Unable to pull user record from LDAP

ohhgr
Kilo Sage
Kilo Sage

‎02-17-2016 09:54 PM

Hello All,

Currently I'm facing an issue to pull an user record from LDAP. User's AD account is correct and it satisfies all the conditions pu in the OU filter. However, the record is not pulled from LDAP data source.

I updated the filter, removed all the existing filter conditions and put only sAMAccountName to be the same as that of user, and still it did not return the record. I searched on wiki and found below point.

If newly created users on the LDAP server are not imported into the instance, there might be an issue with the user attributes. The first time the user is identified, if it does not have all the attributes necessary to meet the OU filter requirements, it is flagged as being not valid. The instance ignores the user and does not create a user record.

Also, it couldn't be confirmed if the user record was created with incomplete details or not, but it seems the only possible explanation right now. I wanted to know, if anyone faced similar problem before, and how to mark the record "Valid" again?

Thanks,
Mandar

0 Helpfuls
  • 5,495 Views
16 REPLIES 16

bernyalvarado
Mega Sage

‎02-17-2016 10:26 PM

Hi Mandar,



Are you able to see the user by doing an Explore LDAP from your ServiceNow instance?



Thanks,


Berny


ohhgr
Kilo Sage
Kilo Sage
In response to bernyalvarado

‎02-17-2016 10:38 PM

HI Berny,



I didn't know the LDAP browser functionality, thanks for sharing it.



However, that particular record is not being pulled in the LDAP browser in ServiceNow either.



Thanks,
Mandar


0 Helpfuls

bernyalvarado
Mega Sage
In response to ohhgr

‎02-17-2016 10:46 PM

You're welcome Mandar.



If you don't see your user on the LDAP Browser, then something may be wrong with either the filter you're using or the user may not accessible with the credentials that you're using.



Try browsing the user through its DN (Distinguished Name). If you still cannot see it, then the issue is for sure on the AD side :).



Thanks,


Berny


0 Helpfuls

ohhgr
Kilo Sage
Kilo Sage
In response to bernyalvarado

‎02-17-2016 11:04 PM

Hi Berny,



User's AD account is correct and in fact it is present in other systems. Just that it is not present in ServiceNow.



Couldn't the issue be with this limitation of ServiceNow



If newly created users on the LDAP server are not imported into the instance, there might be an issue with the user attributes. The first time the user is identified, if it does not have all the attributes necessary to meet the OU filter requirements, it is flagged as being not valid. The instance ignores the user and does not create a user record.



Thanks,
Mandar


0 Helpfuls