Skip to content

Commit d3468e1

Browse files
fn20200323fn20200323
committed
check for lockedout user set as RunAs for ScheduledJob
1 parent d8e75f8 commit d3468e1

File tree

2 files changed

+40
-0
lines changed

2 files changed

+40
-0
lines changed

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,8 @@ Monitor users with role `admin` (not locked out) that are not logged for longer
140140
After deactivation of Groups there can be still some users.
141141
Group offer membership but also can provide some roles that after deactivation should be considered as no longer needed.
142142

143+
### Scheduled Job with RunAs set as Locked Out user
144+
Detecting no longer active user with flag Locked Out set to true that is set as a RunAs for Scheduled Job
143145

144146
## Category: User Experience
145147

scan_script_only_check_718e43b42f2330100b40bea62799b67f.xml

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<unload unload_date="2021-10-29 22:24:36">
3+
<scan_script_only_check action="INSERT_OR_UPDATE">
4+
<active>true</active>
5+
<attributes display_value="Locked out user for Scheduled Job">125fc7742f2330100b40bea62799b6fb</attributes>
6+
<category>security</category>
7+
<description/>
8+
<documentation_url/>
9+
<name>Locked out user for Scheduled Job</name>
10+
<priority>2</priority>
11+
<resolution_details/>
12+
<script><![CDATA[(function(finding) {
13+
14+
var grSysauto = new GlideRecord('sysauto');
15+
grSysauto.addEncodedQuery("run_as.locked_out=true");
16+
grSysauto.query();
17+
while (grSysauto.next()) {
18+
finding.setCurrentSource(grSysauto);
19+
finding.increment();
20+
}
21+
22+
})(finding);
23+
]]></script>
24+
<short_description>Locked out user detection in Run as for Scheduled Jobs</short_description>
25+
<sys_class_name>scan_script_only_check</sys_class_name>
26+
<sys_created_by>admin</sys_created_by>
27+
<sys_created_on>2021-10-29 22:13:02</sys_created_on>
28+
<sys_id>718e43b42f2330100b40bea62799b67f</sys_id>
29+
<sys_mod_count>1</sys_mod_count>
30+
<sys_name>Locked out user for Scheduled Job</sys_name>
31+
<sys_package display_value="Global" source="global">global</sys_package>
32+
<sys_policy/>
33+
<sys_scope display_value="Global">global</sys_scope>
34+
<sys_update_name>scan_script_only_check_718e43b42f2330100b40bea62799b67f</sys_update_name>
35+
<sys_updated_by>admin</sys_updated_by>
36+
<sys_updated_on>2021-10-29 22:24:25</sys_updated_on>
37+
</scan_script_only_check>
38+
</unload>

0 commit comments

Comments
 (0)