Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
ServiceNow Cookbook

You're reading from   ServiceNow Cookbook Acquire key capabilities for the ServiceNow platform

Arrow left icon
Product type Paperback
Published in Feb 2017
Publisher Packt
ISBN-13 9781785880520
Length 376 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Dustin Turner Dustin Turner
Author Profile Icon Dustin Turner
Dustin Turner
Ashish Rudra Srivastava Ashish Rudra Srivastava
Author Profile Icon Ashish Rudra Srivastava
Ashish Rudra Srivastava
Arrow right icon
View More author details
Toc

Table of Contents (8) Chapters Close

Preface 1. Getting Started with Service-Now FREE CHAPTER 2. Performing Core Configuration and Management Tasks 3. Building Data-Driven Application 4. Configuring Alerts and Notifications 5. Building and Configuring Reports 6. Creating and Configuring Workflow Activities 7. Auditing and Diagnosing Service-Now

Microsoft Active Directory authentication

It's not feasible to manually maintain a large set of users in any enterprise level application. This is why every organization maintains a master source of all users on a server. So, Service-Now should be integrated with the master source to import users for user's access.

Getting ready

In many organizations, the Microsoft Active Directory server is used as the master source of employee or user records. Users are allowed to log into the assigned laptop or desktop using active directory's or Windows username and password. Service-Now provides an inbuilt Lightweight  Dictionary  Access  Protocol (LDAP) server to integrate with Microsoft Active Directory to import all users' records. To step through this recipe, all you need is an active Service-Now instance and valid credentials and an admin role.

How to do it...

  1. Open a standard web browser and type the web address (http://{instance_address}.service-now.com) of the ServiceNow instance which is provided by the organization.
  2. Now, for instance, if Service-Now is integrated with Microsoft Azure, then you will see the following login page:
    How to do it...

    Microsoft Azure page for Service-Now login

  3. Now, on the login page, enter active directory's username and password to log in. Please note, active directory's username and password are commonly referred to as windows credentials, as by this, you are allowed to log in on your organization's machine.
  4. On successful authentication, Service-Now, will allow you to log in to move further but if the username and password are not matched, then Service-Now will show an error message.
  5. Sometimes, you may observe that some fields in a user's records are not being imported in the Service-Now user table (sys_user) properly so, in such cases, you may ask for access to Microsoft active directory where you can validate whether data is available in active directory or not. Refer to the following screenshot to see what the user record looks like in active directory:
    How to do it...

    User details in active directory server

How it works...

When the user enters the network domain credentials (username and password) on the login page, the Service-Now instance passes it to the LDAP server and the LDAP server responds with an authorized or unauthorized message which Service-Now determines whether to grant access or not. It is important to note that Service-Now can allow new users to login to an instance even if the user does not have an account. When the new user tries to login in to Service-Now, it automatically issues a query to the LDAP server and if the user record is found, the integration tries to authenticate it with the password. If the password is valid, Service-Now creates an account for the user.

There's more...

There are mainly two types of accounts – the network domain level account (authorized by the LDAP server – active directory integration) and the manual account (which is directly created in the Service-Now user table). So, for instance, if your customer's active directory server is not available or is down, then Service-Now will not allow any user to login on the instance because the LDAP query authentication fails. However,  if as an admin, you want to access Service-Now, then you can access it via the manual account which is not authenticated by LDAP server. It is important to note that as an admin, you should have a non-AD or manual account for critical situations.

You have been reading a chapter from
ServiceNow Cookbook
Published in: Feb 2017
Publisher: Packt
ISBN-13: 9781785880520
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image