Configure BeyondInsight and Password Safe with BMC Remedy Server

You can export asset data from BeyondInsight to your BMC Remedy server. Before you can configure the integration between BeyondInsight and Remedy, your Remedy system must already have forms created to accept asset information.

You can also export Password Safe events, such as new and changed managed systems and accounts, password requests, approvals, and password retrievals. You can also integrate BMC Remedy with the Password Safe ticket system.

To configure BeyondInsight and Password Safe with Remedy, you must do the following:

  • Create a connector in BeyondInsight to your BMC Remedy server.
  • Create a smart group with parameters configured to include the assets and data that you want to export to the Remedy system.
  • Create a functional account and ticket system (if integrating with Password Safe ticket system).

Create BMC Remedy Connector

Screen capture of sample data from a Remedy WSDL file.

Settings from your Remedy WSDL file are required to create the connector. Sample data from a WSDL file can be found in the screen capture. In this example, the target namespace is urn:RetinaCSAssetTicket; the SOAP action is Create.

The order of the fields must match those specified in the export connector.

 

 

Remedy web service endpoints generally use a sortable date format, such as 2009-06-15T13:45:30; however, you can override the default format in the registry with a valid .NET date format string, such as:

HKEY_LOCAL-MACHINE\SOFTWARE\eEye\RetinaCS\RemedyExportDateFormatString

For examples of standard date format strings, please see Standard date and time format strings at.

  1. In the BeyondInsight console, go to Configuration > General > Connectors.
  2. In the Connectors pane, click Create New Connector.
  3. Enter a name for the connector.
  1. Select BMC Remedy Connector from the Connector Type dropdown.
  2. Click Create Connector.

BMC Remedy Connector details and activation window.

  1. Set the BMC Remedy Connector options as follows:
    • Connector Name: The connector name can be any name.
    • Organization: Select an organization, if applicable.
    • Enable the Active option. Data is exported to Remedy only when the connector is active.
    • Username: Enter a Remedy username.
    • Password: Enter the password for the Remedy username. Credentials provided for the Remedy system must have access to the web service and be able to create requests.
    • Enable each of the Export options according to what type of data you want to export, and then configure the options as defined below, in Export Assets Options.

     

     

Some options are only available if the option they depend on, immediately above, is enabled. Options not available are grayed out.

Example of export details and default field mapping.

 

  1. After you provide the information, click Test Connector to ensure a connection is established to your Remedy system.

The test creates a record in the Remedy system.

  1. Click Update.
  • Web Service URL: Defines the location where data is exported.

Web Service URL where data will be exported

  • Target Namespace: Enter the target namespace from the WSDL file.
  • SOAP Action: Enter the action as defined in the WSDL file.
  • Field Mappings: Review the list of mapped fields for the export data. The order of the fields must match the order of the fields in the WSDL file. Edit a field to change the sort order. To edit or delete a field, click the vertical ellipsis at the right end of the line for that field. To add a field, click Create Mapping.

Field mapping with edit window for selected field.

  • Ticket System Web Service URL: Defines the location where data is exported.
  • Target Namespace: Enter the target namespace from the WSDL file.
  • SOAP Action: Enter the action as defined in the WSDL file.
  • SOAP Date/Time Format: (Optional). Required if your BMC Remedy instance is localized to a non-standard date and time format. Formats are based on .NET DateTime formatting standards.
  • List Operation: This option must be enabled when List Operations are used in the WSDL file.
  • Field Mappings: Click Create Mapping to add the fields that you want to include in the export data. The order of the fields must match the order of the fields in the WSDL file. Edit a field to change the sort order. To edit or delete a field, click the vertical ellipsis at the right end of the line for that field.

Add the first mapped field for Ticket System Mappings.

Create a Smart Group

Assets exported are defined in a smart group.

  1. Create an asset-based smart group.
  2. Under Actions, add a new action.
  3. Select Export Data from the list of actions.
  4. Select BMC Remedy from the list of export types.
  5. Select the name of the Remedy connector from the list of export connectors.
  6. Select an audit group from the list.
  1. Enter the expiration period in days and then click Save.

Assets (depending on what is defined in the collector details) are only exported once in the defined expiration period. However, an asset might be exported more than once. This might occur if the item is not included in the Smart Group but then is included again later. After the expiration period passes, the item is exported again if it remains in the Smart Group.

For more information on creating Smart Groups and working with Smart Rules, please see the BeyondInsight User Guide.

After the Smart Group is created, the data is ready to be collected and exported every hour on the hour.

You can change the default export time in the RemManagerSvc.exe.config file located in the BeyondInsight install directory.

Screen capture of RemManagerSvc.exe.config file - change default export time.

You can view export results on your Remedy system. Export results or alerts in progress are not shown in BeyondInsight.

To stop exporting data, uncheck the Active box on the Remedy Connector Details page.

Create a Functional Account

If you integrate Remedy with the Password Safe ticket system, you must create a functional account.

  1. In the BeyondInsight console, go to Configuration > Privileged Access Management > Functional Accounts.
  2. Click Create Functional Account.

BI Remedy Functional Accounts

  1. Select a Ticket System from the Type dropdown menu.
  2. Select BMC Remedy from the Platform dropdown menu.
  3. Enter a Username and Password.
  4. Select a configured connector from the Search Connectors dropdown menu. A connector configuration provides all of the configuration data required in order to communicate with the specified system, such as BMC Remedy.
  5. Enter an Alias and a short Description. The Alias is a user-defined name/label that can be used to provide a more descriptive text than the username. The Alias value displays in the selectors elsewhere in the app
  6. Select a Workgroup from the dropdown menu.
  7. Click Save New Account when done.

 

The connector credentials must match the credentials of the functional account.

Create a Ticket System

If you integrate Remedy with the Password Safe ticket system, you must create a ticket system.

Select BMC Remedy Ticket System from the Platform list, select the function account, and enable the options you desire.

  1. In the BeyondInsight console, go to Configuration > Privileged Access Management > Ticket Systems.
  2. In the Ticket Systems pane, click Create New Ticket System.
  1. Select BMC Remedy Ticket System from the Platform list.
  2. Select the functional account you just created.
  3. Provide a name and description for the ticket system.
  1. Enable the options for features you want. Options are:
    • Auto Approve on Ticket Number Validation
    • Enable Emergency Approval Without Ticket Number
    • Make this ticket system the default
  1. Click Create Ticket System when done.

 

The Access Policy Certificate Common Name and Access Policy Code fields are not used.