How to Disable the AD Account automatically from ServiceNow, once we have a new Task for ac. disable
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 hours ago
How to Disable the AD Account automatically from ServiceNow, once we have a new SC Task for account disable in Servicenow ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 hours ago - last edited 2 hours ago
Hi @Anuj30 ,
To disable an Active Directory (AD) account automatically when a Service Catalog (SC) Task for account disable is created, you can use ServiceNow’s capabilities:
Configure a Flow in Flow Designer (or a Workflow) that triggers on the creation of a “Disable Account” SCTASK.
Use the Disable AD User Account activity to deactivate the AD account by passing the required user attributes (e.g., sAMAccountName, email, or DN).
Ensure the MID Server has proper AD permissions and credentials stored securely in ServiceNow.
Optionally extend the Flow to log results, send notifications, and handle error cases.
This approach is commonly used in HR offboarding automation to ensure timely and compliant account disablement.
🔗References:
Thanks & Regards,
Muhammad Iftikhar
If my response helped, please mark it as the accepted solution so others can benefit as well.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 hours ago
Hello @Anuj30
Use Flow Designer to create a Flow that triggers upon the completion (or creation/update to a specific state) of the SC Task. Within the Flow, leverage the IntegrationHub Microsoft Active Directory Spoke's "Disable User" action to connect to your AD environment via a MID Server and automatically disable the specified AD account.
Some reference which will be helpful.
https://www.servicenow.com/docs/csh?topicname=ms-ad-v2-spoke.html&version=latest
https://noderegister.service-now.com/kb?id=kb_article_view&sysparm_article=KB1284583
If my response has helped you, hit the helpful button, and if your concern is solved, do mark my response as correct.
Thanks & Regards
Viraj Hudlikar.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
an hour ago
Hi Viraj,
We do not have Azure AD Spoke subscription, we want to do it by custom integration
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
42m ago
Hello @Anuj30
Use Flow Designer (or Workflow) with a custom-built Action (if using Flow Designer) or Custom Activity (if using Workflow). This custom component will execute a PowerShell script on the MID Server that contains the Disable-ADAccount cmdlet, passing the target AD user's identifier from the SC Task as an input parameter.
Reference links:
https://incident.do/2023/11/22/ad-spoke-substitute-running-powershell-scripts-from-a-servicenow-mid-...
If my response has helped you, hit the helpful button, and if your concern is solved, do mark my response as correct.
Thanks & Regards
Viraj Hudlikar.
