Converse agora com nosso suporte
Chat com o suporte

Identity Manager 9.1.2 - Administration Guide for Connecting to ServiceNow

One Identity Manager for Service Catalog

This section provides details of integration of One Identity Manager with Service catalog in ServiceNow.

 

Configuring ServiceNow's One Identity Manager Catalog Application

This section elaborates configuration of One Identity Manager service catalog app for integration with One Identity Manager.

Adding Catalog Item to the Catalog Page

After the installation of One Identity Manager ServiceNow App, it needs to be added to the service catalog page.

Steps to add One Identity Manager ServiceNow App to catalog page:

  1. Navigate to the Self-Service | Service Catalog in your instance.

  2. Add content | Search for One Identity Manager for Service Catalog from the categories

  3. Click Add here.

  4. The Catalog Item will then be available in the Catalog Page to place IT Shop requests from ServiceNow.

Configuration Parameters

The details related to configuration parameters in the One Identity Manager ServiceNow App are listed below Configuration parameters can be found under One Identity Manager ServiceNow App in the Application navigator. Sysadmin/Appadmin would be able to configure these parameters. Initially when the One Identity Manager Service App is configured for the first time the scheduled job must be executed manually once for the configuration parameters to be available for the user to edit.

To execute the Scheduled job follow the below steps:

  1. Open the ServiceNow instance.

  2. Navigate to System Definition | Scheduled jobs.

  3. Search for InitializeConfigurationParametersAndLoadData and select it.

  4. Click on Execute button to execute the background job and initialize the configuration parameters

    Table 1: Configuration Parameters
    Config Parameter Name Config Parameter Description
    add_OneIM_managers_to_approver_role

    Add OneIM Managers to ServiceNow's approver_user role so that they would be able to approve the ServiceNow request assigned to them? (true | false)

    compliance_officer The group of the compliance officers which will approve, if a request would lead to a SoD conflict.
    delta_load_data_from_oneim_server_persons If true, loads employee data from One Identity Manager to ServiceNow during a delta sync .
    delta_xdateupdated_accproduct Highest XDateUpdated for Service Item entities, to be used for the next delta run. This value is automatically calculated and set after Full / Delta sync.
    delta_xdateupdated_accproductgroup Highest XDateUpdated for Service Categories entities, to be used for the next delta run. This value is automatically calculated and set after each Full / Delta synchronization.
    delta_xdateupdated_person Highest XDateUpdated date for Person entities from the last synchronization. To be used for the next delta run. This value is automatically calculated and set after each Full / Delta synchronization.
    fallback_approver The approval is sent to the fallback approver group if no manager is available  .
    job_execution_status Background Job execution status (Ready/Running). Ready implies the job is not executing and Running implies job is executing.
    job_load_data_from_oneim_server_delta_load Scheduled Job: Perform delta load from One Identity Manager during scheduled run? (true | false)
    job_load_data_from_oneim_server_full_load Scheduled Job: Perform full load from One Identity Manager? (true | false)
    log_level Info = show info, warning, and error log messages debug = show info, warning, error, and debug log messages warn = show error and warning log messages error = show error log messages only
    oneim_api_retrythreshold The number of times the retry mechanism should be executed in case of failures.
    oneim_request_validity_default IT Shop request validity. If the validity fields (valid from and valid until) are empty, the validity will be set to default validity (in days).
    oneim_rest_endpoint_url REST API Endpoint to the One Identity Manager Application Server
    oneim_rest_pagelimit The number of items that can be fetched per page during the API call to One Identity Manager App Server.
    oneim_rest_password Password of the service user for the REST API's Endpoint of the One Identity Manager Application Server.
    oneim_rest_username Username of the service user of REST API's Endpoint to the One Identity Manager Application Server
    oneim_to_servicenow_user_matching_attribute This attribute is used to configure an alternate property other than central account that can be used to match the Person to sysusers in ServiceNow. This is an optional attribute.

    oneim_xml_max_childNode_search_count

    Maximum number child nodes to search for a match in a xml document

    page_load_data_from_oneim_server_delta_load If true, perform a delta load from One Identity Manager during page load .
    page_load_data_from_oneim_server_full_load If true, perform a full load from One Identity Manager to during page load .
    delta_load_data_from_oneim_server_service_items Get new Service Items from One Identity Manager on page load. 
    perform_manager_approval

    This parameter is used to determine ServiceNow request raised by the user should be approved by the manager or not. If set to true, request raised should be approved by the manager. If set to false, request raised need not be approved by the manager. (true | false)

    perform_sod_check Should a SoD check be performed during request submission? (true | false)
    manager_approval_authoritative_source Determines whether ServiceNow or One Identity Manager is the authoritative source for managers.

    truncate_user_accproductgroup_accproduct

    When the scheduled job executes and this parameter is set to true, the tables x_oni_oneim_addon_accproduct_user and x_oni_oneim_addon_accproductgroup_user are truncated in order to reduce the overhead of maintaining large data in custom tables.

    employee_type

    This parameter is used to determine what kind of employees are fetched from OneIM. If you want more than one of a kind, then provide comma separated values.

    Example- contractor, employee

    minimum_input_length_for_service_category

    Minimum number of characters required to search for service category while raising the IT shop request

    minimum_input_length_for_service_item

    Minimum number of characters required to search for service item while raising the IT shop request

    workflow_approval_timer_interval_in_seconds

    Retry interval in seconds to fetch the current status of the requested service item from One identity manager in request approval workflow of ServiceNow

    IMPORTANT:The default value is 3600 secs (60 minutes). Reducing this time limit could impact the performance of the ServiceNow instance.

    Request_approval_workflow_expire_in_days

    The number of days post which the request workflow will expire and the requested service item will be aborted in One Identity manager if there is no activity on One Identity Manager for the requested service item

    default_employee_type

    Set the default Employee type for the Person OnBoarding form. List of possible employee type:

    • Employee

    • Other

    • Apprentice

    • Consultant

    • Contractor

    • Customer

    • Partner

These configuration parameters are required for importing data into ServiceNow:

  • oneim_rest_password

  • oneim_rest_username

  • oneim_rest_endpoint_url

NOTE:The password must be entered in the config value encrypted field, other parameters can be entered into config value.

Documentos relacionados

The document was helpful.

Selecione a classificação

I easily found the information I needed.

Selecione a classificação