Creating Workflow to add and remove users from assignment groups

Go to solution
aismail
Kilo Contributor

‎09-16-2015 06:16 PM

Hello All,

I am fairly new to ServiceNow and continuously learning new skills and techniques everyday. I have just begun working with Workflows and had a quick question. I am looking to build a slight automation process for users, and was wondering if anyone has experienced a similar build. You insight is much appreciated.

How i am thinking it should work:

1. Catalog item is created where users can request if they want to be removed or added to a group.

2. If they are requesting to be removed, it just automatically removes them (no approval)

3. If they are requesting to be added to a group, an approval is sent out to group manager

4. If group manager accepts, user is added to group and notification is sent out. If rejected then a notification is sent and request is closed.

Is there a better process/design? Any Technic or skills that would help? How would one automate the addition and removal of users? What would be a good place to start in regards to best practice and creating the workflow.

I have tried looking for online resources but couldn't find anything specific to assignment groups. If anyone knows of any resources available, that would be great!

Thanks

0 Helpfuls
  • 8,354 Views
1 ACCEPTED SOLUTION

Go to solution
randrews
Tera Guru

‎09-17-2015 07:53 AM

i do it also... just a script to add a row to the table.. like below   the flush messages keeps the person who approves the record from seeing any add info messages triggered by the script... the current. comments updates the requested item with the note.



this is in a run script block after the mark as approved item.





addtogroup();



function addtogroup(){


    var newgrpmember = new GlideRecord('sys_user_grmember');


    newgrpmember.user = current.variable_pool.requested_for;


    newgrpmember.group = current.variable_pool.v_member_group_new;


    newgrpmember.update();


    gs.flushMessages();


    current.comments += '\n' + "Added to group " + newgrpmember.group.getDisplayValue();


    current.update();


}


View solution in original post

29 REPLIES 29

Go to solution
randrews
Tera Guru
In response to Kalaiarasan Pus

‎11-30-2015 07:28 AM

i hesitate to use any list collector when adding permissions for anything... we are heavy into audits and quite often are asked to demonstrate who authorized the new permissions for someone... if the person is in a list collector variable in an item it is almost impossible to do this... if the person is the requested for it is easy...



so the bottom line for us.. is if it may be audited for permissions they have to be the requested for on the ticket.


0 Helpfuls

Go to solution
manju30
Kilo Explorer
In response to Kalaiarasan Pus

‎12-22-2017 01:17 AM

Hi sir , this is manjusha , i am also exploring on servicenow orchestration, so please tell me how should i start learning orchestration. i am reading content from servicenow docs but it is just basic , what process actually happen is not there so please help me



Regards,


Manjusha


0 Helpfuls

Go to solution
vishwaveersingh
Kilo Contributor
In response to Mike Allen

‎06-19-2017 07:50 PM

Hi Mike,



Sorry to bring this post out, this seems to be very interesting couldn't resist my self.


I have a similar Catalog Item and in it we are requesting to link and also unlink user for groups, I need your help in the run   script and how can it be achiieved.



Blelow is the catalog form:


find_real_file.png


I need to link or unlink the user based on the 'Select Action' field and the 'User Name' filed to be linked or unlinked to 'Provide Group Name'


Can you please help?


Preview file
28 KB
0 Helpfuls

Go to solution
randrews
Tera Guru
In response to vishwaveersingh

‎06-20-2017 05:59 AM

are you talking about in AD or in Service Now... and by link do you mean add /remove from an assignment group..



if in Service Now   and you ARE talking about adding/removing them from a group it is possible but.. interesting...



the issue is in a catalog item the script runs as the last person to touch the record <generally the approver for an item like this> and users don't have permissions to create a row on the sys_user_grmember table <nor should they> Soooo... what you have to do is do a very similiar script to add/remove a row from the sys user grmember table.. and save it as an event driven script... then you have the workflow fire the event...



let me know if you need more information i actually have a catalog item for this..


0 Helpfuls

Go to solution
vishwaveersingh
Kilo Contributor
In response to randrews

‎06-20-2017 06:17 AM

Hello Raymond,


Yes, link and unlink means adding and removing uses from a group in service now, we just imported the users from the AD and not the groups, assignment groups are created in Service Now....


I want to create a single run script based on the above catalog item form I mentioned, I need help in the script, if link is selected then a user is to be added thru this run script and if unlink is selected then it should remove the group member thru the same run script   and then close the catalog task and request item automatically.....


can you please help me with the run script?


Please let me know if more information is needed


Thanks in advance....


0 Helpfuls