We have thousands of non-human user objects which represent shared mailboxes, external service accounts and other artifacts in our environment. These are imported into sys_user since we often need to log cases which are linked to them.

Per ServiceNow "DEF1000204 | Active Users for Subscriptions" in KB1116231 (https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1116231) under point 7, we had previously tagged these users as Web Service Access Only so that they are not included in our Unrestricted User counts for products like SecOps Security Incident Response.

Per recent guidance, we are now using the Machine Identity Console (https://myinstance.service-now.com/now/machine-identity-console/home) to get better control of our internal service accounts. But all of these other non-human accounts are showing up as Machine Identities which is making the process impossible due to the large quantity.

Is there any updated guidance as to how to exclude user objects from the Unrestricted User metric without them showing up as Machine Identities? It feels like there needs to be a dedicated sys_user class or Identity Type for non-human accounts which are not actually machine identities.