Adding users to groups via AD Spoke v2 - Best Practice
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-18-2024 08:39 PM
Hi, I just started using AD Spoke v2, and I was just wondering if you could advise, what is the best practice for flow designer to add user to ad group based on the value of the variable from the catalogue item.
Example: Application with different levels of access - RO, RW, FC etc.
Each level has its own AD security group.
User answers question in the form such as "Application xxx Read only" this is managed by SG "xxx read only".
I understand that this can be achieved by condition "IF" and create multiple sub flows - but this seems to be a little excessive. Is there any easier way to marry variable answers from the form to AD group name and have just one action to automatically pick the correct group based on the answer?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-22-2024 01:32 AM
Sure, you can achieve this by using a lookup table or dictionary in ServiceNow to map the variable answers from the form to the AD group names. Here are the steps:
1. Create a new table in ServiceNow to store the mapping between the variable answers and the AD group names. This table should have two fields: Variable Answer and AD Group Name.
2. Populate this table with the mapping data. For example, if the variable answer "Application xxx Read only" corresponds to the AD group "xxx read only", then you would create a record in this table with "Application xxx Read only" in the Variable Answer field and "xxx read only" in the AD Group Name field.
3. In your Flow Designer flow, add an action to look up the AD group name based on the variable answer. You can do this by using the Lookup Record action in Flow Designer. Set the Table field to the name of the table you created in step 1, and set the Fields to Retrieve field to "AD Group Name". In the Conditions field, set the field to "Variable Answer" and the value to the variable answer from the form.
4. The Lookup Record action will return the corresponding AD group name, which you can then use in the Add User to AD Group action.
Here is a sample code for the Lookup Record action:
var gr = new GlideRecord('your_table_name');
gr.addQuery('variable_answer', current.variable_answer);
gr.query();
if (gr.next()) {
var adGroupName = gr.ad_group_name;
}
And here is a sample code for the Add User to AD Group action:
var ad = new GlideRecord('Active_Directory_Group');
ad.addQuery('name', adGroupName);
ad.query();
if (ad.next()) {
var user = new GlideRecord('sys_user');
user.addQuery('user_name', current.user_name);
user.query();
if (user.next()) {
ad.addUser(user.sys_id);
}
}
This approach will allow you to manage the mapping between variable answers and AD group names in a central place, and you can easily add, remove, or change the mapping as needed.
For ServiceNow Live Classes, Books, Sample Resumes, Interview Questions, CSA Quizzes.
And getting better services's on ServiceNow you can visits our website.
Please visit : https://nowkb.com/home
Our Website :https://nowkb.com/home
nowKB.com
