ServiceNowSettings.json File Configuration

The ServiceNowSettings.json file contains some settings you must change and some settings you can optionally configure.

Mandatory Configuration

The mandatory configuration of the ServiceNow integration is discussed earlier but shown here for completeness.

You must edit the following lines in the ServiceNowSettings.json file before you associate it with the ServiceNow rule script. You can change the file before or after you import it.

This script must be a valid *.json file when you are finished editing it.

Authentication

Remove the asterisks but leave the quotes in place.

Field Description

"URL": "*REQUIRED*",

The URL in the form instance-name.service-now.com. Do not use HTTPS, as the secure connection is managed by Privilege Management for Windows client.

"Username": "*REQUIRED*",

The ServiceNow user name the client will use.
"Password": "*REQUIRED*" The ServiceNow password the client will use.

 

"Authentication": 
{
    "URL": "instance-name.service-now.com", 
    "Username": "adminuser",
    "Password": "Js£DhijZE85pw"
}

Optional Configuration

You can optionally edit the following lines in the ServiceNowSettings.json file. You may want to edit these to change the information shown to the user, modify button names, or configure logging.

In the ServiceNowSettings.json file, & represents a keyboard shortcut.

Authentication

Field Description

ForceSSLSecurityProtocol

Controls the Security Protocol used to communicate with ServiceNow. Valid values can be found at https://docs.microsoft.com/en-us/dotnet/api/system.net.securityprotocoltype.

Your instance of ServiceNow may have a strict requirement for a specific Security Protocol, check the instance documentation for details. Example: "ForceSSLSecurityProtocol": "Tls12"

ServiceNowIncident

These fields are present in ServiceNow and populated by Privilege Management for Windows client.

Field Description

ShortDescription

This maps to the ServiceNow Short Description.

FullDescription This maps to the ServiceNow Description.
AssignmentGroup This maps to the ServiceNow Assignment Group.
Category This maps to the ServiceNow Category.
Subcategory This maps to the ServiceNow Subcategory.
Comment This maps to the ServiceNow Comments.

 

"ServiceNowIncident": 
{
    "ShortDescription": "Avecto Defendpoint application execution request for $($dpProgramName)",
    "FullDescription": "The customer has requested the following application be allowed to execute on their computer:\n\nProgram Name: $($dpProgramName)\nProgram Publisher: $($dpProgramPublisher)\nProgram Path: $($dpProgramPath)\n\nChallenge Code: $($dpChallengeCode)\n\nBusiness Justification: $($dpBusinessJustification)",
    "AssignmentGroup": "UK-Support",
    "Category": "Endpoint-Agents",
    "Subcategory": "Avecto",\
    "Comment": "Created by Avecto Defendpoint $($scriptFriendlyName) integration script."\
}

Logging

These are the logging options you can configure for the ServiceNow integration.

Field Description

LogToConsole

Whether or not to log to the console where present. Options are true or false.
LogToFile Whether or not to log to a file. Options are true or false.
LogFilePath The absolute file path of the file you want to log to.

 

"Logging":
{
    "LogToConsole": true,
    "LogToFile":true,
    "LogFilePath": "C:\\Users\\MyUser\\Desktop\\examplescriptlog.log"
}

Misc

Remove the asterisks but leave the quotation marks in place.

   

"DefaultRule": "*REQUIRED*"

This must be set to either DesignatedUserMustAuthorize, ChallegeResponse, or empty. ChallengeResponse is the default configuration.

This setting determines the button on the bottom left of the Submit Incident Report dialog box. If the field is empty, no button is displayed.

 

"Misc": 
{
    "_comment": "DefaultRule - Should be DesignatedUserMustAuthorize, ChallengeResponse, or empty.",
    "DefaultRule": "ChallengeResponse"
}

For more information, please see ServiceNow Workflows with Privilege Management.

Dialog Boxes

The integration displays various dialog boxes according to the workflow you define.

CommonSettings

The following settings apply to all dialog boxes.

Field Description

BannerImageFile

The absolute file path to the banner image you want to use for all dialog boxes. The recommended size for this is 450 x 50px. You must use the following format:

C:\\Users\\StandardUser\\Desktop\\my_image.jpg

This file must be accessible on the endpoint. Ensure you use two backward slashes as the file is a JSON format and the character must be escaped.

