PowerShell for Discovery
|Note: The latest release this documentation applies to is Fuji. For the Geneva release, see Discovery. Documentation for later releases is also on docs.servicenow.com.|
PowerShell is built on the Windows .NET Framework and is designed to control and automate the administration of Windows machines and applications. ServiceNow Discovery supports the use of PowerShell to discover Windows computers. MID Servers using PowerShell must be installed on a supported Windows operating system. ServiceNow supports PowerShell 2.0 and above.
|Note: PowerShell is the preferred method for running Discovery over multiple Windows domains, because it allows a single MID Server to authenticate on machines on different domains using credentials stored on the instance.|
2 Installed with PowerShell for Discovery
These elements were added to support PowerShell discoveries.
2.1 MID Server Parameters
The following parameters are optional.
|Note: After changing the setting for any parameter, be sure to restart the MID Server service.|
|PowerShell credentials||mid.powershell.use_credentials|| Determines the credentials to use for Discovery with PowerShell. A setting of true directs the MID Server to run probes with the Windows credentials from the credentials table. To run probes with the credentials of the user for the MID Server service, set this parameter to false.
|Enable PowerShell for Discovery||mid.use_powershell|| Enables or disables PowerShell for Discovery. You must restart the MID Server after changing the value. If Powershell is not installed or the version installed is less that v2.0, Discovery reverts to using WMIRunner.
|PowerShell executable path||mid.powershell.path|| Enables an administrator to point to a specific PowerShell on a MID Server in cases where more than one PowerShell is installed. Supply the path to the folder containing the PowerShell executable (for example, C:\mypowershell or C:\mypowershell\). ServiceNow automatically appends the string powershell.exe to the path. This parameter might be necessary when both a 32-bit and 64-bit PowerShells are active on the same MID Server, and it becomes necessary to launch the correct PowerShell for the context. Note that 64-bit Windows employs file system redirection and the MID server runs as a 32-bit application. If trying to specify a path in %WinDir%\System32, Windows will automatically redirect to %WinDir%\SysWOW64. To avoid redirection, specify the path as %WinDir%\Sysnative. An example would be instead of C:\WINDOWS\system32\WindowsPowerShell\v1.0\, specify C:\WINDOWS\sysnative\WindowsPowerShell\v1.0\.
|MID Server credentials||mid.powershell.local_mid_service_credential_fallback|| Specifies the login credentials the MID Server uses if all other credentials fail.
|Enable or Disable the enforcement of UTF-8 for command output||mid.powershell.enforce_utf8||Enable this parameter to force commands on a target Windows system to return UTF-8 encoded output. Disabling it allows the target system to use its default encoding. This parameter is only valid when PowerShell is enabled.
Setting this value to false may result in incorrect values in the CMDB when non-ASCII characters are returned by a probe.
2.2 MID Server Script Includes
The following script includes were added for PowerShell discoveries. These scripts run on the MID Server to generate the scripts that Discovery uses for WMIRunner and PowerShell.
|GenerateWMIScriptPS1||Generates a PowerShell script for PowerShell Discovery.|
2.3 Probe and Sensor
When a Windows machine is classified with PowerShell, and an MSSQL instance is detected, a probe called Windows - MSSQL is launched. The probe returns the SQL database catalogs and version to a matching sensor.
2.4 Probe Parameter
A probe parameter called WMI_ActiveConnections.ps1 contains a script that runs netstat.exe on a target machine for connection information (such as process IDs, ports, IP addresses) when PowerShell is enabled.
Discovery uses Windows PowerShell credentials from the ServiceNow Credentials table or the domain administrator credentials of the MID Server service. If Discovery cannot find PowerShell credentials in the Credentials table (of the type Windows), it uses the login credentials of the MID Server service.
3 Setting Up a MID Server to Use PowerShell
Discovery can be run with a mix of MID Servers using PowerShell and WMIRunner.
- Download PowerShell and install it on each MID Server configured to discover Windows computers.
- Enable PowerShell for Discovery by setting the mid.use_powershell MID Server parameter to true on all MID Servers (starting in Fuji). For previous versions, set the mid.use_powershell MID Server parameter to false to enable PowerShell.
- See the instructions for configuring MID Server parameters.
- Determine which credentials PowerShell should use.
- To discover Windows computers using credentials from the credentials table, set the mid.powershell.use_credentials parameter to true. This is the default behavior when PowerShell is enabled.
- To force Discovery to use the credentials of the MID Server service user, set the mid.powershell.use_credentials parameter to false on the MID Server. The MID Server service must have domain admin credentials to have access to the Windows machines in the domain.
The mid.use_powershell parameter has a default value of true.