VMware vCenter Configuration Manager Connector
This section of the documentation contains technical information on the ASM Core to VMware vCenter Configuration Manager Connector.
Including:
The name of the .NET assembly file
The connection methodology
The resource and link types that can be discovered
The events that are generated
The actions that can be called under workflow control
For compatibility and version support details, refer to the ASM Connector Matrix.
You should familiarize yourself with the information in Installing Connectors before installing any connectors, and read the Integration topics for more information on how to configure them.
Functionality
The VMware vCenter Configuration Manager connector allows organizations to enhance the following processes:
Incident Management. Automatically discover machine resources into the ASM Core Federated CMDB for the purposes of incident classification, reporting, and routing.
Asset Management. Automatically discover installed software into the ASM Core Federated CMDB for the purposes of comparing the actual deployments of software with software license assignments.
Change Management. Automatically enforce the initiation of a formal Change Management process in ASM Core whenever a server administrator attempts to roll out changes (eg: Windows service packs or security bulletins) using VMware vCenter Configuration Manager.
Connector Details
Information fields
Description
Connector
VMware vCenter Configuration Manager <-> ASM Core
ASM Core
v10 and above
Third-party application
VMware vCenter Configuration Manager
Assembly
Infra.Connector.vCM.dll
Configuration file
Infra.Connector.vCM.icnf
Connection methodology
Database
Connector Installation
The steps below detail how to install the connector.
Download the connector zip package, save it in a temporary directory then unzip it.
The unzip folder should contain 4 sub-folders: Bin, Config, Doc, and vCM Scripts.
vCM Database Preparation
A number of operations must be performed against the vCM database server as part of the connector installation. These operations must be performed by an account that is a database owner of the target database catalog such that any objects created in these steps should be created in the “dbo” schema.
Some of these operations are performed by shipped database script files (*.sql). Others should be performed by the SQL Server administration interface.
The connector connects solely to the main vCM database catalog. By default this will be called “VCM”; in some upgraded environments this may be “SCM” or “ECM”.
vCM utilizes additional database catalogs with suffixed names e.g.“VCM_Unix” and “VCM_Coll”. The database account used by the connector requires some access to one of these, the “Unix” database. However, the connector will never connect to this database directly.
Copy the contents of the vCM Scripts directory to your vCM database server.
Login to the SQL Server administration interface as an administrator.
Create a dedicated database login for the ASM connector.
On the main database catalog:
Run the provided SQL script Create_vSM_Connector_Objects.sql. (This creates the stored procedure used by the connector.)
Run the provided SQL script Grant_vSM_Connector_Access_Main.sql. (This creates the vSM_Connector database role and assigns it permissions.)
Add the dedicated login as a user to the catalog
Add the user as a member to the database role vSM_Connector.
Run the provided SQL script Enable_vCM_Integration.sql. (This enables vCM to create RFC events.)
On the “Unix” database catalog:
Run the provided SQL script Grant_vSM_Connector_Access_Unix.sql.
Run the provided SQL script Grant_vSM_Connector_Access_Unix.sql. (This creates the vSM_Connector database role and assigns it permissions.)
Add the dedicated login as a user to the catalog
Add the user as a member to the database role vSM_Connector.
Maintenance
If required at a later date, RFC events can be disabled by running the database script Disable_vCM_Integration.sql.
ASM Core Server Preparation
Copy the contents of the bin and config directories to the following locations on the ASM Core server:
File Name
Target Location(s)
bin / Infra.Connector.vCM.dll
< ASM Root>
<Target System>/bin
config / Infra.Connector.vCM.icnf
<Target System>/config
config / Infra.Connector.vCM.Install.scp
2. In the ASM Core Server Console, execute the SQL script Infra.Connector.vCM.Install.scp against the target system.
Restart the following Windows services:
The World Wide Web Publishing Service
The ASM Connector Service
Connection Source Creation
When creating a new VMware vCenter Configuration Manager source from the Source option of the Integration Platform, some specific parameters have to be entered as follows:
DB Connection String
Identifies the database server and catalog using an ADO.NET Native SQL Server Client connection string, minus explicit credentials.
E.g. Server=server-host-name-instance-name;Database=vCM
DB User ID
The login id of the database user assigned to ASM Core.
DB Password
The password of the database user.
Two modes of authentication against the database are supported:
SQL Server Authentication
Integrated Windows Authentication
SQL Server Authentication
In SQL Server Authentication the connector uses the credentials of a user created within the database. In this scenario, the credentials of that user are specified within the “DB User ID” and “DB Password” parameters.
Integrated Windows Authentication
In Integrated Windows Authentication the connector is authenticated using the credentials of a Windows account granted permission to the database. When this method is used the “DB User ID” and “DB Password” parameters are ignored and should be left blank. Instead, connector is authenticated using the account of the executing process. To use this mode of authentication:
The “DB Connection String” parameter requires an addition suffix, “
;Integrated Security=SSPI”. E.g. Server=server-name;Database=main;Integrated Security=SSPI Where main is the name of the main database (see previous explanations about main vCM database).The following processes must be configured to execute using a Windows account with the prerequisite database permissions.
