Setting up a CMDB synchronization connection

This topic provides instructions for configuring synchronization from BMC Helix Discovery to one or more instances of BMC Helix ITSM CMDBs, BMC Helix Remedyforce CMDBs, ServiceNow CMDBs.

Before you begin

Before you can synchronize from BMC Helix Discovery to any instance of a supported CMDB, you must have prepared that CMDB. See one of the following topics:

Related topics

Preparing BMC CMDB for synchronization

Best practices for avoiding CMDB sync performance issues

Note

For a Remedyforce CMDB, you do not have to prepare the CMDB, though you do have to create a connected application in Remedyforce. See the Remedyforce documentation for more information.

CMDB sync for on-premises CMDB

It is possible to set up a CMDB sync connection from BMC Helix Discovery to an on-premises installation of CMDB using REST APIs. However, you must consider the following factors before planning to implement it:

BMC Helix Discovery must be able to make HTTPS requests to an address on the public internet. The address must route through to CMDB’s REST API.
The most likely way to meet the requirement is to expose CMDB's REST API as a service on an internet-facing load balancer.
It would be appropriate to register a DNS name for CMDB's REST API, and configure the load balancer to dispatch the requests using the Host header. This minimizes the impact of IP scanners that encounter CMDB's REST API.
The exact steps to fulfil this requirement depend on how your network is configured and how you control and protect external access to internal systems. These factors are outside of BMC's control and do not involve any BMC products. Your network and security administrators must be involved in this task. They must understand the requirements and the consequences of such a connection.

In a BMC Helix Discovery environment, a connection from an "egress" address is used only for outgoing connections. There are three addresses that can be used for egress from a region, and the same three addresses are used by all BMC Helix Discovery instances in that region. Currently, these IPs are:

Region	IP addresses
AWS – US Oregon	35.164.114.121 52.35.159.71 54.149.156.206
AWS – EU Ireland	8.202.189.207 52.51.186.132 63.34.23.103

If additional regions are added, these IPs may be expanded upon. If your connection is using a load balancer, these IPs must be allowed.

To configure a CMDB synchronization connection

Log in to BMC Helix Discovery.
From the main menu, click the Administration icon.
The Administration page displays.
From the Model section, click CMDB Sync.
If no CMDB Sync has been configured, a banner displays stating that no CMDB Sync connections are configured.
Click Add CMDB Connection to add and configure a new connection.
Enter the required details on the Add CMDB Connection page. For more information about the connection details, see Connection details.
Click Test Connection to verify that the new connection can be reached and the credentials are valid. Testing the connection also retrieves the list of companies from the CMDB for connections other than Remedyforce.

The following image shows creating a connection to a ServiceNow CMDB.

The following image shows a successful connection to a Remedyforce CMDB.

Connection details

Enter the following details on the Add CMDB Connection page.

Connection name

Field	Description
Name	The name of the CMDB Sync connection
Connection Type	The access mechanism to use to connect to the CMDB (for supported versions see, CMDB synchronization): Remedy CMDB (REST API) Remedyforce – Requires BMC Helix Remedyforce 20.19.02 or later. ServiceNow – Only shown if you are licensed for Sync for ServiceNow CMDB. No Export – No export is performed. For testing. Select the mechanism to use for the connection. The UI refreshes to provide the correct options for the access mechanism that you selected.
Username	The user name of the CMDB user that is at least a member of a group having the `CMDB Data Change All` role. If in doubt, create a dedicated discovery user with the same profile as the standard CMDB Demo user. At minimum, the CMDB Demo user permissions are required for multitenancy to work. A user is not permitted to connect to the CMDB from a second IP address within 4 hours of their last activity at the first IP address. For a failover scenario, you could also create a second discovery user to connect from the failover appliance. The Multitenancy option is not available when synchronizing to Remedyforce or ServiceNow CMDBs.
Password	The password of the CMDB user (or blank if the user has no password)

Options based on connection type

Options for Remedy CMDB (REST API)

Field	Description
REST API URL	The complete URL for the CMDB REST API, including protocol and (if non-standard) the port. For example https://cmdb.example.com:8443/

