Andrew Bowers Implementation Cert Quizlet Flashcards
what does S.O.A.P. stand for?
Simple Object Access Protocol
What are the four parts of SOAP message transformation
- Endpoint
- Action
- Headers/Attributes
- Envelope
Action, endpoint, and envelope are all populated automatically based on the Web Service Descriptive Language (WSDL) definition.
What is a SOAP Endpoint
This is the URL or Address where the SOAP request is delivered. It must be able to reach that endpoint over the network in order for the communication to succeed.
What is a SOAP Action
String that is often optional with the SOAP web service. However, some services do require this to be set. The string is often descriptive of what action should be performed by the web services.
SOAP Headers/Attributes
Found within the HTTP request. They contain information regarding the protocol being used as well as other custom information such as session IDs, authentication token, etc.
SOAP Envelope definition
Actual document that describes the details of the SOAP request. This is written in XML format. Has a header and a body similar to an HTML webpage. Header and body details are dictated by the web service and explained in a corresponding WSDL document
SOAP Envelope Elements
- Main document
- Header (optional)
- Body
- Fault Element (Optional)
SOAP Envelope Header
Often contains processing instructions for the envelope, but it is not used in all web services
SOAP Envelope Body
Main part of the envelope, required for SOAP requests. Contains the actual message or request that is to be delivered to the web service
SOAP Envelope Fault Element
Often present if there was an error processing the web service request. The web service is responsible for populating this element with descriptive information to help the consumer understand what went wrong, and/or what to do next.
SOAP WSDL
Another XML document that is used in the SOAP protocol. It is a catalog of available functions provided by the web service. A SOAP web service consuming client information should be able to read this and generate a template of each of the available service requests provided by the web service.
What are the 3 Main steps in SOAP communication flow
- Client generates an XML envelope document and sends it to the service as a SOAP request.
- Server receives the SOAP request and processes that request in the manner in which it was coded.
- Server sends a SOAP response back to the client with an answer or response to the request that was submitted.
How to generate a sample SOAP Message
UI action “Generate sample SOAP Message” - will generate templates for all of the available services provided by that SOAP web service.
How does a SOAP Message UI connect to a Web Service
It can either specify a URL to a WSDL document or paste the WSDL document contents directly into the tool
SOAP Message Function UI
- You can open a function record to view details on the template for the request
- Check the Lock field to ensure that future regenerations of SOAP functions do not overwrite the changes that you make to the current template
- SN Supports the use of basic authentication, WS-security with outbound SOAP requests.
- Customize SOAP action or endpoint manually by changing the text. May need to click the lock button to change the endpoint URL
Where do you create test values for SOAP message variables
SOAP Message Function UI - OPEN message parameters section
What are the most common ways to call SOAP Messages through script?
Server-side scripts including:
- Business Rules
- Script Includes
- Workflows
What is the SOAPMessage Library
Application Program Interface (API) Around SN Graphical User Interface for Soap Messages (SOAP Message UI) Can be used to set point values, set variables, submit request, etc.
Which Script includes from the Script Includes library support users who are sending out SOAP requests
1) SOAPMessage - supports the SOAP Message UI
2) SOAPEnvelope - Used behind the curtain by SOAP Message UI, can be leveraged directly by an admin to create custom messages, bypassing the UI
3) SOAPRequest - Same as above
XPATH
Standard mechanism used to parse XML documents
XPATH Character - /
Most basic and primary element. Level separator similar to Linus/UNIX paths on a file system
XPATH Character - //
Denotes a relative path, rather than a strict path
XPATH Character - *
Wildcard character in a string
How do you use XPATH to get values out of an XML document?
Script include - XMLDocument
What is the most common operation performed by an XML Document Script include
getNodeText - takes an XPATH string in and attempts to parse the XML document with the XPATH to find the element you are looking for and returns the content of that element node
XML Helper
- Includes a number of functions.
- Allows you to access parts of the XML document as if the various elements were member variables to an object. Each level down the XML document is represented by member variables that are new objects themselves.
- Most commonly used function will take XML string and convert it to a JavaScript object.
REST
- REpresentational State Transfer
- Lightweight alternative to SOAP
- Very Loose Specification
- Better suited to scale & performance
- Most modern web applications are REST
ServiceNow REST functionality allows you to:
Retrieve, Create, Update, or Delete data on a web server
HTTP Methods supported by REST
- Get
- Post
- Put
- Delete
REST Request and Response Elements
- Request URL: specifies the address of the resource plus the HTTP verb
- Query Parameters: optional and appended to the URL path of the request
- HTTP Headers : required component of the message and contain metadata for the transaction (encoding, date, authorization, etc.)
