Active Directory Account Management from ServiceNow

Go to solution
SunshineAdmin
Tera Contributor

‎11-18-2022 08:00 AM

Hello,

 We have the orchestration module of ServiceNow. Currently we create AD accounts manually, however we would like to improve this. I'm looking at possible solutions and wondered whether ServiceNow can perform AD orchestration natively or whether we'd need to use a 3rd party solution. Here are my requirements:

1. The ability to create new AD accounts based on a ServiceNow approval from line manager.

1b. The ability to create Azure AD accounts based on number 1.

1c. The ability to create Exchange mailboxes in ServiceNow.

2. The ability to modify AD group memberships. 3. The ability to update AD attributes in ServiceNow (e.g. extension attributes).

 

Advice appreciated - many thanks

 

0 Helpfuls
  • 2,629 Views
1 ACCEPTED SOLUTION

Go to solution
Saurabh Gupta
Kilo Patron
Kilo Patron

‎11-19-2022 11:03 PM - edited ‎11-19-2022 11:03 PM

Hi @SunshineAdmin 

This can be done using catalog items with flow designer using integration hub.
You can create the catalog items as per your need, ask the input from the user and accordingly create the flow.

We have implemented various use cases related to Active Directory etc. for our multiple customers.
Below is the list of few of them-

  1. Creation of User in AD
  2. Update of User in AD
  3. Renewal of User in AD
  4. Deactivation of User in AD
  5. Deletion of User in AD
  6. Password Reset
  7. Password Change
  8. Unlock User
  9. Lookup User (Info)
  10. Lookup Group (Info)
  11. Network Folder Access Enabling/Disabling
  12. Add/Remove User(s) to/from AD Group(s)
  13. Installation of Software (through SCCM)
  14. Internet Access
  15. MFA method change
  16. Creation of AD groups
  17. Creation of Computer object
  18. Data sync between HR system and AD
  19. Assigning/Removing a license through AD group
  20. Creation of various mailboxes (Individual/DL/Shared)
  21. Update OU of the AD objects

Please mark the answer as correct, If I answered your query. It will be helpful for others who are looking for similar questions.

Regards
Saurabh



 


Thanks and Regards,

Saurabh Gupta

View solution in original post

4 REPLIES 4

Go to solution
Saurabh Gupta
Kilo Patron
Kilo Patron

‎11-19-2022 10:00 AM

Hi,

You can use the ServiceNow integration hub.
Integration Hub - Now Platform - ServiceNow
Microsoft AD spoke (servicenow.com)
Microsoft AD v2 spoke (servicenow.com)
Microsoft Azure AD spoke (servicenow.com)

Microsoft Exchange Server spoke (servicenow.com)
Microsoft Exchange Online spoke (servicenow.com)



All Spokes

Integration Hub available spokes (servicenow.com)

Learning

IntegrationHub Spokes | ServiceNow Developers


Please mark the answer as correct, If I answered your query. It will be helpful for others who are looking for similar questions.

Regards
Saurabh






Thanks and Regards,

Saurabh Gupta

Go to solution
SunshineAdmin
Tera Contributor
In response to Saurabh Gupta

‎11-19-2022 02:26 PM

Thank you Saurab,

 That's very helpful. So, ServiceNow can create, update and delete AD and Azure AD users, as well as Exchange mailboxes on-prem and online. 


Please can you recommend\provide some high-level guides on how to create\implement the ServiceNow task flows to create users and do some of these tasks? I just need a high-level overview, not specific details.

Thanks

0 Helpfuls

Go to solution
SS6
Tera Expert
In response to Saurabh Gupta

‎01-31-2023 09:06 AM

Hi Saurabh,

 

I assume you have listed all the spoke that can used to perform the 21 operations you have installed. correct ?

 

How will you determine which spoke will work best when you have multiple versions available ?

 

Eg ; From the three below which one should be used for an active directory integration?
Microsoft AD spoke (servicenow.com)
Microsoft AD v2 spoke (servicenow.com)
Microsoft Azure AD spoke (servicenow.com)

0 Helpfuls

Go to solution
Saurabh Gupta
Kilo Patron
Kilo Patron

‎11-19-2022 11:03 PM - edited ‎11-19-2022 11:03 PM

Hi @SunshineAdmin 

This can be done using catalog items with flow designer using integration hub.
You can create the catalog items as per your need, ask the input from the user and accordingly create the flow.

We have implemented various use cases related to Active Directory etc. for our multiple customers.
Below is the list of few of them-

  1. Creation of User in AD
  2. Update of User in AD
  3. Renewal of User in AD
  4. Deactivation of User in AD
  5. Deletion of User in AD
  6. Password Reset
  7. Password Change
  8. Unlock User
  9. Lookup User (Info)
  10. Lookup Group (Info)
  11. Network Folder Access Enabling/Disabling
  12. Add/Remove User(s) to/from AD Group(s)
  13. Installation of Software (through SCCM)
  14. Internet Access
  15. MFA method change
  16. Creation of AD groups
  17. Creation of Computer object
  18. Data sync between HR system and AD
  19. Assigning/Removing a license through AD group
  20. Creation of various mailboxes (Individual/DL/Shared)
  21. Update OU of the AD objects

Please mark the answer as correct, If I answered your query. It will be helpful for others who are looking for similar questions.

Regards
Saurabh



 


Thanks and Regards,

Saurabh Gupta