Options for Remedyforce

Field	Description
Production Environment	Select the check box if you are synchronizing to a Remedyforce production environment. For production environments, the system uses https://login.salesforce.com/ for the connection and security verification. This is the default. Deselect the check box if you are synchronizing to a test environment. For test environments, the system uses https://test.salesforce.com/ for the connection and security verification.
Consumer Key	Enter the consumer key that you obtained from the Connected App. For more information about obtaining the consumer key, see Integrating Remedyforce with BMC Discovery.
Consumer Secret	Enter the consumer secret that you obtained from the Connected App. For more information about obtaining the consumer secret, see Integrating Remedyforce with BMC Discovery .

Options for ServiceNow CMDB

Field	Description
REST API URL	The complete URL for the ServiceNow CMDB. For example https://acme.service-now.com/
Client ID	Client ID should be the Client ID from the OAuth API Endpoint in ServiceNow, see Preparing ServiceNow CMDB for synchronization.
Client Secret	Client Secret should be the Client Secret from the OAuth API Endpoint in ServiceNow, see Preparing ServiceNow CMDB for synchronization.
Create missing reference values	Select the check box for the system to add missing references when inserting data into ServiceNow. For example, a reference to a manufacturer that does not currently exist in the ServiceNow data.
Source Name	Source name should be the value of discovery_source setup in the cmdb_ci choice list in ServiceNow, see Preparing ServiceNow CMDB for synchronization.
The following are optional if the REST API is accessed through a proxy.
HTTP Proxy Address/URL	IP address or DNS address of the proxy. Note that if the API URL is an HTTPS URL, the proxy is contacted with HTTPS; if it is an unencrypted HTTP URL, the proxy is contacted with HTTP.
HTTP Proxy Port	The port on which to connect to the proxy. The default is 3128.
HTTP Proxy Username	For authenticating proxies, the proxy username.
HTTP Proxy Password	For authenticating proxies, the proxy password.

Common options

Field Description

Continuous Sync

Select the check box to enable continuous sync for this CMDB connection.

During continuous CMDB synchronization, whenever BMC Helix Discovery finishes scanning a device, it is added to the synchronization queue. Similarly, whenever a device node is removed due to aging, it is also queued for synchronization, meaning that the deletion is propagated into the CMDB. In this way, the CMDB stays completely synchronized with BMC Helix Discovery.

Batch Size

Enables you to configure the batch size used for batch operations. If you experience timeouts during a batched operation, most likely during a resync, these may be prevented by setting it to a lower value. You can set the batch size to anything between 1 and 1000. The default is 100.

Concurrent Workers

Enables you to specify the number of workers used by the CMDB sync process. You can set the number of workers from 1 to 20. The default is 1.

The best practice is to start from the default and gradually increase the number up to when sync rate keeps up with discovery rate.

Dataset ID

The ID of the dataset used for Discovery data. The default is BMC.ADDM.
The Dataset ID option is not available for connections to Remedyforce or ServiceNow CMDB.

Data Model

The data model for your CMDB. Different versions of the CMDB have different data models, so the data from BMC Helix Discovery must be transformed differently according to the CMDB version.
The preferred value for Data Model is Standard impact population.

Select the correct data model from the menu. If you select an incorrect value, you might encounter errors during synchronization.

Data model value	Effect
Standard impact population	HasImpact and ImpactDirection attributes are set as appropriate.
No impact details	No impact details are set by BMC Helix Discovery. They may be set by Impact Normalization in the CMDB for connections other than Remedyforce.
ServiceNow	Used for connections to a ServiceNow CMDB

Multitenancy

Multitenancy support. Selecting this check box enables you to choose a default company name from the drop-down list to assign to a discovery run during an initial scan. The list of companies is not populated until one connection has been successfully tested, or you click Get Companies (which also tests the connection).

This section is always displayed. However, if another connection exists, instead of the multitenancy configuration options, a message stating Configure multitenancy from the overview page is displayed along with a link to the CMDB Sync page.

The Multitenancy option is not available when synchronizing to Remedyforce or ServiceNow CMDBs.