The IIS Application Pool used by the ASM Core virtual directory (directories)
The various ASM Core Windows services
A common mistake users make when configuring Integrated Windows Authentication is to only configure the account for one of the required processes. If the IIS Application Pool is configured with the correct account but the ASM Core Windows services are not, users may be confused as the connection will succeed within main application but background tasks such as scheduled FCMDB scans will fail.
Incident Management
The VMware vCenter Configuration Manager connector allows you to populate your Federated CMDB with machines (ie: physical servers, virtual servers, desktops, and laptops) for the purposes of incident classification, reporting, and routing.
Resource Types
Machine
A resource that represents a single computer.
Field
Data Type
Machine ID
Int
Machine Name
String
Domain Name
String
Manufacturer
String
Model
String
Primary User
String
Primary User NT Domain
String
Primary User NT Login
String
Last Rebooted
date/time
Is Managed by vCM
Boolean
Is VM
Boolean
OS Name
string
OS Vendor
string
OS Version
string
Time Zone
string
Machine Type
string
Recommended Configuration
Resources
We recommend that you:
Create a Machine CMDB Item Type and design a screen for it.
Create a Machine Template Eg:
Set up a resource mapping in the Integration Platform to map vCM Machine resources and attributes onto ASM Core Machine CIs. The key fields to consider mapping are:
ASM Core Machine CI Attribute
Possible sources from the vCM Machine Resource
Ref
Machine ID
Title
Machine Name
User
The connector dissects the “Primary User” field published by vCM into NT Domain and User ID components. These are provided to enable you to derive the “User” field of an imported Configuration Item using a Resolution Rule. If the ASM System is also integrated with Active Directory, these dissected fields can be matched to the “NT Domain Name” and “NT User ID” of an imported User. The criteria for such a resolution rule should be defined as follows:
{Person:NT Account Name} = {Resource:Primary User NT User Login}
AND {Person:NT Domain Name} = {Resource:Primary User NT Domain Name}
The “Primary User” presented by vCM may not necessarily correspond to the “User”, or may not be populated at all. If this is a concern, use discrepancy reporting on this field to monitor changes to this value.
You may also consider mapping other attributes such as Manufacturer, Model, OS Vendor, OS Name, and OS Version which can be useful for incident diagnosis, routing, and reporting purposes.
Software License Management
The VMware vCenter Configuration Manager connector allows you to populate your Federated CMDB with the software actually installed on each machine. This is intended to be used in conjunction with the Asset Management capabilities of ASM Core, which are used to maintain your inventory of software licenses and their current assignments. By comparing the software actually installed on machines with the current license assignments, you can determine whether you are under or over licensed.
Resource Types
Windows Software
A resource that represents a specific minor version of a Windows software product that is installed on one or more machines.
Field
Data Type
Product Key
String
Product Name
String
Product Version
String
Major Version
String
Minor Version
String
Publisher
string
Unix Software
A resource that represents a specific minor version of a UNIX software product that is installed on one or more machines.
Field
Data Type
Product Key
string
Product Name
string
Product Version
string
Major Version
string
Minor Version
string
Long Name
string
Description
String
Category
String
Link Types
Windows Software Installed On
A relationship between a Machine resource and a Windows Software resource indicating that the software is installed on that machine.
Resource Type A
Machine
Resource Type B
Windows Software
Field
Data Type
Date Installed
date/time
Date Collected
date/time
Date Last Used
date/time
Frequency
string
Install Source
string
Unix Software Installed On
A relationship between a Machine resource and a UNIX Software resource indicating that the software is installed on that machine.
Resource Type A
Machine
Resource Type B
Unix Software
Field
Data Type
Date Installed
date/time
Date Collected
date/time
Date Last Used
date/time
Recommended Configuration
Resources
It is recommended to either:
Store both Windows and UNIX software in the in-built Software Product CMDB Item type.
Create separate descendent CMDB Item Types for Windows Software and UNIX Software.
It is recommended to map the VCM Resource attribute Product Name to the ASM Core Configuration Item attribute Title.
There are three possible ways to manage versions of software products in the CMDB as follows:
Each software product is stored as a single Configuration Item. To support this scenario, set up a Matching Rule based on:
Product Name
Each major version of a software product is stored as a single Configuration Item. To support this scenario, add a Major Version attribute to your CMDB Item and set up a Matching Rule based on:
Product Name
Major Version
Each minor version of a Software Product is stored as a single Configuration Item. To support this scenario, add Major Version and Minor Version attributes to your CMDB Item and set up a Matching Rule based on:
Product Name
Major Version
Minor Version
Links
It is recommended that the Installed On links be imported using a special link type such as:
Category should be set to Summary. A single machine may have a large number of software products installed; similarly, a single software product may be installed on a very large number of machines. Therefore, rendering software installations in a CMDB linking can greatly reduce the readability of the CMDB Linking diagram and obfuscate those relationships that should be clearly visible in the diagram. This configuration is used to hide software installations on the diagram allowing more significant impact relationships to be more clearly presented.
