- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 06:14 AM
Hi everyone,
I have completed my learning in ServiceNow and now I’m exploring real-time project scenarios.
I have a quick question:
In real-time, how are users created in ServiceNow?
Do we manually create users directly in the sys_user table (in production or developer instances), or is there an automated process using Active Directory, Azure AD, or some other integration?
I’d really appreciate it if someone could help me understand how this is typically handled in actual projects.
Thanks in advance!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 10:31 AM
Hey @rahulpatilv
In real-time projects, users are rarely created manually. Most companies use automated integration with their identity provider — like Active Directory (via LDAP) or Azure AD (via SCIM or IntegrationHub) — to sync users into the sys_user table. Manual creation usually happens only in dev/test or for special cases. and again creating users is also done in prod too but rare.
If this helps kindly accept the answer thanks much.
Kind Regards,
Mohamed Azarudeen Z
Developer @ KPMG
Microsoft MVP (AI Services), India
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 12:37 PM
Hi @rahulpatilv,
the most common method is integration from LDAP, but I've seen Workday and Google as well.
Usually, you never create any users manually in PROD - these are created in some external system and then integrated/exported. As the users are (eventually) subject to licences that is why it is done this way.
Creating a user manually in PROD may be for web service and integration purposes.
In PROD and TEST the users are linked to LDAP (or any other external system) and the access is very often enabled with SSO. In DEV there are usually less people and manual creation is more common (as well as in TEST / QA) to test on dummy users (created just for the testing purposes, e.g. "ITIL Test user", or "Change manager Test User" etc.).
As developer - except of the integration itself - I never needed to take care about the users, usually when you join a project this is one of the foundational things that are already in place...
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 06:41 PM
Hi @rahulpatilv ,
In real official scenarios we never create User directly in PROD, it is been created in any tool like:- SAP, AD or any other identity creation tool and with the integration it comes to PROD (Mostly integrated using LDAP). Like in my official scenario - Users are been created in myHR (SAP) and then it comes to Bioaccess then AD and finally with LDAP sync it comes to ServiceNow. Although it depends organization to organization but in common AD -> ServiceNow.
If my answer helped you in anyways, please mark it- solution accepted.
Regards,
Nikhil Bajaj
Regards,
Nikhil Bajaj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 06:57 PM
Hi @rahulpatilv
In real-world ServiceNow implementations especially in enterprise environments users are not usually created manually in the sys_user table. Instead, automated integrations are the standard approach. Here’s how it typically works:
How Users Are Typically Created in ServiceNow (Production Environments)
1. Automated Provisioning via Identity Management (Recommended)
- Tools Used:
- Azure Active Directory (Azure AD)
- Microsoft Active Directory (on-premises AD)
- Okta, SailPoint, or other Identity Providers (IdPs)
- Integration Protocols:
- LDAP (for on-prem AD)
- SCIM (System for Cross-domain Identity Management) – for cloud-based identity platforms
- REST APIs or MID Server integrations can also be used
- What Happens:
- Users are automatically created/updated in the sys_user table based on records in AD or other sources.
- Attributes like name, email, department, roles, and group memberships can be mapped.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 10:31 AM
Hey @rahulpatilv
In real-time projects, users are rarely created manually. Most companies use automated integration with their identity provider — like Active Directory (via LDAP) or Azure AD (via SCIM or IntegrationHub) — to sync users into the sys_user table. Manual creation usually happens only in dev/test or for special cases. and again creating users is also done in prod too but rare.
If this helps kindly accept the answer thanks much.
Kind Regards,
Mohamed Azarudeen Z
Developer @ KPMG
Microsoft MVP (AI Services), India
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 12:37 PM
Hi @rahulpatilv,
the most common method is integration from LDAP, but I've seen Workday and Google as well.
Usually, you never create any users manually in PROD - these are created in some external system and then integrated/exported. As the users are (eventually) subject to licences that is why it is done this way.
Creating a user manually in PROD may be for web service and integration purposes.
In PROD and TEST the users are linked to LDAP (or any other external system) and the access is very often enabled with SSO. In DEV there are usually less people and manual creation is more common (as well as in TEST / QA) to test on dummy users (created just for the testing purposes, e.g. "ITIL Test user", or "Change manager Test User" etc.).
As developer - except of the integration itself - I never needed to take care about the users, usually when you join a project this is one of the foundational things that are already in place...
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 06:41 PM
Hi @rahulpatilv ,
In real official scenarios we never create User directly in PROD, it is been created in any tool like:- SAP, AD or any other identity creation tool and with the integration it comes to PROD (Mostly integrated using LDAP). Like in my official scenario - Users are been created in myHR (SAP) and then it comes to Bioaccess then AD and finally with LDAP sync it comes to ServiceNow. Although it depends organization to organization but in common AD -> ServiceNow.
If my answer helped you in anyways, please mark it- solution accepted.
Regards,
Nikhil Bajaj
Regards,
Nikhil Bajaj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 06:57 PM
Hi @rahulpatilv
In real-world ServiceNow implementations especially in enterprise environments users are not usually created manually in the sys_user table. Instead, automated integrations are the standard approach. Here’s how it typically works:
How Users Are Typically Created in ServiceNow (Production Environments)
1. Automated Provisioning via Identity Management (Recommended)
- Tools Used:
- Azure Active Directory (Azure AD)
- Microsoft Active Directory (on-premises AD)
- Okta, SailPoint, or other Identity Providers (IdPs)
- Integration Protocols:
- LDAP (for on-prem AD)
- SCIM (System for Cross-domain Identity Management) – for cloud-based identity platforms
- REST APIs or MID Server integrations can also be used
- What Happens:
- Users are automatically created/updated in the sys_user table based on records in AD or other sources.
- Attributes like name, email, department, roles, and group memberships can be mapped.
