VIP Users Part 2 or how to synchronize group membership from AD to SCSM

Dealing with VIP users is a common practice within Service Management. This old blogpost explains a very good approach to mark VIP users in SCSM as VIP users. We simply extend the User class with an extra boolean property (true/false) and we then expose that property on the Incident right under the Affected User. That way Analysts can quickly see if the person is VIP and you can also make various workflows or notifications based on this property.



What is missing in the above post is how we figure out who is VIP or not. For many, this relationship is set in Active Directory via Group membership. So if you are part of a special Security Group, you are VIP. That’s the approach I will take here and provide the script needed to sync members of that group over – whoever is member of the given AD group will be marked or unmarked as VIP in SCSM. Just replace the AD groupname and perhaps the VIP property name (mine is called VIP here). After that you need to set up a scheduled workflow to run this script. This could be Orchestrator, SMA, a powershell workflow or just a regular windows scheduled task.

Here goes:


Enjoy Smiley

By |2017-08-30T11:48:15+00:00November 15th, 2016|Automation, Powershell, Service Manager (SCSM)|2 Comments

About the Author:

Morten Meisler
Consultant / Developer / Trainer Key areas / products: System Center Service Manager System Center Operations Manager Automation (System Center Orchestrator / Service Management Automation (SMA)) Development: C#.Net, Powershell, SQL, Web development / HTML5 (Javascript,jQuery,CSS,HTML, Wordpress etc.)


  1. Cary Myers January 11, 2017 at 16:14 - Reply

    Thank you for this script! One comment when running it. I modified the line here to allow the array from $SCSMVIPUsers to be empty and allow the script to run.

    #Get users from SCSM where VIP is true
    $SCSMVIPUsers = @( Get-SCSMObject -Class $ADUserClass -Filter “VIP -eq true” -ComputerName $SCSMServer)

  2. Morten Meisler January 11, 2017 at 20:08 - Reply

    yes thank you, I did not account for null values (classic mistake hehe). I will update the script with this modification 🙂

Leave A Comment