Keep Active Directory (AD) and SNow user managers in sync.

sai9845
Tera Contributor

‎03-18-2025 12:02 AM

We currently use LDAP to import our AD users into a service now user table where the reporting manager is mismatched for the few users.

 

For few users admin accounts of their reporting manager is being tagged. I need correct it and make sure that AD and SNOW manager in sync.

 

Does anyone have any ideas on how I can get AD and ServiceNow to stay in sync?

 
 
0 Helpfuls
  • 585 Views
4 REPLIES 4

Viraj Hudlikar
Giga Sage

‎03-18-2025 11:44 AM

Hello @sai9845 

 

Ensure that your LDAP configuration in ServiceNow is correctly set up to pull the right attributes from AD. This includes the manager attribute, which should map to the correct field in ServiceNow.

 

Set up scheduled imports to regularly synchronize data between AD and ServiceNow. This helps in keeping the data up-to-date and reduces discrepancies. KB Link

 

Implement data validation rules to check for inconsistencies during the import process. This can help in identifying and correcting mismatched reporting managers before they are imported into ServiceNow.

 

Some thread which might be helpful to you.
Solved: Re: Active Directory - - ServiceNow Community

Solved: Groups syncing with Active Directory - ServiceNow Community

What is the best way to sync accounts with AD? Cur... - ServiceNow Community

 

If my response has helped you hit helpful button and if your concern is solved do mark my response as correct.

 

Thanks & Regards
Viraj Hudlikar.

0 Helpfuls

sai9845
Tera Contributor
In response to Viraj Hudlikar

‎03-19-2025 09:48 PM

Hi @Viraj Hudlikar 

This is the custom script we are using to get the manager details 


    // Add your code here
    //return ""; // return the value to be put into the target field

    var str1 = source.u_manager;
    var str = source.u_manager;
    var mgr = str.substring(3, str1.indexOf(","));
    var getname = new GlideRecord('u_ldap_test');
    getname.addQuery('u_name', mgr);
    getname.query();
    while (getname.next()) {
        answer = getname.u_givenname + " " + getname.u_sn;
    }
    return answer;

})(source);*
 
The script is causing issue while mapping the manager. Can you suggest me what need to be changed so that I can get the correct manager populated in the user table.
0 Helpfuls

StuartD
Tera Contributor
In response to sai9845

‎06-04-2025 08:28 PM

What are you using as your transform map?  There is an OOB transform map called LDAP User Import that calls "ldapUtils.setManager" and then in the onComplete "ldapUtils.processManagers".  According to the text in the script section of the transform map these magically do all the work for you.

We are having an issue also (on demand provisioning from Entra is skipping with an error) but I suspect that the ondemand thing does not use the LDAP User Import transform map.

0 Helpfuls

sai9845
Tera Contributor
In response to Viraj Hudlikar

‎03-19-2025 09:56 PM

Hello Viraj, 

The custom script is causing the issue. It is getting the admin account populated in the reporting manager field.

 

answer = (function transformEntry(source) {

    // Add your code here
    //return ""; // return the value to be put into the target field

    var str1 = source.u_manager;
    var str = source.u_manager;
    var mgr = str.substring(3, str1.indexOf(","));
    var getname = new GlideRecord('u_ldap_test');
    getname.addQuery('u_name', mgr);
    getname.query();
    while (getname.next()) {
        answer = getname.u_givenname + " " + getname.u_sn;
    }
    return answer;

})(source);
 
Can you help in fixing the script so that his original account should be tagged for any user.
0 Helpfuls