Close
Thank you for your feedback.

Define ADAM user accounts

Define ADAM user accounts

Define the following user accounts in ADAM. One is used for the instance to connect with and the other for ADAMSync.

Before you begin

Role required: admin

About this task

These accounts can be local ADAM User objects, UserProxy objects, or a Windows account from a trusted domain.

User Account

This account requires read-only access to the directory structure you are importing to your instance. The best way to accomplish this is to add the account to the member attribute on the Readers group found in cn=roles,dc=myCompany,dc=adam.

New ADAM User accounts are disabled by default. You will need to enable the new accounts and set a password.

Procedure

  1. Enable users by changing the attribute msDS-UserAccountDisabled to FALSE.

  2. Right-click the user object and reset the password.

  3. Test the new accounts using LDP as defined in ADAM to make sure they can connect. Use the LDAP > View/Tree option, leaving the Base DN blank to make sure you can view the objects in the directory using the new accounts. The Configuration, Schema, and the domain partition should be visible in the left pane. Traverse the domain partition. If you are using a new local ADAM account, it will show ‘No Children’ which means you don’t have read access to the objects. Verify the Setup group memberships and re-test.

    ADAMSync User Account

    ADAMSync uses this account to manage objects in the ADAM partition. This account requires admin level rights since it will create, update, and delete ADAM objects.

    ADAMSync AD Account

    ADAMSync uses this account to read the AD objects that will be synchronized to ADAM.

Products > ServiceNow Platform > Platform Security; Versions > Helsinki