Guidance on integrating with Active Directory

Go to solution
JaeggerLegane
Kilo Sage

‎05-02-2025 06:42 AM - edited ‎05-02-2025 07:54 AM

Hello all,

 

I have the following requirement:

Users need to submit a catalog item, where users can request software. When the request is submitted, a flow should automatically add the user in the corresponding Active Directory group.

 

I'm been browsing through product docs, community etc. but i'm struggling to find clear answers on which solution to use and how to get started.


I found 2 options:

- Using the Microsoft Entra ID Spoke (since we already migrated from Active Directory to Entra)https://www.servicenow.com/docs/bundle/yokohama-integrate-applications/page/administer/integrationhu...
- Using Orchestration with MID Server: https://www.servicenow.com/docs/bundle/yokohama-servicenow-platform/page/administer/orchestration-ac...

 

The questions I have:
1. Does AD/Entra ID Spoke require a MID server?
2. If MID servers are optional for AD/Entra ID, when would you use it and when not? 
3. Does the orchestration solution only work with the old workflow tool? Any screenshots I find, seem to show activities from workflow and not work designer.

 

Any other advice or references to materials would be welcome, thank you.

--------------------------------------------------------------------------------
If my post helped you, please click the accept solution button and hit the thumbs up! Thank you!
0 Helpfuls
  • 935 Views
1 ACCEPTED SOLUTION

Go to solution
J Siva
Tera Sage
In response to JaeggerLegane

‎05-02-2025 08:18 AM

@JaeggerLegane 

 

Ok if it's EntraID then no need for mid servers.

 

Usually mid servers are used to make communication between ServiceNow instance and the internal applications (hosted within the organisation network behind firewalls).

 

Orchestration is nothing but running powershell cmdlets using mid servers (same as AD V2 spoke) but it uses workflow.

 

Regards,

 

Siva

 

View solution in original post

3 REPLIES 3

Go to solution
J Siva
Tera Sage

‎05-02-2025 07:38 AM

Hi @JaeggerLegane 

 

You can also use Microsoft AD V2 spoke. Which requires mid server to run the powershell cmdlets.

 

It's pretty straightforward.

 

Pre-requisites:

 

1. Mid server needs to installed on the same domain where the AD is installed.

 

2. Active directory module needs to be installed on the mid server hosts machine.

 

3. One service account with local admin access to the mid server host machine and all the necessary access to do modify the AD group memberships needs to be created.

 

 

 

Then follow the steps from the below doc.

 

https://www.servicenow.com/docs/bundle/xanadu-integrate-applications/page/administer/integrationhub-...

 

 

 

Let me know if you have any queries.

 

Regards,

 

Siva

0 Helpfuls

Go to solution
JaeggerLegane
Kilo Sage
In response to J Siva

‎05-02-2025 07:53 AM

Hi Siva,

Thanks for your reply.

In our organization, Active Directory has migrated to Entra ID, which is why I referenced this article:

https://www.servicenow.com/docs/bundle/yokohama-integrate-applications/page/administer/integrationhu...

In this product doc they don't mention anything about MID Servers or Powershell so am I correct that this was only applicable for the old Active Directory v2 spoke?

--------------------------------------------------------------------------------
If my post helped you, please click the accept solution button and hit the thumbs up! Thank you!
0 Helpfuls

Go to solution
J Siva
Tera Sage
In response to JaeggerLegane

‎05-02-2025 08:18 AM

@JaeggerLegane 

 

Ok if it's EntraID then no need for mid servers.

 

Usually mid servers are used to make communication between ServiceNow instance and the internal applications (hosted within the organisation network behind firewalls).

 

Orchestration is nothing but running powershell cmdlets using mid servers (same as AD V2 spoke) but it uses workflow.

 

Regards,

 

Siva