Devices, in Syscat, are computer-type things. A given device could be a workstation, a server, a router, a switch or a firewall, or all of those things at the same time, so I settled on a generic name.
So far, I've defined them as primary resources. That is, they exist as first-class things in their own right.
This would be fine in a single-organisation CMDB, as most are. However, Syscat is not like the other ones; I designed it explicitly to be multi-organisational, with no inherent limit on the number of organisations. Since a given naming convention (Lord of the Rings characters, edge-router-1, etc.) is often used by several organisations, this is a recipe for conflict - after all, in Syscat there can only be one Bilbo.
Solution: redefine them to be dependent resources, hanging off Organisations or People.
So far, so good, and I was all set to implement this change, but something felt off about it.
The thing is, Syscat isn't just multi-org. More importantly, it also explicitly distinguishes between what is and what should be, or "discovered" and "intended" in Syscat-speak. When you're creating a record for a device that's supposed to be there, that's intended, and you already know who it belongs to. But what about the devices you discover when you scan your network, or audit your cabinet in the colo facility?
You could assume they all belong to you (or whoever's renting the cabinet) but, as anyone who's managed IT infrastructure professionally knows, assumption is the mother of all fuck-ups. What about the license server you're leasing, or the Intel NUC you didn't expect to find plugged into that switchport, and why is a host responding at an IP address you haven't allocated?
Solution: for discovered devices, put them in the context in which you found them.
For hardware, it's the physical location, while for network hosts it's the subnet on which you found them. Afterwards, you can compare the expected with the intended, match them using whatever criteria you've settled on, then pick out the discrepancies that warrant further attention.
Now we're getting somewhere.