You can localize the following dialog boxes by creating a new section with the appropriate localization abbreviation. For example, "Language_FR". This section is used if the operating system was originally installed with French as the language.

BusinessJustificationDialog

Business justification rule example with ServiceNow and Privilege Management integration

The dialog box varies based on the workflow you are using.

The dialog box and associated variables are shown here:

 

Field Description

Title

The title of the business justification dialog box.

DefaultSubmit Incident Report

LabelHeader The first piece of text on the business justification dialog box.

DefaultPermission to run this application must be requested by submitting an incident report.
LabelInputBoxDefault

The text that tells the user what to do in this dialog when the DefaultRule in the ServiceNowSettings.json file is set to empty or DesignatedUserMustAuthorize.

Default: Enter the business justification for this application below.

LabelInputBoxChallengeResponse

The text that tells the user what to do when the DefaultRule in the ServiceNowSettings.json file is set to ChallengeResponse.

Default: Enter the business justification for this application below. If you have already received a response code, you can skip this step and click the "Enter Response Code" button.

CustomButtonTextChallengeResponse

The text on the button that is displayed on the bottom left when the DefaultRule in the ServiceNowSettings.json file is set to ChallengeResponse.

Default&Enter Response Code

CustomButtonTextDesignatedUserMustAuthorize

The text on the button that is displayed on the bottom left when the DefaultRule in the ServiceNowSettings.json file is set to DesignatedUserMustAuthorize.

Default: &Login As Other User

LabelProgramName

The program name description.

DefaultProgram Name

LabelProgramPublisher

The program description.

Default: Program Publisher

LabelProgramPath

The program path.

DefaultProgram Path

ButtonCancel

The text on the button that is displayed on the bottom right to cancel the request.

Default&Cancel

ButtonOK

The text on the button that is displayed on the bottom right to submit an incident to ServiceNow.

Default: &Submit Report

ProgressDialog

A Progress dialog box displays with ServiceNow and Privilege Management integration

This dialog box is displayed when Privilege Management for Windows client is communicating with ServiceNow.

 

Field Description

Title

The title of the reporting incident dialog box.

DefaultReporting Incident

LabelHeader

The text on the dialog box while the Power Rule is processing.

Default: Please wait...

MessageSuccessDialog

A success message displayed with ServiceNow and Privilege Management integration

This dialog box is displayed when Privilege Management for Windows has raised an incident in ServiceNow.

 

Field Description

Title

The title of the incident successfully reported dialog box.

Default: Incident Successfully Reported

LabelHeader

The text on the dialog box that tells the user what has happened and what their incident number is in ServiceNow.

DefaultIncident has been successfully submitted to ServiceNow.\n\nYour incident number is INC_NUM.

ButtonLinkVisible

Toggles the availability of the button that is displayed on the bottom left of the dialog box.

Default: Whether or not a button allowing the user to view their incident is visible. Options are true or false.

ButtonLinkText

The text on the button that is displayed on the bottom left of the dialog box if it is displayed.

Default: View Incident

ButtonOK

The text on the button that is displayed on the bottom right to close the dialog box.

Default&Close

ErrorDialogs: ServiceNowQueryError

An error message with error code for ServiceNow and Privilege Management integration

This dialog box is displayed if Privilege Management for Windows client was unable to raise an incident in ServiceNow.

 

Field Description

Title

The title of the unable to raise a ticket in ServiceNow dialog box.

Default: ServiceNow Query Error

LabelHeader

The text that tells the user what happened including any error codes.

Default: There was an error contacting ServiceNow.\n\n Please contact your IT support team quoting error code.

ButtonOK

The text on the button that is displayed on the bottom right of the dialog box.

Default&OK

ErrorDialogs: ServiceNowReportIncidentError

The dialog box is only displayed if there is an error contacting ServiceNow after all the validation has passed, but before the incident is created.

Field Description

Title

The title of the ServiceNow error dialog box.

DefaultUnable to Report Incident

LabelHeader

The text that tells the user what happened including error codes.

DefaultThere was an error contacting ServiceNow and we were unable to report this incident.\n\n Please contact your IT support team quoting error code

ButtonOK

The text on the button that is displayed on the bottom right of the dialog box.

Default&OK