PowerShell for Discovery

From ServiceNow Wiki
Home > Deliver > IT Operations Management> Discovery > Discovery Data > PowerShell for Discovery
Jump to: navigation, search
Related Topics
Get the Book
Knowledge.gif Discovery
Knowledge.gif Data Collected by Discovery
Knowledge.gif Orchestration for VMWare
Note: The latest release this documentation applies to is Fuji. For the Geneva release, see Discovery. Documentation for later releases is also on docs.servicenow.com.

1 Overview

PowerShell is built on the Windows .NET Framework and is designed to control and automate the administration of Windows machines and applications. ServiceNow Discovery supports the use of PowerShell to discover Windows computers. MID Servers using PowerShell must be installed on a supported Windows operating system. ServiceNow supports PowerShell 2.0 and above.

Note: PowerShell is the preferred method for running Discovery over multiple Windows domains, because it allows a single MID Server to authenticate on machines on different domains using credentials stored on the instance.

2 Installed with PowerShell for Discovery

These elements were added to support PowerShell discoveries.

2.1 MID Server Parameters

The following parameters are optional.

Note: After changing the setting for any parameter, be sure to restart the MID Server service.

Description Name(s) Details
PowerShell credentials mid.powershell.use_credentials Determines the credentials to use for Discovery with PowerShell. A setting of true directs the MID Server to run probes with the Windows credentials from the credentials table. To run probes with the credentials of the user for the MID Server service, set this parameter to false.
  • Type: true | false
  • Default value: true
Enable PowerShell for Discovery mid.use_powershell Enables or disables PowerShell for Discovery. You must restart the MID Server after changing the value. If Powershell is not installed or the version installed is less that v2.0, Discovery reverts to using WMIRunner.
  • Type: true | false
  • Default value: true in the Fuji release
  • Default value: false in releases previous to Fuji
PowerShell executable path mid.powershell.path Enables an administrator to point to a specific PowerShell on a MID Server in cases where more than one PowerShell is installed. Supply the path to the folder containing the PowerShell executable (for example, C:\mypowershell or C:\mypowershell\). ServiceNow automatically appends the string powershell.exe to the path. This parameter might be necessary when both a 32-bit and 64-bit PowerShells are active on the same MID Server, and it becomes necessary to launch the correct PowerShell for the context. Note that 64-bit Windows employs file system redirection and the MID server runs as a 32-bit application. If trying to specify a path in %WinDir%\System32, Windows will automatically redirect to %WinDir%\SysWOW64. To avoid redirection, specify the path as %WinDir%\Sysnative. An example would be instead of C:\WINDOWS\system32\WindowsPowerShell\v1.0\, specify C:\WINDOWS\sysnative\WindowsPowerShell\v1.0\.
Note: On a 64-bit version of Windows Server 2003 or Windows XP, a Microsoft hotfix may be required to enable this capability.

To discover applications running on a 64-bit Windows machine, the MID Server must be running on a 64-bit Windows host machine.

  • Type: string (path)
  • Default value: none
MID Server credentials mid.powershell.local_mid_service_credential_fallback Specifies the login credentials the MID Server uses if all other credentials fail.
  • Type: true | false
  • Default value: true
Enable or Disable the enforcement of UTF-8 for command output mid.powershell.enforce_utf8 Enable this parameter to force commands on a target Windows system to return UTF-8 encoded output. Disabling it allows the target system to use its default encoding. This parameter is only valid when PowerShell is enabled.

Setting this value to false may result in incorrect values in the CMDB when non-ASCII characters are returned by a probe.

  • Type: true | false
  • Default value: true

2.2 MID Server Script Includes

The following script includes were added for PowerShell discoveries. These scripts run on the MID Server to generate the scripts that Discovery uses for WMIRunner and PowerShell.

Script Include Description
GenerateWMIScriptJS Generates a Javascript script for the WMIRunner probe.
GenerateWMIScriptPS1 Generates a PowerShell script for PowerShell Discovery.

2.3 Probe and Sensor

When a Windows machine is classified with PowerShell, and an MSSQL instance is detected, a probe called Windows - MSSQL is launched. The probe returns the SQL database catalogs and version to a matching sensor.

2.4 Probe Parameter

A probe parameter called WMI_ActiveConnections.ps1 contains a script that runs netstat.exe on a target machine for connection information (such as process IDs, ports, IP addresses) when PowerShell is enabled.

2.5 Credentials

Discovery uses Windows PowerShell credentials from the ServiceNow Credentials table or the domain administrator credentials of the MID Server service. If Discovery cannot find PowerShell credentials in the Credentials table (of the type Windows), it uses the login credentials of the MID Server service.

3 Setting Up a MID Server to Use PowerShell

Discovery can be run with a mix of MID Servers using PowerShell and WMIRunner.

  1. Download PowerShell and install it on each MID Server configured to discover Windows computers.
  2. Enable PowerShell for Discovery by setting the mid.use_powershell MID Server parameter to true on all MID Servers (starting in Fuji). For previous versions, set the mid.use_powershell MID Server parameter to false to enable PowerShell.
    See the instructions for configuring MID Server parameters.
  3. Determine which credentials PowerShell should use.
    • To discover Windows computers using credentials from the credentials table, set the mid.powershell.use_credentials parameter to true. This is the default behavior when PowerShell is enabled.
    • To force Discovery to use the credentials of the MID Server service user, set the mid.powershell.use_credentials parameter to false on the MID Server. The MID Server service must have domain admin credentials to have access to the Windows machines in the domain.

4 Enhancements

4.1 Fuji

The mid.use_powershell parameter has a default value of true.

Was this article helpful?
Yes, I found what I needed
No, I need more assistance