• State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 95 subscribers
  • Views 4560 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Data Governance Attestation - No Default Process to Remove User or Group

Enayathulla Sadhakathulla
over 7 years ago

Hi All,

Is there any default Process in Q1IM to handle the Attestation of Data Governance. I want to remove the User or Group from the Governed Data ( Shared Folder ) when the Attestation is denied. I am trying below default Attestation case.

Data Governance: Groups with direct access attestation
Data Governance: Accounts with direct access attestation

There is no Job triggered after it is Denied.

All the options are set under : "QER\Attestation\AutoRemovalScope" & "QER\CalculateRiskIndex"

The process: "VI_Attestation_AttestationCase_AutoRemoveMemberships" do not have any generating condition for Data Governance.

Do we need to create the custom process for it ? if yes , How can i call the DEG Agent to Remove the user or group from shared folder?  

 

Kindly help me on this.

 

Parents
  • 0 over 7 years ago
    For those accounts with direct (non group) access to shared folders sounds like (can't double check right now) you'll need to trap the deny event on the attestation case and launch a custom process chain to call powershell to remove the access. Check what dge cmdlets are available.
Reply
  • 0 over 7 years ago
    For those accounts with direct (non group) access to shared folders sounds like (can't double check right now) you'll need to trap the deny event on the attestation case and launch a custom process chain to call powershell to remove the access. Check what dge cmdlets are available.
Children
No Data