- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-06-2018 02:33 AM
Hi,
Currently our ServiceNow Instance is integrated with LDAP and it was mapped to "user_name" in User form with "samAccountName" from AD. Now we want to move to Azure AD auto provisioning, but when we enable auto provisioning from Azure it creating duplicating records in User form for existing users instead of updating.
Existing user profile which is provisioned by LDAP user id is "xx44", but thesame profile duplicate created by Azure user id is "xxx@companyname". can someone tell me how to change the mapping in Azure to map ServiceNow "user_name" field with Azure AD users "samAccountName" or "user id".
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-06-2018 02:45 AM
Hi,
I had exactly the same issue, unfortunately the local samaccountname doesn't exist on Azure. You need to modify your user records to change the username to userprincipalname from Azure (normally email address).
I ran a fix script to go through and change the usernames of all my users that had been imported from AD via LDAP. I used the script below, you'll probably need to change the encoded query to get the users you need and you'll need to change the regex as well. Make sure you test it thoroughly on dev first!
var gr = new GlideRecord('sys_user');
gr.addEncodedQuery('sourceISNOTEMPTY^active=true^emailISNOTEMPTY');
gr.query();
while(gr.next()){
var userName = gr.getValue('user_name');
var regexp = new RegExp('\\b[a-z]{4}[0-9]{3}', 'i');
if(regexp.test(userName)){
gr.user_name = gr.getValue('email');
gr.update();
}
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-06-2018 02:45 AM
Hi,
I had exactly the same issue, unfortunately the local samaccountname doesn't exist on Azure. You need to modify your user records to change the username to userprincipalname from Azure (normally email address).
I ran a fix script to go through and change the usernames of all my users that had been imported from AD via LDAP. I used the script below, you'll probably need to change the encoded query to get the users you need and you'll need to change the regex as well. Make sure you test it thoroughly on dev first!
var gr = new GlideRecord('sys_user');
gr.addEncodedQuery('sourceISNOTEMPTY^active=true^emailISNOTEMPTY');
gr.query();
while(gr.next()){
var userName = gr.getValue('user_name');
var regexp = new RegExp('\\b[a-z]{4}[0-9]{3}', 'i');
if(regexp.test(userName)){
gr.user_name = gr.getValue('email');
gr.update();
}
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-08-2018 12:38 AM
If this answered your question can you mark my answer correct to close the thread down?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-13-2018 10:04 PM
Sure David, I will do that. Also, i want to know whether you have configured group auto provision from Azure AD to ServiceNow. Because when i turn on auto provisioning for groups in Azure AD , group member details are not updating correctly to Servicenow.
Could you please let me know if you have done anything on this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2018 12:33 AM
Hi,
Unfortunately i'm only syncing users automatically so i can't assist with the issue you're having with groups, it's probably worth raising a new thread to get help with that.
Cheers
Dave
