Managing Users with multiple instances in sys_user table

We have a requirement to record every employee’s Active Directory account in ServiceNow (sourced from Entra ID and/or on-prem AD). This is to support offboarding (ensuring all accounts are disabled/deleted) and to manage access extensions for accounts approaching or past expiry.

For some users, this results in multiple accounts being created in the sys_user table, for example:

• SmithJ (Standard account)
• SmithJ50 (Privileged account)
• SmithJ90 (Domain Admin account)

Each of these is currently created as a separate sys_user record.

This leads to multiple entries for the same person appearing in reference fields and catalogue variables, making it unclear which user record should be selected. While I could update reference qualifiers across catalogue items to filter by account type, we have 100+ items so this isn’t practical to maintain.

Ideally, I’d like to model this as:

• A single “person” / primary profile
• With one or more linked accounts (child records)
• Clean selection in forms (one person, not multiple accounts)

Not all users have multiple accounts, some records may only represent non-standard accounts (e.g. service accounts, vendor accounts). Data is typically sourced automatically via import/integration (not manually maintained)

Has anyone implemented a solution for managing multiple AD accounts per individual in ServiceNow without needing to retrofit all catalogue items?
Examples I’m particularly interested in:

• Leveraging existing tables
• Parent/child structure

Appreciate any guidance or real-world approaches.

We are on Yokohama with ITSM Pro, moving to Zurich in May 2026. We do not have HRSD.