- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-18-2017 02:29 PM
Hello all.
I have what I believe is a common problem, but the common solutions aren't working. Simply put, we import LDAP users, and then LDAP groups, and the group membership is not populated.
Build information from our instance:
Build name: Jakarta
Build date: 09-05-2017_1648
Build tag: glide-jakarta-05-03-2017__patch3-08-23-2017
On the LDAP User import table, I expanded the u_memberof field to 4000, and the u_source field to 255.
On the LDAP Group import table, I expanded the u_members field to 4000 to get all the users in the groups, and I expanded the u_source field to 255.
My transform maps are not the out of the box transform maps, but I followed them as closely as possible. For both the user and the group mappings, I copied and pasted the scripts in the transform and the onStart/onAfter scripts exactly from the out of the box ones (although our LDAP doesn't have managers so the onStart/onAfter for the managers information is marked Active=false). I am mapping u_source to source on both group and user.
I even checked that the information in the u_members field in the group import contains actual users that are in our Users table with the correct source information.
I just don't know what else to check, or what else I'm missing.
Any help would be greatly appreciated.
Thank you!
Rick
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2017 05:18 AM
I came up with the solution while falling asleep last night.
Since I recreated the transform map, I, of course, used "best practices" and enclosed my code for my onStart/onAfter scripts in the function structure that ServiceNow likes us to use. That means that the variable created in the onStart script was scoped just inside that function, and wasn't available to the onAfter script. When I removed the function structure, that scoped the variable correctly, and it was available to the onAfter script, and the membership populated no problem.
Thanks to everyone how looked and helped.
Rick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2017 03:55 AM
can you please provide onStart and onAfter script
we are facing problem while importing group members, it will be helpful for us
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2017 05:04 AM
SURE!
onStart:
gs.include("LDAPUtils");
var ldapUtils = new LDAPUtils();
ldapUtils.setLog(log);
onAfter:
// After a group has been inserted the line of code below will get
// all the users that belong to the group according to LDAP and
// put the users into this group. This is done by getting
// the value from the u_members field from the source record.
// If you do not want to put the users in the group then you
// can comment out or remove the line below. If you are using
// something other than Active Directory and user membership is
// not indicated via the 'member' attribute then you can add the
// following line to indicate what field should be used. This
// line would be added before the the call to addMembers.
//
// ldapUtils.setMemberField('u_yourAttributeNameGoesHere');
//
ldapUtils.addMembers(source, target);
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-22-2019 01:35 PM
Just want to say thank you for this post. This was my same issue. Tried to follow best practice as you noted. Updated my code and "BOOM" it all was working. Thanks for providing this information.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-22-2018 03:56 AM
can you please share transform scripts for both groups and group members
we have the similar issue
actually, our requirement is to get groups from an AD and pass information to a custom table (for groups) and group members into another custom table(for group members)
so we created a data source and two transform maps one for transforming groups and other for transforming group members
after importing and run transform we found that all groups are in groups table and group members table is having one user for one group
-> verified with import set table u_member field length has set to 4000 and source field set to 255 and in imported data having all members from AD but not loaded into group member table
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-22-2018 04:43 AM
can you please share transform scripts for both groups and group members
Sure:
onStart:
gs.include("LDAPUtils");
var ldapUtils = new LDAPUtils();
ldapUtils.setLog(log);
onAfter:
ldapUtils.addMembers(source, target);
I'm not sure this will work for you, as it's designed to add the members to the groups, and you mentioned you're trying to get them into a custom table. But you may be able to copy/extend ldapUtils to point to your custom table.
Good luck!
