Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

user account is locked out?

manmathpanda
Giga Guru

‎06-06-2019 10:11 PM

Hi Developers,

I want to know why the user account is locked out , it is due to invalid password given by them or any other reason.

And where it is written that if the user hits more than 3 times , then the user will be locked out.

Meanwhile i saw that , if the user hits wrong password once then the system keeps the user locked out.

Here i want to give 3 chances to user .

could anyone help me on this?

 

 

Regards,

Manmath

0 Helpfuls
  • 10,296 Views
5 REPLIES 5

Mark Roethof
Tera Patron
Tera Patron

‎06-06-2019 10:17 PM

Hi there,

Have a look at the below docs page. This might help in understanding the Failed login attempts.
https://docs.servicenow.com/bundle/geneva-servicenow-platform/page/administer/security/concept/c_Man...

If my answer helped you in any way, please then mark it as helpful.

Kind regards,
Mark

---

LinkedIn

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

Mark Roethof
Tera Patron
Tera Patron

‎06-06-2019 10:18 PM

From the SNC User Lockout Check Script Action:

if (gr.failed_attempts > 5) {
       gr.locked_out = true;
       gr.update();

If my answer helped you in any way, please then mark it as helpful.

Kind regards,
Mark

---

LinkedIn

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

manmathpanda
Giga Guru
In response to Mark Roethof

‎06-06-2019 10:33 PM

Hi Mark,

Thank you for your quick response.

the code is written as below in my instance

var gr = new GlideRecord("sys_user");
gr.addQuery("user_name", event.parm1.toString());
gr.query();
if (gr.next()) {
gr.failed_attempts += 1;
if (gr.failed_attempts > 5) {
gr.locked_out = true;
gr.update();
gs.log("User " + event.parm1 + " locked out due to too many invalid login attempts");
} else {
gr.update();
}
}

 

 

But yesterday when by impersonating a user , while he was trying to login and gave one time wrong password, here in our sys user form , it was showing locked out.

 

Could you please help me on this if there is anything wrong in this code.

 

 

Regards,

Manmath

0 Helpfuls

Mark Roethof
Tera Patron
Tera Patron
In response to manmathpanda

‎06-06-2019 10:44 PM

Hi there,

Looks the same as out-of-the-box.

Did you check the Failed Login attempts log?
https://docs.servicenow.com/bundle/geneva-servicenow-platform/page/administer/security/concept/c_Vie...

If my answer helped you in any way, please then mark it as helpful.

Kind regards,
Mark

---

LinkedIn

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

0 Helpfuls