Understanding Azure Provisioning and User record creation

steveturley
Tera Guru

Hi. We have automatic user provisioning from Azure AD enabled. What I'm trying to understand is the trigger from the user record to be created and if this can be changed?

 

Am I right in thinking that the user record is only created when that user attempts to log into ServiceNow for the first time? If so, is it true that if a user never attempts to log in, their user record will never be created?

 

Also, if the above is true, can this be amended so that all users regardless of if they've attempted to log in are created as users in ServiceNow

 

Thanks for reading!

1 ACCEPTED SOLUTION

Tushar
Kilo Sage
Kilo Sage

Hi @steveturley 

 

Yes, you are correct. The user record is only created when the user attempts to log into ServiceNow for the first time. If the user never attempts to log in, their user record will never be created.

This is because the automatic user provisioning from Azure AD is triggered by the user logging in to ServiceNow. When the user logs in, their Azure AD credentials are validated and a user record is created in ServiceNow.

If you want to create user records for all users, regardless of whether they have attempted to log in, you can do so by using a scheduled job.

 

Please, don't forget to mark my answer as correct if it solves your issue or mark it as helpful if it is relevant for you!

Regards,
Tushar

View solution in original post

3 REPLIES 3

pablo_itguy_pl
Mega Guru

Hi,

I'm guessing that right now you have user provisioning configured through SSO (user is provisioned during login). In addition to that you can also have scheduled user provisioning from AAD (I think it happens every 40 minutes) - please have a look at this: Configure ServiceNow for automatic user provisioning

Tushar
Kilo Sage
Kilo Sage

Hi @steveturley 

 

Yes, you are correct. The user record is only created when the user attempts to log into ServiceNow for the first time. If the user never attempts to log in, their user record will never be created.

This is because the automatic user provisioning from Azure AD is triggered by the user logging in to ServiceNow. When the user logs in, their Azure AD credentials are validated and a user record is created in ServiceNow.

If you want to create user records for all users, regardless of whether they have attempted to log in, you can do so by using a scheduled job.

 

Please, don't forget to mark my answer as correct if it solves your issue or mark it as helpful if it is relevant for you!

Regards,
Tushar

Could you please give the sample schedule job or name of the schedule job?

 

 

Thanks!