- Content or Body: optional, contains data to be transmitted
Rest Message UI
- Similar to SOAP Message Tool
- Requires an Endpoint
- Generates the four HTTP Methods as Functions
- Endpoint can use variables - ${varName}
Describe the following REST Function Option:
Variables
- Can be used in various parts:
- Endpoint URL
- Header names or values
- Function parameter definition names or values
- Content
Describe the following REST Function Option:
Connectivity Options
- Authentication
- MID Server
Describe the following REST Function Option:
Access to HTTP Request Components
- Headers
- Parameters
- Content (POST, PUT only)
Describe the following REST Function Option:
Set Variable values
String v. XML
What are the REST Function Options
- Variables
- Connectivity
- Access to HTTP Request components
- Set Variable Values
- Test the request
- Preview script usage
Stages of StartNow implementation methodology
- Plan
- Discover
- Prepare
- Deploy
- Operate
- Transform
What type of VPN does ServiceNow support?
Site-to-Site between data center and customer data center
What is VPN typically used for?
- Securing (encrypting) connections which originate at ServiceNow and destined for the customer’s network
- Access to customer’s LDAP server
- JDBC access/integration with a customer’s database
How many VPN tunnels does ServiceNow support and why
Minimum of 2, maximum of 4. Not supported to serve multiple geographic regions or disparate networks within client organiztion
How do you request VPN?
Through HI. Typically takes 2 weeks
VPN for LDAP
Recommended that customers implement LDAPS (LDAP over SSL) v. standard LDAP (non-encrypted). Standard LDAP integration communicates over TCP on port 389. LDAPS communicates over TCP on 636 and requires a digital certificate which must be uploaded to the instance. VPN to be used if LDAP instead of LDAPS
VPN for JDBC & Web Services
Recommended to install Mid Server inside network, Mid server will communicate with instance over HTTPS
VPN for email integration
Not supported if ServiceNow is configured to utilize mail.service-now.com for SMTP and POP3, utilizes opportunistic TLS. If incoming server supports TLS, traffic is envrypted. If not, uses regular SMTP without encryption.
Supported if customer’s mail server is being used
DIT
Data is represented in an LDAP enabled directory as a hierarchy of objects, each of which is called an entry. Resulting tree structure is called a Data Information Tree (DIT)
DN (LDAP)
Distinguished name - fully qualified path in an LDAP tree
RDN (LDAP)
Each unique data attribute that is part of a Distinguished name is called a Relative Distinguished Name (RDN)
What are the requirements for LDAP Server Configuration in the Graphical User Interface (GUI)
- Name
- Server URL
- Login distinguished name
- Login password
- Starting search directory
- Organizational Unit (OU) Definition
LDAP Organizational Unit (OU) Definition
Define directories that are the source for the imported data. Can contain locations, people, or user groups
Types of LDAP Communication channels
- Mid Server (can be used to import data but not for authentication)
- Standard LDAP - communicates over TCP, does not require a certificate
- SSL-encrypted (LDAPS), requires x.509 certificate
- VPN, communicates over IPSEC tunnel
Testing LDAP Connection
- Manually through UI action
- Automatically - SN tests every 15 minutes by default
Company Settings
- System Properties - My Company
- Can Modify
- Banner Text
- Primary (T/F)
- Banner Image (upload)
- Further modifications made in glide.product.___ properties
Where is Login Page Configuration adjusted
System UI > Welcome Page Content
Where are System Schedules found
System Scheduler > Schedules
Where are homepage configurations made
- Homepage Admin > Pages
- Has Read/Write roles
- Can edit by clicking Edit UI Action
Levels of Contextual Security
several layers before an end user has the capability to perform CRUD (create, read, update, delete) operations on a table
- User Authentication/Login
- User Interface
- Database
What does the User Authentication/Login security level govern
- Users
- Groups
- Roles
User Interface security level
Governs Applications and Modules and is governed by roles configured at application and module level
Database Security Level
- Governs table and field access
- controlled via globally defined system properties as well as table and field level Access Controls
- If a row level rule and a field level rule are in conflict, both must be true before an operation is allowed
Features of Contextual Security
- Protects a record based on its contents and table location
- Data is acted upon based on the position of the information in the table hierarchy
- Defnes Access Control rules to any level in the object hierarchy
- Uses roles to implement Access Controls and assign permissions, for example, read, write, and create
What is an access control
Security rule defined and set at the row-level (access to the record) and at the column-level (access to the field) and is executed when attempting to access any servicenow table. Specifies and is named for the object(s) being secured
What is an ACL
Access control list, list of all the Access Controls for a table
Three ways Access Controls are defined
- Roles (if more than one, must have at least one)
- Conditional Expressions (evaluates to true or allow if condition is met)
- Scripts (setting answer to allow or deny)
Access Control Wildcard Rule
Selection of the wildcard symbol from the name drop down list on the access control form means that the rule in question applies to all fields on the selected table except for those with explicit rules
ACL Evaluation order
- Most specific to least
- Starts at field, then goes to table
Field ACL rule evaluation order
Find first matching:
1) table.field (incident.number)
2) parent_table.field (task.number)
3) .field (.number)
4) table. (incident.)
