ServiceNow - LDAP Integration
- Introduction
- Architecture
- Pre-Requisites
- Steps Involved in the Integration
Introduction
Administrators integrate with a Lightweight Directory Access Protocol (LDAP) directory to streamline the user login process and to automate administrative tasks such as creating users. An LDAP integration allows ServiceNow to use your existing LDAP servers as the master source of user data. The integration uses a read-only connection that never writes to the LDAP directory. The integration only queries for information, and then updates its internal database accordingly.
There are two aspects to the integration:
- Data population
- Authentication
DATA POPULATION
Integration to the LDAP servers allows you to quickly and easily populate ServiceNow with user records from the existing LDAP database. To prevent data inconsistencies, configuration settings provide the ability to create, ignore, or skip incoming LDAP records. You can also limit the data the integration imports by specifying LDAP attributes. If you do not specify any LDAP attributes, the integration imports all available object attributes from the LDAP server. The instance stores imported LDAP data in temporary import set tables, so the more attributes you import, the longer the import time. By default, ServiceNow does not delete any entries after they disappear from LDAP. This is because deleting an entry also deletes the entire history and references to the deleted entry.
AUTHENTICATION
When a user enters domain credentials in the ServiceNow login page, the instance passes those credentials to each defined LDAP server. The LDAP server responds with an authorized or unauthorized message that ServiceNow uses to determine whether access should be granted. By authenticating against your LDAP server, users access ServiceNow with the same credentials that they use for other internal resources on your domain.
Architecture
LDAP Integration provides the streamlining of user login process and to automate administrative tasks such as creating users Through SSL PKI Certificate, This LDAP integration ensures security by connecting from a single machine that uses a fixed IP address through a specific port on the firewall. Furthermore, the connection requires a read-only LDAP account of your choosing for authentication. To establish a LDAPS connection, ServiceNow admin will load the public side of LDAP server's SSL certificate on ServiceNow instance. Both Third-Party and Self-Signed certificates are supported. The integration uses the certificate to encrypt all communication between the LDAP server and ServiceNow. An SSL-encrypted LDAP integration (LDAPS) communicates over TCP on port 636 by default. The diagram below depicts how communications will be secured using LDAPS with SSL Certificate.
After setting up a secure connection, ServiceNow Admin will be able to complete LDAP integration setup.
Pre-Requisites
The LDAP integration requires:
- An LDAP v3 compliant directory services server
- Allows inbound network access (enable SNOW IP and ports) through the firewall of customer network
- The external IP address or fully-qualified domain name of the LDAP server
- A read-only LDAP account for Secure connection between Service Now and LDAP Server’s over internet
- A PKI SSL certificate is required, to secure communication
Steps Involved in the LDAP Integration
- There are 7 major steps to complete LDAP Integration:
- Load X.509 Certificate for SSL
- Create Server
- LDAP Configuration
- OU Definitions
- Define Data source
- Define Transform map
- Create a Schedule
I like this. because I noted many important points from this article. Please update more like this.
ReplyDeleteManual Testing Training in Chennai
manual testing course fees in chennai
Manual Testing Training in OMR
Mobile Testing Training in Chennai
Mobile Application Testing Training
Mobile App Testing Training
Drupal Training in Chennai
Photoshop Classes in Chennai
This comment has been removed by a blog administrator.
DeleteThanks for sharing this valuable information to our vision. You have posted a worthy blog keep sharing.
ReplyDeleteSalesforce Training in Chennai
Salesforce Training
Web Development courses in Chennai
ccna course in Chennai
PHP Training in Chennai
gst classes in chennai
Tally Course in Chennai
ux design course in chennai
web designing training in chennai