Flow for 'Deactivated User' not working

Go to solution
Sneha Saraf1
Tera Contributor

‎06-15-2023 08:15 AM

We have a flow called 'Deactivated User' (Global scope) with the following trigger -

 

SnehaSaraf1_0-1686841946991.png

 

But we've noticed that the updates (automatically removing the deactivated user from all groups, removing roles, etc.) don't work every time a user record is deactivated in our instance.

 

Is there something missing or that needs to be updated in the trigger conditions? (I've run this flow manually and it works as expected, so I know the rest of the flow works.)

0 Helpfuls
  • 953 Views
1 ACCEPTED SOLUTION

Go to solution
jMarshal
Mega Sage
Mega Sage
In response to Sneha Saraf1

‎06-15-2023 08:34 AM - edited ‎06-15-2023 08:37 AM

Oh, I see - the rest of the flow does the "remove groups and remove roles" actions...you're not looking for it to trigger on the removal from groups or of roles...gotcha! I misunderstood and thought that you were wanting it to trigger when a group was changed or role was changed on a user.

...try the second part of what I mentioned -- check "advanced" and ensure it is running for "non-interactive" sessions.

View solution in original post

0 Helpfuls
4 REPLIES 4

Go to solution
jMarshal
Mega Sage
Mega Sage

‎06-15-2023 08:23 AM - edited ‎06-15-2023 08:38 AM

Adding/removing users from groups or adding/removing roles doesn't count as a CRUD (create/read/update/delete) on the sys_user record, itself...so the system won't see it for the trigger...well it may see as an R, but your flow triggers on Update.

However, the "deactivation" of the sys_user record should trigger - the active attribute of the sys_user record from "true" to "false" is an Update on that record...if you find it isn't triggering in this case, check the "advanced" settings and ensure your trigger is running on unattended sessions.

0 Helpfuls

Go to solution
Sneha Saraf1
Tera Contributor
In response to jMarshal

‎06-15-2023 08:28 AM

Yep, that's exactly what I'm asking about - whether we need to change the trigger itself (updating the user account from 'Active = true' to 'Active = false'). Our ServiceNow environment is integrated with Microsoft Azure/Active Directory (AD), so deactivating a user's account via AD automatically deactivates it in ServiceNow.

 

The rest of the flow contains actions for removing the user from the groups and roles, but these don't affect the issue at hand.

0 Helpfuls

Go to solution
jMarshal
Mega Sage
Mega Sage
In response to Sneha Saraf1

‎06-15-2023 08:34 AM - edited ‎06-15-2023 08:37 AM

Oh, I see - the rest of the flow does the "remove groups and remove roles" actions...you're not looking for it to trigger on the removal from groups or of roles...gotcha! I misunderstood and thought that you were wanting it to trigger when a group was changed or role was changed on a user.

...try the second part of what I mentioned -- check "advanced" and ensure it is running for "non-interactive" sessions.

0 Helpfuls

Go to solution
Sneha Saraf1
Tera Contributor
In response to jMarshal

‎06-15-2023 12:06 PM

Ahh, haven't considered that yet - thanks, will try it and see if it works!

0 Helpfuls