- Post History
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
5 hours ago
Big Picture (one‑liner)
👉Identification & Reconciliation rules answer two different questions:
Question | Answered by |
“Is this CI already existing or is it new?” | Identification Rules |
“If multiple sources update the same CI, whose data should I trust?” | Reconciliation Rules |
1️⃣Identification Rules (IR)
🔹What are Identification Rules?
Identification Rules decide HOW ServiceNow recognizes a CI.
In simple words:
This rule tells ServiceNow how to uniquely identify a CI record.
🧠 Think of it like Aadhaar / PAN Card
- Aadhaar number uniquely identifies you
- PAN card also identifies you
- Same person → not two people
Similarly:
- Serial Number
- IP Address
- Host name
These help identify one unique CI
✅What happens without Identification Rules?
If identification is weak:
- Same server gets created multiple times
- CMDB becomes dirty
- Reports & dependency maps break
🔧Where are Identification Rules used?
Mostly during:
- Discovery
- Service Mapping
- Import Sets
- Integrations (SCCM, Azure, AWS, etc.)
📘Simple Example – Server CI
CI Class: cmdb_ci_server
Identification Attribute | Why |
serial_number | Hardware-level unique |
(OR) name + IP address | Logical identification |
Rule:
IF serial_number matches → SAME CI
ELSE create NEW CI✅Result:
- Discovery runs daily
- Same server updates
- No duplicates created
📘Example – Network Device
| Attribute | Used for Identification |
| MAC Address | Primary |
| IP Address | Can change |
👉Identification Rule:
Use MAC Address to identify network device🔑Key Takeaway for Identification Rules
✅Identification decides CREATE vs UPDATE
“Is this CI already there or not?”
2️⃣Reconciliation Rules (RR)
🔹What are Reconciliation Rules?
Reconciliation rules decide WHO wins when multiple sources update the same CI attribute.
In simple words:
This rule decides which source’s data is trusted more.
🧠 Think of it like conflicting information
Suppose:
- Your passport says DOB = 1 Jan 1990
- Your driving license says DOB = 2 Jan 1990
❓Which one should be trusted?
👉You decide a priority Same concept here.
✅Why Reconciliation Rules are needed
In CMDB:
- Multiple tools update the same CI
- Discovery
- SCCM
- Cloud integrations
- Manual updates
Without rules:
- Data keeps flipping
- CMDB becomes unreliable
🔧Where are Reconciliation Rules applied?
- Attribute level
- CI level
- Source-based priority
📘Simple Example – Server OS Version
CI: Server-01
| Source | OS Version |
| Discovery | Windows 2019 |
| SCCM | Windows 2016 |
| Manual Update | Windows 2022 |
✅Reconciliation Rule (Priority-based)
Discovery → Priority 1
SCCM → Priority 2
Manual → Priority 3✅Final value saved:
OS Version = Windows 2019
(from Discovery)📘Example – IP Address Conflict
| Source | IP |
| Discovery | 10.10.1.5 |
| Import Set | 10.10.1.7 |
Rule:
Discovery has higher priority → wins✅CMDB keeps 10.10.1.5
🔑Key Takeaway for Reconciliation Rules
✅Reconciliation decides SOURCE PRIORITY
“If multiple sources update the same CI, whose data should I trust?”
3️⃣Identification vs Reconciliation – Side-by-Side
| Aspect | Identification Rules | Reconciliation Rules |
| Main Question | Is this CI new or existing? | Which source wins? |
| Used When | CI creation / matching | CI update conflicts |
| Works On | CI identity | CI attributes |
| Prevents | Duplicate CIs | Data overwrites |
| Example | Serial Number | Discovery vs SCCM |
4️⃣End-to-End Example (Very Important)
🔄Discovery Flow
- Discovery runs
- Identification Rule
- Serial Number matches → ✅ update existing CI
- Reconciliation Rule
- Discovery beats SCCM → ✅ Discovery values kept
- ✅CMDB stays clean and trusted
🧠 One-line Memory Trick (for exams & interviews)
Identification = “Who are you?”
Reconciliation = “Whose data do I believe?”
👉Reconciliation Rules apply only after a CI is identified
👉If conflicts occur, ServiceNow follows a strict order of precedence, not “random behavior”
Lets Discuss Conflicts in details below:
1️⃣Conflict Type 1: Identification Rules Conflict
❓What does this mean?
