Instance scan findings

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Instance scan findings

    This document details the findings from an instance scan conducted in the Xanadu release version as of August 1, 2024. The scan results are accessible on the Scan Result form under the Scan Findings related list and highlight configuration and integration issues primarily related to Microsoft Exchange Online connections, OAuth settings, and synchronization configurations.

    Show full answer Show less

    Key Findings

    • Missing or incorrect Microsoft Exchange Online connection and credential aliases, such as absent child aliases or multiple/no connections linked to a specified alias.
    • Errors in connection attributes including invalid Connection URLs.
    • OAuth configuration issues such as mismatched OAuth providers, missing or expired OAuth tokens, invalid token, authorization, or redirect URLs in Application Registry records.
    • Absence or invalid associations between credentials and connections.
    • Requirements for OAuth providers using Authorization Code grant type to have Strict mode enabled with a valid email.
    • Synchronization problems including inactive calendar providers, missing or mismatched emails in Rsv Sync configurations, multiple or expired subscriptions, and invalid subscription statuses.

    Practical Implications for ServiceNow Customers

    These findings indicate common configuration pitfalls that can disrupt calendar synchronization and OAuth-based integrations with Microsoft Exchange Online. Addressing these issues is critical to ensure reliable synchronization of calendar data and proper authorization flows within ServiceNow.

    Next Steps

    • Review the scan findings carefully to identify specific misconfigurations or missing components.
    • Consult the referenced documentation on Microsoft Exchange Online - Calendar synchronization and Synchronization - Prerequisites and implementation to guide corrective actions.
    • Verify the installation and configuration of Workplace Calendar Synchronization components, properties, scheduled jobs, and flows as prerequisites for proper operation.
    • Regenerate OAuth tokens as needed and ensure all OAuth entities, providers, and credentials are correctly linked and active.
    • Confirm subscription statuses and synchronization email configurations to prevent sync disruptions.

    After the instance scan completes, on the Scan Result form, review the findings in the Scan Findings related list.

    Scan findings

    The following findings are reported in the scan report:
    • Could not find the sn_ex_online_spke.Microsoft_Exchange_Online Connection and credential alias.
    • The Connection & credential alias specified in the Override alias is not a child alias to the sn_ex_online_spke.Microsoft_Exchange_Online Connection and credential alias.
    • There are multiple/no connections associated with the ' + selectedAlias.getValue('name') + ' Connection and credential alias.
    • There are multiple/no connection attributes associated with ' + selectedAlias.getValue('name') + ' Connection and credential alias.
    • Incorrect 'Connection URL' specified in the " + selectedAlias.getValue('name') + " Connection and credential alias."
    • OAuth provider associated with the OAuth Entity Scope - ' + scope + ' is not same as the one associated with OAuth Entity Profile of this scope.
    • The OAuth Scope - ' + scopesExpected[i] + ' must be associated with the grant type ' + grantType + '.
    • The Default grant type of the OAuth provider must be same as the Grant type of the OAuth Entity Profile.'
    • OAuth Token has expired.
    • Please generate an OAuth Token.
    • Invalid token URL associated with Application Registry - ' + applicationRegistryGr.getValue('name') + '.
    • Invalid authorization URL associated with Application Registry - ' + applicationRegistryGr.getValue('name') + '.
    • Invalid redirect URL associated with Application Registry - ' + applicationRegistryGr.getValue('name') + '.
    • There is no OAuth Entity Profile associated with the credential - ' + credentialGr.getValue('name') + '.
    • There is no credential associated with the connection - ' + connectionGr.getValue('name') + '.
    • There is no active credential associated with the connection - ' + connectionGr.getValue('name') + '.
    • Invalid Credential record associated with connection - ' + connectionGr.getValue('name') + '.
    • If the grant type of the connection (linked with provider) is set as Authorization Code, the provider must have Strict mode enabled with a valid Strict mode email.
    • Synchronization is not configured - could not find an active provider.
    • There are multiple subscriptions associated with this resource.
    • Calendar provider associated with this Rsv Sync Configuration is inactive.
    • Could not find an email with this Rsv Sync configuration.
    • The Rsv Sync configuration email must be same as the email specified in the 'Email' field of the location record.
    • The same email is associated with a different Rsv sync configuration.
    • The Subscription has expired.
    • The Subscription status is ' + status + '.
    • Invalid Subscription.
    • Could not find a subscription for this Rsv Sync Configuration.
    To fix a finding, refer to the following: