How to use the userAccountControl attribute to disable users in serviceNow
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-04-2024 06:18 PM
Hey all,
Im new to SN scripting and want to understand what existing scripts there is available that other people in to community may be using to Align the status of a User account in Active Directory into serviceNow.
There was already a LDAP integration setup which pulls the attributes :
dn,givenName,SN,mail,title,Surname,SamAccountName,uid,source,department,userAccountControl
With this I have been trying business scripts and transform scripts to try and pull the correct data from AD into serviceNow and un-active the accounts in SNOW but unsure to whats the best way to approach this.
currently I have a business rule called :
Set Inactive on AD User Account Change
when to run : after | insert and Update.
Advanced : I have this script running.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-04-2024 06:34 PM
@LePhucTanT Aligning the status of user accounts in Active Directory (AD) with ServiceNow can be accomplished through a combination of LDAP integration and scripting. Based on your current setup, it looks like you're on the right track with your business rule.
Note: In an after business rule, it’s not necessary to call current.update() because the changes to current will be saved automatically by the system.
And performance consideration,in addition to using business rules, you might also consider using a scheduled job to periodically check and synchronize user statuses if there are situations where user account changes in AD may not trigger updates in ServiceNow.
Hope this will help you