5) parent_table. (task.)
6) . (.)
Table ACL rule evaluation order
If no field ACL match was found or if a Match was found and the ACL evaluated to Pass the table must be evaluated:
- Match the table name. For example, incident
- Match the parent table name. For example, task
- Match any table name (wildcard). For example, *.
If No matches above are found or if a Match is found and the ACL evaluated to Pass User access to the record object is granted.
Three main security modules:
- System Properties > Security - can set default behavior for no ACLs
- System Security > Access Control - manages ACLs
- System Security > High Security Settings - set tighter security options
Evaluation order of ACL elements
- role
- condition
- script
Elements of the ServiceNow Application Security Model
- Contextual Security (ACLs, etc.)
- IP Address Access Controls (System Security > IP Address Access Control) - allow or deny certain IP ranges
- Encryption
Keys to Success with security
- Risk-based & Data-centric
- know what you are storing
- consult with security to understand requirements
- Secure 1st, develop 2nd
- configure security settings up front
- apply ACLs at the beginning of development
- documented approach
- checklist at key phases
- starting points
- remove demo data
- upgrade to latest version
- identify plugins such as high security
Name of plugin that supports field encryption
Encryption Support
How do users get encryption contexts
Admin creates the context, assigns it to a role
Which operations can be secured through ACLs
- CRUD
- Execute
- Edit Task Relations
- Edit CI Relations
- Save as Template
- Add to List
- List Edit
- Report on
- Personalize choices
What do Access Control Rules Apply to?
- Records
- UI Pages
- Processors
- Client Callable Script Includes
How many ACLs come OOtB
Over 4,500. Add all plugins, >6,000
ACL Script Evaluation, built in GlideRecord methods
- canRead()
- canWrite()
- canCreate()
- canDelete()
Predefined ACLs by role
- End Users
- Submit records in some applications (create)
- Read and update their own records in those applications
- Fulfillers
- general read and write access for applications they have a role for
- task assignment
- application/process administrators
- delete records
- change state to closed
How are ACL rules matched?
- From most specific to least specific
- processing orders define matching criteria
- For record rules a table and field rule will be searched for
- both are evaluated
- First rule to match for both is evaluated for each processing level (if parent_table.field matches, it won’t go to next level for field)
What happens if there are multiple ACL rules at the same processing level?
any passed rule will allow access
What happens if a user fails a table ACL rule
- User is denied access to all fields in the table even if the user previously passed a field ACL rule
- list of table will show security constraint message
What happens if a user fails a field ACL rule but passes a table ACL rule
User is denied access to the field
What happens when a table write rule fails
All fields will be read-only unless there is not a more specific field rule
What happens when a table create rule fails
user will not have the “new” button
What happens when a field write rule fails
field will be read-only
Security debug
System Security > Debug Security Rules
Session Specific
Creating an Encryption context
- Define:
- Name
- Encryption Key (if left blank, SN will auto-gnerate). SN can’t retrieve user-defined keys
Creating an encrypted field
Add a new field with Type: Encrypted Text
Encryption context selector
For users with multiple encryption contexts
System UI > UI Macros > encryption_select. Shows under gear. Only shows for users with multiple contexts
What happens to encrypted fields if a user has no encryption contexts
Form hides the encrypted field
What happens when a user has one encryption context and there is no data in an encrypted field
form displays encrypted field. When a user enters data in the field, the field automatically uses the currently selected encryption context to encrypt the field
What happens when a user has one encryption context and there is data in an encrypted field
If the user has the matching context, the form displays the field
If a user has multiple encryption contexts and there is no data in an encrpyted field
form displays the field and when the user enters data, field is encrypted using currently selected context
User has multiple encryption contexts and there is data in the field
User will have access to the field if they have the matching context. Encrypted field always uses the original encryption context to encrypt changes to the field. Prevents users with multiple contexts from changing field context
Encrypting attachments
Users with >=1 encryption contexts will get Encrypt File checkbox. If they have >1, they are asked to confirm the context
How to identify which encryption context a field or attachment is using
Hover over the encryption (lock) icon and it will display
Encrypting passwords in System Properties
the Encrypt SysProperty Password business rule automagically encrypts value of any system property with the type password or password2. Instance only decrypts password in memory and never saves a clear-text version.
