Microsoft AD Spoke - attribute mapping

Preethi5
Tera Expert

‎03-21-2022 01:56 AM

hi Team,

We are using AD Integration hub for creating user in AD. We were able to map attributes like Full name, employee ID, email ID etc from servicenow to AD. We are facing challenge in updating attributes like expiry date, Manager name etc.

Could you please provide suggestion on how to map the same in AD.

Thanks in advance.

Regards,

Preethi B.

0 Helpfuls
  • 2,208 Views
7 REPLIES 7

alexgg57
Tera Expert

‎03-21-2022 07:57 AM

For some complexity of AD object - better to use a custom PowerShell script, where you can add anything you wish. 😉

Another chance - use OOB action "Create AD Object". The input "Object Data" is your container to fill-in.

Add AD properties there like below example:

{
"description" : "This is a test",
"UserPrincipalName" : "username@e-google.com",
"DisplayName" : "username",
"sn" : "username",
"info" : "this is user and test",

"Manager" : "CN=username,OU=org,OU=blah,OU=account,DC=e-google,DC=com",
"userAccountControl" : 512
}

Unfortunately, the second option has some restriction with "userAccountControl" values, so you may need to run more combinations with new object.

 

Good luck!

Alex

0 Helpfuls

Preethi5
Tera Expert
In response to alexgg57

‎03-24-2022 01:44 AM

Thanks Alex for your response.

We have a catalog item where we gave user input fields like username, manager, Cost Center (reference) , expiry date etc . On submission user profile should create in AD with all required mappings. We are using AD integration spoke. We were able to map all required fields except costCentreCode and Expiry date.

Updated MID server powershell script.

 

find_real_file.png

We are getting error as below.
A parameter cannot be found that matches parameter name 'costCentreCode'.

Could you please help here where we are missing.

Preview file
67 KB
0 Helpfuls

alexgg57
Tera Expert
In response to Preethi5

‎03-24-2022 06:29 AM

It seems you have no such property name...

Please check your AD object properties by:

Get-ADUser -Filter {SamAccountName -eq $username} -Properties *

or validate it here: http://www.kouti.com/tables/userattributes.htm

 

Thanks,
Alex

0 Helpfuls

Preethi5
Tera Expert
In response to alexgg57

‎03-25-2022 01:33 AM

Thanks Alex for response.

Not able to find costcentercode in the AD attribute list you shared. when we checked in our AD, its available.

Also accountExpires type is showing as Integer8. Could you please suggest what type (Calender Date.Time, Date time/System Date Time) should we create for this field in the action - Create User. We are using Create User action in our flow.

 

0 Helpfuls