LDAP Nested Groups

mflora · ‎09-08-2010

I am currently working on an integration with Active Directory. Within AD, we are using groups to designate the Assignment Groups within Service-now. This is working just fine as long as, in AD, the members of the groups are individual users. If another AD group is added as a member of this group, we are not able to see the individual user accounts within the nested group.

Does anyone know of a way to have Service-now traverse the nested group members?

Also, there are multiple levels within the nested groups (e.g. groups within groups within groups, etc.).

Any help or suggestions would be greatly appreciated.

Thanks

poyntzj · ‎04-15-2016

cool. So at what location are you placing this script ?

tstocking · ‎04-15-2016

In the LDAP transform script as an "On After" script.

lrossy31 · ‎01-30-2019

Hey tsocking,

I am also looking for a way to add members to parent group from members in nested groups and found this thread. Just wanted to ask to which OU Definition LDAP transform onAfter script you add the code you showed?

Will greatly appreciate your response.

Regards,

Luis

tstocking · ‎01-31-2019

Hi Luis,

We have the script running onAfter in our transform script for our LDAP Group Import. This import is the one that syncs the groups that have nested groups which contain members that we want to add to the parent group. Is this what you are asking?

lrossy31 · ‎01-31-2019

Hello tstocking,

Yes. I wanted to know if you add the script to the onAfter script of the parent group. Or so you use it in all the LDAP group imports?

Thanks a lot,

Luis