How to sync Azure ad with service now

kulshreshtha · ‎04-03-2017

I have followed the steps in the link Tutorial: Azure Active Directory integration with ServiceNow | Microsoft Docs . I am able to get users in service now. The problem is its taking very long time to get reflected in service now. . What can be done if i need azure ad changes to reflect in service now.

Thanks in advance

VivekSattanatha · ‎04-21-2017

Hi Naman,

I guess, I found your issue. I believe you are not able to redirect Azure login URL.

Add this below system property in your instance sys_properties table and try open your instance URL.

glide.authenticate.sso.redirect.idp = "Sys id of your Azure Identity provider"

Let me know if its fix your issue

Regards,

Vivek

Based on the impact hit like, helpful or correct

View solution in original post

chrisp83 · ‎07-26-2017

Hi Vivek,

I just had a quick question about the user profile attributes.

Once a user is created in Azure AD/O365 are all the attributes i.e. things like, name, country, mobile number etc that you have configured against that user automatically created with the ServiceNow user?

Would you use a transform map as usual to populate the user profile with the select attributes you want?

Thanks,

Chris

smruti · ‎01-24-2018

Hello Chris/Vivek,

Is Auto user account provisioning from Azure to ServiceNow possible only through SSO?

We are looking other than SSO. Can you please guide other ways to integrate Azure AD (without public IP Address)with ServiceNow.

Thanks in advance,

Smruti

chrisp83 · ‎01-24-2018

You can provision users from Azure AD. I haven't done it without the SSO part but I guess you just don't set that side of things up in your ServiceNow instance.

It's one way provisioning, you'll need the ServiceNow app installed and setup in Azure as if you were going to use SSO and then from within the app you can configure user provisioning. Azure AD will push users and their details (which ever attributes you configure to sync) to the sys_user table. You have to provide the ServiceNow Azure app with a ServiceNow admin account to create allow it to create the users.

There's a few things to watch out for like populating referenced fields, the data will already have to be populated in the referenced field in ServiceNow table before it will create the user, other wise it will fail the sync.

Cheers,

Chris

VivekSattanatha · ‎01-24-2018

Hi Smruti,

As like Chris said you can do user provisioning without SSO. You can follow his instructions.

For your second question, Since both are in Cloud, I do not think you can integrate without public IP. If your company more concerned about security then you can ask them to open the port specifically for Azure urls. Otherwise, if your company have on-premise AD and Azure AD both integrated then you can do LDAP import from your On-premise AD internally.

Regards,

Vivek

smruti · ‎01-25-2018

Thanks Cris and Vivek for your quick help.

I have gone through this link https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-servicenow-provisionin....

However it doesnot specify any configuration from Servicenow perspective except servicenow instance name,admin username and password.

Without SSO, will it take care of AD password authentication(will they be able to login Servicenow with same AD password).

If not,Kindly suggest how to achieve password authentication .

Thanks in advance,

Smruti