Skip to main content

Active sessions: restrict concurrent users for same user and specify session timeout

 https://docs.servicenow.com/bundle/paris-platform-administration/page/integrate/authentication/task/limit-concurrent-sessions-plugin.html


https://docs.servicenow.com/bundle/paris-platform-administration/page/integrate/authentication/concept/limit-concurrent-sessions.html


https://docs.servicenow.com/bundle/paris-platform-administration/page/administer/security/reference/session-activity-timeout.html


after you have installed the plugin Limit Concurrent Sessions plugin (com.glide.limit.concurrent.sessions)  

these properties need to be set to true: glide.authenticate.limit.concurrent.interactive.sessions
and to the glide.ui.session_timeout value desired (default is 60 mins)

you may wish to run the following fix script and code this business rule also to default the setting:

BUSINESS RULE: default limit_concurrent_sessions to true when creating a new user (exclude integration users if you wish) - before insert and set condition to 'u_service_account=false' or similar

(function executeRule(current, previous /*null when async*/) { //-- see STRY0010717 current.limit_concurrent_sessions=true; })(current, previous);




FIX SCRIPT: bulk update existing users

var grUsers = new GlideRecord('sys_user'); grUsers.addQuery('u_service_account', 'false'); grUsers.addQuery('limit_concurrent_sessions', 'false'); //grUsers.query(); //gs.print(grUsers.getRowCount()); grUsers.setValue('limit_concurrent_sessions', 'true'); grUsers.updateMultiple();


Comments

Popular posts from this blog

ServiceNow check for null or nil or empty (or not)

Haven't tested these all recently within global/local scopes, so feel free to have a play! option 1 use an encoded query embedded in the GlideRecord , e.g.  var grProf = new GlideRecord ( 'x_cls_clear_skye_i_profile' ); grProf . addQuery ( 'status=1^ owner=NULL ' ); grProf . query (); even better use the glideRecord  addNotNullQuery or addNullQuery option 2 JSUtil.nil / notNil (this might be the most powerful. See this link ) example: if ( current . operation () == 'insert' && JSUtil . notNil ( current . parent ) && ! current . work_effort . nil ())  option 3 there might be times when you need to get inside the GlideRecord and perform the check there, for example if the code goes down 2 optional routes depending on null / not null can use gs.nil : var grAppr = new GlideRecord ( 'sysapproval_approver' ); var grUser = new GlideRecord ( 'sys_user' ); if ( grUser . get ( 'sys_id' , current . approver )){

Service Catalog: variable advanced reference qualifiers

Call a script include to apply a reference qualifier on a catalog item variable: - variable reference qualifier dependent on another variable selection, in this case a variable referencing sys_user (requested_for) On the catalog item form. variable name to apply ref qual filter : retail_equipment variable reference qualifier (on cmdb table ): javascript : new  refqual_functions (). lostStolen_getAssignedCIs (); client-callable script include ( refqual_functions)  function : lostStolen_getAssignedCIs : function (){         //--called from variable set client script, for lost/stolen request (service catalog)     gs . log ( current . variables . requested_for , 'retail_lostStolen_getAssignedCIs' );         return ( 'install_statusNOT IN8,7^owned_by=' + current . variables . requested_for );             //owned_by=1269b79937f1060041c5616043990e41^install_statusNOT IN8,7            },

Get URL Parameter - server side script (portal or classic UI)

Classic UI : var sURL_editparam = gs . action . getGlideURI (). getMap (). get ( ' sysparm_aparameter ' ); if ( sURL_editparam == 'true' ) { gs . addInfoMessage ( 'parameter passed ); } Portal : var sURL_editparam = $sp . getParameter ( " sysparm_aparameter " ); if ( sURL_editparam == 'true' ) { gs . addInfoMessage ( 'parameter passed ); }