Need workflow to automate kiosk user creation using PowerShell script in ServiceNow

raj12345
Tera Contributor

‎10-23-2025 06:54 AM

Need workflow to automate kiosk user creation using PowerShell script in ServiceNow

 

Body:

 

Hi everyone,

 

I’m working on a requirement to create and add a Kiosk user account for Thin Clients through a ServiceNow Catalog Item.

 

Here’s what I have so far:

 

The Catalog Task is named “Develop Catalog RITM task to run script to create and add a Kiosk user account for Thin Clients.”

 

The goal is to use a custom ServiceNow Workflow or Flow Designer that will trigger a PowerShell script to create these accounts automatically in Active Directory.

 

The user provides a Device Hostname (mandatory field), which will be used as the username (e.g., TC-123-Building).

 

The PowerShell script performs the following:

 

Creates a User AD object with details like SAMAccountName, DisplayName, UserPrincipalName, etc.

 

Adds the account to multiple AD groups (MWSGroup, Credant_EMS_ENABLED, Default SurfControl).

 

Creates the home directory and sets file screen, quota, etc.

 

Moves the computer account to a specific OU.

 

Logs all activities to a network path.

 

Now, I need to know the best approach to trigger or integrate this PowerShell script via ServiceNow — either:

 

Using Workflow / Flow Designer, or

 

Executing the PowerShell script via MID Server or Orchestration.

 

Has anyone implemented a similar setup or can share best practices for securely running PowerShell scripts from ServiceNow to manage AD accounts?

0 Helpfuls
  • 392 Views
1 REPLY 1

Hanna_G
Kilo Sage
Kilo Sage

‎10-23-2025 07:44 AM

Hi @raj12345 

 

Use Flow Designer on the RITM or its Catalog Task, and execute automation through a MID Server. Two options that I can think of:

Option A. IntegrationHub Spokes first (preferred)

  • Use the Active Directory spoke to:

    • Create user, set UPN/SAM, move to OU, add to groups.

  • Use the PowerShell step only for what AD Spoke cannot do (home folder, file screen, quota on the file server).

Option B. Pure PowerShell via MID

  • Install a Windows MID with the PowerShell capability.

  • In Flow Designer, add a PowerShell action that calls your script with inputs from the RITM (e.g. hostname as username).

  • Add pre-checks: does the user already exist, groups exist, path available, OU reachable. Make the flow retry/backoff.

Trigger and lifecycle

  • Start condition: on RITM approval or when the fulfilment task moves to Work in progress.

  • On success: update task, post log summary, set RITM to Closed Complete.

  • On failure: set task to On hold, attach the error output, notify the fulfiller.

Security and reliability

  • Run-as service account scoped to required AD/file server rights only.

  • Lock execution to allowed script paths on the MID, and whitelist target servers.

  • Add timeouts and error handling in the Flow.

Here are some useful docs: 
Product Documentation | ServiceNow
Product Documentation | ServiceNow