LDAP separate Users to custom table

Dazler
Mega Sage

Hi,

 

I have a situation that I need guidance from the community on.  I am hoping someone has had this situation and found a solution.  Here is the best way I can explain it.

 

We have LDAP set up for users and in Active Directory, it also pulls over Service Accounts from AD.  We also have LDAP Set up for groups to bring in the members of the groups.  All of this is working.  The issue we have is the Security Incident Module bases it subscription off of Unrestricted User.  This is what ServiceNow says determines an Unrestricted User.

Dazler_0-1709089703025.png

 

This means that these service accounts coming from AD are being treated as Unrestricted Users and causing our purchase allotment to go over.  I can't make those service accounts inactive, because they are used in other automations within the system and the active state is important.

 

So I thought what about pushing those Service Accounts from the User table into a custom table. I know that I can determine this within the transform map.  The issue that I see is how to get the groups for that service account to connect to that custom table where we will save the Service Account.

 

What do you all think if I add a new field to the group members table that references the custom table for Service Accounts?

Dazler_1-1709090344980.png

 

 

How would I add these service accounts to the group member table?  I can't seem to wrap my head around this.  The OOB LDAPUtil script include is only account for the user table and not my custom table.

 

I have to separate these service accounts from the user table, but I need to know what groups these service accounts have in Active Directory.

 

Any ideas?

1 REPLY 1

James Chun
Kilo Patron

Hi @Dazler,

 

Have you checked with your account exec? If you see the screenshot below, the service accounts will be counted as licensed users depending on how they are used. If your service accounts are used only for data import, it looks like it shouldn't be counted towards a licensed user. But make sure you check with your account exec/sales team.

 

 

JamesChun_0-1709093376378.png

Ref - https://www.servicenow.com/community/in-other-news/user-account-or-service-account-what-to-use-for-w...

 

Thanks