When a sys_user record is updated, I want to check the sys_user_grmember table to see if the user is a member of a group named 'test group'.

If true, no updates are required.

If false, clear the value in the 'user_password' in the sys_user table
-----------------------------------------------------------------------------------------

Here is the script that I was working on....

(function executeRule(current, previous /*null when async*/ ) {

var grRec = new GlideRecord('sys_user_grmember');
grRec.addQuery('group', 'test group');
grRec.addQuery('user', 'current.sys_id');
grRec.query();
if (grRec.getRowCount() = 0) {
if (grRec.next()) {
current.password = '';
}
}

})(current, previous);

Please let me know if you have any further questions. I appreciate your help!

It is considered as best practice to not update the current record in a BR because that would trigger the BR again and could result in an infinite loop. To overcome this issue, I have checked whether the password is empty and only then I am updating the field. For subsequent updates it will check the password field before updating the record and therefore not trigger the BR again unnecessarily. 

(function executeRule(current, previous /*null when async*/) {

	// Add your code here
	var gr = new GlideRecord('dsys_user_grmember');
	gr.addQuery('group', 'test group');
	gr.addQuery('user', current.sys_id);
	gr.query();
	if(gr.getRowCount() == 0) {
		var gr2 = new GlideRecord("sys_user");
		gr2.addQuery('sys_id', current.sys_id);
		gr2.query();
		while(gr2.next()){
			if(gr2.password!=""){
				gr2.password="";
				gr2.update();
			}
		}
	}

})(current, previous);

 Kindly mark the response as helpful if it was useful.

Check this article to understand more about what I'm saying about updating the current record.

Recommended Practices in Using current.update() in Business Rules - Support and Troubleshooting (ser...