Setting up a CMDB synchronization connection


This topic provides instructions for configuring synchronization from BMC Helix Discovery to one or more instances of BMC Helix ITSM CMDB, BMC Helix Remedyforce CMDB, and ServiceNow CMDB.



Related topics

Preparing BMC Helix CMDB for synchronization

Best practices for avoiding CMDB sync performance issues

BEST FAQ on Discovery integration with CMDB Open link

Before you begin

Before you can synchronize from BMC Helix Discovery to any instance of a supported CMDB, you must have prepared that CMDB. To learn more, see one of the following topics:

Note

For a Remedyforce CMDB, you do not have to prepare the CMDB, though you do have to create a connected application in Remedyforce. See the Remedyforce documentation Open link for more information.

CMDB sync for on-premises CMDB

It is possible to set up a CMDB sync connection from BMC Helix Discovery to an on-premises installation of CMDB using REST APIs. However, you must consider the following factors before planning to implement it:

  • BMC Helix Discovery must be able to make HTTPS requests to an address on the public internet. The address must route through to CMDB’s REST API.
  • The most likely way to meet the requirement is to expose CMDB's REST API as a service on an internet-facing load balancer.
  • It would be appropriate to register a DNS name for CMDB's REST API, and configure the load balancer to dispatch the requests using the Host header. This minimizes the impact of IP scanners that encounter CMDB's REST API.
  • The exact steps to fulfil this requirement depend on how your network is configured and how you control and protect external access to internal systems. These factors are outside of BMC's control and do not involve any BMC products. Your network and security administrators must be involved in this task. They must understand the requirements and the consequences of such a connection.

In a BMC Helix Discovery environment, a connection from an "egress" address is used only for outgoing connections. There are three addresses that can be used for egress from a region, and the same three addresses are used by all BMC Helix Discovery instances in that region. Currently, these IPs are:

RegionIP addresses
AWS – US Oregon
  • 35.164.114.121
  • 52.35.159.71
  • 54.149.156.206
AWS – EU Ireland
  • 18.202.189.207
  • 52.51.186.132
  • 63.34.23.103

If additional regions are added, these IPs may be expanded upon. If your connection is using a load balancer, these IPs must be allowed. 

To set up the CMDB connection for synchronization

  1. Log in to BMC Helix Discovery.
  2. From the main menu, click the Administration  icon.
    The Administration page displays.
  3. From the Model  section, click  CMDB Sync
    If no CMDB Sync has been configured, a banner displays stating that no CMDB Sync connections are configured.
  4. Click Add CMDB Connection  to add and configure a new connection.
  5. Enter the required details on the Add CMDB Connection page. For more information about the connection details, see Connection details.
  6. Click Test Connection to verify that the new connection can be reached and the credentials are valid. Testing the connection also retrieves the list of companies from the CMDB for connections other than Remedyforce.


The following image shows creating a connection to a ServiceNow CMDB.


The following image shows a successful connection to a Remedyforce CMDB.



The following image shows configuration settings for a Remedy CMDB (REST API) connection type.


Connection details 

Enter the following details on the Add CMDB Connection page.

Connection name

FieldDescription
NameThe name of the CMDB Sync connection

Connection Type

The access mechanism to use to connect to the CMDB (for supported versions see, CMDB synchronization):

  • Remedy CMDB (REST API)
  • Remedyforce – Requires BMC Helix Remedyforce 20.19.02 or later.
  • ServiceNow – Only shown if you are licensed for Sync for ServiceNow CMDB.
  • No Export – No export is performed. This is a useful setting if, for example, you are writing syncmappings, and you want to construct a shadow copy of the CMDB data, but don't want to write it to an actual CMDB.
Select the mechanism to use for the connection. The UI refreshes to provide the correct options for the access mechanism that you selected. 

Username

The user name of the CMDB user that is at least a member of a group having the CMDB Data Change All role. If in doubt, create a dedicated discovery user with the same profile as the standard CMDB Demo user.

At minimum, the CMDB Demo user permissions are required for multitenancy to work.

A user is not permitted to connect to the CMDB from a second IP address within 4 hours of their last activity at the first IP address. For a failover scenario, you could also create a second discovery user to connect from the failover appliance.

