ServiceNow – Find inactive LDAP users using lastRefresh time

  1. Create a datetime field on the User [sys_user] table. For example, u_last_refreshed.
  2. Create an LDAP transform script to set the field value. [System Ldap > Select the LDAP User import > In Script field, Add below code]
  3. Create a scheduled job to find and deactivate the user accounts that have not been refreshed in 30 days.
  4. Create a report of user accounts that have been inactive for 15 days.

Add a Comment

Your email address will not be published. Required fields are marked *