If I create a user account as part of HR onboarding, how does the creation of the AD account reconcile with the local account created in ServiceNow?

kaushiknanavati
Kilo Contributor

‎05-23-2022 08:01 AM

When we open an onboarding case, a new user account is created with the employee name entered. The user has the roles of

During onboarding, the account will be created in AD. Is there a way to ensure that the AD account created is related to the originally created local account?

0 Helpfuls
  • 1,010 Views
4 REPLIES 4

sachin_namjoshi
Kilo Patron
Kilo Patron

‎05-23-2022 08:43 AM

You can utilzie OOB integration hub spoke for AD to create user in AD after roles are granted to user in servicenow.

 

AD Spoke

 

You can configure a flow designer flow on  sys_user_has_role table to trigger "Create user" IH AD spoke action.

 

Regards,

Sachin

kaushiknanavati
Kilo Contributor
In response to sachin_namjoshi

‎05-23-2022 08:48 AM

Hi Sachin, 

 

Thanks for responding.

 

The organization has their process to provision a user in AD after they have completed some pre-requisites. They will not accept ServiceNow creating an account in AD. So, the AD account will get created independently, and somehow, we need to reconcile it/relate it to the user record created during onboarding.

 

Have you had a similar situation?

 

Thanks,

Kaushik

0 Helpfuls

sachin_namjoshi
Kilo Patron
Kilo Patron
In response to kaushiknanavati

‎05-23-2022 03:17 PM

You should pull these accounts from AD to ServiceNow whenever they are created in AD. This way have sync of these accounts between AD to servicenow. After these accounts are created in user table, you can trigger a flow designer flow to assign these roles to them.

 

Regards,

Sachin

0 Helpfuls

John Zhang1
Kilo Patron
Kilo Patron

‎05-23-2022 03:36 PM

AD pass user data to ServiceNow through LDAP integration for both new user and existing user data update.  When you create a user account for pre-hire through HR Onboard, this user is not exist in AD yet.

During onboarding, you need to ensure the unique ID of local user can be passed to AD, this unique ID will a part of AD user data to reference to the local user.    

After AD user is created, this AD user will be passed through LDAP integration to ServiceNow to update the local user record rather than new user creation 

 

If my reply is Helpful/Correct, please mark the answer as Helpful/Correct