(info) The Multitenancy option is not available when synchronizing to Remedyforce or ServiceNow CMDBs.

Password

The password of the CMDB user (or blank if the user has no password)

Options based on a connection type

Options for Remedy CMDB (REST API)

FieldDescription
REST API URLThe complete URL for the CMDB REST API, including protocol and (if non-standard) the port. For example,  https://cmdb.example.com:8443/

CMDB Service Sync 

Although CMDB sync primarily synchronizes data from BMC Helix Discovery into BMC Helix CMDB, in specific circumstances, business service CIs can optionally be synchronized in reverse. This import can take place if the following conditions are true:

  • BusinessApplicationInstance nodes have been created in BMC Helix Discovery (by using SAM, CAM, or TPL).
  • Normal outgoing CMDB sync has created corresponding BMC_Application CIs in the import dataset in BMC Helix CMDB.
  • The BMC_Application CIs have been reconciled into the BMC.ASSET dataset.
  • BMC_BusinessService CIs have been created in the BMC.ASSET dataset in BMC Helix CMDB, with BMC_Dependency relationships to those BMC_Application CIs.
  • (Optional) More BMC_BusinessService CIs have been created in BMC Helix CMDB with BMC_Dependency relationships to the BMC_BusinessService CIs with already existing connections to BMC_Application CIs.

In these circumstances, CMDB service sync imports the BMC_BusinessService CIs into BMC Helix Discovery. This import creates corresponding BusinessService or TechnicalService nodes based on the ServiceType attribute in BMC Helix CMDB.

Any BMC_BusinessService CIs in BMC Helix CMDB that do not depend on BMC_Application CIs that originally came from BMC Helix Discovery are not imported.

Select this check box to import relevant Business and Technical Services from BMC Helix CMDB. This option gives visibility to Business and Technical services in BMC Helix Discovery. Note: The Input Dataset ID, Update Interval, and Attribute Mapping Table are available only if this check box is enabled.

Input Dataset ID

The ID of the dataset used for BMC Helix CMDB data. The default is BMC.ASSET.

Update Interval

Select the frequency at which the sync data is refreshed. The following options are available:

  • 1 hour
  • 2 hours
  • 4 hours
  • 8 hours
  • 12 hours
  • 24 hours

To discontinue any subsequent syncs, select Never.

(Optional) Attribute Mapping Table

You can enter a fully-scoped name of a mapping table, for example, Example.ServiceMapping, into the mapping table field to customize the BMC Helix CMDB attributes that are mapped to BMC Helix Discovery attributes.

The default attribute mapping table is as follows:

"Name"             -> "name";
"ShortDescription" -> "short_name";
"MarketVersion"    -> "product_version";
"Model"            -> "type";
"VersionNumber"    -> "version";

You can also specify a customized TPL model to display additional BMC Helix CMDB attributes. An example of the customized attribute mapping table is as follows:

tpl 1.22 module Example;

table ServiceMapping 1.0
     "Name"             -> "name"
     "ShortDescription" -> "short_name";
     "ServiceLifeCycle" -> "service_life_cycle";
end table;


Options for Remedy CMDB (Legacy API)

FieldDescription

Network Address

The BMC Helix CMDB host. This can be specified as one of the following:

  • Hostname or FQDN
  • IPv4 or IPv6 address
    If BMC Helix CMDB is installed with an AR System server group, you must enter the following based on the high availability status of the server group:
    • (If high availability is configured) The host name or IP address of the load balancer.
    • (If high availability is not configured) The host name or IP address of the primary AR System Server.

Specify TCP Port

The communication port. BMC Helix CMDB typically uses a portmapper service to automatically choose a suitable communication port. If this is not appropriate in your environment, you can configure the CMDB to listen on a specific port, and then specify that port in this field.

Specify RPC Queue

Specify a private RPC queue to use on BMC Helix CMDB. Ensure that you have configured private queues on the CMDB before using this setting. See Configuring CMDB synchronization through a private queue for more information. The following queue numbers can be used:

  • 390696 (the default, which is also used by the CMDB for various tasks)
  • 390698 (used by Reconciliation)
  • 390699 (used by Normalization)

Options for Remedyforce

FieldDescription
Production Environment Select the check box if you are synchronizing to a Remedyforce production environment. For production environments, the system uses https://login.salesforce.com/ for the connection and security verification. This is the default. Deselect the check box if you are synchronizing to a test environment. For test environments, the system uses https://test.salesforce.com/ for the connection and security verification.
Consumer Key

Enter the consumer key that you obtained from the Connected App. For more information about obtaining the consumer key, see Integrating Remedyforce with BMC Discovery.

