Category: System Definition
O
ne of the most common LDAP integration requirements is to disable users in Service-now when they become disabled in the LDAP source.
It is probably worth mentioning that you always want to deactivate user records (and most other records too) in Service-now instead of deleting them. Once a user record has been created in Service-now it should always remain in Service-now because that record could be linked to hundreds of other records (tasks, CIs, etc.). Deleting the record kills the relationship to those other records. Deactivating the record keeps that relationship in place.
Because the exact steps to set up this behavior vary depending on your LDAP setup and processes, this configuration isn’t something that can be predefined in Service-now. Typically a Service-now consultant assists with this setup and specific requirements are determined on a client-by-client basis. It has been my experience that there are two common approaches that can be used to disable Service-now users from LDAP. This article explains these approaches and how you can implement the needed functionality.
Posted by Mark Stanger in System Definition Tuesday, 17 August 2010 09:43 No Comments
BSM
maps (Business Service Maps) are a central feature of Service-now.com that allow users to view a visual representation of the Service-now CMDB and the Business Services and CIs that those services are composed of. Service-now BSM maps also allow you to display additional information about (and take action on) the CIs represented in the map through the use of BSM Map Actions. I was recently working to create a BSM Map Action that I wanted to display for particular types of CIs and I couldn’t see how to set up a condition that would allow me to identify the type of CI.
What I learned is that each BSM Map has certain information available through URL parameters and through a ‘Data’ object about each node on the map. I just had to find the right piece of information! The solution was to use something like the following in my ‘Condition’ field on my BSM Map Action definition.
Posted by Mark Stanger in Email Notifications Wednesday, 11 August 2010 11:10 No Comments
H
ere’s a cool tip that was just sent to me by my friend Jim Coyne. We collaborated to solve a problem that he had in his environment and this post shows the result he came up with. This post shows how you can manipulate records in the email log (sys_email table) when you have a need to change the contents or recipients of an email record. This isn’t something that should be relied upon heavily and I would consider it basically a last resort but it can prove very helpful in solving the right type of problem.
The problem in this example was that there were emails being sent from Jim’s Service-now system that contained sensitive information. It was necessary to send this information as part of an integration with a 3rd party system but they didn’t want to retain that information in Service-now to be viewed in logs and in the activity history of task records.
Posted by Mark Stanger in System Definition Monday, 9 August 2010 13:48 No Comments
I
often get the request to set up access for group managers to be able to manage the members of their groups in Service-now. This configuration isn’t too difficult to set up but it does involve a few different pieces. It’s also important to consider your group setup in your system before allowing access in this way. If you are bringing in group memberships from a data source like LDAP for example, the last thing you want is to have your managers manually changing those group memberships within Service-now. The configuration shown below could be easily customized to allow access only to non-LDAP groups if you needed to do both however.
Recent Comments