Hello Everyone
We have configured ServiceNow integration with Microsoft Entra ID for user provisioning. Under Attribute Mapping, we use:
- Employee Number as Matching Precedence 1
- Email as Matching Precedence 2
In ServiceNow, our user table includes all employees: joiners, leavers, and rehires.
Here’s the challenge:
When an employee leaves, their ServiceNow account is deactivated but remains in the system. If they are rehired, they receive the same Employee Number (per internal HR process) and possibly the same or a new email address.
This results in two ServiceNow records with the same Employee Number:
- One active account
- One inactive account
During provisioning, Entra ID fails because it detects duplicate entries for the Employee Number, even though the inactive record is old and not in use.
Question:
Is there a way to ignore inactive accounts during provisioning—either from the ServiceNow side or the Entra ID side?
For example:
- Can we filter out inactive users in the ServiceNow SCIM integration?
- Or configure Entra ID to only match against active accounts?
Any guidance or best practices would be appreciated!
