- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2022 03:07 AM
Good day all,
I am new to ServiceNow and need some help please.
I am sure my question has already been answered somewhere but I am not able to find any helpful info, maybe I am not looking hard enough. 🙂
I need to create ServiceNow groups with certain permissions/roles and need to link them to AD/Azure AD Groups. When a user is added to a group in AD it needs to sync to Azure AD and then sync to the relevant ServiceNow Group with the relevant permissions/roles. The user needs to be auto "created" with no intervention from Admin to create the account, like it currently is.
We have SSO setup working for now, but users part of our SericveNow group in AD only gets SSO access with no permissions into our ServiceNow instance. If we do not create the account in ServiceNow they do not have any permissions.
I hope I made some sense.
Please can you perhaps point to a step-by-step or provide some insight please.
Your assistance is greatly appreciated.
Regards
ServiceNow noobie
Roelof
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-22-2022 10:11 PM
HI
Glad to see my answer helped you, Kindly mark the answer as Correct & Helpful both such that others can get help.
Thanks,
Sandeep
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2022 03:19 AM
HI
On Azure AD you have to configure the groups you want to sync with ServiceNow. And after the first sync you can assign roles to the created groups at ServiceNow. These roles all users will inherit from the respective groups they are a member of.
Refer to this : https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/servicenow-provisioning-tutorial
Mark my answer correct & Helpful, if Applicable.
Thanks,
Sandeep
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-22-2022 10:11 PM
HI
Glad to see my answer helped you, Kindly mark the answer as Correct & Helpful both such that others can get help.
Thanks,
Sandeep
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2022 03:22 AM
Hello Roelof,
You will require an Azure admin to do the following:
https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/servicenow-provisioning-tutorial
Basically, you will need to let Azure to create/update users and groups in ServiceNow - kindly note that in Azure you can also filter which users/groups should be created/updated.
Now from there, you will need to add the roles in ServiceNow to the groups that were mapped from Azure, so that the permission will now to mapped automatically.
Hope this helps!
Tudor