how to sync user,group and role Production To Dev Instance

cha08 · ‎01-24-2018

Hi All,

I'm looking sync user , group and roles from Production and QA.

Because daily creating new user adding groups and roles in the production again need to re-create in the development instance.

whether it can be automated task using the script by scheduling job/business script running the script weekly or monthly and also

user will be created specific domain or company.

Thanks in advance.

Regards,

Charan

VaranAwesomenow · ‎01-24-2018

Dear CharanRaj,

I build a fix script that does the work for you. All you need to do is .. create a REST API as a placeholder to have the credentials of the parent instance ( in you case it would be production).

The best part is you are not making any changes to your prod instance. This script can run off of a scheduled job and perform the data sync.

var tableName = 'sys_user';

var query = "sys_updated_on%3E%3Djavascript%3Ags.beginningOfLast3Months()"; // update this based on when the last clone took place.

var instanceUrl = 'https://<instance_name>.service-now.com/'; // update this to the production instance name

var restApiName = 'KingstonInstance'; // change this to the REST API that you created

var restApiMethodName = 'getUsers'; // // change this to the REST API HTTP Method name that you created

copyRecords(tableName, query,instanceUrl, restApiName, restApiMethodName);

function copyRecords(tableName, query, instanceUrl, restApiName, restApiMethodName) {

var sDebug = '';

var endPointUrl = instanceUrl+ 'api/now/table/' + tableName + '?sysparm_query=' + query;

sDebug+= 'endPointUrl = ' + endPointUrl;

sDebug +='\n' + 'restApiName = ' + restApiName;

sDebug += '\n' + 'restApiMethodName = ' + restApiMethodName;

var r = new sn_ws.RESTMessageV2(restApiName, restApiMethodName);

r.setEndpoint(endPointUrl);

var response = r.execute();

var responseBody = response.getBody();

var jsonPayload = JSON.parse(responseBody);

var headers = response.getHeaders();

var rowCount = headers['X-Total-Count'];

sDebug += '\n' + 'Row Count = ' + rowCount;

for (var i=0; i< rowCount; i++) {

var grTable = new GlideRecord(tableName);

grTable.get(jsonPayload.result[i].sys_id);

if(!grTable.isValid()) {

grTable.newRecord();

for (var j in jsonPayload.result[i]) {

//gs.print(j +"=" + jsonPayload.result[0][j]);

grTable[j] = jsonPayload.result[i][j] + '';

}

grTable.insert();

}

gs.print(sDebug);

}

I made a video( link below) on how this functionality works.

Servicenow CopyDataFromOneInstanceToOther - YouTube

Please try this first between your Test ( source) and Dev (target) and verify the results thoroughly, Before pointing the source to production.

Following the same approach you can copy sys_user_group, sys_user_grmember, sys_user_role, sys_user_has_role, sys_group_has_role ( in this o tables to keep roles, users and groups in sync.

Checkout Varan awesomenow youtube channel for more learning videos!

cha08 · ‎01-25-2018

Hi Anil Varanasi,

Thank you very much for script.now testing development environment i will give update on this.

I have doubt that whether it will sync the sys_id production to development are it will just sync contact and update in the development instance.

If the new user already added in the group and role in the production while running it will automatically map the user with roles and groups in the development

instance also name must be same format ie upper and lower case.

please advice on this best approach which table execute first so it will sync will be happen properly without any issue that is user mapping properly with group and roles

sys_user_group, sys_user_grmember, sys_user_role, sys_user_has_role, sys_group_has_role,sys_user

Thanks

Charan

cha08 · ‎01-30-2018

Hi Anil Varanasi,

Its working fine. But its not bring the information from Production to Development instance like User mapped to that assigned role and group.Its only bring the User , Group and individual information.

for example:-

If User having the Group , Role and related mapped to User need to sync from production to development.

Regards,

Charan

VaranAwesomenow · ‎01-30-2018

Dear Chararaj,

User group membership is part of the table "sys_user_grmember", if you execute the script for this table, it should bring the data.

Similarly user role membership is part of table "sys_user_has_role"

Did you receive any errors during script execution, did the script create any records at all in the above tables.

Can you confirm if the roles and groups have same sys_ids between production and dev instance ?

Thanks

Anil

Checkout Varan awesomenow youtube channel for more learning videos!

cha08 · ‎01-31-2018

Hi Anil,

I'm using the OOTB roles (view_changer and agent_admin) and created the new group and new user , while executing the script getting error message and attached the error message.

I'm using the personal instance

created the new user and group. Added User in the Group - In the Production

First ran the New User script and then Ran the New Group Script and finally ran the Group Members script its given the error message.

checked the sys_id remain same for newly created group both instance's.

Thanks,

Charan