Business rule runs when you add a new value or update an existing one
Script editor color coding
- Green - Comments
- Purple - Javascript commands
- Blue - strings, reserved words
Default Script Macros
- macro name followed by tab
- For (for loop)
- Doc (multiline comment)
- Help (list of macros and their shortcuts)
Creating a script macro
System Definition > Syntax Editor Macros
What is a client script
- Execute in browser
- manage forms and fields in real-time
Baseline Client Scripts
- ~330
- not all are active
- samples included as starting points
Client Script Form Breakdown
- Top section defines when
- Bottom section (script box) defines what
- Description is self-explanatory
- Message is used to internationalizing output to user
- If an alert of “Hello World” is presented to user, “Hello World” would show up in messages line. If an entry in sys_ui_message table matches key but in a different language, that is presented to users in that region
Client Script Global v. Not
IF global is checked, applies to all views, if not, must specify a view (ESS, Default, Advanced, etc.)
Client Script Inheritance
If true, execute script for forms from any extended tables
Client Script Types
onChange
onLoad
onSubmit
onCellEdit
onLoad client script
Runs when form meeting trigger condition loads and before control is given to the user
onSubmit client script
- Runs when form meeting trigger condition is saved, updated or submitted
- Typically handles field validation - can prevent from submitting if you return false
onChange Client Script
- Runs when a particular field’s value on a form changes
- 5 parameters:
- control - name of field whose value changed
- oldValue - is set when the form loads. No matter how many times it changes, will remain original value when form loaded
- newValue
- isLoading - whether change is occuring as part of a form load
- isTemplate - whether occured due to a template
onCellEdit Client Script
- Runs when a field value on a list changes
- Can be applied to multiple records
- automatically passed 5 parameters:
- sysIDs - of the edited items
- table
- oldValues
- newValues
- callback - continue execution of any other related cell edit scripts - if true, then others are executed or change is commited if there are no more. If false, furthers aren’t executed and change is not committed
What data can be used in a client script?
- Local variables defined in the script
- Client Script Global Variables
- g_form - object whose properties are methods used to manage form fields
- g_user -object whose properties contain session information about the current user and their role(s)
- g_scratchpad - global object passed to a client script from a server side script called a Display Business Rule - properties and values determined by the server side script
g_form object
Object whose methods are used to manage from fields andtheir values
Methods require use of field names and not labels
g_form object methods
- 6 categories
- Display settings: flash()
- Field Information: getValue()
- Change Field: setValue()
- Change Choice list: addOption()
- Form Information: isNewRecord()
- Form Action: addInfoMessage()
g_form.getValue()
- always returns a string
- syntax: var X = g_form.getValue(‘field_name’)
- If used with a choice list, returns value (‘7’ rather than ‘Rejected’)
- If used with a reference field, returns the sys_id
g_user Object Properties
Do NOT use to apply security - easily deflated using developer tools built into browsers
Client side scripts on Reference Objects
- client side scripts only have access to data on forms, information about the reference object is not available
- Should use asynchronous - g_form.getReference(‘field_name’, field)
- Function (field) {
- field.attribute
Best practices for Client Side Scripting
- use g_form methods to manage form and fields
- use g_user to access about current session user
- make as few calls to the server as possible
- do not make synchronous calls using g_form.getReference()
- use jslog to debug as it doesn’t affect other users
- use try/catch to find runtime errors
- use appropriate debug strategies for UI type (mobile, desktop, etc.)
Client Scripts v. UI policies
- Faster load times with UI policies. Always use these if possible
- Execute on Form Load - Both
- Execute on form save/submit/update - Client Scripts
- Execute on form value change - Both
- Can access a field’s prior value - Client Script
- Execute on list field value changes - Client Script
- Control the order of execution - UI poilcy
- Execute after client scripts - UI policy
- require scripting - client script
baseline UI policies
~600
UI policy scripting
Can write scripts to execute if true or if false (separate boxes)
onLoad UI policy
Can check or uncheck to determine if it should run when the form is loaded
What data can be used in a UI policy script
locally declared variables
g_form
g_user
g_scratchpad
UI Policy Best Practices
- Set onLoad to false if you don’t need it to execute on page load
- Use as few UI policies as possible to avoid long page load times
- Write conditions in condition builder wherever possible to avoid unnecessary scripting
- Always populate the Short Description field
What is a business rule?
