Home General Discussion

How do we limit user list from AD so that only the main AD account for an indiviual is read.

Marlene_SherodMarlene_Sherod Customer IT Monkey ✭
in General Discussion
We have users with multiple ad accounts for different levels of priviledges. How can we select only the primary logon account. Example scenario: USer submitts a ticket and his normal logon name is selected as the created by, but automatically picks one of his other accounts as the affected user, We are assuming becasue it is alphabetally the first name in the list of his user accounts.

Best Answer

Answers

  • Brian_WiestBrian_Wiest Customer Super IT Monkey ✭✭✭✭✭
    Outside of permissions, what separates the privileged accounts?
    different ou?
    no email?
    ???
  • john_doylejohn_doyle Cireson Support Ninja IT Monkey ✭✭✭✭
    The simplest solution would be to import only the primary logon account into SCSM.
  • Andrea_BatesAndrea_Bates Customer IT Monkey ✭

    John_Doyle we have an AD connector that pulls in all AD user accounts, because if we start filtering by OU it would be hard to maintain going forward with our AD OU structures changing once again.

    Yes Brian_Wiest, the admin accounts have no email address and are in a different OU. Can this field not pull the same account from AD that's logged into the portal?

  • Matt_MedleyMatt_Medley Member Advanced IT Monkey ✭✭✭
    Andrea_Bates said:

    John_Doyle we have an AD connector that pulls in all AD user accounts, because if we start filtering by OU it would be hard to maintain going forward with our AD OU structures changing once again.

    Yes Brian_Wiest, the admin accounts have no email address and are in a different OU. Can this field not pull the same account from AD that's logged into the portal?

    Andrea, can you create an exclusion AD group, add the users admin accounts as a member of the AD group and then exclude that group from being imported into SCSM?
  • Brian_WiestBrian_Wiest Customer Super IT Monkey ✭✭✭✭✭
    Our privileged accounts do not have email as well so how we accomplish users selecting the proper account is remove the admin accounts from the query via admin settings in the portal.

  • Andrea_BatesAndrea_Bates Customer IT Monkey ✭
    Where do I put that query?
Sign In or Register to comment.