MID Server configuration for Service Mapping

  • Release version: Yokohama
  • Updated January 30, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of MID Server configuration for Service Mapping

    The MID Server (Management, Instrumentation, and Discovery Server) is a Java application running as a Windows service or UNIX daemon within an enterprise private network. It facilitates communication between internal network servers and ServiceNow applications such as Service Mapping and Discovery. Proper configuration of MID Servers is essential for effective discovery and mapping of devices and applications that constitute your service instances (configuration items).

    Show full answer Show less

    Key Features

    • MID Server Selection Criteria: Service Mapping selects MID Servers based on application assignment (Service Mapping or ALL), network capabilities (such as SSH, WMI, SNMP, Cloud Provisioning), and IP address range. These criteria ensure that discovery requests are routed to the most suitable MID Server.
    • Default MID Server Configuration: You can designate a default MID Server for Service Mapping to handle discovery requests when no MID Server matches the selection criteria.
    • Selection Algorithms: Service Mapping supports both new and legacy MID Server selection algorithms. Upgraded deployments from versions Istanbul or Jakarta use the legacy algorithm by default but can be configured to use the new one based on organizational requirements.
    • PowerShell Usage: MID Servers can leverage PowerShell with WMI or WinRM protocols for Windows server discovery. ServiceNow supports PowerShell versions 3.0 through 5.1. If not configured for PowerShell Remoting, MID Servers default to WMI.
    • Credential-less Discovery with Nmap: MID Servers can perform basic discovery without credentials using Nmap, which requires additional setup. This enables gathering information when credentials are unavailable.
    • Placement of MID Servers: The number and location of MID Servers depend on organizational needs. For mapping devices inside a private network, place MID Servers within that network. For devices in DMZs, deploy MID Servers both in the DMZ and the private network. In domain-separated environments, MID Servers must reside in the lowest (leaf) domain level.

    Key Outcomes

    • Optimized discovery and mapping of configuration items through appropriate MID Server selection based on application, capability, and IP range.
    • Improved reliability by configuring default MID Servers to ensure discovery continues even if no exact match is found.
    • Enhanced Windows server discovery via PowerShell Remoting, offering secure and efficient communication.
    • Ability to perform limited discovery without credentials using Nmap, expanding discovery capabilities in restricted environments.
    • Strategic MID Server placement aligned with network architecture and domain hierarchy to maximize discovery coverage and performance.

    Configure Service Mapping and MID Servers to work together.

    What is the MID Server

    The Management, Instrumentation, and Discovery (MID) Server is a Java application that runs as a Windows service or UNIX daemon on a server. MID Servers, which are located in the enterprise private network, facilitate communication between servers on the network and some ServiceNow applications, such as Service Mapping, and Discovery.

    Note:
    If the Service Mapping (com.sn_itom_pattern) plugin is activated on the instance and a language plugin (for example, Spanish) is also activated, make sure that the MID Server language is also set to English/None on the user record.

    MID Server selection criteria

    Most environments require multiple MID Servers, with Service Mapping using the relevant MID Server for discovery. MID Servers have the following selection criteria that Service Mapping can use to choose the relevant MID Server:
    • Application — defines what application a MID Server works with. Set it to Service Mapping to reserve this MID Server exclusively to Service Mapping discovery requests. Alternatively, set it to ALL to allow any ServiceNow application to use this MID Server.

    • Capability — defines the network capability. For Service Mapping, set this parameter to ALL or any combination of SSH, WMI, SNMP, and Cloud Provisioning and Governance . See Configure MID Server capabilities.

    • IP range — limits operation of this MID Server to this IP range. Service Mapping does not choose this MID Server for a discovery request whose endpoint is outside this IP range. See Configure an IP address range for the MID Server.
      Note:
      For information on how to bypass MID Server configuration based on IP range, see Fine-tune Service Mapping with MID affinity and IP reuse.
    Service Mapping selects a MID Server using the following algorithm:
    • Service Mapping chooses the MID Server whose selection criteria best match the parameters of the discovery request.
    • If there are no MID Servers with matching selection criteria, Service Mapping chooses the default MID Server.
    • If there are no MID Servers with matching selection criteria or default MID Server, Service Mapping cannot start the discovery process.

    While by default Service Mapping uses this algorithm in all deployments upgraded from Istanbul or Jakarta, it can support both new and legacy algorithms for selecting a MID Server. For more information, see Choose MID Server selection algorithm.

    Default MID Servers for Service Mapping

    In addition to selection criteria, you can configure one of the MID Servers as the default server that Service Mapping uses. If there are no MID Servers with matching application, capability, or IP range, Service Mapping uses the default MID Server. See Configure a default MID Server for each application.

    Using PowerShell for discovery

    MID Servers can use PowerShell to directly communicate with Windows servers using both WMI and WinRM protocols. For Windows services using the WinRM protocol, the PowerShell process establishes a secure PSSession (PowerShell Remoting session) that stays open until the MID Server finishes querying a Windows server. For Windows servers using the WMI protocol, the PowerShell process sends every PowerShell command with credentials.

    If you do not configure MID Servers to use PowerShell and PowerShell Remoting, MID Servers use WMI.

    ServiceNow now supports PowerShell 3.0 up to 5.1.

    MID Server credential-less discovery with Nmap

    If the MID Server does not have sufficient credentials to access a device or application, it can run Network Mapper (Nmap) commands to collect basic information without using credentials. Credential-less discovery with Nmap requires additional configuration as described in Install and uninstall Nmap on a MID Server.

    ServiceNow applications refer to devices and applications that comprise a service instance as configuration items (CIs).

    Placing MID Servers

    The number of MID Servers that you require and where you place them depends on your organization needs. If you want to map devices and applications inside your private network, place the MID Servers inside the private network. If you want to map devices and applications located in the DMZ, place the MID Servers both in the DMZ and inside the private network.

    Figure 1. Placing MID Servers inside private network

    Placing MID Servers inside private network
    In deployments where domain separation is enabled and domains are configured to form a hierarchy, MID Servers must be placed in the lowest domain level, a "leaf domain".
    Figure 2. Placement of MID Servers in domain-seprated environments

    Placing MID Servers to support domain separation

    Once MID Servers MID Servers are installed, configure them to work with Service Mapping for the best discovery results.