Adding members to groups via LDAP

Go to solution
othomas1
Kilo Guru

‎09-01-2020 05:45 PM

Hello everyone,

Ive spent a good amount of time trying to get users into groups via LDAP. The user import works, the groups import works, but when i try to configure things to get users into the already existing group, nothing works. I saw a post that said you shouldnt map the u_member field, so i left it blank, can anyone lend some wisdom on getting users into groups?

find_real_file.png

 

OnAfter script:

//
// After a group has been inserted the line of code below will get
// all the users that belong to the group according to LDAP and
// put the users into this group. This is done by getting
// the value from the u_members field from the source record.
// If you do not want to put the users in the group then you
// can comment out or remove the line below. If you are using
// something other than Active Directory and user membership is
// not indicated via the 'member' attribute then you can add the
// following line to indicate what field should be used. This
// line would be added before the the call to addMembers.
//
ldapUtils.setMemberField('u_member');
//
ldapUtils.addMembers(source, target);

Labels:
Preview file
125 KB
0 Helpfuls
  • 5,726 Views
1 ACCEPTED SOLUTION

Go to solution
Mike Patel
Tera Sage

‎09-01-2020 06:59 PM

1# Remove u_member from field maps

2# OnAfter script only needs be like ldapUtils.addMembers(source, target);

3# OnStart needs to be below

gs.include("LDAPUtils");
var ldapUtils = new LDAPUtils();
ldapUtils.setLog(log);

Make sure you are mapping source field from ldap import to source field on user record (sys_user).

It needs be like

ldap:CN=XXX\, CCCCC,OU=Users,DC=XXXX,DC=com

View solution in original post

9 REPLIES 9

Go to solution
Mike Patel
Tera Sage
In response to othomas1

‎09-02-2020 07:34 AM

change mapping from dn field to source field on user import transform map not group import.

0 Helpfuls

Go to solution
Sravani36
Tera Expert
In response to Mike Patel

‎09-12-2022 04:21 AM

Hi Mike,

Facing similar issue, I already have the users in ServiceNow and this users are part of many AD groups

So i need to import this AD groups along with the users who are part of this groups instead of adding the users manually in servicenow.

Can you please help me out how to do it.

0 Helpfuls

Go to solution
Mike Patel
Tera Sage
In response to othomas1

‎09-02-2020 07:37 AM

See example screenshots.

find_real_file.png

find_real_file.png

find_real_file.png

Preview file
127 KB
Preview file
146 KB
Preview file
129 KB
0 Helpfuls

Go to solution
othomas1
Kilo Guru
In response to Mike Patel

‎09-02-2020 07:54 AM

Thanks for that info, so just so im clear,

The u_source field on the group import, should map to the target source field on the sys_user table?

0 Helpfuls

Go to solution
Mike Patel
Tera Sage
In response to othomas1

‎09-02-2020 07:59 AM

No, group import source field should map to group(sys_user_group) source field.

User import source field should map to User (sys_user) source field.

Look at the screenshots I shared in my previous post.