Product documentation Docs
    • English
    • Deutsch
    • 日本語
    • 한국어
    • Français
  • More Sites
    • Now Community
    • Developer Site
    • Knowledge Base
    • Product Information
    • ServiceNow.com
    • Training
    • Customer Success Center
    • ServiceNow Support Videos
  • Log in

Product documentation

  • Home
How search works:
  • Punctuation and capital letters are ignored
  • Special characters like underscores (_) are removed
  • Known synonyms are applied
  • The most relevant topics (based on weighting and matching to search terms) are listed first in search results
Topics are ranked in search results by how closely they match your search terms
  • A match on the entire phrase you typed
  • A match on part of the phrase you typed
  • A match on ALL of the terms in the phrase you typed
  • A match on ANY of the terms in the phrase you typed

Note: Matches in titles are always highly ranked.

  • Release version
    Table of Contents
    • Now Platform capabilities
Table of Contents
Choose your release version
    Home London Platform Capabilities Now Platform capabilities Orchestration Orchestration activity packs Active Directory activity pack

    Active Directory activity pack

    • Save as PDF Selected topic Topic & subtopics All topics in contents
    • Unsubscribe Log in to subscribe to topics and get notified when content changes.
    • Share this page

    Active Directory activity pack

    The Active Directory (AD) activity pack enables an administrator to create, delete, and manage objects in Windows Active Directory, such as users, groups, and computers, using a ServiceNow Orchestration workflow.

    Activities in this pack can reset a password automatically from a user request or manage any user account in Active Directory, whether or not it was created by a Orchestration workflow.

    Domain controllers are identified by the IP address of the host machine. To use the hostname of the domain controller, add the Resolve DNS Name activity to resolve the hostname into an IP, and then pass the IP into the Active Directory activity.

    Your instance must have access to a MID Server configured to use PowerShell to run these activities.
    Note: All Active Directory activities pass through error messages returned from Active Directory. To view these error messages, point to the failed activity in the workflow canvas or select the Workflow Log tab in a Workflow Context record.

    Custom Active Directory activities

    Orchestration provides custom Active Directory activities that were created with the Orchestration Create a PowerShell activity, starting with the Geneva release. These activities perform the same functions as AD activities by the same name from previous releases and replace those activities for all new workflows. Existing workflows from earlier versions that were created with legacy AD activities continue to function normally after an upgrade to Istanbul. However, all new workflows must use these custom AD activities. The Powershell activity template gives workflow administrators the ability to store input and output variables from the Query AD activity in the Databus.

    Note: To use the Active Directory custom activities, you must request activation of the Orchestration - Active Directory plugin.

    Active Directory credentials with LDAP

    If you are using an LDAP Server with MID Servers, note that Orchestration and Active Directory activities do not use the user name and password configured on LDAP Servers. You must create a Windows type orchestration credential recordWindows type orchestration credential record. The username and password in the credentials record is used for LDAP queries that Orchestration and workflow activities perform.

    Connection port used by AD Orchestration activities

    All Active Directory activities use port 389 for LDAP access. If you are using AD activities with Oracle Virtual Directory (OVD) as a proxy, set up pass-through on port 389 only.

    • Add User to Group AD activity

      The Add User to Group activity adds a user to a group in Windows Active Directory.

    • Change AD User Password activity

      The Change AD User Password activity changes the password for an Active Directory user account.

    • Create AD Object activity

      The Create AD Object activity creates an object in Windows Active Directory.

    • Disable AD User Account activity

      The Disable AD User Account activity disables a Windows Active Directory user account, making it inactive.

    • Enable AD User Account activity

      The Enable AD User Account activity enables a Windows Active Directory user account, making it active.

    • Is AD Account Locked activity

      The Is AD Account Locked activity determines whether an Active Directory user account is locked.

    • Query AD activity

      The Query AD activity retrieves entries from the Windows Active Directory based on an LDAP search filter and stores the results as a JSON string that can be used in the data bus.

    • Remove AD Object activity

      The Remove AD Object activity deletes an object from Windows Active Directory.

    • Remove User from Group AD activity

      The Remove User from Group activity removes a user from a group in Windows Active Directory.

    • Reset AD User Password activity

      The Reset AD User Password activity resets the password of a user account in Windows Active Directory.

    • Unlock AD Account activity

      The Unlock AD Account activity unlocks a locked Active Directory user account.

    • Update AD Object activity

      The Update AD Object activity updates an object in Windows Active Directory.

    Tags:

    Feedback
    On this page

    Previous topic

    Next topic

    • Contact Us
    • Careers
    • Terms of Use
    • Privacy Statement
    • Sitemap
    • © ServiceNow. All rights reserved.

    Release version
    Choose your release version

      Active Directory activity pack

      • Save as PDF Selected topic Topic & subtopics All topics in contents
      • Unsubscribe Log in to subscribe to topics and get notified when content changes.
      • Share this page

      Active Directory activity pack

      The Active Directory (AD) activity pack enables an administrator to create, delete, and manage objects in Windows Active Directory, such as users, groups, and computers, using a ServiceNow Orchestration workflow.

      Activities in this pack can reset a password automatically from a user request or manage any user account in Active Directory, whether or not it was created by a Orchestration workflow.

      Domain controllers are identified by the IP address of the host machine. To use the hostname of the domain controller, add the Resolve DNS Name activity to resolve the hostname into an IP, and then pass the IP into the Active Directory activity.

      Your instance must have access to a MID Server configured to use PowerShell to run these activities.
      Note: All Active Directory activities pass through error messages returned from Active Directory. To view these error messages, point to the failed activity in the workflow canvas or select the Workflow Log tab in a Workflow Context record.

      Custom Active Directory activities

      Orchestration provides custom Active Directory activities that were created with the Orchestration Create a PowerShell activity, starting with the Geneva release. These activities perform the same functions as AD activities by the same name from previous releases and replace those activities for all new workflows. Existing workflows from earlier versions that were created with legacy AD activities continue to function normally after an upgrade to Istanbul. However, all new workflows must use these custom AD activities. The Powershell activity template gives workflow administrators the ability to store input and output variables from the Query AD activity in the Databus.

      Note: To use the Active Directory custom activities, you must request activation of the Orchestration - Active Directory plugin.

      Active Directory credentials with LDAP

      If you are using an LDAP Server with MID Servers, note that Orchestration and Active Directory activities do not use the user name and password configured on LDAP Servers. You must create a Windows type orchestration credential recordWindows type orchestration credential record. The username and password in the credentials record is used for LDAP queries that Orchestration and workflow activities perform.

      Connection port used by AD Orchestration activities

      All Active Directory activities use port 389 for LDAP access. If you are using AD activities with Oracle Virtual Directory (OVD) as a proxy, set up pass-through on port 389 only.

      • Add User to Group AD activity

        The Add User to Group activity adds a user to a group in Windows Active Directory.

      • Change AD User Password activity

        The Change AD User Password activity changes the password for an Active Directory user account.

      • Create AD Object activity

        The Create AD Object activity creates an object in Windows Active Directory.

      • Disable AD User Account activity

        The Disable AD User Account activity disables a Windows Active Directory user account, making it inactive.

      • Enable AD User Account activity

        The Enable AD User Account activity enables a Windows Active Directory user account, making it active.

      • Is AD Account Locked activity

        The Is AD Account Locked activity determines whether an Active Directory user account is locked.

      • Query AD activity

        The Query AD activity retrieves entries from the Windows Active Directory based on an LDAP search filter and stores the results as a JSON string that can be used in the data bus.

      • Remove AD Object activity

        The Remove AD Object activity deletes an object from Windows Active Directory.

      • Remove User from Group AD activity

        The Remove User from Group activity removes a user from a group in Windows Active Directory.

      • Reset AD User Password activity

        The Reset AD User Password activity resets the password of a user account in Windows Active Directory.

      • Unlock AD Account activity

        The Unlock AD Account activity unlocks a locked Active Directory user account.

      • Update AD Object activity

        The Update AD Object activity updates an object in Windows Active Directory.

      Tags:

      Feedback

          Share this page

          Got it! Feel free to add a comment
          To share your product suggestions, visit the Idea Portal.
          Please let us know how to improve this content

          Check any that apply

          To share your product suggestions, visit the Idea Portal.
          Confirm

          We were unable to find "Coaching" in Jakarta. Would you like to search instead?

          No Yes
          • Contact Us
          • Careers
          • Terms of Use
          • Privacy Statement
          • Sitemap
          • © ServiceNow. All rights reserved.

          Subscribe Subscribed Unsubscribe Last updated: Tags: January February March April May June July August September October November December No Results Found Versions Search preferences successfully updated My release version successfully updated My release version successfully deleted An error has occurred. Please try again later. You have been unsubscribed from all topics. You are now subscribed to and will receive notifications if any changes are made to this page. You have been unsubscribed from this content Thank you for your feedback. Form temporarily unavailable. Please try again or contact  docfeedback@servicenow.com  to submit your comments. The topic you requested does not exist in the release. You were redirected to a related topic instead. The available release versions for this topic are listed There is no specific version for this documentation. Explore products Click to go to the page. Release notes and upgrades Click to open the dropdown menu. Delete Remove No selected version Reset This field is required You are already subscribed to this topic Attach screenshot The file you uploaded exceeds the allowed file size of 20MB. Please try again with a smaller file. Please complete the reCAPTCHA step to attach a screenshot
          Log in to personalize your search results and subscribe to topics
          No, thanks Login