Imprivata Privileged Access Management Product Update 2.3.201904282239

April 28, 2019

PAM Update: adds integration with ServiceNow, profile picture support for local users and Groovy support for scheduled jobs

This update adds system workflow integration with the ServiceNow ticketing system, adds profile picture support for local users, and also adds the cross-platform scripting language Groovy for tasks execution to simplify integration with complex environments.

Added system workflow integration with ServiceNow ticketing system

ServiceNow is a popular ticketing system used in many organizations. ServiceNow incidents are a convenient way to schedule work orders for IT administrators and to track their progress. With this update, we added integration support with ServiceNow incident tracking.

To activate ServiceNow integration, administrators would add a ServiceNow incident number to a request comment when requesting access to a managed resource. After that all activities related to the managed resource will be logged to ServiceNow incident: access requested, access approved, rejected, assess accessed, access time window expired or access completed. In addition to comments, the incident status will also be updated according to the actual work tracked by the access broker

To enable ServiceNow integration the following properties should be configured:

Copy

1
2
3
4
5
xtam.integration.ticketing.pattern=SN#
xtam.integration.ticketing.url=https://SERVICENOW-TENANT.service-now.com
xtam.integration.ticketing.user=SERVICENOW-ADMIN
xtam.integration.ticketing.password=SERVICENOW-PASSWORD
xtam.integration.ticketing.script=ServiceNow Integration

Note the xtam.integration.ticketing.pattern parameter. This parameter defines the token in the access request comment that will activate integration logic. In this example, the ServiceNow integration will be triggered by commenting access request with the message like this: Rebuilding indexes for WEB Server database according to SN# INC0010003 today

Parameter xtam.integration.ticketing.script in ServiceNow configuration defines the system script available in the script library on the Administration / Scripts screen.

This is a Groovy script communicating with ServiceNow REST API.

This script can be customized for the specific deployments to change messages posted to the incident of the logic controlling incident status.

Added profile picture support for local users

The update adds the option to upload profile pictures for local users.

This option adds a level of personalization for non-Active Directory users.

The option also provides better visibility for users using several accounts to access the system to quickly distinguish the current environment in the browser.

Added the option to schedule and execute jobs developed in the internal cross-platform scripting language Groovy

Groovy scripting adds an option to perform a wide range of activities related to specific records or even general system management that could be done as quick on-site customization instead of product enhancements. Record related jobs might include health checks or password reset for WEB portals, unique devices or unique environments. System-wide jobs might be used for support integration with 3rd party systems facilitating periodic data exchange or special cases of notifications, account or permission management.

Groovy scripts are portable between PAM deployments, platform-independent (unlike Shell or PowerShell scripting) and easily managed in PAM script library subject to PAM periodic or event-based task execution policies.

Clients, partners and value-added resellers might use Groovy scripting to perform on-site integration with various environments or use cases.