Consumer SecretEnter the consumer secret that you obtained from the Connected App. For more information about obtaining the consumer secret, see Integrating Remedyforce with BMC Discovery .
Source NameEnter a label for the source of the data. Previously when synchronizing to Remedyforce, this has been the static text "BMC Discovery". You can now enter any value you require. The default value is BMC Discovery.

Options for ServiceNow CMDB

FieldDescription
REST API URLThe complete URL for the ServiceNow CMDB. For example https://acme.service-now.com/
Client ID

Client ID should be the Client ID from the OAuth API Endpoint in ServiceNow, see Preparing ServiceNow CMDB for synchronization.

Client SecretClient Secret should be the Client Secret from the OAuth API Endpoint in ServiceNow, see Preparing ServiceNow CMDB for synchronization.
Create missing reference values

Select the check box for the system to add missing references when inserting data into ServiceNow. For example, a reference to a manufacturer that does not currently exist in the ServiceNow data.

Source NameSource name should be the value of discovery_source setup in the cmdb_ci choice list in ServiceNow, see Preparing ServiceNow CMDB for synchronization.
The following are optional if the REST API is accessed through a proxy.
HTTP Proxy Address/URL
IP address or DNS address of the proxy. Note that if the API URL is an HTTPS URL, the proxy is contacted with HTTPS; if it is an unencrypted HTTP URL, the proxy is contacted with HTTP.
HTTP Proxy PortThe port on which to connect to the proxy. The default is 3128.
HTTP Proxy UsernameFor authenticating proxies, the proxy username.
HTTP Proxy PasswordFor authenticating proxies, the proxy password.

Common options

FieldDescription
Continuous Sync

Select the check box to enable continuous sync for this CMDB connection.

During continuous CMDB synchronization, whenever BMC Helix Discovery finishes scanning a device, it is added to the synchronization queue. Similarly, whenever a device node is removed due to aging, it is also queued for synchronization, meaning that the deletion is propagated into the CMDB. In this way, the CMDB stays completely synchronized with BMC Helix Discovery.

Batch Size

Enables you to configure the batch size used for batch operations. If you experience timeouts during a batched operation, most likely during a resync, these may be prevented by setting it to a lower value. You can set the batch size to anything between 1 and 1000. The default is 100.

Concurrent Workers

Enables you to specify the number of workers used by the CMDB sync process. You can set the number of workers from 1 to 20. The default is 1.

The best practice is to start from the default and gradually increase the number up to when sync rate keeps up with discovery rate.

Output Dataset ID

The ID of the dataset used for Discovery data. The default is BMC.ADDM.

The Dataset ID option is not available for connections to Remedyforce or ServiceNow CMDB.

Data Model

The data model for your CMDB. Different versions of the CMDB have different data models, so the data from BMC Helix Discovery must be transformed differently according to the CMDB version.
The preferred value for Data Model is Standard impact population

Select the correct data model from the menu. If you select an incorrect value, you might encounter errors during synchronization.

Data model valueEffect

Standard impact population

HasImpact and ImpactDirection attributes are set as appropriate.

No impact details
No impact details are set by BMC Helix Discovery. They may be set by Impact Normalization in the CMDB for connections other than Remedyforce.
ServiceNowUsed for connections to a ServiceNow CMDB

Multitenancy

Multitenancy support. Selecting this check box enables you to choose a default company name from the drop-down list to assign to a discovery run during an initial scan. The list of companies is not populated until one connection has been successfully tested, or you click Get Companies (which also tests the connection).

This section is always displayed. However, if another connection exists, instead of the multitenancy configuration options, a message stating Configure multitenancy from the overview page is displayed along with a link to the CMDB Sync page.

(info) The Multitenancy option is not available when synchronizing to Remedyforce or ServiceNow CMDBs.

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Rohan Samudre

    Please also add the screenshot for connection to Remedy CMDB

    Jul 06, 2023 10:59