立即与支持人员聊天
与支持团队交流

Identity Manager 9.2 - Administration Guide for Connecting to ServiceNow

ServiceNow Module Overview Installation Managing ServiceNow Incidents from One Identity Manager One Identity Manager for Service Catalog Logging Troubleshooting

Configuration Parameters

The details related to configuration parameters in the One Identity Manager ServiceNow App are listed below Configuration parameters can be found under One Identity Manager ServiceNow App in the Application navigator. Sysadmin/Appadmin would be able to configure these parameters. Initially when the One Identity Manager Service App is configured for the first time the scheduled job must be executed manually once for the configuration parameters to be available for the user to edit.

To execute the Scheduled job follow the below steps:

  1. Open the ServiceNow instance.

  2. Navigate to System Definition | Scheduled jobs.

  3. Search for InitializeConfigurationParametersAndLoadData and select it.

  4. Click on Execute button to execute the background job and initialize the configuration parameters

    Table 1: Configuration Parameters
    Config Parameter Name Config Parameter Description
    add_OneIM_managers_to_approver_role

    Add OneIM Managers to ServiceNow's approver_user role so that they would be able to approve the ServiceNow request assigned to them? (true | false)

    compliance_officer The group of the compliance officers which will approve, if a request would lead to a SoD conflict.
    delta_load_data_from_oneim_server_persons If true, loads identity data from One Identity Manager to ServiceNow during a delta sync .
    delta_xdateupdated_accproduct Highest XDateUpdated for Service Item entities, to be used for the next delta run. This value is automatically calculated and set after Full / Delta sync.
    delta_xdateupdated_accproductgroup Highest XDateUpdated for Service Categories entities, to be used for the next delta run. This value is automatically calculated and set after each Full / Delta synchronization.
    delta_xdateupdated_person Highest XDateUpdated date for Person entities from the last synchronization. To be used for the next delta run. This value is automatically calculated and set after each Full / Delta synchronization.
    fallback_approver The approval is sent to the fallback approver group if no manager is available  .
    job_execution_status Background Job execution status (Ready/Running). Ready implies the job is not executing and Running implies job is executing.
    job_load_data_from_oneim_server_delta_load Scheduled Job: Perform delta load from One Identity Manager during scheduled run? (true | false)
    job_load_data_from_oneim_server_full_load Scheduled Job: Perform full load from One Identity Manager? (true | false)
    log_level Info = show info, warning, and error log messages debug = show info, warning, error, and debug log messages warn = show error and warning log messages error = show error log messages only
    oneim_api_retrythreshold The number of times the retry mechanism should be executed in case of failures.
    oneim_request_validity_default IT Shop request validity. If the validity fields (valid from and valid until) are empty, the validity will be set to default validity (in days).
    oneim_rest_endpoint_url REST API Endpoint to the One Identity Manager Application Server
    oneim_rest_pagelimit The number of items that can be fetched per page during the API call to One Identity Manager App Server.
    oneim_rest_password Password of the service user for the REST API's Endpoint of the One Identity Manager Application Server.
    oneim_rest_username Username of the service user of REST API's Endpoint to the One Identity Manager Application Server
    oneim_to_servicenow_user_matching_attribute This attribute is used to configure an alternate property other than central account that can be used to match the Person to sysusers in ServiceNow. This is an optional attribute.

    oneim_xml_max_childNode_search_count

    Maximum number child nodes to search for a match in a xml document

    page_load_data_from_oneim_server_delta_load If true, perform a delta load from One Identity Manager during page load .
    page_load_data_from_oneim_server_full_load If true, perform a full load from One Identity Manager to during page load .
    delta_load_data_from_oneim_server_service_items Get new Service Items from One Identity Manager on page load. 
    perform_manager_approval

    This parameter is used to determine ServiceNow request raised by the user should be approved by the manager or not. If set to true, request raised should be approved by the manager. If set to false, request raised need not be approved by the manager. (true | false)

    perform_sod_check Should a SoD check be performed during request submission? (true | false)
    manager_approval_authoritative_source Determines whether ServiceNow or One Identity Manager is the authoritative source for managers.

    truncate_user_accproductgroup_accproduct

    When the scheduled job executes and this parameter is set to true, the tables x_oni_oneim_addon_accproduct_user and x_oni_oneim_addon_accproductgroup_user are truncated in order to reduce the overhead of maintaining large data in custom tables.

    employee_type

    This parameter is used to determine what kind of identities are fetched from OneIM. If you want more than one of a kind, then provide comma separated values.

    Example- contractor, employee

    minimum_input_length_for_service_category

    Minimum number of characters required to search for service category while raising the IT shop request

    minimum_input_length_for_service_item

    Minimum number of characters required to search for service item while raising the IT shop request

    workflow_approval_timer_interval_in_seconds

    Retry interval in seconds to fetch the current status of the requested service item from One identity manager in request approval workflow of ServiceNow

    IMPORTANT:The default value is 3600 secs (60 minutes). Reducing this time limit could impact the performance of the ServiceNow instance.

    Request_approval_workflow_expire_in_days

    The number of days post which the request workflow will expire and the requested service item will be aborted in One Identity manager if there is no activity on One Identity Manager for the requested service item

    default_employee_type

    Set the default Employee type for the Person OnBoarding form. List of possible employee type:

    • Employee

    • Other

    • Apprentice

    • Consultant

    • Contractor

    • Customer

    • Partner

These configuration parameters are required for importing data into ServiceNow:

  • oneim_rest_password

  • oneim_rest_username

  • oneim_rest_endpoint_url

NOTE:The password must be entered in the config value encrypted field, other parameters can be entered into config value.

Initial load from One Identity Manager to ServiceNow

Once the ServiceNow App is installed and configured, the One Identity Manager entities including Person, Service Category and Service Items must be synchronized to the ServiceNow instance. The import of data can be done using a scheduled job.

Scheduled execution

The One Identity Manager for Service Catalog App includes a scheduled server script that imports the One Identity Manager Identities and IT Shop Categories and Items into ServiceNow. You can find this by navigating to System Definition | Scheduled jobs in a ServiceNow instance and searching for InitializeConfigurationParametersAndLoadData.

  • This server scheduled script executes in the background at the specified time interval.

  • Run and Time fields can be customized to schedule the job.

  • By default the scheduled job runs at 12:00:00 GMT daily.

NOTE: One Identity recommends to have the schedule script running during non peak hours.

Data Synchronization from One Identity Manager to ServiceNow

This section explains about the synchronization of data from One Identity Manager to ServiceNow catalog integration.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级