Connects to a Configuration Manager database and pulls in inventory and usage data.

Before adding a new System Center Configuration Manager (SCCM) connector, you will need the following:


On this page:

System Center Configuration Manager connector configuration


Adding, testing and running a Configuration Manager connector

To demonstrate how to add, test and run a Configuration Manager connector we will use our example ACME environment. The following steps are also shown in the video opposite.

Adding a Configuration Manager connector

  1. Navigate to Settings→Configuration→Connectors.

  2. Click on the Add button.

  3. In the Add connector popup select the System Center Configuration Manager Connector type.
  4. In Connector name, enter a logical name for this connector. In our example we choose the name System Center Configuration Manager Inventory.

  5. In SCCM Database Server, enter the name of the SQL Server instance where the Configuration Manager database is hosted, including custom port if used. In our example this is ACME-SQL01.

  6. In SCCM Database, enter the name of the Configuration Manager database you want to connect to. In our example this is called CM_CM1.
  7. In our example we will be using the SLA Integrate Services Agent service account to access the database. So we do the following:
    1. Skip the SCCM SQL Server User and SCCM SQL Server Password fields.
    2. Ensure Use Windows Authentication is checked.
  8. Check the Run Consolidation Reports checkbox if you want consolidation actions to be processed each time the Sync Data action is executed for the connector.

    This can lead to unnecessary processing if you enable this on more than one connector. The recommended method of processing consolidation actions is to schedule the action Generate Report - Basic Inventory Consolidation  to execute after the Sync Data actions have run for all connectors. This will execute the remaining consolidation actions. Alternatively check the Run Consolidation Reports checkbox on one of your connectors. You can view action processes in Settings→Process log

  9. Click Add.

The new connector has now been added and a new action that can be used to run the connector has been created in the background, called Sync Data - System Center Configuration Manager Inventory.

Testing a Configuration Manager connector

  1. Select the Configuration Manager connector by checking the box at the left-hand end of its entry in the Connectors table.
  2. Click the Test button.
    1. The Test status column for the connector will display a clock icon  indicating that the test has been queued for executing.
    2. If the test succeeds Test status will display a check icon  and the Last tested column will display the date and time the test succeeded.
    3. If the test fails the Test status will display a failed icon  and you'll need to check the details you entered for the connector.
  3. In our example the test succeeds so we can now continue to run the connector to populate an inventory repository.

Running a Configuration Manager connector

  1. Click the Execute button.
  2. In the Execute action popup subsequently displayed, use the Repository menu to select the inventory repository you want to populate. In our example this is a repository called Configuration Manager inventory.
  3. Once the repository has been selected you can then select the action to run. In the case of inventory repositories the actions will be restricted to inventory related actions. For a connector you will be looking for an action with the form Sync Data - <connector name>. In our example this is Sync Data - System Center Configuration Manager Inventory, which includes the name that was set earlier in the Adding a Configuration Manager connector steps.
  4. In our example we also select to clear any existing data in the repository by checking the Clean sync checkbox.
  5. Click Execute button in the Execute action popup to start the sync.
  6. When the sync starts a number of actions are queued to be performed on the selected repository. To check the progress of the sync actions:
    1. Navigate to the Monitoring→Process log page.
    2. Here you can see the sequence of actions that have been queued for the selected repository related to the Sync Data action selected. In the video we speed up the process of synchronizing the data.
    3. When each action has finished running you'll see a check icon appear in the Status column if it succeeds or a failed icon if it fails . In our example all the actions succeed.
  7. Once all the actions have succeeded you can check the results. To do this:
    1. Navigate to the Monitoring→Sync log page.
    2. This displays the items that have been added to the selected repository as a result of running the sync. In our example you can see a number of additions have been made to the Configuration Manager inventory repository.

In the video we demonstrated the process of adding, testing and running a Configuration Manager connector and then monitored the progress of the sync and verified the results.

The Configuration Manager connector parameters

The following fields are available in the Add connector and Edit connector popups when the System Center Configuration Manager Connector type is selected, as shown in the picture opposite:

FieldDescription
Connector typeShows the connector type: System Center Configuration Manager.
Repository typeShows which type of repository the connector works with. For the System Center Configuration Manager Connector type this is always Inventory.
Connector name

Here you set the logical name for the connector.

You should use a naming convention for connector names:

<connector type> <scope> <RCR>

Scope describes where data is coming from or what it's being used for. For example Demo, Test, Lab, Q2 Audit.

SCCM Database Server

The name of the SQL Server instance where the Configuration Manager database is installed. For example ACME-SQL01.

The SQL Server instance should be specified using one of the following formats:

  • <Server Name>
  • <Server Name>\<Instance> - for a named instance
  • <Server Name>\<Instance>,Port - for a custom port
SCCM DatabaseThe name of the Configuration Manager database. For example CM_CM1.
SCCM SQL Server UserThe name of an SQL login account. This is ignored if the Use Windows Authentication checkbox is checked.
SCCM SQL Server PasswordThe password for the SQL login account. This is ignored if the Use Windows Authentication checkbox is checked.
Use Windows Authentication

Check this box if you want to use the Tachyon server's computer$ account instead of a SQL login specfied above.

