- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-24-2017 09:09 PM
To ensure scans are successful without granting VMWare Admin level permissions since Orchestration is not required in this case, what permissions level in VMWare must be granted for the ServiceNow Discovery vCenter credential?
Does read-only permissions are sufficient? got confused over below lines from servicenow documentation.
"Discovery and Orchestration require vCenter credentials for any work that it performs on vCenter, such as cloning a virtual machine."
"Prepare VMware for CIM discovery" - is it mandatory??
Solved! Go to Solution.
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-25-2017 11:26 PM
I have received the following updates from ServiceNow support related to VMware credentials, which are completely aligned with previous updates.
Thanks all for your inputs
Q: Is CIM credential needed for ESX/I discovery?
A: Starting from Geneva onward, you no longer need CIM credentials to discover ESX/I as they are discovered through vCenter API. The only credentials needed are the vCenter credentials and the Windows credentials for the host running vCenter.
Q: Could you also confirm if read only permissions of vCenter credentials will be sufficient to discover VMware infrastructure completely.
A:The Read-only role is enough to allow ServiceNow users to run Discovery and view resources.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-24-2017 09:25 PM
To my understanding, I believe you would need to give read permissions to your ServiceNow vCenter credentials. If your operations are only limited to scans then read permissions should suffice.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-24-2017 09:38 PM
Hi Rakesh,
Gaurav is right. You do not need to have Admin level credentials if you are only discovering.
Also "Prepare VMware for CIM discovery" is not mandatory. CIM Credentials used to discover ESX server's serial number but the existing VMWare API itself have the ability to discover it. So you do not need those credential if you can able to discover ESX server's serial number.
I don't know why ServiceNow still have the document. Let's ask the expert
doug.schulze Are we still using CIM for any other reasons?
Regards,
Vivek
Based on the impact hit like, helpful or correct.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-24-2017 11:46 PM
Yeah...I am specifically looking for the CIM related information as one of our our customer is keen in understanding this particular thing.
Regards,
Rakesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-25-2017 11:26 PM
I have received the following updates from ServiceNow support related to VMware credentials, which are completely aligned with previous updates.
Thanks all for your inputs
Q: Is CIM credential needed for ESX/I discovery?
A: Starting from Geneva onward, you no longer need CIM credentials to discover ESX/I as they are discovered through vCenter API. The only credentials needed are the vCenter credentials and the Windows credentials for the host running vCenter.
Q: Could you also confirm if read only permissions of vCenter credentials will be sufficient to discover VMware infrastructure completely.
A:The Read-only role is enough to allow ServiceNow users to run Discovery and view resources.
