user

rahulpatilv
Giga Contributor

Hi everyone,
I have completed my learning in ServiceNow and now I’m exploring real-time project scenarios.

I have a quick question:
In real-time, how are users created in ServiceNow?
Do we manually create users directly in the sys_user table (in production or developer instances), or is there an automated process using Active Directory, Azure AD, or some other integration?

I’d really appreciate it if someone could help me understand how this is typically handled in actual projects.

Thanks in advance!

4 ACCEPTED SOLUTIONS

Its_Azar
Tera Guru

Hey @rahulpatilv

 

In real-time projects, users are rarely created manually. Most companies use automated integration with their identity provider — like Active Directory (via LDAP) or Azure AD (via SCIM or IntegrationHub) — to sync users into the sys_user table.  Manual creation usually happens only in dev/test or for special cases. and again creating users is also done in prod too but rare.

 

If this helps kindly accept the answer thanks much.

☑️ If this helped, please mark it as Helpful or Accept Solution so others can find the answer too.




Kind Regards,

Mohamed Azarudeen Z

Developer @ KPMG

 Microsoft MVP (AI Services), India

View solution in original post

GlideFather
Tera Patron

Hi @rahulpatilv,

 

the most common method is integration from LDAP, but I've seen Workday and Google as well.

 

Usually, you never create any users manually in PROD - these are created in some external system and then integrated/exported. As the users are (eventually) subject to licences that is why it is done this way.

 

Creating a user manually in PROD may be for web service and integration purposes.

 

In PROD and TEST the users are linked to LDAP (or any other external system) and the access is very often enabled with SSO. In DEV there are usually less people and manual creation is more common (as well as in TEST / QA) to test on dummy users (created just for the testing purposes, e.g. "ITIL Test user", or "Change manager Test User" etc.).

 

As developer - except of the integration itself - I never needed to take care about the users, usually when you join a project this is one of the foundational things that are already in place...

———
/* If my response wasn’t a total disaster ↙️ drop a Kudos or Accept as Solution ↘️ Cheers! */


View solution in original post

Nikhil Bajaj9
Giga Sage

Hi @rahulpatilv ,

 

In real official scenarios we never create User directly in PROD, it is been created in any tool like:- SAP, AD or any other identity creation tool and with the integration it comes to PROD (Mostly integrated using LDAP). Like in my official scenario - Users are been created in myHR (SAP) and then it comes to Bioaccess then AD and finally with LDAP sync it comes to ServiceNow. Although it depends organization to organization but in common AD -> ServiceNow.

 

If my answer helped you in anyways, please mark it- solution accepted.

 

Regards,

Nikhil Bajaj

Please appreciate my efforts, help and support extended to you by clicking on – “Accept as Solution”; button under my answer. It will motivate me to help others as well.
Regards,
Nikhil Bajaj

View solution in original post

Rafael Batistot
Tera Sage

Hi @rahulpatilv 

 

In real-world ServiceNow implementations especially in enterprise environments users are not usually created manually in the sys_user table. Instead, automated integrations are the standard approach. Here’s how it typically works:

 

How Users Are Typically Created in ServiceNow (Production Environments)


1. 
Automated Provisioning via Identity Management (Recommended)

  • Tools Used:
    • Azure Active Directory (Azure AD)
    • Microsoft Active Directory (on-premises AD)
    • Okta, SailPoint, or other Identity Providers (IdPs)
  • Integration Protocols:
    • LDAP (for on-prem AD)
    • SCIM (System for Cross-domain Identity Management) – for cloud-based identity platforms
    • REST APIs or MID Server integrations can also be used
  • What Happens:
    • Users are automatically created/updated in the sys_user table based on records in AD or other sources.
    • Attributes like name, email, department, roles, and group memberships can be mapped.

 

View solution in original post

4 REPLIES 4

Its_Azar
Tera Guru

Hey @rahulpatilv

 

In real-time projects, users are rarely created manually. Most companies use automated integration with their identity provider — like Active Directory (via LDAP) or Azure AD (via SCIM or IntegrationHub) — to sync users into the sys_user table.  Manual creation usually happens only in dev/test or for special cases. and again creating users is also done in prod too but rare.

 

If this helps kindly accept the answer thanks much.

☑️ If this helped, please mark it as Helpful or Accept Solution so others can find the answer too.




Kind Regards,

Mohamed Azarudeen Z

Developer @ KPMG

 Microsoft MVP (AI Services), India

GlideFather
Tera Patron

Hi @rahulpatilv,

 

the most common method is integration from LDAP, but I've seen Workday and Google as well.

 

Usually, you never create any users manually in PROD - these are created in some external system and then integrated/exported. As the users are (eventually) subject to licences that is why it is done this way.

 

Creating a user manually in PROD may be for web service and integration purposes.

 

In PROD and TEST the users are linked to LDAP (or any other external system) and the access is very often enabled with SSO. In DEV there are usually less people and manual creation is more common (as well as in TEST / QA) to test on dummy users (created just for the testing purposes, e.g. "ITIL Test user", or "Change manager Test User" etc.).

 

As developer - except of the integration itself - I never needed to take care about the users, usually when you join a project this is one of the foundational things that are already in place...

———
/* If my response wasn’t a total disaster ↙️ drop a Kudos or Accept as Solution ↘️ Cheers! */


Nikhil Bajaj9
Giga Sage

Hi @rahulpatilv ,

 

In real official scenarios we never create User directly in PROD, it is been created in any tool like:- SAP, AD or any other identity creation tool and with the integration it comes to PROD (Mostly integrated using LDAP). Like in my official scenario - Users are been created in myHR (SAP) and then it comes to Bioaccess then AD and finally with LDAP sync it comes to ServiceNow. Although it depends organization to organization but in common AD -> ServiceNow.

 

If my answer helped you in anyways, please mark it- solution accepted.

 

Regards,

Nikhil Bajaj

Please appreciate my efforts, help and support extended to you by clicking on – “Accept as Solution”; button under my answer. It will motivate me to help others as well.
Regards,
Nikhil Bajaj

Rafael Batistot
Tera Sage

Hi @rahulpatilv 

 

In real-world ServiceNow implementations especially in enterprise environments users are not usually created manually in the sys_user table. Instead, automated integrations are the standard approach. Here’s how it typically works:

 

How Users Are Typically Created in ServiceNow (Production Environments)


1. 
Automated Provisioning via Identity Management (Recommended)

  • Tools Used:
    • Azure Active Directory (Azure AD)
    • Microsoft Active Directory (on-premises AD)
    • Okta, SailPoint, or other Identity Providers (IdPs)
  • Integration Protocols:
    • LDAP (for on-prem AD)
    • SCIM (System for Cross-domain Identity Management) – for cloud-based identity platforms
    • REST APIs or MID Server integrations can also be used
  • What Happens:
    • Users are automatically created/updated in the sys_user table based on records in AD or other sources.
    • Attributes like name, email, department, roles, and group memberships can be mapped.