Groups syncing with Active Directory

arnoldha · ‎08-17-2023

Hi everyone,

I have a question about Active Directory groups syncing. I want to synchronize groups, but the names on Snow and AD are different. Do you know a way to match them?

I've seen that there are two different methods. One is to use AD Auto-Provisioning, but I don't think it is possible to map the names. The other solutions is using LDAP, but do you guys know how I can match the group names?

Thanks in advance !

SwarnadeepNandy · ‎08-17-2023

Hello @arnoldha,

What we have done to bypass this issue is create a new field in servicenow group(sys_user_group) table which contains the "samaccountname" (AD group unique name) and then modified the transform maps slightly to maintain different group names at both side and keeping the mastership of the groups to AD.

Hope this helps.

Kind Regards,

Swarnadeep Nandy

View solution in original post

SwarnadeepNandy · ‎08-17-2023

Hello @arnoldha,

What we have done to bypass this issue is create a new field in servicenow group(sys_user_group) table which contains the "samaccountname" (AD group unique name) and then modified the transform maps slightly to maintain different group names at both side and keeping the mastership of the groups to AD.

Hope this helps.

Kind Regards,

Swarnadeep Nandy

arnoldha · ‎08-17-2023

Thanks you for the sharing ! Didn't think of doing it that way, but it seems the best and simplest option 😊

SwarnadeepNandy · ‎08-17-2023

Thanks for your feedback @arnoldha. I am glad it helped.

If my solution helps, please feel free to mark it as correct solution.

Kind Regards,

Swarnadeep Nandy

amanbgulati · ‎05-15-2025

How to handle scenarios when groups are removed in AD? How to make those updates in SNOW?