Jun 21 2023 11:51 AM
Hi,
We have a B2B federation between our tenant (Tenant1) and our sister company tenant (Tenant2). Users from our tenant are invited as external users in Tenant2. Our sister company has integrated a third party solution, Service Now, into their tenant and we can use this as trusted external users.
Our problem is, because our users are external to Tenant2, user activity for us is only picked up when our users connect to service now. For some, this might be rare with the result that our accounts are getting disabled due to inactivity (currently this is set in Tenant1 to disable accounts after 45 days of inactivity).
I'm looking for a way to prevent this from happening. One idea is to have a script embedded in our intranet site (this is a SharePoint site in Tenant1) which will attempt to connect that user to Service Now whenever the user opens the Intranet. The problem is, Tenant1 has MultiFactor authentication turned on so, for the first time each time one of our users connects to Service Now, SSO works fine but then the user is prompted for a One Time Pass code (the user would normally click to choose either receiving this via text or call).
My question is so, if we could somehow setup this script in such a way that the prompt for a OTP is hidden so the user is unaware of this attempt to connect to service now thereby allowing them to carry on working, would this interrupted logon attempt reset the lastlogon back to zero?
Is there some better way to prevent accounts belonging to users in Tenant1 from being disabled due to inactivity?
Thanks
Paul