Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Deactivate user when not found on the LDAP import

Mark_Bailey
Mega Guru

‎02-04-2014 03:23 PM 

Greetings




Our LDAP management seems to be a lot different than most companies. The out of box deactivation script is looking for the users to go into a specific OU of have a specific field marked.   I need a much simpler script. IF a user is not found on the AD import and already exist as active on ServiceNow AND was initially imported via LDAP (User Source is not blank) , then deactivate. 




I am hoping someone might have something very similar I can do some minor adjusting to. 










Out of Box on before deactivated scriptnot being used (Part of the LDAP import)


var ctrl = parseInt(source.u_useraccountcontrol, 10);


ctrl = ctrl.toString(16);






//The relevant digit is the final one


//A final hex digit value of '2' in 'ctrl' means disabled


if (ctrl.substr(-1) == "2") {


     target.active = false;


     target.locked_out = true;


     if (action == 'insert')


           ignore = true;


} else {


     //Optional: Reactivate and unlock the user account


     //target.active = true;


     //target.locked_out = ctrl.substr(-2, 1) == "1";


}
0 Helpfuls
  • 8,320 Views
28 REPLIES 28

Mark_Bailey
Mega Guru
In response to Bhargava4

‎01-22-2016 11:41 AM

Yes you are correct.



The user is active on SN and deactivated from AD in my case.


Alex Macdonel
Tera Expert
In response to Mark_Bailey

‎01-29-2016 08:50 AM

I was looking at creating a new server while implementing the script and found this Find inactive LDAP accounts using the lastRefresh time, i like it better than the script provided on this thread as it gives more control over what is happening.


0 Helpfuls

Nilanjan1
Mega Sage

‎08-20-2022 10:02 AM

Hello All, 

 

This is really helpful. However, when I try to run the script in the background scripts it seems that there is a declaration error in the following line. 

var importSet = import_set.number; -- import_set not defined. 

Did someone get into the same issue?

0 Helpfuls

Michael Domke
Tera Guru
In response to Nilanjan1

‎08-22-2022 06:11 AM

Background scripts won't have access to the import_set object as written. You'll need to set the import_set.number value directly as well as any other fields pulled from the import_set object if you want to run this in Background scripts.

Michael

0 Helpfuls