Skip to main content

ServiceNow

Requirements

Information that helps you design and plan an SGC for 1E implementation in your organization. This includes the prerequisites and dependencies that you need to install for SGC for 1E.

This page is part of the design phase of implementation.

Review Design considerations first if you need to design and plan the implementation of SGC for 1E in your organization.

1E requirements

Category

Requirement

More details

1E system

  • For Basic Authentication

    A complete infrastructure of Tachyon 8.1 (on-premises) is required, either in a local network or hosted over the internet. This includes the 1E Client, deployed to all devices that you need to manage.

    The Basic Authentication feature must be installed on the 1E Server (Master Stack), and enabled in the following 1E web applications: Consumer and Experience

  • For Modern Authentication

    A complete infrastructure of 1E 23.7 or later versions is required, either in a local network or hosted over the internet. This includes the 1E Client, deployed to all devices that you need to manage.

    The Modern Authentication is to be setup either using Microsoft Entra ID or Okta for external IdP.

Planning for 1E 8.1

1E license

  • Your 1E license should contain the ServiceNow-Integration entitlement

  • The 1E license should contain the following consumer in the ServiceNow Integration feature tag:

<Feature name="ServiceNow-Integration">
        <Consumer name="1EServiceNowCore" enable="on">
        </Consumer>
        </Feature>

Post-installation tasks

1E consumer

  • A 1E consumer with the name 1EServiceNowCore must be registered in the 1E Settings application, Configuration, Consumers page.

  • The Workflow column of the dbo.Consumer table in the 1E Master database for this consumer must have the following value:

[{"ReferenceType":0,"InstructionWorkflow":[{"InstructionType":1,"Workflow":{"StateMachine":"State"}}]}]

Note

The workflow value is not set automatically. Refer to the links to the right to set the value.

1E Core 4.0.8 - Preparation: Add the ServiceNow consumer to 1E

1E Core 4.0.8 - Preparation: Editing the ServiceNow consumer workflow

1E proxy user

  • A 1E user with Full Administrator role on any required instruction sets and management groups.

  • The 1E user must be an AD domain account. This account does not belong to a specific person, and can be regarded as a service account, it does not need an email address.

  • 1E roles can be predefined system (Global) roles or custom roles. Global roles have permissions on all instructions sets and all devices. Custom roles can be optionally configured for all instruction sets or limited instruction sets, and all devices or management groups.

  • The following are 1E instructions that the 1E user must have permissions to execute:1E ITSM Connect Actioner

    Instruction

    Purpose

    1E-Explorer-TachyonCore-GetIpAddresses

    To get IP address

    1E-Explorer-TachyonCore-LogicalDiskDetails

    To get file system details

    1E-Explorer-TachyonCore-AllInstalledSoftware

    To get installed software

    1E-Explorer-Examples-GetMemoryFromSysInfo

    To get RAM usage

    1E-Explorer-TachyonCore-NetworkListeningProcessesAndPorts

    To get running processes

    1E-Explorer-Examples-GetConnections

    To get TCP connections

    1E-ITSM-GetDeviceDetails

    To get device details

    1E-ITSM-GetDiskDetails

    To get disk usage data

    1E-ITSM-GetNetworkAdapters

    To get network adapter data

Post-installation tasks

1E administrator

One or more 1E users are assigned the following role(s) for the specific purposes as given below. Users must be AD domain accounts.

Purpose

Roles in 1E 9.0/23.7

Roles in 1E 8.1

Register the 1EServiceNowCore consumer

1E ITSM Connect Actioner

Full Administrator

Upload instruction definitions and create instruction sets

1E ITSM Connect Actioner

Full Administrator

Create 1E users and assign them to roles, create custom roles, and assign them to some instruction sets and management groups

1E ITSM Connect Actioner

Full Administrator

Create Management groups if desired

1E ITSM Connect Actioner

Full Administrator

Permissions Menu for 1E 24.1

SQL Server requirements

Category

Requirement

More details

SQL Server

  • A SQL Server database instance is required to retrieve Software related data and CI specifications for the following databases:

    • SLA-Data

    • SLA-Shared

    • TachyonMaster

    • TachyonResponses.

SQL server requirements for 1E 8.1

SQL user

  • The SQL user must have permissions to create database, create table, SQL Agent jobs, and to run stored procedures on ReportingTachyon database.

  • This user must have read access to SLA-Data, TachyonResponses, TachyonMaster, and SLA-Shared databases.

The SQL user must be an AD domain account. This account does not belong to a specific person, can be regarded as a service account and does not need an email address.

Setup for ReportingTachyon Database

ServiceNow requirements

Category

Requirement

More details

1E Core

  • The latest version of the 1E Core needs to be installed and configured on your ServiceNow Instance.

Introducing 1E Core

ServiceNow

  • A working ServiceNow instance must be set up, this can be a demo instance or a production/vendor instance.

  • The current version of the application is supported on Vancouver, Tokyo, and Utah releases.

  • Install the plugin Service Graph Connector Dependencies, this will install data Stream Action Template, ITOM licensing, and a few other plugins that are needed to use a SGC.

  • Activate the Software Asset Management Professional (com.snc.samp) plugin to insert the software related data into cmdb_sam_sw_install table, else the data is placed into cmdb_ci_spkg_list.do table by default.

  • In ServiceNow discovery source list, add an entry for SG-1ETachyon.

Installing

Post-installation tasks

MID Server (Basic Authentication)

  • You require a MID Server when your 1E platform instance is installed on-premises (that is, does not have a direct connection to your ServiceNow instance in the Cloud).

  • The MID Server must be installed on the same network domain as the 1E Platform server. It must be able to connect to the 1E platform server (specifically the Master server hosting the Coordinator service).

MID Servers are specific to the release version of ServiceNow and must be downloaded from the ServiceNow instance itself. For more information about MID Server set up, please refer to the ServiceNow MID Server installation documentation here.

ServiceNow users

  • ServiceNow's users are needed as defined in the 1E Core documentation.

  • To administer the SGC for 1E application, you require a user with the x_1e_cmdb_connect.admin role.

  • To use 1 Information Services module, you need a user with the x_1e_cmdb_connect.config_manager role.

  • To view CI information fetched from 1E and the related lists, you require a user with the x_1e_cmdb_connect.user role.

User Management

Post-installation tasks

ServiceNow admin

  • This role allows its users to install and configure SGC for 1E.

Installing

ServiceNow Certificates (Modern Authentication)

  • The input certificate for Modern Authentication is a standard .pfx file containing a private key, hence it requires conversion from .pfx to .PEM and .JKS.

  • App ID (kid claim) is required and is provided by your 1E instance.

  • Client certificates (in .PEM and .JKS format) and App ID (Kid) are required, in case the application's authentication mechanism is set to Modern Auth. Also create a JWT key and associate it with the JKS certificate. Similarly, create JWT provider and associate it with the JWT key.

Preparation for Modern Authentication