- Javascript that runs when a record is:
- inserted
- updated
- deleted
- queried
- Execute on Server
- fast
- do not monitor form fields
- Respond to all record accesses regardless of method (form, list, web service)
Baseline Business Rules
- ~900
- best to create a copy and deactivate original when modifying OOtB business rules as modifications are exempt from upgrades
Business Rule Role conditions
specifies the roles that the user modifying the record must have in order for the business rule to run
After business rules
- execute after form submission and after the record updates in the database
- execute synchronously - current business rule must finish execution before next business rule runs
- ex: cascade REQ approvals to child RITMs
Before Business Rule
- After form submission, before record updates in the database
- execute synchronously - current business rule must finish execution before next one runs
- ex: calculate priority based on Impact and Urgency
Before Query business rule
- before a query is done in the database
- run synchronously - current business rule must finish execution before next one runs
- baseline before queries that act like ACLs, preventing access
Async Business Rules
- Run when form loads
- primary purpose is to populate the g_scratchpad
- runs after user requests form, before form is presented
- Business Rule: g_scratchpad.createdBy = current.sys_created_by;
- Client Script: if(g_scratchpad.createdBy == ‘admin’) {}
Business Rule Process Flow
- User or System Query >
- Query Rules >
- Database Query >
- Display Rules >
- form submit >
- before rules >
- database update >
- async rules
What data can be used in business rules?
- Local Variables in script
- business rule global objects:
- previous
- current
- g_scratchpad (display business rule only)
- higher numbered business rules inherit variables and their values from lower numbered business rules unless variable scope is limited by a function
Business Rule Global Objects
- previous - stores records fields and values before any changes were made in the DB
- current - current record fields/values in DB
Business Rule Best Practices
- Use async whenever possible
- use display to pass data from server to client side during form load
- wrap code in functions to make variables local
- Use condition builder rather than script whenever possible
Script Include
- Store JavaScript for execution on the server
- Reusable
- Must be called to run
- can extend classes or create functions
- only loaded on request
- can be client callable
Global Business Rules v. Script Includes
- Both allow creation of reusable javascript
- GBRs can impact performance unless contents are wrapped in functions
- GBRs load on every interaction between a user and the platform
- Script includes only load on demand and do not impact performance
Script Include Baseline
~528
~Do NOT modify behavior of baseline Script includes
Client Callable Script includes
- Yes/No field in Script Include Definition
- if yes, client side scripts can access
Script Include Script
- Runs Server Side
- No Default Objects
- Data passed in from calling script
Classless Script Include
For use on server side only (not client-callable)
Name must be same as the function name
Sometimes called On Demand Functions
Usually called from Business Rules
Import Sets - Import Sources
- Files
- Excel
- XML
- CSV
- Network
- HTTP
- FTP
- JDBC
System Import Sets Modules
- Load Data
- Create Transform Map
- Run Transform
Import Set - Foreign Record Insert
Occurs when an import makes a change to a table that is not the target table for the import. Happens when updating a reference field on a table, ex. when updating the value for caller on an incident the import is actually updating the sys_user table
Components of perceived ServiceNow performance
- Application Server Response
- Network Latency and Througput
- Browser Rendering and Parsing
- Instance Cache
Application Server Response
time for the application server to process a request and render the resultant page
network latency and throughput
time for the network to pass your request to the server and the response back
browser rendering and parsing
time for your browser to render the HTML and parse/execute javascript
instance cache
amount of system resources available for processing
Two methods of troubleshooting network response times
- ping
- traceroute
Normal Ping time
>100ms for US, >150ms for Europe or Asia. Anything over 250ms is cause for concern
Two key browser settings
- Enabling compression
- caching items from HTTPS
Actions that cause a purge and rebuild of system cache
- Adding/updating system properties
- adding/updating dictionary entries
- committing update sets
- adding or updating translations
types of requirements
- Functional
- Technical
Functional requirements
What the system is expected to do, often used to create use cases. Do not include design choices
- Define:
- types of data that can be entered and by whom
- workflows to be performed by the system
- system reports or other outputs
- regulatory requirements to be met
Technical Requirements
Define specific tasks that must be performed to satisfy functional requirements
- technical aspects of the system such as:
- performance-related issues
- scalability
- manageability
Clarifying functional requirements
Ask questions such as:
- what problem are we trying to solve?
- what is the business driver behind this requirement?
- can you help me understand what you are after?
- what are the inputs?
- what are the outputs?
- are there use cases?
clarifying technical requirements
Ask questions:
- is there already a technical solution to this requirement?
- Is the solution scalable?
- how does the solution affect various users?
- Is the solution flexible?
- Does the solution have license implications?
