Download LANDESKSetupGuide

LANDESK Management Suite 2016
LANDESK ServiceNow Connector
Setup Guide
WWW.LANDESK.COM |
SUPPORT.LANDESK.COM
LANDESK ServiceNow Connector Setup Guide
Contents
Overview ...................................................................................... 3
Generate a LANDESK SSL certificate .......................................... 3
Run setup ..................................................................................... 5
Configure post-installation settings ........................................... 20
To the maximum extent permitted under applicable law, LANDESK assumes no liability whatsoever, and disclaims any express or implied warranty, relating to
the sale and/or use of LANDESK products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any
patent, copyright or other intellectual property right, without limiting the rights under copyright.
LANDESK retains the right to make changes to this document or related product specifications and descriptions, at any time, without notice. LANDESK makes
no warranty for the use of this document and assumes no responsibility for any errors that can appear in the document nor does it make a commitment to update
the information contained herein. For the most current product information, please visit www.landesk.com.
Copyright © 2014, LANDESK Software, Inc. and its affiliates. All rights reserved. LANDesk and its logos are registered trademarks or trademarks of LANDESK
Software, Inc. and its affiliates in the United States and/or other countries. Other brands and names may be claimed as the property of others.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
2
LANDESK ServiceNow Connector Setup Guide
Overview
This document contains instructions for setting up the LANDESK ServiceNow connector application on a Windows
server, as well as procedures for setting up basic post-install configuration settings.
Before starting the setup, you must first extend the ServiceNow console in order to use it with the LANDESK
ServiceNow connector. For more information, see the “LANDESK ServiceNow Connector Deployment Guide.”
After setting up the LANDESK ServiceNow connector, you’ll need to configure additional changes to the connector
application using its web-based admin console. For more information, see the “LANDESK ServiceNow Connector User
Guide.”
System requirements
The system requirements for setting up the connector application are:
 Windows Server 12 R2 and above (with Administrator privileges)
 Java JRE (1.8.0_73 or above) pre-installed on your server
 The LANDESK Certificate file must be in place, in the location where Java JRE is installed:
C:\ProgramFiles\Java\jre1.8.0_45\lib\security
 The JAVA_HOME environment variable must be set
Generate a LANDESK SSL certificate
In order to communicate with Management Suite from the LANDESK ServiceNow connector, you need to generate a
self-signed certificate in X509 certificate format on the hosted server. After creating the certificate, you must import it
into the Java keystore and a local trusted keystore.
Perform this task using the Java Keytool utility in one of the following two procedures—there’s a basic one for more
experienced users, and a more detailed one for novices. By default, the utility is located in the %JAVA_HOM%\bin
directory.
To generate a LANDESK SSL certificate (basic procedure)
1. Create a jks file using a key-tool command:
keytool -genkey -keyalg RSA -alias selfsigned -keystore <landesk>.jks -storepass password -keysize
2048
2. Export the created jks file as a .cer file:
keytool -export -alias selfsigned -keystore <landesk>.jks -file landesk.cer
3. Import the created .cer file into the Java keystore using a key-tool command:
keytool -import -trustcacerts -file landesk.cer -alias landesk -keystore
"C:\ProgramFiles\Java\jre1.8.0_91\lib\security\cacerts"
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
3
LANDESK ServiceNow Connector Setup Guide
4. Import the same .cer file into the local trusted keystore.
To generate a LANDESK SSL certificate (detailed procedure)
1. Create a jks file:
C:\Program Files\Java\jre1.8.0_91\bin>keytool -genkey -keyalg RSA -alias selfsigned -keystore
ldsnconnector.jks -storepass landesk -keysize 2048
What is your first and last name?
[Unknown]: landesk.ldms.com (Full Computer name)
What is the name of your organizational unit?
[Unknown]: LDMS
What is the name of your organization?
[Unknown]: landesk
What is the name of your City or Locality?
[Unknown]: xxxx
What is the name of your State or Province?
[Unknown]: xxxx
What is the two-letter country code for this unit?
[Unknown]: xx
Is CN=landesk, OU=LDSM, O=landesk, L=xxxx, ST=xxxx, C=xx correct?
[no]: y
Enter key password for <userpassword>
(RETURN if same as keystore password):
Re-enter new password: <userpassword>
NOTE: The password should be 6 or more characters.
