Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Lock user accounts

Lock user accounts

You can lock user accounts if the user is not active.

The following business rule script locks user accounts if the user is not active in the LDAP directory or the user does not have self-service, itil, or admin access to the instance.
// Lock accounts if bcNetIDStatus != active in LDAP and user does not  
// have self-service, itil or admin role 
var rls = current.accumulated_roles.toString(); 
if(current.u_bcnetidstatus == 'active' && (rls.indexOf(',itil,') > 0 || 
  rls.indexOf(',admin,') > 0 || 
  rls.indexOf(',ess,') > 0 )) { 
  current.locked_out = false; } 
else { 
  current.locked_out = true; } 

var gr = new GlideRecord("sys_user"); 
gr.query(); 
while(gr.next()) { 
  gr.update(); 
  gs.print("updating " + gr.getDisplayValue()); 
}