Best practice for OU Definitions where the ldap source data is nested.

Shawn Horley
Kilo Guru

‎02-02-2018 10:27 AM

Greetings Folks

I am working on the LDAP integration of my ServiceNow Dev instance and have come to the point where I am setting OU definitions.   The Challenge i have is that our AD structure   (and the LDAP reflection) has been set up so that our Users are in multiple nested OU's broken up by Section(arbitrary region) Location and then department. If I am creating a separate OU definition for each group of Users I will be looking at around 115 separate OU definitions... Can anyone out there suggest a more efficient way of importing our users?

I look forward to your suggestions.

Cheers

Shawn Horley

0 Helpfuls
  • 2,837 Views
4 REPLIES 4

Surendra Raika1
Kilo Guru

‎02-02-2018 01:39 PM

Similiar discussion . LDAP Import Filter for differenet OUs


Mark Lanning
Tera Guru

‎02-02-2018 01:49 PM

Shawn,



Add the ObjectGUID to your transform map and coalesce off of it, so when your members moves the OU definitions will move with them.


I have my User Filter set to (&(objectClass=person)(|(sn=*)(description=*customer account*))(!(objectClass=computer))) so when the ObjectGUID is update the OU will also update.



The ObjectGUID will never change once the User Account is created, even if the user is moved to a different domain the GUID will remain so its the best field to key off of with doing your LDAP.



Mark


Shawn Horley
Kilo Guru
In response to Mark Lanning

‎02-20-2018 12:47 PM

Thanks for the responses folks!

In the end we did create separate OU Definitions for each location. It was a bit of a tiresome task, but it did end up working well. As people move locations year to year this should end up being captured and updated through the listeners. @marklanning: I ended up coalescing off of our Location ID's as they are static. Our locations don't move, but our Users do so It made sense to coalesce off the location data.

Thanks for your feedback!

 

0 Helpfuls

Shawn Horley
Kilo Guru

‎02-20-2018 12:46 PM

Thanks for the responses folks!

In the end we did create separate OU Definitions for each location. It was a bit of a tiresome task, but it did end up working well. As people move locations year to year this should end up being captured and updated through the listeners. @marklanning: I ended up coalescing off of our Location ID's as they are static. Our locations don't move, but our Users do so It made sense to coalesce off the location data.

Thanks for your feedback!

 

0 Helpfuls