Get a first look at what's coming. The Developer Passport Australia Release Preview kicks off March 12. Dive in! 

servicenow security

23h51a0458
Giga Contributor

yesterday

An Administrator wants to remove privileged users who have never accessed the platform.Which Security Center

section is checked for these users?

  1. Security metrics
  2. Security posture dashboard
  3. Security scanner
  4. Security hardening
0 Helpfuls
  • 32 Views
1 REPLY 1

GlideFather
Tera Patron

an hour ago - last edited an hour ago

Hi @23h51a0458,

 

I'm not familiar with none of the options above. But what I can suggest to you is to add one or both columns on the [sys_user] table:

Last login (date only)

Last login time (date + time)

Screenshot 2026-03-13 at 08.43.38.png

It is matching 1:1, just one is for days and one for time, but if one if it is empty then both of them are... so empty means that the user never ever logged into that particular instance.

 

With that you can set conditions for Last login before 3 months ago or Last login before this year etc. That can help you to filter the particular users and you can apply it in flow, scheduled job, fix script or anything else.

 

Also, you can create a scheduled job to deactivate users who haven't logged for 3 months (but be careful for parental/medical leaves, sabbaticals, etc.). 

 

One more thing, for any user management and role removing, be sure that these two fields are handled properly, having them correctly set it can prevent from removing roles of technical accounts (e.g. integration user). Do NOT forget about this and eventually apply it correctly:

Screenshot 2026-03-13 at 08.48.05.png

 

***EDITED: edits highlighted in orange

_____
100 % GlideFather experience and 0 % generative AI

0 Helpfuls