LDAP - Stop user record insert when username is blank

Go to solution
GB14
Kilo Patron

‎01-18-2024 11:46 AM

This doesn't happen often but once in a while an account is created with an empty username or a contract gets added to the incorrect OU. (all by mistake or an error). Is there a way to stop the insert of the record during the LDAP import? Also, if the Coaleace field is set to ADOBJECTGUID, can we have 2 accounts with the same username but different domains?

 

Thanks,
G

0 Helpfuls
  • 361 Views
1 ACCEPTED SOLUTION

Go to solution
Tushar
Kilo Sage
Kilo Sage

‎01-18-2024 01:42 PM

Hi @GB14 

 

Maybe create a business rule triggered on "Before Import" of the LDAP_Import set table.

  • Use a condition like current.u_username == "" OR current.u_ou != "desired_OU" to check for empty usernames or incorrect OUs and set an action to throw new Error("Invalid username or OU") to halt the import of that specific record.
  • If using transform maps, create a validation rule to check for empty usernames or incorrect OUs and set the "Action on Failure" to "Abort Import" to stop the import for those records.

I think setting the Coalesce field to ADOBJECTGUID allows distinct accounts with the same username but different domains and each account will have a unique ADOBJECTGUID, ensuring they are treated as separate entities in ServiceNow.

 

Please, don't forget to mark my answer as correct if it solves your issue or mark it as helpful if it is relevant for you!

Regards,
Tushar

View solution in original post

2 REPLIES 2

Go to solution
Tushar
Kilo Sage
Kilo Sage

‎01-18-2024 01:42 PM

Hi @GB14 

 

Maybe create a business rule triggered on "Before Import" of the LDAP_Import set table.

  • Use a condition like current.u_username == "" OR current.u_ou != "desired_OU" to check for empty usernames or incorrect OUs and set an action to throw new Error("Invalid username or OU") to halt the import of that specific record.
  • If using transform maps, create a validation rule to check for empty usernames or incorrect OUs and set the "Action on Failure" to "Abort Import" to stop the import for those records.

I think setting the Coalesce field to ADOBJECTGUID allows distinct accounts with the same username but different domains and each account will have a unique ADOBJECTGUID, ensuring they are treated as separate entities in ServiceNow.

 

Please, don't forget to mark my answer as correct if it solves your issue or mark it as helpful if it is relevant for you!

Regards,
Tushar

Go to solution
Narsing1
Mega Sage

‎01-18-2024 06:39 PM

On the OU Definition filter, add something like this

(!(givenName=''))

Thanks,

Narsing