The following table lists the query items in the Separation
of Duty Configuration
namespace.
Table 1. Query items in the Separation of
Duty Configuration
namespace
Query subject |
Query items and their description |
Separation of Duty Policy |
- Separation of Duty Policy Name
- The name of the separation of duty policy.
- Separation of Duty Policy Description
- The description of the separation of duty policy.
- Separation of Duty Policy Enabled
- Indicates whether the policy is enabled or not. True represents
Enabled ,
and False represents Disabled .
- Separation of Duty Policy Business Unit Name
- The name of a business unit to which the separation of duty policy
applies.
- Separation of Duty Policy Owner Name
- the name of the policy owner. The owner can be:
- The single or multiple roles.
- The single or multiple users.
- Separation of Duty Policy Owner Type
- The type of an owner for the separation of duty policy. The valid
values are
Role and Person .
- Separation of Duty Policy Owner Business Unit Name
- The name of a business unit to which the policy owner belongs.
- Separation of Duty Policy Id
- A unique numeric identifier for the separation of duty policy.
- Separation of Duty Policy Owner Dn
- An LDAP distinguished name for an owner of the policy.
|
Separation of Duty Rule |
- Separation of Duty Policy Rule Name
- The name of a rule that is associated with the separation of duty
policy.
- Separation of Duty Policy Rule Max Roles Allowed
- The maximum number of the roles that can be a part of the separation
of duty rule.
- Separation of Duty Rule Id
- A unique numeric identifier for the separation of duty rule that
is associated with the separation of duty policy.
|
Separation of Duty Policy Role |
- Separation of Duty Policy Role Name
- The name of the role that is a part of the separation of duty
rule.
- Separation of Duty Policy Role Description
- Describes the separation of duty policy role.
- Separation of Duty Policy Business Unit Name
- The name of a business unit to which the separation of duty policy
role applies.
- Separation of Duty Policy Role Dn
- An LDAP distinguished name for the role that is a part of the
separation of duty policy.
- Separation of Duty Policy Role Id
- a unique numeric identifier for the role that is a part of separation
of duty policy.
- Separation of Duty Policy Rule Id
- A unique numeric identifier for the separation of duty rule that
is associated with the separation of duty policy.
|