Enabling and configuring agentless discovery
To enable and configure discovery in BMC Remedyforce, you require one of the following licenses:
- BMC Remedyforce Base
- BMC Remedyforce Client Management - Premium
- BMC Remedyforce Client Management - Premium Plus
You can either enable BMC Remedyforce discovery or integrate with BMC Client Management. Proceed with this section if you have decided to enable discovery in your Salesforce organization.
Enabling and configuring discovery in BMC Remedyforce is a multiphase process. The following figure provides an overview of the procedures that you must perform to enable and configure discovery in your organization.
The following video (11:03) provides details to enable and configure discovery in BMC Remedyforce.
To configure discovery, perform the following procedures:
Procedure 1: Enable discovery in your organization
- Click the Remedyforce Administration tab.
- On the Home page, from the Configure CMDB 2.0 tile, and from the menu, select Discovery Setup & Configuration.
If you do not get the Discovery Setup & Configuration option, verify if you have enabled integration with BMC Client Management on the Integrations > BMC Client Management Integration Settings page. To get the Discovery Setup & Configuration option, you must disable the BMC Client Management integration.
- Select the Enable BMC Remedyforce Discovery check box.
- Click Save .
Procedure 2: Request Remedyforce Discovery Server
The Remedyforce Discovery Server is required to establish communication between a scanner and BMC Remedyforce.
- To ensure that you receive all email notification, navigate to Setup > Email Administration > Deliverability, select All email in the Access level list, and click Save.
- On the Discovery Setup & Configuration page, click the highlighted link to create a remote site.
The BMC_Remedyforce_Discovery_Prov_Server remote site is created.
- To enable secured communication with the server, set up a password in the Enter Password and Confirm Password fields.
Your username is the Salesforce organization ID of your Salesforce organization that is already displayed on the page.
If you want to change your password, click Change Password. If you have forgotten your password, click the Reset Password link and an email is sent to your registered email address.
To request for the Remedyforce Discovery Server, click the Request Discovery Server button.
After you click the Request Discovery Server button, BMC recommends that you do not move away from the page until your request is processing.
The Remedyforce Discovery Server is unique for your Salesforce organization. When the server is created for your organization, the screen refreshes and the details to install scanners are displayed on the page. An email message is also sent to your registered email address with the server URL and download URLs for scanner installation.
If your request for the Remedyforce Discovery Server fails, request again after some time.
When the Remedyforce Discovery Server is created for you, a scheduled job (BMC Remedyforce - BCM Processor (date time)) runs in your Salesforce organization to keep your server alive. Ensure that you do not delete this job.
To enable communication with the Discovery Server, create second remote site setting by clicking the link on the page.
The license information is not provided on the page until you create this remote site setting.
Once you have configured the remote links, you must not delete these links. Please refer to the following image.
Open the ports on your network firewall to enable communication with the Discovery Server, BMC Client Management Console, and scanner.
The ports that you must open are displayed on the page. You require the following ports:
Integration port—To download the scanner installer that is required to communicate with Discovery Server from BMC Remedyforce.
Console port—To communicate with the Discovery Server for transferring data (in all licenses) and launching BMC Client Management Console (in the premium licenses).
Agent port—To establish connection with the Discovery Server.
These are TCP ports. These ports handle HTTPS connections and internal custom protocols to communicate with the Discovery Server. These ports must be opened for outbound connections on all devices that are running an agent (scanners for Base license; relays and scanners for Premium licenses) that directly communicate with the Discovery Server. If you have upgraded to the BMC Remedyforce Client Management Premium or Premium Plus license, also open the following ports:
To enable discovery and scan, ensure that the protocols are enabled and the default ports of these protocols are also opened on the devices to be discovered.
Procedure 3: Install scanners
After you identify a device to be used as a scanner, use the URLs to install scanners that are available on the Scanner Roll-out tab. URLs for the Windows (32 and 64 bit) and Linux (32 and 64 bit) operating systems are provided. After installation, these devices are displayed in the Scanner Details list on the Scan Configurations tab. After installation, the "BMC Client Management Agent" service runs on the scanner device.
You can run one executable file on multiple devices that have the same configuration. The maximum number of installers that you can install depends on your BMC Remedyforce Discovery license. For more information, see Supported discovery licenses and features.
If you exceed the limit of maximum number of installers, the scanner is not displayed in the Scanner Details list even if the installation is successfull.
Operating system requirements for a scanner
- Windows - 8, 8.1, XP, 2012 R2 64 bit, 2008, 2008 R2 64 bit, 2003, Vista Business and Ultimate or Workstation and Server for all versions
- Linux - AS/ES 3 and 4, CentOS, SUSE, Red Hat (RHEL), Debian, and Ubuntu
To install scanners
- On the scanner device, in a web browser, open the URL to the scanner installer file that is provided on the Scanner Roll-out tab on the Remedyforce Administration > Configure CMDB 2.0 > Discovery Setup & Configuration page.
- Enter your Salesforce organization ID as user name and your Remedyforce Discovery Server password to access the installer.
The installer is downloaded on your device. If you have forgotten your Discovery Server password, click Reset Password link on the page. An email is sent to your registered email address.
- Double-click the installer and run the installation.
- After the installation is complete, on the Remedyforce Administration > Configure CMDB 2.0 > Discovery Setup & Configuration page, click Refresh and the device is displayed in the Scanner Details list on the Scan Configurations tab.
You might notice a delay in getting the installed scanner in the Scanner Details list.