Input and output considerations in requirements gathering
create a test plan to test both valid and invalid inputs to ensure correct outputs
how many data center pairs does ServiceNow have?
8 - total of 16 centers
Two situations where the AHA process is invoked
- Service Disruption
- Scheduled Maintenance
ServiceNow data center replication
All instances exist simultaneously in two datacenters through asynchronous data replicaiton. Current primary data center has read-write, secondary has read-only
How many steps in AHA process
8
Steps in AHA process
- pre-flight checks to ensure all infrastructure and application configs are working
- change DNS information for instance
- stop all application nodes
- reverse roles between read-write and read-only
- change database pointer to read-write instance
- start application nodes
- post-flight checks
- perform discovery to update CMDB
How many steps in StartNOW Methodology
6
Stages of StartNOW Methodology
- Plan:
- Establish a project strategy and schedule for deployment
- Discover:
- determine requirements for success
- Prepare:
- Build base platform for deployment
- Deploy:
- Configure platform iteratively
- Operate:
- prepare for go-live and transition to operation
- transform:
- improve service continually
coarsest measure of network response time
ping
elements of a traceroute
- left column is step number
- next three are latency estimates (performed three times to give an average)
- fifth column is IP address of destination
inactivity monitors
run in the background to check inactivity and look for events to fire in the event of inactivity
Large numbers of unanswered/unused inactivity monitors can degrade performance of event processing engine - degrades application server response times
Checking if an inactivity monitor is used
If no records are found in script actions or notifications, safe to disable inactivity monitor
- System Policy > SLA > Inactivity Monitors (to find them)
- System Policy > Events > Script Actions (to find event script actions)
- Filter - Event name is <tablename>.inactivity (to see if there are any events associated)</tablename>
- System Policy > Email > Notifications (to find obvious)
- Similar filter
Application Server Performance Checks
- Response Times (transaction log)
- Remove unused inactivity Monitors
- Optimize queries to search efficiently
- Adjust auto-complete wait time in increments of 50ms, not to exceed 750
- Check SLA trace level
- Monitor process duration of scheduled jobs
- Default Row Count
- Go To Search Option
- Auto-complete Search Option (starts with v. contains)
- Table Rotation
AutoComplete feature for reference fields
- Uses Ajax to allow browser to request records matching a user’s entry from the server
- Has a specified wait time of 250 milliseconds
- The fewer characters the user enters, the more the server must work to respond to the request
SLA Trace Level
- controls number of messages sent to system log
- System Properties > SLA
- The lower the selection, the more messages are sent to the system log. Info setting (second to bottom) typically only used when debugging SLAs
Default row count
Anything >100 is not recommended. don’t modify default system user preference for rowcount, instead modify which options are available to users - glide.ui.per_page controls
Go To Search Option
System property handles whether the search performs a Contains query (true) or a Greater Than query (false). REcommended to leave as default false
table rotation
- works by separate data sets into individual tables based on user-specified time parameters
- Two options:
- Table Rotation plugin - rotates among a small set of tbales and deleting and reusing old tables for new data (syslog and ecc_queue)
- table extension - creates new table and allows old tables to be archived and removed from the system (sys_audit and sys_email)
- controlled by the Database Rotation plugin
What does the System Dictionary define
- For Fields:
- -Data Type
- -Character Limit
- Default Value
- Dependency
- Other table attributes
What are the two ways to access the System Dictionary?
1) System Definition > Dictionary
2) Right-click in list header, form header, or field label and select “Personalize Dictionary”
What does the Unique field in System Dictionary do?
Allows having unique values in the table’s column selected in the dictionary definition of a field
What are Dictionary Overrides?
Provide the ability to override several attributes of a particular field in the extended or child tables
What attributes can be overwritten in a dictionary override?
- Reference Qualifier
- Dependent
- Attributes
- Default Value
- Calculation
- Mandatory
- Read-only
- Display Value
What is a sys_id?
32-character globally unique ID (GUID). Every new record has a sys_id of -1. When inserted, valid sys_id is provided
What type of business rule makes server-side objects accessible to client scripts?
on Display
What type of business rule should be used when calculating metrics and SLAs
async
What is the maximum recommended number of steps to dot.walk through?
3
What are the predefined global variables in Business Rules?
- current
- previous
- g_scratchpad
- system (or gs)
What is the Current variable and when is it used
Used in Business Rules (server-side scripting). Current record being referenced.
What is the Previous variable and when is it used
Used in Business Rules (server-side scripting). Record before any changes were made. Available on Update and Delete operations. Not available on async
What is the g_scratchpad variable and when is it used
Used in business rules. Available in On Display business rules to pass server-side information to the client to be used for Client Scripts
what is the System variable and when is it used?
