Handling Disabled or Non-Human Accounts in ServiceNow SAM User Subscriptions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
In a SAM Workspace implementation, we've identified a large number of User Subscription records linked to M365 Integration profiles that do not have corresponding User records in ServiceNow. Upon further investigation:
- A small subset of these subscriptions do match existing ServiceNow users.
- The majority appear to be shared mailboxes, group accounts, or seasonal/temporary workers whose accounts are disabled in Active Directory.
- These accounts are not currently represented in ServiceNow, which limits visibility and reclamation capabilities.
We're considering adjusting LDAP OU filters to include disabled accounts, but we're unsure if this is the best approach.
Questions:
- What is the recommended best practice for handling subscriptions tied to disabled or non-human accounts in ServiceNow SAM?
- Is it advisable to bring in disabled AD accounts via LDAP just for visibility and reclamation purposes?
- Are there alternative approaches to managing these types of subscriptions without cluttering the User table?
Any guidance or shared experiences would be appreciated!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a week ago
@lakshmin This session was not recorded. For point 4, it may depend on your organization. This customer is not heavily regulated and is aware of the risk of creating these non-human user records.
There is an EMEA session next week and worth asking or leaving your question in the thread before. Live on ServiceNow: [EMEA] Software Asset Manageme... - ServiceNow Community
