Storing Password in CMDB

Sam Ogden · ‎06-30-2017

Hi All,

We are in the process of setting up and configuring our CMDB within SN. One of the teams have asked if there is the functionality of storing usernames and passwords within the CMDB i.e. for particular servers. If this is possible what issues are there around security.

We would only want that particular team to have access to read the information.

Does anyone know if this is possible or if it should be avoided?

Thanks in Advance

Dave Smith1 · ‎06-30-2017

Yes, there is functionality. Yes, it should be avoided.

What you possibly want to do is store these credentials on one of your local servers (as a Java properties file), then let your instance know the path to this file - known as External Credentials.

This is a topic covered on our Discovery course: ServiceNow Discovery Training - but if you want to have a go at it yourself, take a look here: https://docs.servicenow.com/search?q=External+Credential+Storage&labels=2&labels=3

Alternatively, consider an external credential management system like CyberArk.

Lastly, just a warning:

Sam Ogden wrote:

We are in the process of setting up and configuring our CMDB within SN.

Note that ITIL recommends scoping the project - simply the planning side - for Configuration Management and the CMDB can take anything from 3-9 months. It's not simply a case of designing and building a CMDB - the database is of no value whatsoever unless there are management processes in place.

People often make the mistake of believing the product is the finished deliverable - and overlook any processes, i.e.: they focus on WHAT to do, but not HOW it will be used, nor by WHOM and WHY.

View solution in original post

vab_13 · ‎06-30-2017

Technically, can definitely be done, you can also encrypt the fields.

Have a read:

Encrypt fields using encryption configurations

Encryption support

Mark your feedback( Like or Helpful or Correct) as per the impact of my response. Cheers!

Vab