We have a requirement to provision AD Service Account after user submits a self-service request in ServiceNow (or IdentityNow if possible) and fills in the details of the Service Account (description, owner etc.).
Is it possible to implement the provisioning through IdentityNow? The options we could think of are as follows.
-
CreateAccount API
The API doesn’t create account in target systems, so this approach won’t work. -
Lifecycle event through AD Connector
Could we provision the service account and link it to the owner’s identity? If yes, how is this done in IdentityNow? If not, should we create new Identity for the Service Account (i.e. Each Service Account has its own identity)?
Please advice, thanks much!