Creating third party vendor user accounts, in ServiceNow

Daniel O_Connor
Kilo Guru

‎08-28-2018 04:59 AM

Hi all,

Having some trouble with creating user accounts. We operate a co-sourced helpdesk, where the previous ServiceNow owner here in my company had a single account that was shared among end users in the third party vendor.

I'm not happy with this on a number of levels, so want to arrange individual accounts for the end users, under a grouping. 

We utilise LDAP into ServiceNow. 

I tried to just setup the accounts directly in ServiceNow but that is not working. Had a read and saw articles on authentication and figure that it must have a corresponding Active Directory account. We login via email address', so I've setup AD accounts for all the users, pulled that into ServiceNow, but some of them are still not working. 

I'm getting frustrated as I feel I should be able to setup accounts in ServiceNow on request or demand, and have those users login simply and straight forward enough. Having to route back through ActiveDirectory, where I need to set generic passwords (that cannot be changed since these vendor users wont ever utilise a facilitiy to let them reset their AD password) is causing more effort than I believe it should.

 

Can anyone provide some help or guidance here? 

I want to setup specific ServiceNow users ideally without having to route through ActiveDirectory and all that overheard, for external users we co-source with. 

 

0 Helpfuls
  • 1,740 Views
2 REPLIES 2

Jeff Currier
ServiceNow Employee
ServiceNow Employee

‎08-28-2018 05:15 AM

I believe you want to activate the MultiProvider SSO plugin and then you can configure multiple authentication sources.  The the MultiProvider plugin, you can use several SSO identity providers (IdPs) to manage authentication as well as retain local database (basic) authentication.

The integration supports any combination of local and external authentication methods on a single instance:
  • LDAP
  • SAML 2.0
  • Digest Authentication
  • Local database authentication

For example, a globally dispersed corporation might require one SSO provider for their employees, a different one for their vendors, and local database authentication for their administrators. Alternatively, a company might implement SAML 2.0 and a digest token authentication solutions on the same instance.

 

 

With this, you can have your employees in Active directory and the Vendor accounts can use local database authentication.  You would want to test with this in a sub-production environment first to prove you can achieve the result you desire.

 

-HTH

Daniel O_Connor
Kilo Guru
In response to Jeff Currier

‎08-28-2018 06:10 AM

Thanks Jeff, this is super helpful. 

When I was reading about authentication I didn't catch I could use multiple types.So utilising the localised DB for vendor accounts I will be controlling and assigning sounds perfect.

Thanks,

Dan.

0 Helpfuls