Azure AD - Employee sync
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-15-2022 08:20 AM
We are currently pulling users into our system via LDAP. However there are planes to move to Azure AD. I found the Microsoft Azure AD Spoke but all the functions appear to be around creating accounts, adding users to groups, etc. Do I still use LDAP to pull users into the system?
- Labels:
-
Integrations
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-15-2022 02:03 PM
Hi Brian,
I believe you can still continue to use LDAP for user authentication. (Though, I've only ever had 'hands on' experience doing this with on-prem AD).
If you wanted to move to Azure provisioning, you'd do that in Azure, docs here: https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/servicenow-provisioning-tutorial
If you do choose to go to Azure provisioning, there's a good article here discussing how to overcome a potential coalescing hurdle: https://community.servicenow.com/community?id=community_question&sys_id=045a96c8db0d8418feb1a851ca961908
I think the only reason to move to the SAML based Azure authentication would be to standardise the login experience for your users (as they'd log in through the Office 365 screen) across all of your business applications. (And streamline in terms of only logging in once - if they've logged in to 365 already, they will be auto logged in to ServiceNow if they navigate to the instance).
Hope that helps!
Mike
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-15-2022 05:08 PM
Thanks, I'm not sure we will change the way we authenticate. I was just trying to figure out how we get user data and keep it up to date.
