立即与支持人员聊天
与支持团队交流

Identity Manager Data Governance Edition 8.1.5 - IT Shop Resource Access Requests User Guide

One Identity Manager Data Governance Edition IT Shop Resource Access Requests User Guide Resource access requests Share creation requests PowerShell commands

Get-QManagedResourceDuG

Retrieves details about a managed resource/DuG mapping from the Data Governance Edition deployment.

Syntax:

Get-QManagedResourceDuG [-ManagedResourceId [<String>]] [-QAMDuGId [String]] [<CommonParameters>]

Table 18: Parameters
Parameter Description
ManagedResourceId

(Optional) Specify the ID (GUID format) of the managed resource to be retrieved.

If no parameters are specified, all managed resource/DuG mapping objects are returned.

NOTE: If this parameter is included, the QAMDuGId parameter must also be specified; otherwise, all objects are returned.

QAMDuGId

(Optional) Specify the ID (GUID format) of the QAM DuG object to be retrieved.

If no parameters are specified, all managed resource/DuG mapping objects are returned.

NOTE: If this parameter is included, the ManagedResourceId must also be specified; otherwise, all objects are returned.

Examples:
Table 19: Examples
Example Description
Get-QManagedResourceDuG Returns a list of all managed resource/DuG mapping objects in the database.
Get-QManagedResourceDuG -ManagedResourceId c0bc3da4-f660-4e18-8b14-a945c7a6be69 -QAMDuGId db9d52d9-8ef1-44b4-8941-47bd5223388c Returns the mapping information for the specified managed resource and QAM DuG object.
Details retrieved:
Table 20: Details retrieved
Detail Description (Associated key in QAMManagedResourceDuG table)
ManagedResourceID The value (GUID) assigned to the managed resource (UID_QAMManagedResource).
QAMDuGID The value (GUID) assigned to the governed data (UID_QAMDuG).

Managed resource type management

A managed resource type contains various default settings for a type, which is a logical distinction that can be used to refine the concept of a "file share" into different business specific groupings.

The following commands are available to manage your resource types, which are used in file system share requests in the IT Shop. For full parameter details and examples, click a command in the table or see the command help, using the Get-Help command.

Table 21: Managed resource type management commands

Use this command

If you want to

Add-QManagedResourceType Add a managed resource type to the Data Governance deployment.
Get-QManagedResourceType

Retrieve a managed resource type from the Data Governance Edition deployment.

You can retrieve a specific managed resource type or a list of all managed resource types in the database.

Remove-QManagedResourceType Remove a managed resource type from the Data Governance Edition deployment.
Set-QManagedResourceType Update an existing managed resource type in the Data Governance Edition deployment.

Add-QManagedResourceType

Adds a managed resource type to the Data Governance Edition deployment.

A managed resource type contains settings that provide a logical distinction that can be used to refine the concept of "file share" into different business specific groupings. The default managed resource type available is "Simple Share".

NOTE: The current managed resource type, Simple Share, uses the default configuration and process chain to create file system shares. Therefore, if you add a new managed resource type, you will be required to implement your own IT Shop product and process chain to support that managed resource type.

Syntax:

Add-QManagedResourceType -Name <String> [-Description [<String>]] [-FullControlAddToGroupID [<String>]] [-RecipientAddToGroupID [<String>]] [-PublishToITShop <Boolean>]] [-SetRestrictionList [<Boolean>]] [-ServerSelectionScriptID [<String>]] [-ContainerAERole [<String>]] [-BusinessOwnerType [<Int32>]] [<CommonParameters>]

Table 22: Parameters
Parameter Description
Name Specify the name of the managed resource type.
Description (Optional) Specify a description for the managed resource type.
FullControlAddToGroupID

Specify the ID (GUID format) of the managed group template being used to build the domain-specific full control group for this managed resource type.

If this parameter is not specified, the full control group specified by the Managed resource type domain object (UID_FullControlGroup) for this resource type will not be added when the resource (file share) is created.

RecipientAddToGroupID

Specify the ID (GUID format) of the managed group template being used to build the group where the recipient is to be added.

If this parameter is not specified, the recipient will not be added to the group when it is created and will be denied access to the newly created file share. The recipient can use the IT Shop to request access to the new file share, which will also set this value.

PublishToITShop

(Optional) Specify whether a managed resource associated with this resource type should be published to the IT Shop after it is created.

