The CreatorCon Call for Content is officially open! Get started here.

Scheduled LDAP Refresh vs LDAP Listener

Biswajyoti Dutt
Mega Expert

‎08-28-2015 02:30 AM

Hello everyone,

We are in the starting phase of our project for implementing ServiceNow. I was wondering what will be the best way to get the user data refreshed in servicenow.

I think my choice comes down to two options :

Scheduled LDAP Refresh or LDAP Listener

Can anyone please help me in identifying the pros and cons of these methods?

I know scheduled LDAP refresh will make the data in Servicenow to lag behind by the frequency of the schedule, as compared to LDAP listener which keeps the data almost as in real time.

I was wondering what is the impact on performance when using the LDAP listener?

0 Helpfuls
  • 2,625 Views
5 REPLIES 5

bernyalvarado
Mega Sage

‎08-28-2015 06:36 AM

Hi,



Often you will use both. The LDAP scheduled refresh to run every 24hrs (or so) and the LDAP listener which kicks off when an update in AD is produced.



Performance wise the LDAP listener does not represent a major performance risk, yet, it's reliability it's often questionable. That's why it's better to keep both on with a configuration similar like the one I shared above.



Thanks,


Berny


Biswajyoti Dutt
Mega Expert
In response to bernyalvarado

‎08-28-2015 07:09 AM

Thanks Benny, for your insight. In our project we have planned to use the scheduled refresh for starters. We might enable the listener later on if we need to enable users to use service now immediately after they are created in the AD.


0 Helpfuls

bernyalvarado
Mega Sage
In response to Biswajyoti Dutt

‎08-28-2015 07:21 AM

You're welcome! For that specific scenario which you have mentioned... my understanding is that the listener does not need to be enabled for a user to use servicenow right after their account was created in AD.



The way it works is that upon the creation of a user in ServiceNow, as soon as this users logs into ServiceNow for the first time ServiceNow will try to authenticate the user against AD. If it's successful on the authentication, ServiceNow will retrieve all the user's information from AD. In the logs this will appear as a listener import, but that's bogus, because on really it does not occur through the listener mechanism which is an AD Notify.



Thanks,


Berny


bernyalvarado
Mega Sage
In response to bernyalvarado

‎08-28-2015 07:22 AM

Give a try and let me know how it goes



I hope this is helpful.


0 Helpfuls