Service Desk Integration - Adding a Source

Identity Security Cloud (ISC) ISC Discussion and Questions
, ,
1

I already have a service desk integration set up, but I am having trouble adding a new source to it. I want to be able to provision an AD logon group for a user and at the same time have a ticket go to our service desk app to inform the IT team to manually create the user the account.

We alreadt have several sources set up to work like this, but I keep running into walls when attempting to replicate the set up. I created a delimited file source, but after that it gets confusing. I attempted aggregating the required entitlement to the new source, I also created a role to encapsulate the entitlement. When putting in a user request, it does not send a ticket to our service desk.

I kind of feel lost from beginning to end. How is the service desk reading that and entitlement is being requested, How does it tie that to the source I created. What parts am i missing here?

If anyone can give me a walk through or point me to the right documentation it would be appreciated.

Thanks

2

Hi @jared-fox , would you mind sharing more details? As I understand it, you can take the following approach.

The way to achieve this in ISC is through a Role that bundles two Access Profiles together:

Access Profile 1 — AD Group (direct provisioning)

  • Tied to your AD source

  • Contains the AD logon group entitlement

  • ISC provisions this automatically via the AD connector

Access Profile 2 — Manual System (SDIM ticket)

  • Tied to a delimited file / disconnected source

  • That source is registered in your SDIM

  • When ISC tries to provision this, it can’t do it directly → fires the service desk ticket automatically

When a user requests the Role: ISC processes both access profiles simultaneously:

  • AD group → provisioned directly

  • Manual system → SDIM ticket created for IT.

Adding source to SIDM is easy by editing SIDM. You can add the source by searching the configuration. Please check out this doc Configuring SailPoint for ServiceNow Service Desk

Thanks,

@SivaLankapalli

3

Hi,
For configuring Service Desk Integration you need to add the source in the configuration. We also need to add the CI from ServiceNow. did we add it or not ?

4

Hi Siva,

Thanks for your reply. Everything you said is in line with what I’ve configured. I was able to simply add my new delimited file source to the sources already creating service desk tickets.

Two things to consider:

  1. We are using Samanage(Solarwinds), not ServiceNow.
  2. I have entitlements attached to the role, not access profiles.

There is also a more recent development. I just looked at a users events after approving the access for them and got this error:

image
image707×277 12.2 KB

This seems especially odd as we are running the same exact configuration on our prod instance and API calls from SailPoint to Samanage are working there.

5

Glad to hear the source configuration worked for you!

Regarding the error you’re seeing after approval, I would suggest the following:

  1. Check the VA connectivity from your Sandbox environment to Samanage — even though the same configuration works in Production, the VA cluster in Sandbox may not have the same network access or outbound connectivity to the Samanage API endpoint. Verify the VA can reach Samanage from Sandbox by checking the CCG logs for any connection or timeout errors.

  2. Compare your SDIM source configuration between Production and Sandbox side by side — look for differences in the URL, authentication credentials, catalogItem mappings, and managedResourceRefs. A small mismatch such as an incorrect API endpoint or expired credentials in Sandbox is often the root cause when the same setup works in Production but fails elsewhere.

Hope this helps narrow it down!