diff --git a/Background Scripts/README.md b/Background Scripts/README.md new file mode 100644 index 0000000000..6f1805555c --- /dev/null +++ b/Background Scripts/README.md @@ -0,0 +1,13 @@ + +# Remove all roles from inactive user + +Code Snippet : Remove all roles from an inactive user +When a user in an instance is inactive, it's a good practice to remove all roles assigned to that user. Following piece of code helps to remove all the roles from the inactive user. +~~~ +var gr = new GlideRecord('sys_user_has_role'); +gr.addEncodedQuery('user.active=false'); +gr.query(); +gr.deleteMultiple(); +~~~ +This piece of code can be used in scheduled jobs under scheduled script execution tab. This can be run weekly once to check the last one week inactive users and remove them from all assigned roles (if exist). + diff --git a/Background Scripts/Remove all the roles for inactive users b/Background Scripts/Remove all the roles for inactive users new file mode 100644 index 0000000000..f33dafe349 --- /dev/null +++ b/Background Scripts/Remove all the roles for inactive users @@ -0,0 +1,4 @@ +var gr = new GlideRecord('sys_user_has_role'); +gr.addEncodedQuery('user.active = false'); +gr.query(); +gr.deleteMultiple(); diff --git a/Background Scripts/Remove roles from inactive user/README.md b/Background Scripts/Remove roles from inactive user/README.md new file mode 100644 index 0000000000..6f1805555c --- /dev/null +++ b/Background Scripts/Remove roles from inactive user/README.md @@ -0,0 +1,13 @@ + +# Remove all roles from inactive user + +Code Snippet : Remove all roles from an inactive user +When a user in an instance is inactive, it's a good practice to remove all roles assigned to that user. Following piece of code helps to remove all the roles from the inactive user. +~~~ +var gr = new GlideRecord('sys_user_has_role'); +gr.addEncodedQuery('user.active=false'); +gr.query(); +gr.deleteMultiple(); +~~~ +This piece of code can be used in scheduled jobs under scheduled script execution tab. This can be run weekly once to check the last one week inactive users and remove them from all assigned roles (if exist). + diff --git a/Background Scripts/Remove roles from inactive user/script.js b/Background Scripts/Remove roles from inactive user/script.js new file mode 100644 index 0000000000..3bdf46d502 --- /dev/null +++ b/Background Scripts/Remove roles from inactive user/script.js @@ -0,0 +1,4 @@ +var gr = new GlideRecord('sys_user_has_role'); +gr.addEncodedQuery('user.active=false'); +gr.query(); +gr.deleteMultiple(); \ No newline at end of file diff --git a/Background Scripts/script.js b/Background Scripts/script.js new file mode 100644 index 0000000000..3bdf46d502 --- /dev/null +++ b/Background Scripts/script.js @@ -0,0 +1,4 @@ +var gr = new GlideRecord('sys_user_has_role'); +gr.addEncodedQuery('user.active=false'); +gr.query(); +gr.deleteMultiple(); \ No newline at end of file diff --git a/Business Rules/Validate CI on deployed assets/readme.md b/Business Rules/Validate CI on deployed assets/readme.md new file mode 100644 index 0000000000..699082b8f8 --- /dev/null +++ b/Business Rules/Validate CI on deployed assets/readme.md @@ -0,0 +1,39 @@ +Business Rule: Validate CI on Deployed Assets + +Overview +This Business Rule enforces CMDB integrity by ensuring that any asset marked as "Deployed" must be linked +to a valid "Configuration Item (CI)". If no CI is associated, the rule automatically notifies the assigned +user's manager to take corrective action. + +This consists of 3 steps: +1. Business rule +2. Event setup +3. Email Notification + +1.Business Rule Configuration +Table: alm_asset +Type: Business Rule +When to run: After Update +Condition : current.install_status == 'Deployed' && !current.ci + +2. Event Setup + Go to System Policy > Events > Event Registry +Click New +Name: asset.ci.missing +Table: alm_asset +Description: Triggered when deployed asset has no CI + +3.Email Notification +Go to System Notification > Email > Notifications +Create a new notification: +Name: Missing CI on Deployed Asset +Table: alm_asset +When to send: Event is fired → asset.ci.missing +Recipients: Event.parm1 (manager) +Subject: Asset ${number} is deployed without a CI +Message: +Hello ${recipient.name}, +The asset ${number} assigned to ${assigned_to.name} is marked as Deployed but has no linked Configuration Item. +Please review and take appropriate action. +Regards, +IT Asset Management diff --git a/Business Rules/Validate CI on deployed assets/script.js b/Business Rules/Validate CI on deployed assets/script.js new file mode 100644 index 0000000000..2041dd7d86 --- /dev/null +++ b/Business Rules/Validate CI on deployed assets/script.js @@ -0,0 +1,24 @@ +(function executeRule(current, previous /*null when async*/) { + + + // Only act if asset is deployed and has no CI + if (current.install_status == 'Deployed' && !current.ci) { + // Get the user assigned to the asset + var userGR = new GlideRecord('sys_user'); + if (userGR.get(current.assigned_to.toString())) { + var manager = userGR.manager; + if (manager) { + // Send notification to manager + gs.eventQueue('asset.ci.missing', current, manager.toString(), current.assigned_to.toString()); + gs.info("[Asset-CI Check] Notification sent to manager: " + manager.name); + } else { + gs.info("[Asset-CI Check] Assigned user has no manager."); + } + } else { + gs.info("[Asset-CI Check] Assigned user not found."); + } + } + + + +})(current, previous);