Orchestration Active Directory - Create and update AD Object

justx · ‎01-15-2018

Hello community,

I've managed to create the AD user through Workflow (Orchestration) - Create AD Object, need help - I have some questions

Vivek helped me in the old thread.

Now I want to ask if anybody there could help me with the following:

When the user is created by the workflow I do not know how to make the workflow create AD User Email and Logon name

The above is created by the workflow.

And here everything is empty

When I create the user without the workflow, manually:

I want the workflow to create the logon name @company.com and create DOMAINname\username.
Also to populate First Name + Display name.

The above is my Create AD object.

Another thing which I want to know, is there any list with all workflow.inputs ?
How can I check what is inside u_user table ?
I understood about u_user.first_name and .last_name is taking from the table u_user the names, but how can I see if there is an option for Email ?

The missing attributes in the LDAP Viewer software I can see that the user manually created in the AD is having userPrincipalName , givenName, sn + displayName
But the created by the workflow is not having those attributes in the LDAP.

Any help will be highly appreciated.

Regards,
Niki

VivekSattanatha · ‎01-15-2018

Hi Niki,

I believe the update AD activity looks for Samaccountname field in the AD. Samaccountname is a unique field in the AD. So before using update AD activity, add the Samaccountname field to Create AD activity itself.

"sAMAccountName":"${workflow.inputs.u_user.user_name}"

Once your account has samaccountname you won't get this error like missing

Regards,

Vivek

View solution in original post

VivekSattanatha · ‎01-16-2018

Hi Niki,

I don't think the first script would work for your case. Seems its designed to use it on RITM table but in your case you are writing in the user table. The second script failed because you didn't pass the updated/inserted value into your workflow variable.

Try use the below script. Let's see if it works.

(function executeRule(current, previous /*null when async*/) {

var wfgr = new GlideRecord('wf_workflow');

wfgr.addQuery('name','Worflow Name'); //Replace with your workflow name

wfgr.query();

if(wfgr.next())

{

var wfId = wfgr.sys_id;

var wf = new Workflow();

var vars = {};

vars.u_user= current.sys_id;

var context = wf.startFlow(wfId,current,'insert',vars);

}

})(current, previous);

justx · ‎01-16-2018

Hi again,

WORKS PERFECTLY!

Thank you once again!

I wish you all the best and have a nice day ahead!

Best Regards,
Niki

VivekSattanatha · ‎01-16-2018

Glad it worked

justx · ‎01-17-2018

Hi again Vivek,

If I want to add group to ServiceNOW with Workflow is it the same way ?

For example I am creating AD Group called TestGroup.
And through a workflow I want to add it to ServiceNOW Groups with the members included.

So far I managed to add the Group from AD to ServiceNOW without the members through Scheduled Loads, but without members inside.

Additionally I want to understand how to add ServiceNOW groups in the Active Directory.

Thanks in advance for your attention,
Niki

VivekSattanatha · ‎01-17-2018

Hi Niki,

If I understand correctly, you want your AD groups to be imported into ServiceNow with group members.

For this, you do not have to go with Workflow. Through LDAP, you can import groups with all the members. LDAP integration is OOB, you just have to configure it for your instance.

LDAP integration

If you want your ServiceNow group in the AD then you need to go with Orchestration Workflow.

Regards,

Vivek