Skip to main content

Microsoft Endpoint Configuration Management

Microsoft Endpoint Configuration Management (MECM) is a configuration management tool for managing software and software updates across your different devices. You can bring asset, software install, and software product data from MECM into Brinqa to gain visibility into your assets and strengthen your cybersecurity posture.

This document details the information you must provide for the connector to authenticate with MECM and how to obtain that information from Microsoft. See create a data integration for step-by-step instructions on setting up the integration.

Required connection settings

When setting up a data integration, select Microsoft Endpoint Configuration Management from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate MECM with Brinqa:

  • Server name: Your organization's MECM SQL Server name.

  • Port: The TCP (Transmission Control Protocol) or IP port number that is used to communicate with the MECM SQL server.

Additional settings

The MECM connector contains additional options for specific configuration:

  • Database name: The MECM database name. The database name uses the following format: CM_<SiteName>.

  • Use Windows Authentication mode: Select this option to authenticate against the SQL server using Windows authentication. This option requires specifying the domain in the Domain field.

  • Domain: If using Windows Authentication, specify the Windows domain to authenticate in.

  • User name and Password: Specify the username and password of the SQL server account, which must have permissions to log in to the database and return data.

  • advanceUri: Specify additional connection parameters or options for direct usage. For example, you might use this to configure encryption, specify the network protocol, or provide other SQL Server connection properties. For example:

    • If you want to ensure that the connection to your SQL Server is encrypted, you might specify a parameter like so:

      jdbc:sqlserver://[servername]:[port];databaseName=[yourDatabaseName];encrypt=true;trustServerCertificate=true

      This configuration ensures that the data transmitted between the MECM connector and the SQL Server is encrypted and that the SQL Server's SSL certificate is verified.

    • If you want to specify the number of seconds the driver waits for a SQL command to execute before timing out, the parameter might look like this:

      jdbc:sqlserver://[servername]:[port];databaseName=[yourDatabaseName];queryTimeout=30;

      This configuration ensures that SQL commands do not run indefinitely by preventing potential hang-ups due to long-running queries.

Types of data to retrieve

The MECM connector can retrieve the following types of data from your MECM SQL server:

Connector ObjectRequiredMaps to Data Model
AssetYesHost
Software InstallYesInstalled Package
Software ProductYesPackage
info

The MECM Connector does not currently support operation options for the types of data it retrieves.

For detailed steps on how to view the data retrieved from the MECM Connector in the Brinqa Platform, see How to view your data.

Attribute mappings

Expand the sections below to view the mappings between the source and the Brinqa data model attributes.

Asset

Table 2: Asset attribute mappings

Source Field NameMaps to Attribute
Active directory siteLocal variable
Client typecategories
Client versionLocal variable
CPU typeLocal variable
Creation datesourceCreatedDate
Decommissionedstatus
Distinguished nameLocal variable
Domain namednsNames, publicDnsNames, privateDnsNames
Hardware IDLocal variable
Hardware scanLocal variable
Internet enabledLocal variable
IP addressesipAddresses, publicIpAddress, privateIpAddress
Last logonlastLogin
Last rebootLocal variable
MAC addressmacAddresses
Namename
NetBIOS nameLocal variable
Obsoletestatus
Operating systemos
OS versioncurrentVersion
Portable operating systemLocal variable
Serial numberserialNumber
Software scanLocal variable
Statusstatus, sourceStatus
Sys IDuid
Virtual machineLocal variable
VM host namehostnames
info

Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.

Software Install

Table 3: Software Install attribute mappings

Source Field NameMaps to Attribute
ASSET_IDtargets
INSTALL_DATEinstallDate
LAST_DISCOVEREDlastSeen
PRODUCT_IDLocal variable
SYS_IDuid
info

Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.

Software Product

Table 4: Software Product attribute mappings

Source Field NameMaps to Attribute
LAST_DISCOVEREDlastSeen
NAMEname
PUBLISHERpublisher
SYS_IDuid
VERSIONcurrentVersion
info

Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.

APIs

The MECM connector does not use any API endpoints.

Changelog

The MECM connector has undergone the following changes:

3.4.5

  • No change.

3.4.4

  • No change.

3.4.3

  • No change.

3.4.2

  • No change.

3.4.1

  • No change.

3.4.0

  • No change.

3.3.9

  • No change.

3.3.8

  • Fixed an issue where hostnames on the Asset object were incorrectly appended with a comma.

3.2.0