Trouble with 'manager' provisioning from Azure AD

Tom Brown · ‎10-10-2022

We've made several attempts to get 'manager' synchronizing from Azure AD with no luck. I've read to simply set it up in Azure AD from 'manager' as a reference field to 'manager'. The text fields continue to populate, but manager never succeeds. My coworker in the department that handles Azure changed it to a string, and we could see in the Azure provisioning logs that attempted to send the Azure GUID for a user's manager, which SN ignored as it should have. I'm guessing that we have to find whatever field Azure is using to correlate with Service Now's sys_id and use an Azure AD Expression to send the right information. I can't seem to find that property though, and I've found nothing in the various documentation from Microsoft that shows what that correlation ID should be. There were a few that sounded right, but I get nothing from those in the expression builder.

It really shouldn't be this hard to make it work. Since I have to work with another group to make the Azure changes and then they have to tell it to start provisioning again (which may take anywhere from 30 minutes to an hour to start), it isn't something I can just try this, try that, and really make any progress. I've found some previous discussions about it, but either they stopped posting, went to a different provisioning method, or their solutions didn't apply. I'd appreciate any suggestions.

ronyates · ‎01-25-2023

Hi Tom,

I was able to pass them as strings to ServiceNow. Azure cannot write to reference tables but it can pass string values to the field like sys_user.manager. Depending on how your AD users are created manually, via workday or some other platform. I used the unused extensionAttributes in AD as the manager field and populated it with the manager’s email address.

Under Provisioning in Azure, I set the Attribute Mapping Type as Direct, Source attribute to extensionAttributes10. For Target attribute I set to manager with Match object using this attribute set to no.

This I chose Show advanced options at the bottom of Attribute Mapping. Then I selected Edit attribute list for ServiceNow and set the attributes to String.

I used Provision on demand and the manager field populated. I did this for the others reference fields Company, Department and location and was able to populate them as well.

Avinash1602 · ‎03-07-2024

@ronyates @Tom Brown

Hi Thanks for sharing this information , as you have selected extensionAttributes10 as source attribute for manager , can I know which attributes we need select for Company , Department and location

mounika107 · ‎06-27-2024

Can someone answer to this question.Even I wanted to know what field in AD should be mapped to company field of servicenow

mounika107 · ‎06-27-2024

@Avinash1602 Have you got the solution.If yes,posting here would be helpful