Same user-ids in LDAP as in ServiceNow: authentication will fail

General Add comments

Last week my colleague Olivier Cramer wrote an article on how the ServiceNow password generator can make life easier and this week I thought I would add to that same topic a short article.

When you have been using ServiceNow for some time already and there is a need to integrate with an LDAP-based directory service the following situation might occur:

  • You successfully enabled the LDAP/AD integration
  • But you had a (large?) amount of users already created with the same user-id as in LDAP

In this situation the authentication will fail.
But the old password will work.

To get rid of the passwords you cannot leave the password empty for safety reasons.

But the following little script will do the trick! :-))

[cc lang=”javascript”]
var usr = new GlideRecord(“sys_user”);
//Replace user_name to modify filter
usr.addQuery(‘user_name’,’ User.Name’);
while( {
gs.print(“USER X = ” + usr.user_name + “. Password = ” + usr.user_password);
usr.user_password = ”;
gs.print(“USER X = ” + usr.user_name + “. Password = ” + usr.user_password);

Keep in mind that you cannot login without a password.
Now wait for the sync and you are good to go!

Any questions? Send me a mail on

Leave a Reply