2. Export the jks file as a .cer file:
C:\Program Files\Java\jre1.8.0_91\bin>keytool -export -alias selfsigned -keystore ldsnconnector.jks file landesk.cer
Enter keystore password: <userpassword>
Certificate stored in file <landesk.cer>
3. Import the .cer file into the Java keystore:
C:\Program Files\Java\jre1.8.0_91\bin>keytool -import -trustcacerts -file landesk.cer -alias landesk
-keystore "C:\Program Files\Java\jre1.8.0_91\lib\security\cacerts"
Enter keystore password: <changeit> (Enter password as "changeit" which is common for java keystore)
Owner: CN=landesk, OU=LDSM, O=landesk, L=xxxx, ST=xxxx, C=xx
Issuer: CN=landesk, OU=LDSM, O=landesk, L=xxxx, ST=xxxx, C=xx
Serial number: 5d11b82f
Valid from: Tue May 10 15:49:52 IST 2016 until: Mon Aug 08 15:49:52 IST 2016
Certificate fingerprints:
MD5: CE:0E:B8:DD:91:94:33:A9:F6:1B:69:F2:5A:62:9E:50
SHA1: 1F:57:0B:2B:7B:04:23:33:2A:4F:2B:0D:B3:BB:8A:71:B6:A7:26:91
SHA256:
6F:ED:09:72:53:85:3B:64:7B:BC:9B:4F:3D:88:C6:33:54:8A:45:D6:18:D0:E0:80:27:E0:01:CC:D5:FC:51:30
Signature algorithm name: SHA256withRSA
Version: 3
Extensions:
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
4
LANDESK ServiceNow Connector Setup Guide
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 76 00 4A C4 2A 30 63 53
9C F1 03 C8 FF 46 CB FA
0010: 60 C9 43 4A
]
]
v.J.*0cS.....F..
`.CJ
Trust this certificate? [no]: yes
Certificate was added to keystore
4. Import the same .cer file into the local trusted keystore.
For more general information about creating SSL certificates, see https://docs.oracle.com/cd/E19830-01/8194712/ablqw/index.html.
Run setup
IMPORTANT: Setup will install the LANDESK ServiceNow connector application, a PostgreSQL database, and the Apache Tomcat
service. If any of these products are already installed on the server, setup may fail. LANDESK recommends starting with a clean
server to set up the connector application and accompanying software.
To run setup
1. To install the LANDESK ServiceNow connector, download the connector setup file named
LDSNconnectorwindowssetup.exe from the ServiceNow portal.
2. Double-click the file and run setup with Administrator privileges.
3. On the License Agreement page, select the I accept the agreement option and click Next.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
5
LANDESK ServiceNow Connector Setup Guide
4. On the Select Destination Location page, accept the default location and click Next.
5. On the Select Additional Tasks page, clear the Create a desktop shortcut option and click Next.
6. The Ready to Install page confirms the destination folder. To begin the install, click Install.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
6
LANDESK ServiceNow Connector Setup Guide
7. Once the connector application is installed, select the Launch LDSNConnector option and click Finish.
8. Once the connector finishes installing, a command prompt will display asking you for confirmation to begin
installing PostgreSQL. Enter Y and press Enter to start the install.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
7
LANDESK ServiceNow Connector Setup Guide
9. On the Setup – PostgreSQL page, click Next to start the setup wizard.
10. On the Installation Directory page, install PostgreSQL in the default installation location. DO NOT change the
location of the installation directory. Click Next.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
8
LANDESK ServiceNow Connector Setup Guide
11. On the Data Directory page, store your data in the default directory location. DO NOT change the location of the
data directory. Click Next.
12. On the Password page, enter a password for the default user Postgres and click Next. Remember this password!
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
9
LANDESK ServiceNow Connector Setup Guide
13. On the Port page, enter 5432 for a port number and click Next.
14. On the Advanced Options page, select [Default locale] for a locale and click Next.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
10
LANDESK ServiceNow Connector Setup Guide
15. On the Ready to Install page, click Next to start the PostgreSQL installation.
16. When installation is complete, select the Stack Builder option and click Finish. (Stack Builder will prompt for
additional tools to be downloaded.)
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
11
LANDESK ServiceNow Connector Setup Guide
17. On the Welcome to Stack Builder page, select PostgreSQL 9.5 in the drop-down list and click Next.
18. Expand the Database Drivers node and select the pgJDBC v9.4.1208-1 driver. Click Next.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
12
LANDESK ServiceNow Connector Setup Guide
19. Review your selected package details and click Next.
20. Clear the Skip Installation option and click Next.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
13
LANDESK ServiceNow Connector Setup Guide
21. On the Setup pgJDBC page, click Next to start the pgJDBC driver installation.
22. On the Installation Directory page, accept the default location for the installation directory and click Next.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
14
LANDESK ServiceNow Connector Setup Guide
23. The pgJDBC tool will start installing. Upon completion, click Finish.
24. On the Stack Builder Installation Completed page, click Finish.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
15
LANDESK ServiceNow Connector Setup Guide
25. Once PostgreSQL installation is complete, setup will automatically start the Apache Tomcat installation. At the
command prompt, enter Y and press Enter.
26. On the Tomcat setup wizard’s Welcome page, click Next.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
16
LANDESK ServiceNow Connector Setup Guide
27. On the License Agreement page, click the I agree button.
28. On the Choose Components page, select a Normal install, which includes these components to install: Start
Menu Items, Documentation, and Manager.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
17
LANDESK ServiceNow Connector Setup Guide
29. On the Configuration page, enter a Tomcat Administrator login username and password. Click Next.
30. On the Java Virtual Machine page, browse to the Java JRE location where the LANDESK certificate was created
and placed. Click Next.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
18
LANDESK ServiceNow Connector Setup Guide
31. On the Choose Install Location page, accept the default installation location for Apache Tomcat and click Install.
32. On the final page of the setup wizard, select the Run Apache Tomcat option to start the Apache Tomcat service
immediately after installation. Clear the Show Readme option, then click Finish.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
19
LANDESK ServiceNow Connector Setup Guide
This completes setup for the LANDESK ServiceNow connector application, PostgreSQL database, and the Apache
Tomcat service.
