LDAP Mapping

chennaiman · ‎04-25-2014

Hello ,

Can anyone please let me know what is "ObjectSID" and "ObjectGUID"?

These 2 should be mapped to "userid" in "sys_user" table in general?

Please do share your thoughts.

jesusemelendezm · ‎04-25-2014

I understand that Active Directory stores the account's SID in the Object-SID (objectSID). It also assign the new object a globally unique identifier (GUID) which is a 128-bit value that is unique.

In ServiceNow any value mapped to the user_name field must be unique.

twofirstnames · ‎04-25-2014

I wouldn't recommend mapping either to the User ID field [fieldname: user_name]. The values from AD/LDAP are are not particularly friendly. Probably best to create a new LDAP Coalesce field on the user table and map to that. Then map something like sAMAccountName to the User ID.

I'd use ObjectGUID as this won't change if the user object is moved between domains.

chennaiman · ‎04-25-2014

Well Thanks for your replies

ObjectSID is a field available in the intermediate table or how?

Where it is available in SNOW?Which Table has that field?

Please clarify

twofirstnames · ‎04-29-2014

Yes, ObjectSID and ObjectGUID should be available in the import set table. If they aren't, make sure the field is included in your import from AD. OOB all attributes are imported. Also check the "glide.import_set_row.dynamically_add_fields" property. See wiki for details: https://wiki.servicenow.com/index.php?title=Importing_Data_Using_Import_Sets#Controlling_Import_Tabl...

You will have to create a new field in the sys_user table and map the ObjectGUID to the new field. This would typically be used to coalesce.