If anyone wants to sync AD with ServiceNow to update a real time data from AD instead of waiting schedule job to trigger.
Here is the Best practice:
- Since it is an Active Directory as the LDAP server, we can deploy the LDAP listener to identify user and group changes made to the LDAP server.
- An LDAP listener is a type of persistent query, also called persistent search. So it recognises any user and group changes made to any of the applicable LDAP accounts and forwards them to ServiceNow instance within approximately 10 seconds.
- This allows ServiceNow to have a nearly real-time copy of AD users' account details without having to wait for the next scheduled job to trigger.
Please refer the Snow doc to enable the LDAP listener.
How to enable LDAP Listener
The LDAP listener can only synchronise objects that map to the User [sys_users] and Group [sys_user_group] tables.