
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-07-2018 03:54 AM
If a user is created without a password, it cannot log in. How can we return a user record to the same state (with no password) after having set a password for that user? Simply blanking out the password field on the User Form isn't sufficient (as the previous password is retained, and the user can still log in with it).
We're thinking about users who may have been using local authentication previously and are now going to be switched to SSO. We want to make sure these users are unable to authenticate locally, but we cannot completely disable local authentication as there will be a handful of users who still need to use local authentication.
Any suggestions on the best practice way to achieve this? We'd prefer not to delete the user records, and we would like to prevent a scenario where someone who has a user can set their password, giving them the ability to bypass SSO.
Solved! Go to Solution.
- Labels:
-
User Experience and Design
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-07-2018 04:20 AM
Graeme,
You will need to run a background script or fixed script. You can use below code for ex.
var user = new GlideRecord('sys_user');
user.get('9112fd0dc3313000bac1addbdfba8f95'); // SYSID of the user you want to blank out password for.
user.user_password = '';
user.update();
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-07-2018 04:20 AM
Graeme,
You will need to run a background script or fixed script. You can use below code for ex.
var user = new GlideRecord('sys_user');
user.get('9112fd0dc3313000bac1addbdfba8f95'); // SYSID of the user you want to blank out password for.
user.user_password = '';
user.update();

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-08-2018 02:07 AM
Thanks Patrick!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2022 11:29 PM
Hi,
We have scenario where we need to remove specific individual passwords for list of 1200+ users and continue to log in with SSO
How to collect sys id's for these 1200+ id and remove specific individual passwords so that they can continue to log in with SSO
Any suggestions on the best practice way to achieve this? We'd prefer not to delete the user records
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-06-2022 12:53 AM
var users = [sys_id1,sys_id2,sys_id3,.........sys_id1200]; //Declare and array and capture all the sys_ids
for(i=0;i<users.length;i++)//Run a loop
{
sysId = users[i];
var gr = new GlideRecord('sys_user');
gr.addQuery('sys_id', sysId);
gr.query();
if(gr.next()){
if(gr.password != ''){
gr.password = '';
}
}
}
I am trying it this way, will this be a best practice
but then how to capture all the 1200 sys_ids