• State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 92 subscribers
  • Views 4270 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to find Attestors via a script

Craig.Bolte
over 6 years ago

I am creating a Membership Attestation for special AD Groups but the Owners (attestors) to those groups is not maintained in AD, it is maintained in ServiceNow.  So, it would be great if I could create a custom approval procedure that could use a script to generate the list of attestors instead of a SQL query.  The script would make a web services call to ServiceNow and query who the owners (attestors) of the group were and then pass that to the attestation.

Thoughts on the best way to do this?

 

Thanks,

Craig

  • 0 over 6 years ago
    Hey Craig,
    We support custom decision methods, which behind the scenes are SQL/Stored Procedures. But SQL Server supports calling web services from stored procs. So I'd investigate that option. Probably the easiest thing to do.
  • 0 over 6 years ago
    George is right, you can use the method decision made external to trigger a process.

    But what tickles me, you are saying, that ServiceNow determines the people that should decide in the One Identity web portal but you do not synchronize that information into One IM. This sounds to me like a flawed process.

    Either, synchronize the information about the owners into One IM, or use the EX step to route the decision to Service Now (as ticket, whatever...) and let the people approve that in Service Now.
  • 0 over 6 years ago

      You know, sometimes a companies processes are what they are and while we can influence change, it takes time for those changes to be embraced. Until then, you have to work within the restrictions you are under. Since this is part of the Attestation process I can't just send it back to ServiceNow through an EX step since all Attestation information needs to be contained within 1IM. I have also considered running the script on a schedule to ingest the ownership information into 1IM so it would be available to query during the Attestation process. From the start, this was the way I thought we would have to go. I was asking if there was a way to run a script to determine who approvers should be, without leaving the Attestation workflow.

      Thanks for the feedback, sounds like I need to stick with the original plan and ingest the owner information into 1IM.

    Craig