Trouble with 'manager' provisioning from Azure AD

Tom Brown
Mega Guru

‎10-10-2022 08:50 AM

We've made several attempts to get 'manager' synchronizing from Azure AD with no luck.  I've read to simply set it up in Azure AD from 'manager' as a reference field to 'manager'.  The text fields continue to populate, but manager never succeeds.  My coworker in the department that handles Azure changed it to a string, and we could see in the Azure provisioning logs that attempted to send the Azure GUID for a user's manager, which SN ignored as it should have.  I'm guessing that we have to find whatever field Azure is using to correlate with Service Now's sys_id and use an Azure AD Expression to send the right information.  I can't seem to find that property though, and I've found nothing in the various documentation from Microsoft that shows what that correlation ID should be.  There were a few that sounded right, but I get nothing from those in the expression builder.

 

It really shouldn't be this hard to make it work.  Since I have to work with another group to make the Azure changes and then they have to tell it to start provisioning again (which may take anywhere from 30 minutes to an hour to start), it isn't something I can just try this, try that, and really make any progress.  I've found some previous discussions about it, but either they stopped posting, went to a different provisioning method, or their solutions didn't apply.  I'd appreciate any suggestions.

0 Helpfuls
  • 3,669 Views
8 REPLIES 8

Tom Brown
Mega Guru
In response to mounika107

‎06-27-2024 11:49 AM

Wish I could supply what eventually got ours to work.  One of the people that manage Azure set it up again fresh and it worked.  No indication of anything different.

0 Helpfuls

maggj
Tera Contributor

‎06-28-2024 04:55 AM

Another option is to stamp an attribute on the sys_user record in ServiceNow with the objectId of the user from Azure AD, and then use that field as the matching attribute for the manager mapping.

Carl Fransen1
Kilo Sage

‎06-16-2025 09:33 PM

Hi @Tom Brown  - I just did this on our new implementation.  Once the mappings have been done in the Enterprise app and the users provisioned, the first pass only adds the users (much like Department and Location the value needs to exist first to have it automatically added).  so the next time the sync occurs the manager users will exist and then show for the relevant user records.

 

No special configuration was needed.

0 Helpfuls

Sidharth5
Giga Contributor

2 weeks ago

The easiest solution to this problem is create a new reference attribute with "urn:ietf:params:scim:schemas:extension:servicenow:2.0:User:manager.value" and select the below reference object

Sidharth5_1-1757547283959.png

 

Sidharth5_0-1757547191271.png

 

 

 

0 Helpfuls