Used in business rules (also called gs). References GlideSystem functions
Record Producer Server-Side Scripting
- use current.<fieldname> to reference fields on the record being created.</fieldname>
- use producer.<variablename> to reference values entered by the end user</variablename>
- When variables have the same name as the fields in the target table, the record producer populates such fields automatically when inserting the record
what is the nil(object) function?
Queries an object and returns true of the object is null or contains an empty string
What are the global objects available to client scripts?
- g_form - references currently active form
- g_user - references currently active user
What is the difference between a local and global variable in a Business Rule
Local variables are contained in functions, global variables are not
What is the implication of creating a global variable in a business rule?
If a new variable is declared in an order 100 Business Rule, any Business Rules that follow also have access to that variable
What are the four methods of fetching server-side data in a client script and which are recommended?
- g_scratchpad - Recommended
- GlideAjax - Recommended
- g_form.getReference - Not Recommended
- GlideRecord - Not Recommended
Second two have a performance impact because they retrieve all attributes of of the record rather than just the required field(s)
What is GlideAjax?
A server call that can be written in a client script that runs asynchronously
What is the difference between g_scratchpad and GlideAjax?
g_scratchpad is set once when the form is loaded (set in a Display business rule), whereas GlideAjax is triggered dynamically by the client
What is getReference?
Used in Client Scripts and returns the GlideRecord for a specified field (excluding user-defined fields). Requires a call to the server
format : getReference(fieldName, callback)
What happens when you use getReference without a callback?
Process runs synchronously and all processing halts until information returns from the server
What happens when you use getReference with a callback
Process runes asynchronously and other processing continues until a response from the server is received
Is it better to use getReference with a callback or without
With
What is a callback function
A function written in a client script that runs asynchronously after a server call using getRefernce. Call back is defined as a parameter of the getReference
What is SSO
Single-Sign-On method of access control that enables a user to log in once and gain access to the resources of multiple software systems without having to log in again.
What is SAML?
Security Assertion Markup Language - XML-based standard for exchanging authentication and authorization data between security domains
What are the three main components of SAML?
Assertion Identity provider (producer of assertions) service provider (consumer of assertions)
What are the two main components of LDAP integration?
- SN configurations including
- ldap server (with a minimum read-only account)
- OU definition
- transform map
- import schedule
- Importing data using standard method of staging tables and import sets
What are the steps in LDAP authentication
- User enters credentials into SN - password stored in HTTPS session. If the “Source” field of the user record starts with LDAP, validation is attempted using LDAP, otherwise the password on the local user record is used to validate login
- SN passes credentials to LDAP server. If password is provided, “Simple Bind” is performed. If not, LDAP must allow anonymous login
- LDAP responds with authorized or unauthorized
- user as granted or denied access
What is the maximum acceptable network ping time?
500ms
What is the Client Transaction Timings plugin
enhances system logs by providing more information of the durations of transactions between client and server
Where are client transactions stored?
with all other transactions in the transaction log table. client_transaction field is set to true
What are the most common mistakes that lead to long-running reports?
- Returning too many results
- Grouping by fields such as duration or name
- Reporting on a user-created table that uses many joins on other tables
What is the ECC queue?
External Communications Channel queue. It is a database table which is queried, updated, and inserted into by other systems
What is stored in the ECC queue?
- Messages, two types:
- From ServiceNow to another system (output message)
- From another system to ServiceNow (input message)
What are the two main processes on a MID Server?
Monitors
Workers
What is a Mid Server Monitor?
runs on its own thread as a timer object and is configured to execute a task periodically, returning its result to the ECC queue
What is a Mid Server Worker?
on-demand thread that executes a tag when a corresponding ECC output queue record is read from ServiceNow
How do MID Server workers get their work?
Queue Monitor reads an ECC output queue message and triggers the worker to work
What information can be found on stats.do?
- Build Name
- Build Tag
- Instance Name
- Servlet Memory
- Servlets statistics
- Semaphores sets
- OS Configuration
- Logged in sessions
What options are available for separating data and processes?
- Filters
- System Security
- Domain Separation
- Company Separation
- Separate Instances
What does Domain Separation do?
- Separates Data
- Separates administration (workflow, policy, UI definition)
- Provides multi-tenancy support
Some global data and processes are shared across all domains, “Remember Me” option is an example
Who is domain separation good for?
Organizations that want to:
- Enforce data separation between business entities
- Customize Business process definitions and user interfaces for each domain
- Use a single instance of servicenow to maintain global processes and global reporting
What is Company Separation?
