User provisioning with Azure AD

ssuhail
Tera Contributor

‎01-23-2018 09:16 PM

Hello!

We have LDAP integration in our ServiceNow instance where we have mapped "user_name" with "samAccountName" from AD. Ex: abcxxx

Recently our customer moved to Azure AD and we need to integrate with Azure now instead of LDAP. We integrated with Azure and are able to configure SSO and provision users (following the Microsoft docs). However these new users provisioned are duplicate records, ie., from Azure the "user_name" field is mapped with "User Principal Name" field which is of the format lastname.firstname@companyname.com and does not match with the former user_names.

I believe samAccountName is not available in Azure AD and by default the user_name is mapped with User Principal Name and cannot be changed in Azure.

Has anyone else encountered this and how did you handle?

0 Helpfuls
  • 5,572 Views
7 REPLIES 7

VivekSattanatha
Mega Sage
Mega Sage

‎01-23-2018 11:11 PM

Hi Suhail,



You can change the matching attribute in Azure in the below location



find_real_file.png



Regards,


Vivek



Based on the impact hit like helpful or correct


Preview file
119 KB
0 Helpfuls

ssuhail
Tera Contributor
In response to VivekSattanatha

‎01-24-2018 01:21 AM

Thanks for the reply Vivek!



I think that we cannot change user_name mapping. It looks like it always maps to user principal name and can not be changed. Let me try if it works though..



regards,


Suhail


0 Helpfuls

sgrison
Tera Guru
In response to VivekSattanatha

‎01-25-2018 07:29 AM

Anyone know how often does Azure send data to SN?


0 Helpfuls

ssuhail
Tera Contributor
In response to sgrison

‎02-01-2018 08:13 PM

I think it syncs every 20 minutes.


0 Helpfuls