Integrating Password Manager Pro with ServiceNow
Password Manager Pro (PMP) integration with ServiceNow will allow the users to perform the following actions in ServiceNow console,
- Retrieve passwords stored in PMP's database.
- Launch secure remote sessions (RDP, SSH, and SQL) from ServiceNow's Incident console, using the credentials stored in PMP's database.
- Steps to integrate Password Manager Pro with ServiceNow
- Enabling the PMP plug-in app for ServiceNow users
- Retrieving passwords from PMP in ServiceNow
- Launching remote sessions from ServiceNow
Important Note :
Before integrating PMP with ServiceNow, make sure to follow the prerequisite steps given below,
- To carry out this integration, you must hold an admin role in ServiceNow and at least a user role in PMP. Apart from that, also ensure that other users too have user accounts in both ServiceNow and Password Manager Pro.
- Movement of data between ServiceNow and PMP is routed through MID server, an application used by ServiceNow to communicate with external applications. If you haven't configured MID server yet for your ServiceNow platform, refer to the following links to set it up:
Steps to integrate Password Manager Pro with ServiceNow
To configure Password Manager Pro in ServiceNow, carry out the following steps in ServiceNow console,
- Download Password Manager Pro (PMP) plug-in app from ServiceNow store.
- Go to ServiceNow --> Applications, select the downloaded plug-in app and click Install.
- Now, type Password Manager Pro in the search box provided in the left-hand navigation pane. You will be able to view the PMP module.
- Select Setup under the module to open the setup wizard.
- To proceed with this integration, you should have Password Manager Pro installed in your environment. Refer to our Installation Guide for more info. If PMP is already installed, click Next.
- Enter the URLs of the PMP server and ServiceNow's MID server. Also, enter your organization name if you're running an MSP version of Password Manager Pro. Click Next.
- Now, enter your PMP credentials and click Next. In case two-factor authentication is enabled in PMP, you'll be asked to enter only your username in this page and prompted for both the first and second factor passwords only in the next step.
- You have now successfully integrated PMP plug-in app with ServiceNow.
Note: As explained above, MID server ensures communication between ServiceNow and PMP.
Enabling the PMP plug-in app for ServiceNow users
Once the integration is complete, the next step is to enable the plug-in for required users in ServiceNow. By default, the ServiceNow admins will be able to view the PMP module in the left hand navigation pane. For other users, one of the following roles have to be assigned in ServiceNow:
- PMP_User - This role will allow users to log in to the plug-in using their PMP credentials and retrieve passwords or launch remote sessions directly from ServiceNow console.
- PMP_ServerAdmin - This role typically provides the same privileges as the PMP_User role. In addition, the PMP_ServerAdmin role is also entitled to edit the PMP and MID server details saved in ServiceNow.
To assign the above roles for users in ServiceNow, follow the steps given in this link : https://express.servicenow.com/support/documentation/assign-role-to-user-exp/
Retrieving passwords from PMP in ServiceNow
The integration will allow the users to retrieve passwords stored in PMP's database directly from ServiceNow's Incidents console.
To retrieve a password,
- Go to ServiceNow. Search for Incidents in the left hand navigation pane.
- Select the Incidents tab that appears under Service Desk in the search results. The Incidents page will open, listing all the incident records. Select the required incident from the list.
- For every incident, the name of the related IT resource (if any) will be shown in the Configuration item field. This name is the corresponding Resource Name of the IT asset in PMP's database.
- To retrieve the password for an account of the resource, click on the Password Manager Pro tab as shown in the image below. Click 'Fetch' to populate the resource details stored in Password Manager Pro for the configuration item.
- Select the required account of the resource from the drop down menu and click Retrieve Password.
Enter the reason for password retrieval in the new pop-up window that opens. This reason will be captured in Password Manager Pro's audit logs. Moreover, providing a reason is mandatory if access control is configured for the resource in Password Manager Pro. Even if access control is not configured in PMP, recording a reason for password retrieval is a recommended security best practice. Next, click Submit to view the password.
Note: If you have integrated ServiceNow in Password Manager Pro for service request validation, the ticket ID which is pre-filled as shown in the above image will also be verified by PMP. Click here to read more about ticketing system integration in PMP.
Launching remote sessions from ServiceNow
Users can launch remote RDP, SSH and SQL sessions from ServiceNow using the PMP plug-in app. To launch a remote session,
- Click on the Launch Remote Session button shown under the Password Manager Pro tab.
- Enter the reason for launching remote session in the new pop-up window that opens and click Submit to connect to the IT resource.
- The session will open in a new window as shown in the image below. These sessions are launched via the RDP, SSH and SQL gateways that are bundled within Password Manager Pro. Tunneled through the PMP server, the sessions are emulated in the browser screen itself and hence there is no need for installing any plug-in or agent in any end-points. The only requirement is that the browser should be HTML 5 compatible (For example IE 9 or above, FF 3.5 or above, Safari 4 or above, Chrome).
Note: The remote sessions can also be recorded for auditing purposes and stored in PMP's database for future references. Click here to read more about session recording in PMP.