More than one CI matches the same incoming data during identification.
📘Example
Incoming data from Discovery:
Serial Number = ABC123
IP Address = 10.10.1.5Existing CIs:
| CI | Serial Number | IP |
| CI‑1 | ABC123 | 10.10.1.4 |
| CI‑2 | ABC124 | 10.10.1.5 |
👉One rule matches CI‑1
👉Another rule matches CI‑2
❗Conflict detected
✅What ServiceNow Does
ServiceNow will NOT guess
It will:
- ❌Fail identification
- ❌NOT update any CI
- ✅Log an IRE (Identification Engine) error
- ✅Mark record as “Ambiguous match”
📍Result:
CI NOT updated
No duplicate created
Admin must fix identification rules or CMDB data🔑Key Rule
If Identification is ambiguous, CMDB refuses to process
This is by design to protect data integrity.
2️⃣Conflict Type 2: Multiple Identification Rules Apply
❓What does this mean?
More than one valid identification rule exists for the same CI class.
✅How ServiceNow resolves it
Identification Rules are processed in this order:
Class hierarchy
- More specific class wins
(Server > Computer > CI)
- More specific class wins
Rule priority (Order field)
- Lower order = higher priority
Attribute strength
- Strong identifiers (Serial Number)
- Medium (Name + IP)
- Weak (Name only)
✅The first successful rule wins
📘Example
Rules for cmdb_ci_server:
| Rule | Attributes | Order |
| Rule‑1 | Serial Number | 100 |
| Rule‑2 | Name + IP | 200 |
✅If Serial Number matches → Rule‑1 used
✅Rule‑2 is ignored
3️⃣Conflict Type 3: Reconciliation Rules Conflict
❓What does this mean?
Two or more data sources try to update the same attribute.
📘Example
CI Attribute: Operating System
| Source | Value | Priority |
| Discovery | Windows 2019 | 1 |
| SCCM | Windows 2022 | 2 |
| Manual | Windows 2016 | 3 |
✅What ServiceNow Does
ServiceNow uses Source Priority (lower number = higher priority)
✅Final value:
Windows 2019
(Source = Discovery)🔑Important Rule
Only ONE source wins per attribute
There is no merging logic unless custom logic is built.
4️⃣Conflict Between Identification & Reconciliation
This is a very common misunderstanding.
❓Does reconciliation apply if identification fails?
❌NO
✅Actual Processing Order
1️⃣ Identification
├─ If CI is NOT uniquely identified → STOP
2️⃣ Reconciliation
├─ Happens ONLY if identification succeeds
3️⃣ Update CI👉If identification fails:
- ❌No reconciliation
- ❌No update
- ❌No create
5️⃣Conflict Type 4: Same Priority Sources
📘Example
Two sources both have priority 1:
- Discovery
- Cloud Integration
✅What ServiceNow Does
ServiceNow uses:
- Last Updated timestamp
- Source precedence order
- In some cases → non-deterministic result
⚠️This is considered bad design
✅Best Practice
Always:
- Avoid equal priorities
- Clearly define single system of record per attribute
6️⃣How You Detect These Conflicts
🔍Tools & Logs
- Identification Engine Logs
- cmdb_ire_log
- Discovery Error Logs
- CI Audit History
7️⃣Summary Table — What Happens When Rules Conflict
| Conflict Type | Outcome❌ |
| Multiple CI match in Identification | ❌No update, error logged |
| Multiple Identification rules valid | ✅Higher priority rule wins |
| Multiple data sources updating same field | ✅Higher priority source wins |
| Identification fails | ❌Reconciliation never runs |
| Same source priority | ⚠️Unpredictable, avoid |
🧠 Exam / Interview One‑Liners
✅“Identification conflicts stop CMDB updates to prevent corruption.”
✅“Reconciliation applies only after a CI is uniquely identified.”
✅“Source priority decides reconciliation conflicts.”
Please Bookmark this Article 🔖, Share with your friends / colleagues and Mark it as Helpful 👍 if you thought it was helpful.
Also feel free to provide your comments/feedback on this Article.
Regards,
Anubhav Ritolia
Community Rising Star 2023, 2024
Organizer of Pune Developer Meetup
Technical Architect at LTIMindtree
