Credentials for ITOm Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
Hello EXperts,
Can anyone suggest if this is okay to use same account name ( i mean naming convention example : itomcred lets say as an example ) to be used to set up with different passwords for multiple segments.)
itomcred Pass1 for segment 1
itomcred Pass2 for segment 2
itomcred Pass3 for segment 3
itomcred Pass5 for segment 4
as these are separate areas to be discovered and each has separate Mid Servers , so infrastructure wise it is easy to push policy to a single account for IP subnets , but having different account multiple push.
from ServiceNow end will Discovery give error as it gets the same account name but can not identify what area to go in .
What would be standard Servicenow recommendation to have same name ?/ or different name??
Please assist
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
Hi,
The policy should be dictated by the organisation security policy. For most organisations, a single credential with full access over all resources is a high security threat and needs to be mitigated. Your credentialling will depend on what you're discovering, and the landscape of the customers environment. Currently this question doesn't have enough info to provide an accurate answer.
Credential records can be linked to a MID server to prevent SN attempting each credential before creating an affinity. If your MID servers align to network segments, you can define the MID server relationship on the discovery_credential record
