Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.

Credentials troubleshooting

Log in to subscribe to topics and get notified when content changes.

Credentials troubleshooting

Review the <credentials_debug> section of the ECC queue payload to troubleshoot issues with credentials.

Certain probes support credential debugging. Credential debugging inserts a <credentials_debug> section in the payload that the MID Server returns to the instance ECC queue. You can view the <credentials_debug> section to see detailed information about the credential lookup.
The <credentials_debug> section appears in the payload if:
  • Credentials fail for WMIRunner probe, PowerShell probe, JMS, or SSHCommand probe.
  • You set the credentials_debug parameter to true for the WMIRunner, PowerShell, or SSHCommand probes. If you set the parameter to true, the <credentials_debug> section appears even if the credential lookup is successful.
The <credentials_debug> section shows:
  • Information about the credential search, such as the credential types, tags, and affinities.
  • The IP address targeted.
  • Information about each credential (in order) that the MID Server used, including the type, classification, tag, name, Sys ID, and external credential ID if present.
Figure 1. Sample payload showing invalid credentials
Sample payload showing invalid credentials
Details appear for the PowerShell parameter:
  • If the local MID Server credentials were used after all the Windows credentials failed.
  • If the credentials were skipped because you are trying to discover the same machine that the MID Server is on.
  • If the mid.powershell.use_credentials parameter is set to true.
Details appear for the SSHCommand:
  • If the credential search was skipped because the target IP is blacklisted.
  • If the target IP was added to the blacklist.
Note: The MID Server saves IP addresses for failed credential searches in a blacklist in cache memory. This blacklist specifies which devices the MID Server should stop trying to access. IP addresses are added to the blacklist after every credential has failed. The IP addresses are cleared from the blacklist cache either after five minutes, if the MID Server is restarted, or if the credential records on the instance are updated.
Feedback