Please use docs.servicenow.com for the latest documentation.

This site is for reference purposes only and may not be accurate for the latest ServiceNow version

Managing User Sessions

From Wiki Archive
Jump to: navigation, search
Note
Note: This article applies to Fuji. For more current information, see Manage User Sessions at http://docs.servicenow.com

The ServiceNow Wiki is no longer being updated. Please refer to http://docs.servicenow.com for the latest product documentation.

Overview

The ServiceNow platform provides the ability to view and terminate individual user sessions, lock out users from the system, and make users inactive.

  • Terminating a user session effectively logs that user out of the next transaction, which is usually the next browser click. Use the terminate sessions feature when you want to perform system maintenance.
  • Locking a user out of the system means the user can no longer log in or generate any actions from any email messages that the user sends to the instance. Locking out users also terminates their user sessions.
  • Making a user inactive means that the user does not show up in any fields that reference active users on the User table.

Terminating a Specific User Session

  1. Navigate to User Administration > Logged in users.
    You can only see users who are logged into the same application node as you. If the Active field on a user record value is false, the user is logged in but not currently running a transaction. Most users appear as inactive at any given time.
  2. Select the session you want to end.
  3. Click Lock Out Session.
    The session is terminated, and the user is redirected to the login page at the next attempted transaction. Multiple user sessions may be associated with one user, so terminating a user session only affects the specific session. A user is not yet "locked out" when you terminate the user sessions. The user can still log back in at any time.
Terminate a user session

Locking out a User

  1. Navigate to User Administration > Users.
  2. Select the user from the list.
  3. Select the Locked Out check box, and update the record.
Lock out a user

Note
Note: The system prevents users with the admin role from locking themselves out. This feature is available starting with the Fuji release.


Marking a User Inactive

Making a user inactive does not lock out the user. The Lock Out Inactive Users business rule, which is active by default in all instances, sets the Locked Out flag to true on the User record when the Active flag is set to false. If you do not have this business rule active, inactive users are not automatically locked out and can still log in the instance.

To make a user inactive:

  1. Navigate to User Administration > Users, and select the user from the list.
  2. Clear the Active checkbox.
  3. Click Update.
Mark user as inactive

Enhancements

Fuji

Dublin

Administrators can add the following properties to the System Properties table:

  • glide.security.csrf.handle.ajax.timeout
  • glide.security.auto.resubmit.ajax
  • glide.ui.auto_req.extend.session

See Modifying Session Timeout for an explanation of what these properties do.