Which is better approach to get all the azure AD groups in servicenow?

Rahul S
Giga Contributor

‎07-09-2024 04:31 AM

Hi Snow experts,

 

I have a requirement to fetch all the AD groups from azure AD.

Which would be better approach?

1. fetch groups via LDAP which is already configured

2. Via AD spoke which is already configured and running

3. Rest API

or something else ?

0 Helpfuls
  • 496 Views
4 REPLIES 4

AJ-TechTrek
Giga Sage
Giga Sage

‎07-09-2024 06:57 AM

Hi @Rahul S ,

 

Fetching the LDAP is the best and suitable approach as well as it will update the all updated groups automatically.

 

Also you configured the SPOKE which is more that enough, nothing else is required.

 

Please appreciate the efforts of community contributors by marking appropriate response as Mark my Answer Helpful or Accept Solution this may help other community users to follow correct solution in future.

 

Thank You

AJ - TechTrek with AJ

Linkedin:- https://www.linkedin.com/in/ajay-kumar-66a91385/

YouTube:- https://www.youtube.com/@learnitomwithaj

ServiceNow Community Rising Star 2024

0 Helpfuls

David104
Tera Guru

‎07-09-2024 03:55 PM

Hi,

 

Using LDAP is also OK if you still have on-prem AD syncing with Entra ID or if you are using Entra Domain Services.

 

Another option is to push from Entra iD (Azure AD). Within Entra ID, you can configure it to provision both users and/or groups into ServiceNow. The advantage of this is that it is more dynamic than a scheduled integration originating from ServiceNow.

 

https://learn.microsoft.com/en-us/entra/identity/saas-apps/servicenow-provisioning-tutorial

 

Unless one of those OOTB or Off-The-Shelf options is not working in a way that meets your requirements, I would personally avoid building anything, even using the available spokes - it's just another flow to manage.

 

Hope this helps.

 

Regards,

David

MattSN
Mega Sage
Mega Sage
In response to David104

‎07-10-2024 04:00 AM

This is the answer. The Azure developed ServiceNow push provisioning app from Microsoft is by far the best option for Azure -> ServiceNow sync.

0 Helpfuls

Harish Bainsla
Tera Sage
Tera Sage

‎07-09-2024 09:14 PM

Hi @Rahul S 

 

  • If LDAP is already configured and working in your environment, it can be a straightforward solution.
  • LDAP is a well-established protocol for querying directory services.

 

0 Helpfuls