Add only Active users to group (LDAP)

Righto
Tera Contributor

‎05-18-2022 07:09 AM

Hi,

I would like to import group members whose account is active via LDAP. Currently LDAP is importing all group members, active and inactive. I believe that "On After" Transform Script is the one I should modify.

"On after" Transform Script:
ldapUtils.addMembers(source, target);

However I've checked the Source Transform map, unfortunately it looks like it doesn't contain "userAccountControl" field to check if user account is active/inactive/locked. Any tips or ideas, how to achieve this?

I would appreciate any kind of information.

Labels:
0 Helpfuls
  • 456 Views
1 REPLY 1

Allen Andreas
Administrator
Administrator

‎05-18-2022 07:18 AM

Hi,

You can refer to this thread for a suggestion.

It involves an onBefore transform script that you can use on the group import transform map to ignore the insert of members to a group if their AD account is not active: https://community.servicenow.com/community?id=community_question&sys_id=af7076acdb110014f7fca851ca96...

This is useful to do before the transform executes and if/when you need to disable it, it's an isolated script and you're not adjusting other records.

Please mark reply as Helpful/Correct, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
0 Helpfuls