System User Information in ServiceNow Discovery

Chaitanya86
Tera Contributor

Team,

We have a requirement to fetch All user details from OS (Windows/Linux) while discovering. 

Is it by default available? or is there any custom way to achieve it. 

1 ACCEPTED SOLUTION

Oyvind Schei
Tera Expert

Hi @Chaitanya86!

Before diving into customizing ServiceNow ITOM for fetching all user details from operating systems like Windows and Linux, it's highly recommended to first gather use cases or user stories for this information. Understanding why you need this data and what you will use it for is crucial:

  • Why do you need this? Clarify the specific reasons behind the need to collect user details during discovery. Is it for compliance, security monitoring, asset management, or another critical business process?
  • What are you using it for? Determine how this information will be utilized within your organization. This could influence the data points you need to collect and how you manage them within ServiceNow.
  • Is it a need or a nice to have? Assess whether collecting this information is a strict requirement or if it would simply be beneficial. This can help prioritize this functionality against other ITOM initiatives.

Once you have a clear understanding of the use case and its importance, you can proceed with customizing ServiceNow ITOM to fetch user details from operating systems:

 

Custom Discovery Patterns

Create custom discovery patterns in ServiceNow to gather user details from Windows and Linux systems. This involves scripting within the ServiceNow Pattern Designer to execute specific commands on these OS:

  • For Windows Systems: Implement PowerShell scripts via patterns to execute commands like Get-LocalUser, fetching detailed user account information.
  • For Linux Systems: Utilize SSH commands in patterns to run shell commands such as getent passwd or cat /etc/passwd, listing user details from the Linux OS.

 

MID Server Script Includes

Leverage MID Server Script Includes in ServiceNow to define custom scripts that MID Servers will run on target OSes. These scripts, tailored to collect user information, are invoked by your custom discovery patterns.

 

Compliance and Security

Ensure your approach to collecting user details adheres to your organization's security policies and privacy regulations. Secure handling, transmission, and access control of this data within ServiceNow are paramount.

 

Performance Considerations

Be mindful of the impact custom discovery tasks may have on system and network performance. Testing in a controlled environment is essential to ensure these customizations do not adversely affect your ITOM processes.

 

Maintenance and Updates

Maintain and update your custom discovery patterns and scripts as necessary. This ensures continued accuracy and efficiency in fetching user details as ServiceNow and your OS environments evolve.

By clarifying the use case for collecting user details and customizing ServiceNow ITOM accordingly, you can ensure that this functionality not only meets your specific needs but also integrates smoothly with your broader IT operations management strategy.

Hope this helps out! 🙂

Kind regards, Øyvind!

View solution in original post

2 REPLIES 2

Oyvind Schei
Tera Expert

Hi @Chaitanya86!

Before diving into customizing ServiceNow ITOM for fetching all user details from operating systems like Windows and Linux, it's highly recommended to first gather use cases or user stories for this information. Understanding why you need this data and what you will use it for is crucial:

  • Why do you need this? Clarify the specific reasons behind the need to collect user details during discovery. Is it for compliance, security monitoring, asset management, or another critical business process?
  • What are you using it for? Determine how this information will be utilized within your organization. This could influence the data points you need to collect and how you manage them within ServiceNow.
  • Is it a need or a nice to have? Assess whether collecting this information is a strict requirement or if it would simply be beneficial. This can help prioritize this functionality against other ITOM initiatives.

Once you have a clear understanding of the use case and its importance, you can proceed with customizing ServiceNow ITOM to fetch user details from operating systems:

 

Custom Discovery Patterns

Create custom discovery patterns in ServiceNow to gather user details from Windows and Linux systems. This involves scripting within the ServiceNow Pattern Designer to execute specific commands on these OS:

  • For Windows Systems: Implement PowerShell scripts via patterns to execute commands like Get-LocalUser, fetching detailed user account information.
  • For Linux Systems: Utilize SSH commands in patterns to run shell commands such as getent passwd or cat /etc/passwd, listing user details from the Linux OS.

 

MID Server Script Includes

Leverage MID Server Script Includes in ServiceNow to define custom scripts that MID Servers will run on target OSes. These scripts, tailored to collect user information, are invoked by your custom discovery patterns.

 

Compliance and Security

Ensure your approach to collecting user details adheres to your organization's security policies and privacy regulations. Secure handling, transmission, and access control of this data within ServiceNow are paramount.

 

Performance Considerations

Be mindful of the impact custom discovery tasks may have on system and network performance. Testing in a controlled environment is essential to ensure these customizations do not adversely affect your ITOM processes.

 

Maintenance and Updates

Maintain and update your custom discovery patterns and scripts as necessary. This ensures continued accuracy and efficiency in fetching user details as ServiceNow and your OS environments evolve.

By clarifying the use case for collecting user details and customizing ServiceNow ITOM accordingly, you can ensure that this functionality not only meets your specific needs but also integrates smoothly with your broader IT operations management strategy.

Hope this helps out! 🙂

Kind regards, Øyvind!

Chaitanya86
Tera Contributor

Hi @Oyvind Schei 

Tera Contributor

 

Thank you for details. Yes, it's an ask from the security team & as of now it's in the testing phase. Will check on the Development instance first and then proceed. 

As of now, i just wanted to check whether discovery pull this information by default or do we need to write custom pattern before proceeding to development, which i am clear now.