  • $true (Default)
  • $false

If this parameter is not specified, the default value of true is used and any managed resource associated with this resource type will be published to the IT Shop after it is created.

SetRestrictionList

(Optional). Indicates if the managed resource associated with this resource type should have automatically have a restriction list set when the resource is created.

  • $true: Run the SetRestrictionList subroutine to set a restriction list for this resource type. By default, the SetRestrictionList subroutine creates a restriction list based on the department, location and cost center properties defined in the requester's Person record.
  • $false: (Default) No restriction list applies to this resource type.
ServerSelectionScriptID

(Optional) Specify the default server selection script to be run to determine an eligible server to create the share on.

If this parameter is not specified, no server selection script is run. During the approval process, the Data Governance Administrator must manually select the managed host server to be used to host the managed resource.

Run the Get-QServerSelectionScript cmdlet to retrieve a list of available server selection scripts, including their IDs.

ContainerAERole

(Optional) Specify the parent role under which new roles are to be created. That is, if the business owner type is set to role-based ownership (value of 0), then any roles created will have this container AERole set as the parent role.

  • If this parameter is not provided, no parent role is created. When no parent container is specified, all roles created are placed under the "Data Governance" role.
  • The default configuration has a parent role called "Managed Resources" set as the default.
  • BusinessOwnerType

    (Optional) Specify the type of business ownership to be assigned to newly created managed resources of this type. Valid values are:

    • 0: (Default) Role-based ownership. A new role will be created to own the resource.
    • 1: Employee-based ownership. This is equivalent to the behavior in version 7.0.1.

    NOTE: If you used the managed resource functionality to create simple shares in Data Governance Edition version 7.0.1, the default is set to Person.

    The Role default setting is only used for new Data Governance Edition version 7.0.2 (or higher) installations and for upgraded installations if the managed resource functionality was never used.

    Examples:
    Table 23: Examples
    Example Description
    Add QManagedResourceType -Name "Test Share"-FullControlAddToGroupID c61303ea-6d70-4d75-beb6-ef06d79d92aa -RecipientAddToGroupID 6d5e4f5b-a3bb-4882-b82d-1139313517f8 -PublishToITShop $false Adds a new managed resource type, named "Test Share", indicating that managed resources associated with this resource type should not be published to the IT shop after the resource is created.

    Get-QManagedResourceType

    Retrieves details about a managed resource type from the Data Governance Edition deployment.

    Syntax:

    Get-QManagedResourceType [-Id [<String>]] [<CommonParameters>]

    Table 24: Parameters
    Parameter Description
    Id

    (Optional) Specify the ID (GUID format) of the managed resource type to be retrieved.

    If this parameter is not specified, all managed resource types in the database are returned.

    Examples:
    Table 25: Examples
    Example Description
    Get-QManagedResourceType Returns a list of all managed resource types available in the database.
    Get-QManagedResourceType -Id a816fe83-6d49-4f43-9c0a-b37589e1058d Returns information on the specified managed resource type.
    Details retrieved:
    Table 26: Details retrieved
    Detail Description (Associated key or parameter in QAMManagedResourceType table)
    Name The name assigned to the managed resource type (Name).
    Description The description for the managed resource type (Description)
    PublishedToITShop Indicates whether a resource is to be published to the IT Shop when it is created. (PublishToITShop)
    RecipientAddToGroupID The value (GUID) assigned to template-generated group where recipients are added when creating new resources (UID_RecipientAddToGroup)
    SetRestrictionList

    Indicates whether the resource is to have a restriction list when it is created. (SetRestrictionList).

    FullControlAddToGroup The value (GUID) assigned to the template-generated group where the Active Directory full control group is added when creating new resources (UID_FullCtrlAddToGroup).
    ServerSelectionScriptID The value (GUID) assigned to the default sever selection script being used for this type of resource (UID_DefaultSelectionScript).
    ContainerAERole

    The name of the parent role where newly created roles are created when the business owner type is set to role-based ownership (UID_ContainerAERole).

    BusinessOwnerType

    Indicates the type of business ownership associated with the managed resource type (BusinessOwnerType):

    • 0: Role-based ownership
    • 1: Employee-based ownership
    Id The value (GUID) assigned to the managed resource type (UID_QAMManagedResourceType).
    相关文档

    The document was helpful.

    选择评级

    I easily found the information I needed.

    选择评级