MID Server configuration for Service Mapping

Release version: Australia

Updated March 12, 2026

3 minutes to read

Summarize

Summarized using AI

Summary of MID Server configuration for Service Mapping

The MID Server is a Java application running as a Windows service or UNIX daemon that enables communication between on-premises servers and ServiceNow applications like Service Mapping and Discovery. It resides within the enterprise private network and facilitates discovery and mapping of infrastructure components.

Show full answer Show less

To ensure proper functionality when language plugins are activated on the instance, the MID Server language setting on the user record should be set to English/None.

Key Features

MID Server Selection Criteria: Service Mapping selects MID Servers based on application assignment (e.g., reserved for Service Mapping or set to ALL), network capability (e.g., SSH, WMI, SNMP, Cloud Provisioning), and IP range limitations to ensure appropriate discovery targeting.
Selection Algorithm: Service Mapping chooses the MID Server whose criteria best match the discovery request parameters. If no match exists, it falls back to the configured default MID Server. Both new and legacy selection algorithms are supported to accommodate different deployment needs.
Default MID Server Configuration: Setting a default MID Server ensures discovery proceeds even when no specific MID Server matches the discovery request criteria, improving reliability especially in upgraded deployments.
PowerShell-based Discovery: MID Servers can use PowerShell with WinRM or WMI protocols to communicate securely with Windows servers. PowerShell Remoting sessions stay open during queries for efficient discovery. ServiceNow supports PowerShell versions 3.0 through 5.1.
Credential-less Discovery with Nmap: When MID Servers lack credentials to access target devices, they can leverage Nmap for basic, credential-less discovery. This requires additional setup, including installing Nmap on the MID Server.
Placement of MID Servers: Placement depends on mapping scope: MID Servers inside the private network for internal devices, and both DMZ and private network for DMZ devices. In domain-separated environments, MID Servers must be located in the lowest-level (leaf) domain.

Practical Considerations for ServiceNow Customers

Configure MID Servers with appropriate capabilities and IP ranges to ensure efficient and targeted discovery for Service Mapping.
Set a default MID Server to guarantee discovery continuity when selection criteria do not find a match.
Use PowerShell Remoting for Windows server discovery for secure, efficient communication; ensure the MID Server supports the required PowerShell versions.
Enable and configure credential-less discovery with Nmap to gather information from devices without credentials, expanding discovery coverage.
Strategically place MID Servers in network zones based on the location of devices to be mapped, considering domain separation requirements.
Choose between legacy and new MID Server selection algorithms based on your deployment version and organizational needs.

Configure Service Mapping and MID Servers to work together.

What is the MID Server

The Management, Instrumentation, and Discovery (MID) Server is a Java application that runs as a Windows service or UNIX daemon on a server. MID Servers, which are located in the enterprise private network, facilitate communication between servers on the network and some ServiceNow applications, such as Service Mapping, and Discovery.

Note:

If the Service Mapping (com.sn_itom_pattern) plugin is activated on the instance and a language plugin (for example, Spanish) is also activated, make sure that the MID Server language is also set to English/None on the user record.

MID Server selection criteria

Most environments require multiple MID Servers, with Service Mapping using the relevant MID Server for discovery. MID Servers have the following selection criteria that Service Mapping can use to choose the relevant MID Server:

Application — defines what application a MID Server works with. Set it to Service Mapping to reserve this MID Server exclusively to Service Mapping discovery requests. Alternatively, set it to ALL to allow any ServiceNow application to use this MID Server.
Capability — defines the network capability. For Service Mapping, set this parameter to ALL or any combination of SSH, WMI, SNMP, and Cloud Provisioning and Governance . See Configure MID Server capabilities.
IP range — limits operation of this MID Server to this IP range. Service Mapping does not choose this MID Server for a discovery request whose endpoint is outside this IP range. See Configure an IP address range for the MID Server.
Note:
For information on how to bypass MID Server configuration based on IP range, see Fine-tune Service Mapping with MID affinity and IP reuse.

Service Mapping selects a MID Server using the following algorithm:

Service Mapping chooses the MID Server whose selection criteria best match the parameters of the discovery request.
If there are no MID Servers with matching selection criteria, Service Mapping chooses the default MID Server.
If there are no MID Servers with matching selection criteria or default MID Server, Service Mapping cannot start the discovery process.

While by default Service Mapping uses this algorithm in all deployments upgraded from Istanbul or Jakarta, it can support both new and legacy algorithms for selecting a MID Server. For more information, see Choose MID Server selection algorithm.

Default MID Servers for Service Mapping

In addition to selection criteria, you can configure one of the MID Servers as the default server that Service Mapping uses. If there are no MID Servers with matching application, capability, or IP range, Service Mapping uses the default MID Server. See Configure a default MID Server for each application.

Using PowerShell for discovery

MID Servers can use PowerShell to directly communicate with Windows servers using both WMI and WinRM protocols. For Windows services using the WinRM protocol, the PowerShell process establishes a secure PSSession (PowerShell Remoting session) that stays open until the MID Server finishes querying a Windows server. For Windows servers using the WMI protocol, the PowerShell process sends every PowerShell command with credentials.

If you do not configure MID Servers to use PowerShell and PowerShell Remoting, MID Servers use WMI.

ServiceNow now supports PowerShell 3.0 up to 5.1.

MID Server credential-less discovery with Nmap

If the MID Server does not have sufficient credentials to access a device or application, it can run Network Mapper (Nmap) commands to collect basic information without using credentials. Credential-less discovery with Nmap requires additional configuration as described in Install and uninstall Nmap on a MID Server.

ServiceNow applications refer to devices and applications that comprise a service instance as configuration items (CIs).

Placing MID Servers

The number of MID Servers that you require and where you place them depends on your organization needs. If you want to map devices and applications inside your private network, place the MID Servers inside the private network. If you want to map devices and applications located in the DMZ, place the MID Servers both in the DMZ and inside the private network.

In deployments where domain separation is enabled and domains are configured to form a hierarchy, MID Servers must be placed in the lowest domain level, a "leaf domain".

Placing MID Servers to support domain separation — Figure 2. Placement of MID Servers in domain-seprated environments

Once MID Servers MID Servers are installed, configure them to work with Service Mapping for the best discovery results.