To ensure that a scanner is able to communicate with the Discovery Server, open the port 1610 in your firewall on the scanner.
If you no longer want to use a device as a scanner, you can uninstall the scanner.
Procedure 4: Configure scans
After installing scanners, configure the following for each scanner:
- Protocols that a scanner will use to access and discover devices on your network.
- IP ranges in which the scanner will discover devices. You can also specify the IP ranges that must be excluded from discovery.
- Schedule for scanners to discover. For example, say you want to discover devices every Monday, 9:00 A.M.
Before you begin
Gather the following information to configure scans:
- Type of devices that you want to discover.
- The protocols that you want to configure to communicate with these devices.
- Windows remotely (via WMI, SMB)
- Unix, Linux, or Mac OS
- Printers, routers, and switches (via SNMP)
- Hypervisors of type ESX, ESXi (via SOAP)
- Hypervisors of type Hyper-V (via WMI)
- Administrative credentials to access devices on your network.
- List of IP ranges or addresses of devices that you want to discover and do not want to discover.
- Schedule to discover devices.
To configure scans
- On the Discovery & Configuration page, click the Scan Configurations tab.
- From the Scanner Details list, select one of the available scanner for which you want to configure a scan.
In the Scan Configurations section, select the check box for the protocols that you want to use to access and scan devices on your network.
For example, you want to discover Windows computer systems by using WMI, select the check box for Windows remotely (via WMI, SMB, etc.).
- In the Credentials for section, click .
- In the Add user credentials window, enter the administrative user name and password to access devices by using this protocol, and click Save.
You can enter multiple credentials to access a device. Scanner accesses a device using one credential at a time beginning from top and moves on until success.
The user name must be in one of the following formats:
- if you are on a domain:
<domain name>/<user name>
if you are not on a domain:
- if you are on a domain:
- In the Target List section, click .
- In the Add Target List window, enter the device names that you want to discover and the IP addresses or device names of the devices that you do not want to discover.
The format of the device name can be any or combination of the following:
- Long or short network name (such as, scotty or scotty.organization_name.com)
- IP addresses (such as, 18.104.22.168)
- Comma-separated list of names or IP addresses or IP address ranges (such as, scotty, 10.125.5.10, 192.168.4.34-192.168.4.45)
Classless inter-domain routing (CIDR) notation (such as, 22.214.171.124/18 or 2001:db8:85a3::8a2e:370:152/896)
The address x.x.x.255 is a broadcast IP address and it cannot be scanned. Therefore, do not enter this IP address.
Do not press Enter while entering the target list members.
In the Scan Schedule section, configure the time when scanner must discover devices in your network.
You can configure scan to run immediately or run at specified intervals. The following image shows various options provided to configure scans at specified intervals:
To stop scanning, select Do not scan. If a scan is being executed, successive scans will stop after completing the current running scan.
Time is saved in the time zone of the logged on user. When the scanner receives the scan configuration, this time is converted to the time zone of the scanner and the scan is performed at the converted time.
To view details of the scan progress and its current status, click View Details in the Scan Details column of the Scanner Details section. For more information, see Verifying scan details.
If you have BMC Remedyforce Client Management - Premium or Premium Plus license, you can create multiple configurations for a scanner in the BMC Client Management Console. To access the BMC Client Management Console, navigate to the Remedyforce CMDB tab and click . In the BMC Client Management Authentication dialog box, enter your BMC Client Management credentials. The BMC Client Management Authentication dialog box is shown only once. For information about creating multiple configurations, see in the BMC Client Management documentation. To configure scans in BMC Client Management Console, the scan capability must be enabled for your BMC Client Management user.
If you create or update a scan configuration from BMC Client Management Console, you can update such configurations from BMC Client Management only.
Procedure 5: Configure the import settings
You can import the discovered devices as configuration items (CIs) or assets to Remedyforce CMDB. You can import discovered device details to the following CMDB class types:
- Computer System
- LAN Endpoint
- Operating System
While importing, the following relationships are created among the discovered devices:
- Computer System–LAN Endpoint
- Computer System–Operating System
- Computer System–Processor
Existing records in your CMDB are reatined as is.
To import discovered device details to Remedyforce CMDB
- On the Discovery & Configuration page, click the Import Configurations tab.
- Select the class types.
The BMC_ComputerSystem class is selected by default and you cannot clear its selection. This class stores devices such as desktops, laptops, and servers. When you click the down arrow with a class name, the field mapping table is displayed. Source fields belong to the Remedyforce Discovery Server. For certain field values, the if-else function is used. For example, the value of Is Virtual field of the Base Element object is "No" if the VIRTUALSYSTEMTYPE field value of the source is "notvirtual".
- In the Job Schedule section, specify the schedule to import discovered device details, and click the Start button.
For example, to import discovered device details once in two days, specify 48 in the Hours field. When you specify import schedule, BMC recommends you to consider the scan schedule. For example, say your scanners are configured to scan every Monday. You might want to import discovered devices after every 7 days starting a Tuesday. In this case, enter 168 in the Hours field.
- Click Save.
- The Last successful import at field shows the time when the records were last imported (inserted or updated). The field keeps showing the same date until new records are imported by the running job.
- If you want to generate a report on imported records, use the Assembly ID field. The value of the Assembly ID field of discovered and imported devices is prefixed with "AC:CS".
For the imported records, the Source field is set to Remedyforce Discovery. You can use the Source field to generate reports and also when you enable and configure reconciliation.
· The Last successful import at field shows the time when the records were last imported. The field keeps showing the same date until new records are imported by the running job.