ServiceNow and Endpoint Privilege Management Integration
The Privilege Management for Windows ServiceNow integration can be used with Privilege Management for Windows version 5.3 and later. You can download the integration from the BeyondTrust Support Portal.
- The ServiceNow integration is comprised of two files:
- The URL of your ServiceNow instance. For example, instancename.service-now.com
- The username and password of a user that has the ServiceNow itil role. Users with the itil role can open, update, and close incidents as required.
- A Challenge / Response message
All end users need to have a corresponding account in ServiceNow for Privilege Management for Windows to raise the incident successfully.
In the default configuration, when a user runs an application you are targeting with the ServiceNow rule script, they are presented with the option to raise an incident in ServiceNow or cancel the request. The ticket in ServiceNow includes:
- Short Description
- Description including the business justification, the program name, program publisher, program path, Challenge Response Code, and the business justification the end user provided.
You can then action the incident in ServiceNow and supply the end user with a Challenge Response Code. The end user can then start the application and enter the Challenge Response Code to run the application.
In your Privilege Management for Windows policy, you need to set up the following:
- A Workstyle that targets the ServiceNow rule script
- An Application Group that contains the applications you want to target
- A message configured for Challenge / Response
For more information, please see Configure the ServiceNow Integration.