Chat now with support
Chat with Support

Identity Manager Data Governance Edition 9.1 - Technical Insight Guide

One Identity Manager Data Governance Edition Technical Insight Guide Data Governance Edition network communications Data Governance service Data Governance agents Resource activity collection in Data Governance Edition Cloud managed hosts permission level to role mapping QAM module tables Configurable configuration file settings
Data Governance service configuration file settings Data Governance agent configuration file settings
Configurable registry settings PowerShell commands
Adding the PowerShell snap-ins Finding component IDs Data Governance Edition deployment Service account management Managed domain deployment Agent deployment Managed host deployment Account access management Resource access management Governed data management Classification management

Set-QAgentStateUpdated

Notifies the Data Governance server that an agent has been updated and the server should process it

Note: Only use this cmdlet if you have enabled encryption for the One Identity Manager database.

Syntax:

Set-QAgentStateUpdated [-AgentId] <String> [<CommonParameters>]

Table 158: Parameters
Parameter Description
AgentId

Specify the ID (GUID format) of the agent that was updated.

Run the Get-QManagedHosts cmdlet and locate the agents array in the managed host to retrieve its ID.

Examples:
Table 159: Examples
Example Description
Set-QAgentStateUpdated -AgentId 37b27a56-3463-45a8-83ec-ff88d48c49a7 Tells the Data Governance server to update the agent state for the specified agent.

Upgrade-QAgents

Upgrades the agents in your Data Governance Edition deployment.

Syntax:

Upgrade-QAgents [-ManagedHostIds] <String[]> [-AgentIds] <String[]> [-UpgradeAllAgents] <SwitchParameter. [[-BatchSize] [<Int32>]] [[-OnErrorContinue[ [<SwitchParameter>]] [<CommonParameters>]

Table 160: Parameters
Parameter Description
ManagedHostIds

Specify the ID (GUID format) of the managed hosts to have their agents upgraded.

This parameter supports a single value, a list of comma-separated values, or an array.

NOTE: Do not specify this parameter with the -AgentIds or -UpgradeAllAgents parameter.

Run the Get-QManagedHosts cmdlet without any parameters to retrieve a list of available managed hosts and their IDs.

AgentIds

Specify the ID (GUID format) of the agents to be upgraded.

This parameter supports a single value, a list of comma-separated values, or an array.

Run the Get-QManagedHosts cmdlet and locate the agents array in the managed host to retrieve its ID.

NOTE: Do not specify this parameter with the -ManagedHostIds or -UpgradeAllAgents parameter.

NOTE: Upgrading an agent on an agent host will cause all agents on the same server to be upgraded.

UpdateAllAgents

Specify this parameter to upgrade all of the agents that are in an upgradable state.

NOTE: Do not specify this parameter with the -ManagedHostIds or -AgentIds parameter.

BatchSize

(Optional) Specify the batch size of the agents/managed hosts that are able to be updated simultaneously. Each host/agent in the batch must complete their upgrade (or fail) before the next batch of hosts/agents are processed. If this parameter is not specified, the default batch size of five is used.

NOTE: If a host/agent in the current batch fails, the upgrade process will be aborted for all queued machines unless the -OnErrorContinue flag is set.

OnErrorContinue (Optional) Specify this parameter to allow subsequent batches of hosts/agents to be processed for upgrade even if the upgrade of a host/agent in the previous batch failed.
Examples:
Table 161: Examples
Example Description
Upgrade-QAgents -UpgradeAllAgents -OnErrorContinue Upgrades all agents, in batches of five (default); processing upgrades even if an agent in the previous batch has failed.
Upgrade-QAgents -ManagedHostIds ("0f04f33e-6717-4cfc-8528-9e396137fd6e","0f04f33e-6717-4cfc-8528-9e396137fd6e") -BatchSize 7 -OnErrorContinue Updates all agents associated with the two specified managed hosts in batches of seven; processing upgrades even if an agent in the previous batch has failed.

Managed host deployment

A managed host is any network object that can host resources and can be assigned an agent to monitor security and resource activity. Currently supported hosts include Windows computers, Windows clusters, NetApp storage devices, EMC storage devices, DFS, and SharePoint farms.

You can also add generic managed hosts (Server Message Block (SMB) shares running on any Active Directory joined computer) to remotely scan their resources.

The following commands are available to you to deploy managed hosts. For full parameter details and examples, click a command hyperlink in the table or see the command help, using the Get-Help command.

Table 162: Managed host deployment commands

Use this command

If you want to

 

Add-QDfsManagedHost

Register a domain-based distributed file system root. This enables you to view and manage the access on resources that are physically distributed throughout your network.

For more information, see Add-QDfsManagedHost.

 

Add-QManagedHostByAccountName

Add a managed host to your deployment and configure its settings.

For more information, see Add-QManagedHostByAccountName.

NOTE: This cmdlet does not support adding Cloud managed hosts.

 

Clear-QResourceActivity

Clear the resource activity for a given managed host. This enables you to remove activity data from the database on demand when it is no longer required.

For scheduled activity cleanup, use the activity compression/deletion settings in the Data Governance server configuration file instead.

NOTE: Once you clear the activity, it cannot be recovered.

For more information, see Clear-QResourceActivity.

 

Get-QHostsforTrustee

View a selected user or group’s access on all managed hosts in your environment.

For more information, see Get-QHostsForTrustee.

 

Get-QManagedHosts

View a list of all the managed hosts in your deployment.

NOTE: If you are interested in only one managed host, you can specify the host's name or the ID (GUID format) of the managed host. You can also specify all the managed hosts in a particular container.

For more information, see Get-QManagedHosts.

 

Remove-QManagedHost

Remove a managed host from your deployment.

For more information, see Remove-QManagedHost.

 

Set-QManagedHostProperties

Change the properties of a managed host.

NOTE: You must know the managed host ID

For more information, see Set-QManagedHostProperties.

 

Set-QManagedHostUpdated

Inform the Data Governance server that the managed host state should be updated.

For more information, see Set-QManagedHostUpdated.

 

Trigger-QDfsSync

By default the Data Governance server synchronizes the DFS structure into the One Identity Manager database every 24 hours. Use this cmdlet to force a DFS synchronization of a DFS managed host, making the DFS path immediately available within the Resource browser.

NOTE: You must specify the ID (GUID format) of the managed host to be synchronized. To synchronize all of the DFS managed hosts in your deployment, set the ManagedHostID to All.

For more information, see Trigger-QDfsSync.

 

Add-QDfsManagedHost

Registers a domain-based distributed file system (DFS) root with Data Governance Edition. This enables you to view and manage the access on resources that are physically distributed throughout the network. Once added, the Data Governance server periodically synchronizes the DFS structure into the One Identity Manager database making the DFS path available within the Resource browser.

Note: The domain specified must be managed.

Syntax:

Add-QDfsManagedHost [-ManagedDomain] <String> [-DfsRoot] <String> [<CommonParameters>]

Table 163: Parameters
Parameter Description
ManagedDomain

Specify the NetBIOS or DNS name of a managed domain.

Run the Get-QManagedDomains cmdlet to retrieve a list of all managed domains in your Data Governance Edition deployment.

DfsRoot

Specify the name of the distributed file system root in the managed domain.

Examples:
Table 164: Examples
Example Description
Add-QDfsManagedHost --ManagedDomain 'anchor.acme.com' -DfsRoot 'software' Registers the domain-based distributed file system root "\\anchor.acme.com\software", where "anchor.acme.com" is the domain and "software" is the DFS root.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating