Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.

LDAP record synchronization

Log in to subscribe to topics and get notified when content changes.

LDAP record synchronization

Administrators can synchronize inactive, disabled, or deleted LDAP records with their LDAP records.

LDAP record synchronization is the process of detecting inactive records on the LDAP server and updating the corresponding LDAP records. Detecting inactive LDAP records involves defining consistent data indicators for each user object, importing LDAP data, and evaluating the data indicators.

A data indicator can be:
  • a date field
  • membership in a specific OU (identify by parsing the dn attribute), using the useraccountcontrol attribute
  • a combination of these indicators

Imported data comes into the instance through import set tables where the data can be evaluated and processed.

The import process can use:
  • LDAP extraction: a single import job to gather all user records into the import set temporary tables for evaluation
  • LDAP refresh filters: multiple import jobs to divide different types of user records, segregating records for separate processing
Feedback