After trying to fine tune connectors in our SCSM environment, I noticed information being pulled that was undesired, i.e administrator accounts into our CMDB. I validated the AD and SCOM connectors were not pulling this information, so that left the SCCM connector. At the time I didn’t think SCCM would pull Active Directory accounts, but that was a false assumption. Administrators log into workstations and servers with separate accounts that are used for administration purposes that have no real value in our SCSM CMDB. Nevertheless they are there, which demands the questions why?
Let’s crack open the XML of the SCCM connector and take a look for ourselves.
Don’t try editing the mp directly from here-
Program Files\Microsoft System Center 2012 R2\Service Manager\Microsoft.EnterpriseManagement.ServiceManager.Connector.Sms2011.mp
You have to export it from the console or you will get gibberish directly editing the .mp
After saving the XML edit it with an editor like Notepad++
As you can see this is one massive XML. After searching I found UserMachineRelation. Since one of SCCM 2012’s new features is User Device Affinity we are now getting user account information from the SCCM connector because its captures the machines Primary User.
The next step would be to modify the XML to not capture specific information we want excluded. Unfortunately editing this will not work and there is no one to my knowledge to modify this XML without breaking the connector. If anyone comes across a way to modify the SCCM connector, please share! For now here is where another bulk of your CMDB is being populated from.