How to ensure sys_id of users and groups are same in all instances?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2024 10:32 PM
How to ensure sys_id of users and groups are same in all instances?
I have seen SEVERAL posts in community who says "All users and groups should be created in production and migrated to sub-prods."
My question is, as per SDLC , we need to do all the developments in DEV, move to Test, do UAT and then push to PROD.
Why should we do LDAP /azure integration in PROD first and then import to DEV?
Why not start with DEV only and then push suing XML to TEST and PROD???
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-25-2024 02:56 AM
Hi @Suggy
How to ensure sys_id of users and groups are same in all instances?
Atul: Follow the best practice, means dont create the user directly in Prod, always create in Dev and move.
I have seen SEVERAL posts in community who says "All users and groups should be created in production and migrated to sub-prods."
My question is, as per SDLC , we need to do all the developments in DEV, move to Test, do UAT and then push to PROD.
Why should we do LDAP /azure integration in PROD first and then import to DEV?
Atul: My thoughts say, or what i experience, that it is not possible or feasible to integration dev / test and prod all 3 instance with AD , which required a efforts and time as well. and also some time business don't want to bring all prod users in dev ( one of my client had this requirement), so we do these integration in prod and from PROD it come to dev via xml import or via clone.
Rest expert @Mark Roethof already answered in good way.
Why not start with DEV only and then push suing XML to TEST and PROD???
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]
****************************************************************************************************************
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-13-2025 09:14 AM - edited 03-13-2025 09:16 AM
In my case, the reason why we don't include the sys_user table in clone is because the users data get created/updated daily three times on all instances. We have active integration with LDAP on all instances. Also, we grant some additional roles upon request in sub-prod instances for different reasons, which is why we don't clone that data from prod.
In other words, we don't follow the best practices, which is cloning the production instance to sub-production instances so that sys_id values for base-level data can remain consistent across the ecosystem and that this inconsistency may be minimalized to only what is generated by source code per instance. (reference link: https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0831864#:~:text=As%20part%20o....)