Configure post-installation settings
You now need to configure the following post-installation settings:
1.
2.
3.
4.
5.
Enable the ServiceNow instance’s Insert Multiple Web Service plugin.
Create an Application registry in ServiceNow for Oauth authentication.
Create encrypted passwords with the provided utility tool.
Configure the LANDESK ServiceNow connector’s properties file with the encrypted passwords.
Generate an SSL certificate for the newly installed Apache Tomcat service.
Enable the Insert Multiple Web Service plugin
You need to enable a ServiceNow instance plugin to reduce the time it takes to insert multiple Management Suite
records into ServiceNow. By default, this plugin is inactive.
1. In the ServiceNow instance, navigate to System definition > Plugins.
2. For the Insert Multiple Web Service plugin, select a status of Active.
3. Click Activate/Upgrade to make the change.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
20
LANDESK ServiceNow Connector Setup Guide
Create an Application registry for Oauth authentication
The LANDESK ServiceNow connector application uses the OAuth method to authenticate with the ServiceNow
instance. You need to create an Application registry in order to use this method with ServiceNow.
1. In the ServiceNow instance, navigate to System OAuth > Application Registry > New.
2. For the kind of OAuth application needed, click Create an OAuth API endpoint for external clients.
3. Fill in the form as follows:
 Name field: Enter LDSN Connector
 Client ID field: This ID is generated by default and may vary for each instance used. Make note of the ID,
because you’ll need to add it to the snconnector.properties file in a later procedure.
 Refresh Token Lifespan field: Enter 43,200 (12 hours)
 Client Secret field: Enter a setup password, and make note of it for a later procedure.
Leave all other fields as the defaults. Click the Submit button.
Create encrypted passwords with the utility tool
You can run the provided utility tool (C:\Program Files (x86)\LDSNConnector\ldsnutility) to generate encrypted
passwords for the database, the connector’s web-based console (web portal), and the ServiceNow client login. On the
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
21
LANDESK ServiceNow Connector Setup Guide
system where you installed the connector application, you need to update the snconnector.properties file by adding
the encrypted passwords from the procedures below. By default, the file location is:
<Tomcat service installed path>\conf\landeskconfig.
To generate the database password:
 At the command prompt, enter ldsnutility.exe reset ldsn dbpass <new password>

The utility will return a line showing a newly encrypted password. Copy this encrypted password into the #
Database connectivity section of the snconnector.properties file as the database.password. Normally, the
database user is postgres. For example:
# Database connectivity
database.username = postgres
database.password = <encrypted password>
To generate the web portal password:
 At the command prompt, enter ldsnutility.exe reset ldsn webpass <new password>

The utility will return a line showing a newly encrypted password. Copy this encrypted password into the #
Application properties section of the snconnector.properties file as the app.password. For example:
# Application properties
app.username = admin
app.password = <encrypted password>

Note: The app.username and app.password correspond with the Apache Tomcat entry during install.
To generate the ServiceNow client ID password:
 At the command prompt, enter ldsnutility.exe encrypt servicenow oauthpass <client secret ID> (which is the
password you entered in the OAuth application form above)
 The utility will return a line showing a newly encrypted password. Copy this encrypted password into the #
ServiceNow OAuth properties section of the snconnector.properties file as the sn.client_secret. For
example:
# ServiceNow OAuth properties
sn.client_id = <client ID from ServiceNow>
sn.client_secret = <encrypted password>
Generate an SSL certificate for the Apache Tomcat service
Finally, because the connector application uses secure https for all connectivity, you need to use the Java Keytool utility
(by default, located in the %JAVA_HOM%\bin directory) to generate an SSL certificate for the installed Apache
Tomcat service.
Open keytool.exe and execute the following line:
keytool -genkey -alias tomcat -keyalg RSA -keystore server.jks
In the <Tomcat Installed Path>\conf\server.xml file, uncomment the "SSL HTTP/1.1 Connector" entry shown below and
modify the Configuration section to include values for keystoreFile and keystorePass.
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
22
LANDESK ServiceNow Connector Setup Guide
Original section with comments:
<!
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
Modified section with new information for the keystore file and password:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
keystoreFile="<path>/keystorefilename>" keystorePass="<userpassword>"
clientAuth="false" sslProtocol="TLS" />
For more information about creating SSL support for Apache Tomcat, go to: https://tomcat.apache.org/tomcat-8.0doc/ssl-howto.html.
Verify installation
To verify that the LANDESK ServiceNow connector application has been properly installed, restart the Apache Tomcat
service, then open a browser and enter this URL: https://<IP or Hostname>:8443/SNConnectorWeb
The following page should display:
WWW.LANDESK.COM | SUPPORT.LANDESK.COM
23