How to implement on Premise AD with ServiceNow?

User460980
Kilo Contributor

‎06-30-2022 04:35 AM

HI All,

1. How to implement On premise AD with Servicenow using flow designer? (note: want to know what is on premise AD)

2.We Already implement the Microsoft Azure AD with serviceNow, for this how sync will achieved by using flow designer? (note: we already used provisioning but want to achieve sync from SNOW using flow)

 

Labels:
0 Helpfuls
  • 2,494 Views
6 REPLIES 6

Richard Hine
Tera Guru
Tera Guru
In response to lakshmi naraya2

‎11-17-2022 04:41 AM

Lakshmi,

You could do this in theory, however you would need an exposed REST endpoint on the internet to receive the REST call and then something on that web service to run the transaction with Active Directory. In my experience customers are rightly very very reluctant to expose their Active Directory to the internet.

 

I would advocate you to place a MID server and have the correct IntegrationHub licence to ensure the configuration you make is supported and does not create technical debt.

 

Hope this helps,

Richard

0 Helpfuls

Shreya Shah
ServiceNow Employee
ServiceNow Employee

‎07-04-2022 12:06 AM

@Richard Hine has provided some excellent explanation on the difference between AD (on-prem) to Azure AD. If you already have Microsoft Azure AD, you may not need on-prem AD.

There is no direct way to sync users. However keep ServiceNow as the single point of contact for creating users and use any one of the following methods to keep accounts synced one-way. For 2 way you might want to implement incoming web hooks.

Method-1

The Microsoft Azure AD spoke comes shipped with sample flows and sub-flows that you can use for user onboarding and off boarding scenarios. By default these flows and sub-flows are inactive, if it suits your requirements, you can activate them.

Method-2

You can also use the Access Management Automation app (https://store.servicenow.com/sn_appstore_store.do#!/store/application/ff537cce1b00341033ca42e7cc4bcb...). You will find catalog items to request for users and groups using Microsoft Azure AD.

Method-3

If you do not to use the above applications as is, then you can take a look at the flows shipped in the application and get ideas on how to manage users and groups using spoke actions and create your own custom flows.

0 Helpfuls