Query items for Separation of Duty Configuration namespace

The following table lists the query items in the Separation of Duty Configuration namespace.

Table 1. Query items in the Separation of Duty Configuration namespace
Query subject Query items and their description
Separation of Duty Policy
Separation of Duty Policy Name
The name of the separation of duty policy.
Separation of Duty Policy Description
The description of the separation of duty policy.
Separation of Duty Policy Enabled
Indicates whether the policy is enabled or not. True represents Enabled, and False represents Disabled.
Separation of Duty Policy Business Unit Name
The name of a business unit to which the separation of duty policy applies.
Separation of Duty Policy Owner Name
the name of the policy owner. The owner can be:
  • The single or multiple roles.
  • The single or multiple users.
Separation of Duty Policy Owner Type
The type of an owner for the separation of duty policy. The valid values are Role and Person.
Separation of Duty Policy Owner Business Unit Name
The name of a business unit to which the policy owner belongs.
Separation of Duty Policy Id
A unique numeric identifier for the separation of duty policy.
Separation of Duty Policy Owner Dn
An LDAP distinguished name for an owner of the policy.
Separation of Duty Rule
Separation of Duty Policy Rule Name
The name of a rule that is associated with the separation of duty policy.
Separation of Duty Policy Rule Max Roles Allowed
The maximum number of the roles that can be a part of the separation of duty rule.
Separation of Duty Rule Id
A unique numeric identifier for the separation of duty rule that is associated with the separation of duty policy.
Separation of Duty Policy Role
Separation of Duty Policy Role Name
The name of the role that is a part of the separation of duty rule.
Separation of Duty Policy Role Description
Describes the separation of duty policy role.
Separation of Duty Policy Business Unit Name
The name of a business unit to which the separation of duty policy role applies.
Separation of Duty Policy Role Dn
An LDAP distinguished name for the role that is a part of the separation of duty policy.
Separation of Duty Policy Role Id
a unique numeric identifier for the role that is a part of separation of duty policy.
Separation of Duty Policy Rule Id
A unique numeric identifier for the separation of duty rule that is associated with the separation of duty policy.