Difference between revisions of "ITOM Quick Start Guide"

A free preview access is available by default for all Hornbill subscribers with administrative rights and can access the administration portal. In order to gain access to ITOM, users will need to be assigned rights to the various features provided. A single system role is currently provided ITOM System Administrator, and will allows full administrative access, additional details can be found in the section ITOM Roles and Rights.

Site integration Service (SIS) Installation

The service is required to be installed on-premise and must have access to all devices that you wish to be managed. The role of SIS server service is to monitor the ITOM Job Queue and downloading any Jobs targeted for it. It will also handle the deploying of packages to remote devices and executing the payload.

Minimum requirements

• OS: Windows Server 2012, 2012 R2, 2016 or 2019

• RAM: 4GB

• Free Disk: 10GB

Where to Install

You can install the service on any existing Windows computer running one of the supported OS’s. The SIS is not processor intensive and will not require significant disk usage.

We would recommend that the SIS is not installed on a Domain Controller or Desktop OS.

Adding an SIS Connector

1. From the ITOM page select Site Integration Services
2. Click the “Add SIS connector” button
3. Enter your required details:
   1. Name - name used to identify the SIS server to the Hornbill Instance
   2. Group - Should be a least one default group, others can be selected via drop down if created previously
4. Click the Create Site Integration Service button

5. The Authorisation Key is displayed, and should be recorded for later use
6. Return to the Site Integration Services list
7. Select the Not Paired filter

Download and Installation of the SIS

1. From the Site Integration Services list, Click the Download Site Integration Server
2. Locate and Execute the Downloaded executable

3. Click Install
4. Click Ok to Confirm the Installation
5. Close the Install dialog
6. Open the Services MMC Console
7. Start the EspSisService

Server Pairing

1. Switch back to the Browser and refresh the page (http://localhost :11117)

2. Enter the instance ID
3. Enter the Authorization Code recorded earlier
4. Click the Pair with Instance button

ITOM Admin Account Requirements

Windows NT Accounts

NT Accounts used for the ITOM Admin Credentials will require the following additional rights to a be applied:

• Replace a process-level token. (SeAssignPrimaryTokenPrivilege)
• Act as part of the operating system. (SeTcbPrivilege)

You should create a new account solely be used to deploy and execute ITOM packages. Along with the above additional privileges, the account will require relevant rights/permissions to access computers over the network.

Additional accounts requiring creation, are dependent on the package(s) used and the context to run as; further information is available within the ITOM package library documented for each package under the section KeySafe Configuration. (https://wiki.hornbill.com/index.php/ITOM_Package_Library)

Creating a Hornbill KeySafe entry

1. From the Hornbill Administration page navigate to (Home > System > Security > KeySafe)
2. Click the Create New Key button
3. Select Type as Username + Password

4. Enter the following details:

1. Title: Network Admin
2. Domain Username: (example: DOMAIN\Username or username@domain)
3. Password:

5. Click Create Key

Configuring a Discover Job

1. Navigate to the ITOM Job Queue (Home > ITOM > Job Queue)

2. Click the Create New button and select Discovery Job

3. Enter the following details:

   1. Name: AD Discovery using DCOM

   2. Site Target: [Server] SIS Demo

   3. Protocol: DCOM

   4. Discovery Mode: Active Directory

   5. Container: train1. hornbill.edu

   6. Admin Credentials: Network Admin

   7. Use Default Ping Check Settings

4. Click Create button

Review the Console output locate and confirm the following:

Inventory Viewer

1. Navigate to the ITOM Inventory (Home > ITOM > Inventory Viewer)
2. Select All Un-Managed Inventory

3. Click on the Name of an Un-Managed inventory Item

4. Click check next to the heading Name to select All Discovered Devices

5. Click the Register button
6. Click Yes to confirm
7. Select All Managed Inventory

Inventory Properties

1. Click on the Name of a Managed inventory Item

   

2. Review the properties

Installed Packages

Package Library

1. Navigate to (Home > ITOM > Installed Packages)
2. Click the Package Library button

2. Click Install on both the Active Directory Group and User Management packages

3. Click Install on Windows Disk Cleanup

4. Click Close

Uploading Packages

1. Click the Package Upload button
2. Select the provided package file: Demo.pkg
3. Click Open
4. Repeat for all other provided packages

IT Automation Job

Single Computer

1. Navigate to (Home > ITOM > Job Queue)
2. Click the Create New button, and select IT Automation
3. Enter Name: Harry Hornbill on Single Computer
4. Click the Installed Packages button
5. Select Training > Demonstration > Harry Hornbill – The Bird, The Legend
6. Click Apply
7. Set Site Target to Server and select an Instance
8. Set Target Device to Inventory and select a Device
9. Set Admin Credentials to Network Admin
10. Click Create

Monitor:

Confirm job executed Successfully

Console Output:

Displays the output as would be displayed if the package were manually executed from within a “cmd” console on the target device.

Debug Log:

Note any errors, success here implies that the package executed successfully, the output will be dependant on the package being executed.

Multiple Computers

1. Navigate to (Home > ITOM > Job Queue)
2. Click the Create New button, and select IT Automation
3. Enter Name: Harry Hornbill on Multiple Computers
4. Click the Installed Packages button
5. Select Training > Demonstration > Harry Hornbill – The Bird, The Legend
6. Click Apply
7. Set Site Target to Server and select an Instance
8. Set Target Device to Inventory and select a Device
9. Set Admin Credentials to Network Admin
10. Click Create

11. Click on a Job Name to view the Individual Child Job

12. Click Parent Link in the Summary to Return to Parent Job

Job Scheduling

Discovery

1. Navigate to (Home > ITOM > Job Scheduling)
2. Click the Create New button, and Select Discovery Schedule
3. Enter the following details:
   • Name: AD Discover
   • Schedule: Run Every Period
   • Every (n) Minutes: 15
   • Description: Scheduled AD Discovery
   • Site Target: Server | SIS Instance
   • Protocol: DCOM
   • Discovery Mode: Active Directory
   • Container: horbnbill.edu
   • Admin Credentials: Network Admin
4. Ensure Next Scheduled Date and Time is set to a couple of minutes in the future
5. Click Enable Schedule
6. Navigate to (Home > ITOM > Job Scheduling)

7. Wait for the Job schedule Time, and Click on the AD Discovery Job Name

8. Click the Job History

9. Click on the Scheduled AD Discover Name

IT Automation

Windows Disk cleanup

1. Navigate to (Home > ITOM > Job Scheduling)
2. Click the Create New button, and Select IT Automation Schedule
3. Enter the following Schedule details:
   • Name: Windows Disk Cleanup
   • Schedule: Run daily
4. Ent the following IT Automation Job Settings:
   • Package: private:hornbill > Disk Cleanup > Windows Disk Cleanup
   • Site Target: SIS Server
   • Target Device: List| Test Servers
   • Admin Credentials: Network Admin
   • Reference: Demo Job
   • Set the following Operation Parameters to True:

InternetCacheFiles, Recycle Bin, and Temporary Files

5. Ensure Next Scheduled Date and Time is set to a couple of minutes in the future

6. Click Enable Schedule

7. Navigate to (Home > ITOM > Job Scheduling)

8. Wait for the Job schedule Time, and Click on the Job Name: Windows Disk Cleanup

9. Click Job History

10. Click on the Job Name: Windows Disk Cleanup (with the highest Job Id)

11. Review the list of jobs, and confirm that all are successful

12. Click on the Name of any Job entry in the list and review the Details

13. To return to the parent Click the link shown in the Summary section