Active Directory integration (LDAP integration) with Service Now.

Go to solution
arijpaul
Kilo Explorer

‎08-29-2017 01:08 AM

Hello All

I have setup Active Directory integration with Service-Now instance. On the Service Now instance when I test the connection it shows as "Connected successfully". And when I "browse" and filter with the Distinguished Name it shows the objects. However I am unable to access the Service Now instance login page using my domain credentials. Whenever I try to access the login page it asks for credentials. When I enter my domain credentials it states that username or password is invalid. SSO is also not working. Ideally we should be able to login to the Service Now console via SSO using the same domain credentials.

So both SSO and even manually providing the domain credentials is failing?

Can someone say if I am missing something?

0 Helpfuls
  • 9,816 Views
1 ACCEPTED SOLUTION

Go to solution
corina
ServiceNow Employee
ServiceNow Employee

‎08-29-2017 11:12 PM

Hello Arijit.



You would need to import them.


You can start with a test import on your dev/test instance of course.


Under LDAP-Server


you have   Test load 20 records   or Load all records


LDAP type data source



After you loaded the records you map them to your sys_user table for example ( should you import users).



It goes the same way as a normal import.



More details about the LDAP integration here:


LDAP integration


View solution in original post

0 Helpfuls
36 REPLIES 36

Go to solution
corina
ServiceNow Employee
ServiceNow Employee

‎08-29-2017 12:21 PM

Hello Arijit.



SSO process is different than the LDAP one.


Concentrating on LDAP, does the respective user   exist on your instance? Is it active?


Also, did you make sure the user is active in the LDAP?


0 Helpfuls

Go to solution
arijpaul
Kilo Explorer
In response to corina

‎08-29-2017 03:10 PM

Hello Corina



Thank you so much for the response. I do not see any of the users/Groups from AD present under System Security > Users/Groups on the Service Now console.



However if I do a LDAP browse on the "LDAP server" which I have added and search for the corresponding "Distinguished Name" from AD it shows all the properties/attributes from AD.



I just wanted to check if we need to do something on Service Now so that all the users/groups show up on the instance.



Thanks and Regards



Arijit


0 Helpfuls

Go to solution
corina
ServiceNow Employee
ServiceNow Employee

‎08-29-2017 11:12 PM

Hello Arijit.



You would need to import them.


You can start with a test import on your dev/test instance of course.


Under LDAP-Server


you have   Test load 20 records   or Load all records


LDAP type data source



After you loaded the records you map them to your sys_user table for example ( should you import users).



It goes the same way as a normal import.



More details about the LDAP integration here:


LDAP integration


0 Helpfuls

Go to solution
arijpaul
Kilo Explorer
In response to corina

‎08-30-2017 02:58 AM

Hello Corina



Thank you so much for your help.



I was able to setup Service Now integration with Active Directory successfully. Thanks for your guidance.



The only thing which is not working yet is SSO. So users have to still provide their domain credentials to access the Service Now instance even though they are accessing from their desktops.



Is there a way to setup SSO to the console so that the users wont have to provide their domain credentials again.



Thanks and Regards



Arijit


0 Helpfuls