Can ServiceNow user accounts be set to active/inactive based on active directory user enabled/disabled?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2018 09:27 AM
Is it possible to control when a ServiceNow user account is set to Active or Inactive based on the AD user setting for enabled/disabled? Often we pre-create users in AD a few days before they actually start since they are fed automatically from our HR system into AD. Those users are set to disabled. On the start date they become enabled in AD. But it seems that ServiceNow does not see that change on the AD account. We use secure LDAP to feed AD changes into ServiceNow through a scheduled job daily. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2018 09:36 AM
Yes. See this article in Docs: Inactive LDAP User Accounts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2018 09:54 AM
I'm asking the reverse of what this article is referring. We are not having problems with ServiceNow deactivating users when AD shows disabled or deleted. I want ServiceNow to recognize when a disabled AD user is set to enabled.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2018 10:14 AM
The userAccountControl field should do what you are asking. The field references a flag on the AD account and has different values depending on the flag state.
https://jackstromberg.com/2013/01/useraccountcontrol-attributeflag-values/ lists all the values
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-14-2019 04:16 AM
Is this Question answered I am facing the same issue.
I want ServiceNow to recognize when a disabled AD user is set to enabled.
