- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-16-2015 02:26 PM
Hi all,
I am trying to de-activate and lock out users from a certain OU (called MyOU), who are also not in a specific group (called MyGroup).
I am running an after business rule (for testing purposes I am just trying to change the title of the users now) :
deactivateAndLockout();
function deactivateAndLockout() {
var user = new GlideRecord('sys_user');
user.addQuery('source','CONTAINS','MyOU');
user.query();
while(user.next()) {
var group = 'MyGroup';
if(user.getUser().isMemberOf(group)){
user.title = 'grp';
user.update();
} else {
user.title = 'not grp';
user.update();
}
}
}
I can see users in the group MyGroup, however, all users in MyOU get the title 'not grp', even those in the MyGroup.
What am I missing here?
harel
Solved! Go to Solution.
- Labels:
-
Integrations
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-16-2015 04:16 PM
Your complete code will be:
deactivateAndLockout();
function deactivateAndLockout() {
var gr = new GlideRecord('sys_user');
gr.addQuery('source','CONTAINS','MyOU');
gr.query();
var group = 'MyGroup';
while(gr.next()) {
if(gs.getUser().getUserByID(gr.user_name).isMemberOf(group)) {
gr.title = 'grp';
}
else {
gr.title = 'not grp';
}
gr.update();
}
}
Also unless you have other external dependencies, the name of the function "deactivateAndLockout" is a bit misleading, because this function neither deactivates nor locks a user out. That is, of course, at your own volition.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-16-2015 02:34 PM
I think the line "user.getUser().isMemberOf(group)" will not work since "getUser()" is not a function of the object "user".
I would do something like this:
If you query the "sys_user_grmember" table, you can do the query in one.
var group = "MyGroup";
var ou = "MyOU"
var user = new GlideRecord('sys_user_grmember');
user.addQuery("user.source", 'CONTAINS', ou);
user.addQuery("group", group);
user.query();
This should only return your required users to update.
Pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-16-2015 03:01 PM
Hi Peter,
Thanks for the quick answer.
so the full script would be (in sys_user_gmemeber):
deactivateAndLockout();
function deactivateAndLockout() {
var group = 'MyGroup';
var ou = 'MyOU';
var user = new GlideRecord('sys_user_grmember');
user.addQuery('user.source', 'CONTAINS', ou);
user.addQuery('group', group);
user.query();
while(user.next()) {
user.title = 'grp';
user.update();
}
}
It does not update the title.
Thanks
,Harel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-16-2015 03:19 PM
If you run a user.update() on the sys_user_grmember table, this will not update the user record, but only the records fetched from the sys_user_grmember, since your glide record is originating using the sys_user_grmember table and not the sys_user table. as you can see there is no title field in the sys_user_grmember table.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-16-2015 02:49 PM
I believe your query result should be more like the example below:
// http://www.servicenowguru.com/scripting/user-object-cheat-sheet/ 3/11
// Query for the user record
var gr = new GlideRecord("sys_user");
gr.addQuery("user_name", "admin");
gr.query();
var group = "Hardware";
if(gr.next()) {
if(gs.getUser().getUserByID(gr.user_name).isMemberOf(group)) {
gs.log( gr.user_name + " is a member of " + group);
}
else {
gs.log(gr.user_name + " is NOT a member of " + group);
}
}
}
Taken from » User Object Cheat Sheet
It may be the case that you can only use isMemberOf() with gs.getUser().
