcher connects to. You can also use this configuration setting to specify the name of a manually created FPolicy.

Table 73: Configuration setting: OverrideFPolicyName
Configuration file %ProgramFiles%\One Identity\One Identity Manager Data Governance Edition\Agent Services\DataGovernance.Agent.exe.config
Section name

<"Agent">

  <"Services">

    <"ChangeMonitoring">

Setting <Setting name="OverrideFPolicyName">
Value

FPolicy name the agent is to register with.

How to modify
  1. Stop the agent service.
  2. Set the overrideFPolicyName.
  3. Start the agent service.
Notes

This configuration setting only applies to NetApp 7-Mode devices with CIFS file system protocol enabled.

If you have an FPolicy defined for the Data Governance agent outside of the One Identity Manager framework, use this configuration setting to enter the exact FPolicy name. When an FPolicy name is set using this configuration setting, the Data Governance server will not create an FPolicy and the Data Governance agent will update the FPolicy name provided when communicating with the NetApp device. If the FPolicy name is not defined using this configuration setting, the Data Governance server creates an FPolicy with a name that matches the agent instance folder name located on the server where the agent runs. An example of an FPolicy name automatically created by the Data Governance server is "DGE_TEST_myNetApp_myDomain_local".

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating