ITOM Quick Start Guide
Home > Administration > ITOM > Quick Start Guide | Index |
IntroductionThis guide takes you through the steps required to get ITOM up and running, from installing your first Site Integration Server to Discovery and Package execution. To follow this guide, you must have access to an instance, and a user with the ITOM Administrator role added a suitable Windows computer on which to install the SIS. Minimum requirements
|
|
Site integration Service (SIS) Installation
The service's role is to monitor the ITOM Job Queue and download any Jobs targeted for it. It will also handle the discovery of devices, deploy and execute packages on those devices. The service is available for download via the Hornbill Instance and installed at any time; however, before you can use it, a Site connector will need to exist on the Hornbill Instance and the SIS paired with it.
The service is installed on-premise behind the firewall and must have access to all devices required for discovery and package deployment. For redundancy, security, or if devices exist on non-connected networks, you can deploy multiple services. The SIS is not processor intensive and will not require significant disk usage, and you can install the service on any existing Windows computer running one of the supported OS’s. We would recommend for you not to install it on a Windows Domain Controller.
The following set of steps will guide you through the process of getting your SIS up and running:
Adding an SIS Connector
First lets setup an SIS connector and generate the Authorisation key required for the pairing process.
- From the ITOM page select Site Integration Services
- Click the “Add SIS connector” button
- Enter your required details:
- Name - Unique identifer for the SIS Connector
- Group - The default group can be used
- Click the Create Site Integration Service button
- Make a note of the Authorisation Key, required for later use during the pairing process
- Return to the Site Integration Services list
- Select the Not Paired filter
- The Authorisation Key is temporary and will expire after 1 hour, AND the SIS record will need recreating.
Download and Installation of the SIS
You can now download the SIS Install files from the ITOM admin tool and copy it to the required installation locations.
- From the Site Integration Services list, Click the Download Site Integration Server button
- Locate and Execute the Downloaded executable
- Click Install
- Click Ok to Confirm the Installation
- Close the Install dialog
- Open the Services MMC Console
- Start the EspSisService
Server Pairing
- Switch back to the Browser and refresh the page (http://localhost :11117)
- Enter the instance ID
- Enter the Authorization Code recorded earlier
- Click the Pair with Instance button
ITOM Admin Account Requirements
Windows NT Accounts
ITOM Admin Credentials will require a Windows NT Administrator account with the following additional rights to be applied:
- Replace a process-level token. (SeAssignPrimaryTokenPrivilege)
- Act as part of the operating system. (SeTcbPrivilege)
You should create a new account solely to deploy and execute ITOM packages. With the above additional privileges, the account will require relevant rights/permissions to access computers over the network. Additional accounts may also require creation; these are dependent on the package used and the security context that the job should be to run as; further information is available within the ITOM package library documented for each package under the section KeySafe Configuration. (https://wiki.hornbill.com/index.php/ITOM_Package_Library)
Creating a Hornbill KeySafe entry
- From the Hornbill Administration page navigate to (Home > System > Security > KeySafe)
- Click the Create New Key button
- Select Type as Username + Password
- Ensure that the KeySafe entry type is Username + Password and not Username + Password + Pre-Shared Key, as the entry will not be visible within ITOM
- Enter the following details:
- Title: Network Admin
- Domain Username: (example: DOMAIN\Username or username@domain)
- Password:
- Click Create Key
Configuring a Discover Job
Navigate to the ITOM Job Queue (Home > ITOM > Job Queue)
Click the Create New button and select Discovery Job
Enter the following details:
Name: AD Discovery using DCOM
Site Target: [Server] SIS Demo
Protocol: DCOM
Discovery Mode: Active Directory
Container: train1. hornbill.edu
Admin Credentials: Network Admin
Use Default Ping Check Settings
Click Create button
Review the Console output locate and confirm the following:
Monitor:
Enumerating child OU
Scan found X computers for detailed discovery.
Performing WMI discovery of X computers
Summary
=======
Successful Discovery
All Computers
The discovery was executed successfully. The results are now being imported.
10:11:26 Discovery import complete. Added:X Updated:X Skipped:X Missing:X Failed:X
Console Output:
Review Summary, confirming successful discovery, and noting any failures.
Debug:
Note any errors; success here implies that the Discovery process did not fail and not that all devices were detected and were able to be accessed.
Inventory Viewer
- Navigate to the ITOM Inventory (Home > ITOM > Inventory Viewer)
- Select All Un-Managed Inventory
- Click on the Name of an Un-Managed inventory Item
- Click check next to the heading Name to select All Discovered Devices
- Click the Register button
- Click Yes to confirm
- Select All Managed Inventory
Inventory Properties
Installed Packages
Package Library
Click Install on both the Active Directory Group and User Management packages
Click Install on Windows Disk Cleanup
Click Close
Uploading Packages
- Click the Package Upload button
- Select the provided package file: Demo.pkg
- Click Open
- Repeat for all other provided packages
IT Automation Job
Single Computer
- Navigate to (Home > ITOM > Job Queue)
- Click the Create New button, and select IT Automation
- Enter Name: Harry Hornbill on Single Computer
- Click the Installed Packages button
- Select Training > Demonstration > Harry Hornbill – The Bird, The Legend
- Click Apply
- Set Site Target to Server and select an Instance
- Set Target Device to Inventory and select a Device
- Set Admin Credentials to Network Admin
- Click Create
Monitor:
Confirm job executed Successfully
Console Output:
Displays the output as would be displayed if the package were manually executed from within a “cmd” console on the target device.
Debug Log:
Note any errors; success here implies that the package is executed successfully. The output will depend on the package being executed.
Multiple Computers
- Navigate to (Home > ITOM > Job Queue)
- Click the Create New button, and select IT Automation
- Enter Name: Harry Hornbill on Multiple Computers
- Click the Installed Packages button
- Select Training > Demonstration > Harry Hornbill – The Bird, The Legend
- Click Apply
- Set Site Target to Server and select an Instance
- Set Target Device to Inventory and select a Device
- Set Admin Credentials to Network Admin
- Click Create
Click on a Job Name to view the Individual Child Job
Click Parent Link in the Summary to Return to Parent Job
Job Scheduling
Discovery
- Navigate to (Home > ITOM > Job Scheduling)
- Click the Create New button, and Select Discovery Schedule
- Enter the following details:
- Name: AD Discover
- Schedule: Run Every Period
- Every (n) Minutes: 15
- Description: Scheduled AD Discovery
- Site Target: Server | SIS Instance
- Protocol: DCOM
- Discovery Mode: Active Directory
- Container: horbnbill.edu
- Admin Credentials: Network Admin
- Ensure Next Scheduled Date and Time is set to a couple of minutes in the future
- Click Enable Schedule
- Navigate to (Home > ITOM > Job Scheduling)
Wait for the Job schedule Time, and Click on the AD Discovery Job Name
Click the Job History
Click on the Scheduled AD Discover Name
IT Automation
Windows Disk cleanup
- Navigate to (Home > ITOM > Job Scheduling)
- Click the Create New button, and Select IT Automation Schedule
- Enter the following Schedule details:
- Name: Windows Disk Cleanup
- Schedule: Run daily
- Ent the following IT Automation Job Settings:
- Package: private:hornbill > Disk Cleanup > Windows Disk Cleanup
- Site Target: SIS Server
- Target Device: List| Test Servers
- Admin Credentials: Network Admin
- Reference: Demo Job
- Set the following Operation Parameters to True:
InternetCacheFiles, Recycle Bin, and Temporary Files
Ensure Next Scheduled Date and Time is set to a couple of minutes in the future
Click Enable Schedule
Navigate to (Home > ITOM > Job Scheduling)
Wait for the Job schedule Time, and Click on the Job Name: Windows Disk Cleanup
Click Job History
Click on the Job Name: Windows Disk Cleanup (with the highest Job Id)
Review the list of jobs, and confirm that all are successful
Click on the Name of any Job entry in the list and review the Details
To return to the parent Click the link shown in the Summary section