Legacy - domain separator can be based on anything in the system. Any table that contains a domain field inherits data separation. Domain fields can be added to any tbale to extend data separation through the system
Can Domains be Hierarchical
Yes
What and Where is the Debug log
System Diagnostics > Debug Log
displays gs.print() and gs.log() statements, as well as server logging information and error messages
What are the standard email protocols for ServiceNow?
Outbound - SMTP
Inbound - POP3
How do Workflows work with Update Sets?
Workflows are not included in Update Sets until the Workflow is published, at which point the entire workflow is added to the update set
How often are ServiceNow instances backed up?
Every 24 Hours
What does StartNow stand for?
STrategic Alignment and drive Rapid Transformation
What is the StartNow methodology
ServiceNow’s methodology for implementations. Combination of traditional waterfall approach with SCRUM
What are the 6 phases of the StartNow methodology
- Plan
- Discover
- Prepare
- Deploy
- Operate
- Transform
What is the 1st phase of StartNow and what does it include?
Plan:
- Project Setup
- Team Setup
- Project Definition in PPM Application
- Kick-off
- Customer Training
- Arranging Gap analysis workshops
What is the 2nd phase of StartNow and what does it include?
Discover:
- Gap Analysis Workshops
- KPI workshops
- Integration requirements
- data requirements
- backlog of work defined/documented in Scrum
What is the 3rd phase of StartNow and what does it include?
Prepare:
- Core Systems Setup
- LDAP(S) integration
- Common Data Imported
- Integrations
- Scrum planning
What is the 4th phase of StartNow and what does it include?
Deploy:
- Build out functionality from SDLC backlog
- Managed using Agile SCRUM Application
What is the 5th phase of StartNow and what does it include?
Operate:
- UAT
- End User testing
- Go-live checks
- Production readiness review
- Go-live support
What is the 6th phase of StartNow and what does it include
Transform:
- Pulse Checks
- Delivery Assurance
- Transformation road maps
- Service Improvement plans
What is Upgrade History and where can you find it?
System Diagnostics > Upgrade History
Tracks all upgrades made to an instance. Each record examined during an upgrade is tracked and the action taken on that record is tracked as the disposition
What does ServiceNow use as core-based technology?
MySQL and Tomcat
What are the layers of the Core-Based technology
- Top - Who is accessing the instance (browser, SOAP, FTP, etc)
- Next - top app layer, UI, SOAP, Other
- Next - Scripting
- Next - DB Layer
- Next - MySQL
What does the High Security Plugin do?
Creates a role called security_admin which is added to the default System Administrator user. New role has “elevated privelage”
What does the “Elevated Privelage” attribute of a role do?
Means that the user who is assigned the role will need to manually elevate themselves to the role during a session. Session timeout or log-out removes the role
What does the security_admin role allow you to do when activated?
- Modify ACLs
- Import XML Files
- Access Scripts - Background module
How could I improve the performance of an import set?
Uncheck the “run business rules” attribute
How can I remove the New and Edit buttons from a related list
Right-click in the related list header and select Personalize > List Control. Select Omit new button or Omit edit button
What does SOAP Stand for?
Simple Object Access Protocol
What are the four parts of SOAP Message transportation?
- Endpoint
- Action
- Headers/Attributes
- Envelope
What is the SOAP endpoint?
URL or Address where the SOAP request is delivered. Must be able to reach the endpoint over the network in order for the communication to succeed.
What is a SOAP Action?
String that is often optional with the SOAP web service. However, some services do require this to be set. The string is often descriptive of what action should be performed by the web services.
What are the SOAP Headers/Attributes?
Found within the HTTP request. They contain information regarding the protocol being used as well as other custom information such as session IDs, authentication token, etc.
What is the SOAP Envelope?
Actual document that describes the details of the SOAP request. This is written in XML format. Has a header and a body similar to an HTML webpage. Header and body details are dictated by the web service and explained in a corresponding WSDL document
What are the elements of a SOAP envelope?
1) Main Document
2) Header (optional)
3) Body
4) Fault Element (optional)
What is the SOAP envelope header?
Often contains processing instructions for the envelope, but it is not used in all web services.
What is the SOAP envelope Body?
Main part of the envelope, is required for SOAP requests. Contains the actual message or request that is to be delivered to the web service.
What is the SOAP envelope Fault Element?
Often present if there was an error processing the web service request. The Web Service is responsible for populating this element with descriptive information to help the consumer understand what went wrong, and/or what to do next
What is the SOAP WSDL?
Another XML document that is used in the SOAP protocol. It is a catalog of available functions provided by the web service. A SOAP web service consuming client information should be able to read this and generate a template of each of the available service requests provided by the web service.