When the connector is configured to use Windows Authentication, the connector is actually using the SLA Platform Integrate Agent service account. Tachyon Setup configures this service to use Network Service which translates as the Tachyon server's computer$ account on a remote server.

Run Consolidation Reports

Check the Run Consolidation Reports checkbox if you want consolidation actions to be processed each time the Sync Data action is executed for the connector.

This can lead to unnecessary processing if you enable this on more than one connector. The recommended method of processing consolidation actions is to schedule the action Generate Report - Basic Inventory Consolidation  to execute after the Sync Data actions have run for all connectors. This will execute the remaining consolidation actions. Alternatively check the Run Consolidation Reports checkbox on one of your connectors. You can view action processes in Settings→Process log

Configuration Manager site configuration

The following Client Settings must be configured to gather inventory and usage data from clients, and applied to relevant Collections containing in-scope devices:

  • Software metering (metering rules are not necessary)
  • Software inventory
  • Hardware inventory

The following Discovery Methods must be configured to gather Active Directory data about clients, and applied to relevant Domains and OUs containing in-scope devices:

  • Active Directory System Group Discovery (default attributes are sufficient)


Configuration Manager database access

The System Center Configuration Manager connector requires a SQL Login to exist in the Configuration Manager site database, with all the following rights:

  • db_datareader database role
  • Explicit Execute permissions to the scalar value function fn_GetAppState
  • Explicit Execute permissions to the scalar value function fnGetSiteNumber

The above rights can be granted in either of two main ways:

  1. If the connector is using a SQL Login, then create the login on the Configuration Manager database and grant it the above rights
  2. If the connector is using Windows Authentication, then you can use one of the following:
    1. Create a SQL Login for the Tachyon server's computer$ account, and grant it the rights.
    2. Add the Tachyon server's computer$ account to the ConfigMgr_DViewAccess localgroup on the Configuration Manager database server.

      The existence of the ConfigMgr_DViewAccess localgroup depends on the version of Configuration Manager. It is safe to create the localgroup on the SQL Server if it does not already exist. If it already exists you will need to confirm it has a SQL Login and all the necessary rights, as Configuration Manager setup does not always configure this group correctly. The ConfigMgr_DViewAccess option will be familiar to you if you have previously set up Configuration Manager access for the ActiveEfficiency Scout, as required for AppClarity 5.x or Shopping 5.x.

      When the connector is configured to use Windows Authentication, the connector is actually using the SLA Platform Integrate Agent service account. Tachyon Setup configures this service to use Network Service which translates as the Tachyon server's computer$ account on a remote server.

      The following SQL script can be used to create a Login for ConfigMgr_DViewAccess and grant it permissions on the Configuration Manager database. You must create the group before running the script, and then add the Tachyon server's computer$ account to the group.

       Click here to expand...

      Download...

      -- Connect to the SQL instance using an account that has sysadmin rights.
      -- Execute this SQL script on the Configuration Manager database.
      -- The script creates a SQL Login on the instance for [hostname\ConfigMgr_DViewAccess]
      -- and grants it the following rights on the Configuration Manager database:
      -- [db_datareader]
      -- EXECUTE on [dbo].[fn_GetAppState]
      -- EXECUTE on [dbo].[fnGetSiteNumber]
      
      DECLARE @SqlLogin nvarchar(2000)
      DECLARE @SqlString nvarchar(max)
      
      SET @SqlLogin = CAST(host_name() AS varchar(512)) + '\ConfigMgr_DViewAccess'
      PRINT 'Granting permissions for ''' + @SqlLogin + ''' on database ' + DB_NAME() + ' ...'
      
      SET @SqlString = ' 
      IF NOT EXISTS ( SELECT schema_name FROM information_schema.schemata WHERE schema_name = '''+@SqlLogin +''' ) 
      EXEC (''CREATE SCHEMA [' + @SqlLogin + ']'')
      '
      EXEC sp_executesql @SqlString
      
      SET @SqlString = ' 
      IF NOT EXISTS (SELECT * FROM sys.server_principals WHERE name = '''+ @SqlLogin +''')
      CREATE LOGIN [' + @SqlLogin + '] FROM WINDOWS WITH DEFAULT_DATABASE=[master]
      '
      EXEC sp_executesql @SqlString
      
      SET @SqlString = '
      IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = '''+ @SqlLogin +''')
      CREATE USER [' + @SqlLogin + '] FOR LOGIN [' + @SqlLogin + '] WITH DEFAULT_SCHEMA=[' + @SqlLogin + ']
      '
      EXEC sp_executesql @SqlString
      PRINT 'SQL Login created.'
      
      SET @SqlString = '
      ALTER ROLE [db_datareader] ADD MEMBER [' + @SqlLogin + ']
      GRANT EXECUTE ON [dbo].[fn_GetAppState] TO [' + @SqlLogin + '] AS [dbo]
      GRANT EXECUTE ON [dbo].[fnGetSiteNumber] TO [' + @SqlLogin + '] AS [dbo]
      '
      EXEC sp_executesql @SqlString
      PRINT 'Permissions granted.'