Create and manage AD Service Account in IdentityNow

xiaofangc · May 11, 2022, 3:50am

We have a requirement to provision AD Service Account after user submits a self-service request in ServiceNow (or IdentityNow if possible) and fills in the details of the Service Account (description, owner etc.).

Is it possible to implement the provisioning through IdentityNow? The options we could think of are as follows.

CreateAccount API
The API doesn’t create account in target systems, so this approach won’t work.
Lifecycle event through AD Connector
Could we provision the service account and link it to the owner’s identity? If yes, how is this done in IdentityNow? If not, should we create new Identity for the Service Account (i.e. Each Service Account has its own identity)?

Please advice, thanks much!

mcheek · May 11, 2022, 2:44pm

We were in this same situation and ended up creating the account in AD directly and letting IDN aggregate it.

nico24 · May 16, 2022, 6:05pm

Jup we are going to build automation to handle all service accounts. They just don’t seem to be a good fit for IdentityNow.

chirag_patel · May 17, 2022, 5:30am

You can probably use NELM to request new identity(for each service account), assign owner as the manager and then initiate provisioning to AD from IdentityNow.

Just assumption but things might vary based on your requirement.

Topic		Replies	Views
AD account creation from INow ISC Discussion and Questions	6	1406	July 19, 2023
IDN - User Input Form ISC Discussion and Questions	4	1119	July 19, 2023
ServiceNow Requests ISC Discussion and Questions workflows , identity-security-cloud	3	227	December 11, 2023
Access request (created via Service Catalog) REQ number in IdentityNow ISC Discussion and Questions identity-security-cloud , provisioning	12	227	March 7, 2024
POST /v3/create creates account on a different source ISC Discussion and Questions apis , identity-security-cloud , accounts	4	303	December 8, 2023

Create and manage AD Service Account in IdentityNow

Related Topics