How to remove groups from user profile if last login is last 3 months

Nani18 · ‎02-09-2023

Hello Experts,

My requirement is ...

If any user last login time is before 3 months then we need to remove all groups from user profile except one ABC group.

I am trying with below script by using schedule job.

var dt = new GlideDate();
months = gs.getProperty('TSF.Months.To.Remove.User.Roles', 3) * -1;//
dt.addMonths(months);
var grUser = new GlideRecord('sys_user');
grUser.addQuery('last_login', '<', dt).addOrCondition('last_login', '');
grUser.addQuery('sys_id','4713c93ddbe5cf00077df3d31d9619e1');//checking with one user
grUser.addQuery('sys_created_on','<',dt);

grUser.query();
while (grUser.next()) {

if (checkapproverGroup(grUser.sys_id + '')) {
continue;
}

function checkExcludeGroups(grUser) {
var grGM = new GlideRecord('sys_user_grmember');
grGM.addQuery('user', grUser);

Here we need to check ex : if user is member of 4 groups we need to remove 3 groups from user profile and remaining one group we need skip it because that is required group for all users .

How to achieve this..

Best Regards,

Nani

SatyakiBose · ‎02-09-2023

Hello @Nani18

You can use the script below to achieve this requirement:

Make sure your conditions you want to apply before executing this, because this involves deleteMultiple();

Script:

var gr= new GlideRecord('sys_user');
gr.addEncodedQuery('active=true^last_loginRELATIVELT@dayofweek@ago@90'); // this gets all the users who are active and last logged in 3 months(90) ago
gr.query();
while(gr.next()){
var gr2= new GlideRecord('sys_user_grmember');
gr2.addQuery('user',gr.sys_id);
gr2.query();
gr2.deleteMultiple(); //deletes the user from the groups
var gr1= new GlideRecord('sys_user_has_role');
gr1.addQuery('user',gr.sys_id);
gr1.query();
gr1.deleteMultiple(); // deletes all the roles the user have
}

Here are some additional resources that you can refer to:

Nani18 · ‎02-10-2023

Hello @SatyakiBose

Above script is deleting all groups from user profile.

After line number 8 we need to keep one specific group ex .(ABC group ). Remaining all groups need to be remove .

How to do this..?

Best Regards,

Nani

SatyakiBose · ‎02-10-2023

Hello @Nani18

This would need some additional customization.

How are you planning to which are the users who have not used the instance for more than 90 days?

I would recommend using a check box on the user field.

And when the above script executes, you can set the check box true.

Next you can write another script to add user to the specific group, and the query will be if the check box mentioned above is true.

Here are some references you can use:

Nani18 · ‎02-10-2023

Hello @SatyakiBose

Its working.... tested with below script

var gr= new GlideRecord('sys_user');
gr.addEncodedQuery('active=true^last_loginRELATIVELT@dayofweek@ago@90'); // this gets all the users who are active and last logged in 3 months(90) ago
gr.query();
while(gr.next()){
var gr2= new GlideRecord('sys_user_grmember');
gr2.addQuery('user',gr.sys_id);

grGM.addQuery('group','!=','sys_id');//ABC group sys id
gr2.query();
gr2.deleteMultiple(); //deletes the user from the groups
var gr1= new GlideRecord('sys_user_has_role');
gr1.addQuery('user',gr.sys_id);
gr1.query();
gr1.deleteMultiple(); // deletes all the roles the user have
}

Thanks for your support!

Best Regards ,

Nani