Principal should be set to the CMDB Item Type of the machine CMDB Items imported from vCM, or a common ancestor thereof. This could be as simple as Configuration Item. Optionally, it can be helpful to specify a descriptive role name for Principal such as Installed On.
Summarized should be set to Software Product or whatever descendent type is being assigned to your software product CMDB Items imported from vCM. Optionally, it can be helpful to specify a descriptive role name for Summarized such as Installed Software.
Change Management
The VMware vCenter Configuration Manager connector allows you to automatically enforce the initiation of a formal Change Management process in ASM Core whenever a server administrator attempts to roll out changes (eg: Windows service packs or security bulletins) using VMware vCenter Configuration Manager.
Event Types
RFC Event
An RFC Event represents a notification that a job has been created within vCM to affect some change in the environment that needs to be approved in order to proceed.
The event type exposes the following fields:
Field
Data Type
Description
RFC Event GUID
String
The unique identifier of the job with VCM.
Notes
String
Any notes the VCM administrator has entered to describe the change.
Type
String
The type of job as characterized by VCM.
Run Now
Boolean
A flag indicating whether the VCM administrator plans to run the job immediately or not.
Run Time
date/time
The date/time at which the VCM administrator plans to run the job.
Machine CIs
Reference to zero or more Machine resources
The list of machines that will be impacted by the job, for impact analysis purposes.
Machine CI Ids
String
A textual representation of above.
Event ID
String
The ASM Core request/call ID (will be automatically updated by the connector).
RFC No
String
The ASM Core RFC number (will be automatically updated by the connector).
RFC Status
String
The status of the job. Will initially be “Pending” when the event is received.
Outbound Actions
The two Outbound Actions published by the connector are:
Approve Change. This action allows a change (as identified by a previous event) to proceed.
Deny Change. This action stops a change (as identified by a previous event) from proceeding.
Both actions have the same parameters as follows:
Input Parameters
Field
Data Type
RFC Event GUID
string
RFC No
string
RFC Status
String
RFC Notes
String
Output Parameters
The same fields exposed during receipt of the initial event are available as parameters from actions.
Error Handling
All outbound actions in the connector are attempted synchronously, with one of the following three outcomes possible:
Success
Outbound Action tasks that are created and complete successfully will activate the Completion branch of the workflow.
Failure to Create
Outbound Action tasks that cannot be created due to a soft error (for example, if they cannot connect to the VCM database), will remain active and open. Such tasks will be subject to the retry and email notification parameters as defined in the connection source.
Failure to Complete
Outbound Action tasks that cannot be completed due to a hard error (for example, if the GUID field is not mapped), will cause the Not Completed branch of the workflow. Possible completion errors are:
RFC Event GUID Not Mapped
RFC Event GUID Empty
RFC Event GUID Invalid
Recommended Configuration
At a high level, the steps involved in setting up Change Management are as follows:
Configure vCM Service Desk Integration. See the vCM documentation for details.
Model your Change Management process using the ASM Core Workflow Template Administration.
Map RFC Events through to your process using the ASM Core Integration Platform.
Add Outbound Actions tasks to your process to Approve / Deny changes in vCM.
Modeling your Change Management Process
Your Change Management process should be modeled using the ASM Core Workflow Template Administration. A simple Change Management process can be seen below:
Create a Screen Set for your change process, and add the following extension fields to it. Display these fields as read only fields in your Request Details screen within that Screen Set.
Field
Data Type
VCM GUID
Text
VCM Notes
Text Area
VCM Type
Text
VCM Run Now
Checkbox
VCM Run Date Time
Date
Mapping RFC Events
The ASM Core Integration Platform should be used to map the receipt of vCM RFC Events onto the initiation of a request:
All other Incoming Transactions should be configured to Take No Action as follows:
It is recommended to set up the following incoming field mappings:
ASM Core Request Attribute
VCM Event Source
Update
VCM GUID
RFC Event GUID
Always
VCM Notes
Notes
Always
VCM Type
Type
Always
VCM Run Now
Run Now
Always
VCM Run Date Time
Run Time
Always
Request CIs
Machine CIs
Always
The mapping of the GUID is important as this is needed to approve or deny the change. The mapping of the Machine CIs is important as it allows impact analysis to be performed.
Approving / Denying Changes
At appropriate points in your ASM Core Change Management process, you should insert Outbound Action tasks that approve or deny changes. The only important field to map is the RFC Event GUID as follows:
The RFC No field will be automatically populated with the ASM Core request number (eg: Request#123). It is possible to overwrite this default format by providing an alternative mapping for this field (eg: RFC352).
The RFC Notes field can also optionally be mapped to pass additional information back to vCM.
Was this helpful?
