user account is locked out?

manmathpanda
Giga Guru

‎06-06-2019 10:11 PM

Hi Developers,

I want to know why the user account is locked out , it is due to invalid password given by them or any other reason.

And where it is written that if the user hits more than 3 times , then the user will be locked out.

Meanwhile i saw that , if the user hits wrong password once then the system keeps the user locked out.

Here i want to give 3 chances to user .

could anyone help me on this?

 

 

Regards,

Manmath

0 Helpfuls
  • 9,848 Views
5 REPLIES 5

Mark Roethof
Tera Patron
Tera Patron

‎06-06-2019 10:17 PM

Hi there,

Have a look at the below docs page. This might help in understanding the Failed login attempts.
https://docs.servicenow.com/bundle/geneva-servicenow-platform/page/administer/security/concept/c_Man...

If my answer helped you in any way, please then mark it as helpful.

Kind regards,
Mark

---

LinkedIn

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

Mark Roethof
Tera Patron
Tera Patron

‎06-06-2019 10:18 PM

From the SNC User Lockout Check Script Action:

if (gr.failed_attempts > 5) {
       gr.locked_out = true;
       gr.update();

If my answer helped you in any way, please then mark it as helpful.

Kind regards,
Mark

---

LinkedIn

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

manmathpanda
Giga Guru
In response to Mark Roethof

‎06-06-2019 10:33 PM

Hi Mark,

Thank you for your quick response.

the code is written as below in my instance

var gr = new GlideRecord("sys_user");
gr.addQuery("user_name", event.parm1.toString());
gr.query();
if (gr.next()) {
gr.failed_attempts += 1;
if (gr.failed_attempts > 5) {
gr.locked_out = true;
gr.update();
gs.log("User " + event.parm1 + " locked out due to too many invalid login attempts");
} else {
gr.update();
}
}

 

 

But yesterday when by impersonating a user , while he was trying to login and gave one time wrong password, here in our sys user form , it was showing locked out.

 

Could you please help me on this if there is anything wrong in this code.

 

 

Regards,

Manmath

0 Helpfuls

Mark Roethof
Tera Patron
Tera Patron
In response to manmathpanda

‎06-06-2019 10:44 PM

Hi there,

Looks the same as out-of-the-box.

Did you check the Failed Login attempts log?
https://docs.servicenow.com/bundle/geneva-servicenow-platform/page/administer/security/concept/c_Vie...

If my answer helped you in any way, please then mark it as helpful.

Kind regards,
Mark

---

LinkedIn

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

0 Helpfuls