Adding an AD attribute to LDAP import set data

Go to solution
Rajkumar Sakthi
Kilo Expert

‎01-17-2020 07:18 AM

We have two OU Definitions inour instances to sync with AD for user accounts.

I wish to add one of the AD attributes 'Enabled'  to activate/deactivate user accounts in our instances, as our org does not want to utilize the attribute UserAccountControl.

The question here is

Though there are 100+ fileds in the source table(Import set table) we use only 11 fields to update sys_user table.

how to add the above attribute to LDAP source for import. So that I can use them in transform map to update targer table - 'sys_user'.

Can anyone guide me where to start to attain this. 

Labels:
0 Helpfuls
  • 4,291 Views
1 ACCEPTED SOLUTION

Go to solution
The Machine
Kilo Sage
In response to The Machine

‎03-16-2020 12:14 PM

This link adds to what I suspected.  The attributes you are looking for might be AD specific and not LDAP.

https://community.servicenow.com/community?id=community_question&sys_id=5da8209a1ba7c454ada243f6fe4b...

View solution in original post

10 REPLIES 10

Go to solution
The Machine
Kilo Sage
In response to Developer3

‎03-15-2020 12:47 PM

If you are using AD, add this to your attributes field useraccountcontrol.

Then browse to your LDAP users data source, and test load 20 records.  This will add the field to your import set.

From there, you can enable / disable users automatically through LDAP.

This is oldie but goodie resource on this:

https://www.servicenowguru.com/system-definition/imports/deactivating-users-ldap/

0 Helpfuls

Go to solution
Ashutosh Munot1
Kilo Patron
Kilo Patron

‎03-15-2020 10:39 AM

Hi,

1) Open Existing Server Configuration.

2) Add new attribute to attribute field.

3) Allow the transform map to run or run it manually so there will be a database operation of field creation.

4) Once done then navigate to import set table and check configuration if the field is created or not.

 

Thanks,
Ashutosh

0 Helpfuls

Go to solution
Developer3
Tera Expert
In response to Ashutosh Munot1

‎03-15-2020 09:08 PM

Yes i have done the above steps but still i could not find attributes like GroupCategory (for AD Groups), Enabled, Modified, Created (for AD Users). These attributes are important for our import and the AD attribute names are valid

0 Helpfuls

Go to solution
The Machine
Kilo Sage
In response to Developer3

‎03-16-2020 12:08 PM

I believe they are case sensitive as well.  For example in PS its GivenName, but in AD it's really givenName.

Can you try adding a different field like EmployeeID that doesn't exist and see if that works?

0 Helpfuls

Go to solution
The Machine
Kilo Sage
In response to The Machine

‎03-16-2020 12:14 PM

This link adds to what I suspected.  The attributes you are looking for might be AD specific and not LDAP.

https://community.servicenow.com/community?id=community_question&sys_id=5da8209a1ba7c454ada243f6fe4b...