Azure AD user provisioning for existing users in ServiceNow

Go to solution
meetanand7
Tera Contributor

‎11-06-2018 02:33 AM

Hi,

Currently our ServiceNow Instance is integrated with LDAP and it was mapped to "user_name" in User form with "samAccountName" from AD. Now we want to move to Azure AD auto provisioning, but when we enable auto provisioning from Azure it creating duplicating records in User form for existing users instead of updating.

Existing user profile which is provisioned by LDAP user id is "xx44", but thesame profile duplicate created by Azure user id is  "xxx@companyname". can someone tell me how to change the mapping in Azure to map ServiceNow "user_name" field with Azure AD users "samAccountName" or "user id".

 

0 Helpfuls
  • 2,452 Views
1 ACCEPTED SOLUTION

Go to solution
Dubz
Mega Sage

‎11-06-2018 02:45 AM

Hi,

I had exactly the same issue, unfortunately the local samaccountname doesn't exist on Azure. You need to modify your user records to change the username to userprincipalname from Azure (normally email address).

I ran a fix script to go through and change the usernames of all my users that had been imported from AD via LDAP. I used the script below, you'll probably need to change the encoded query to get the users you need and you'll need to change the regex as well. Make sure you test it thoroughly on dev first!

var gr = new GlideRecord('sys_user');
gr.addEncodedQuery('sourceISNOTEMPTY^active=true^emailISNOTEMPTY');
gr.query();
while(gr.next()){
	var userName = gr.getValue('user_name');	
	var regexp = new RegExp('\\b[a-z]{4}[0-9]{3}', 'i');
		
		if(regexp.test(userName)){
			gr.user_name = gr.getValue('email');
			gr.update();
		}	
	}

View solution in original post

5 REPLIES 5

Go to solution
meetanand7
Tera Contributor
In response to Dubz

‎11-14-2018 01:10 AM

Ya sure thanks David.. I will open a separate thread for this.

0 Helpfuls