Odd ACL locking out inactive Users from List
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10 hours ago
Short back story
I inherited this instance, and the previous admin did a lot of blocks on items, so I am untangling it as we go
We have a Remove User request form
there is a reference field that looks at the user table
this is not limited to those that are active or not, you should be able to see any and all user accounts.
Anyone with an ITIL license can, any of my standard users can only see accounts that are Active.
I have no idea which ACL to look at to remove this block.
Any ideas?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10 hours ago
resolved
To allow non-ITIL users to see inactive users, deactivate or modify this business rule. [1, 2, 3]
- Locate the Rule: Search for Business Rules named "user query" on the sys_user table.
- Deactivate: Uncheck the "Active" box to allow all users to see all (active and inactive) users.
- Modify (Recommended): Instead of deactivating, modify the script to allow specific roles, or add a condition to the rule to skip for certain scenarios.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
an hour ago
Following role have a visibility on sys_user:
- System Administrators(Admin): Have full read/write access to all user records.
- User Administrators (user_admin): Can manage user records, including viewing, creating, and modifying them.
- ITIL Users : Often have read access to see user details (names, email, phone) needed to assign tasks, though sensitive fields may be hidden.
- Individual Users: Can usually view their own user profile record.
- Custom Roles: Organizations often create custom roles , based on their requirement.
Ref: The User record
KB0522618 ITIL (non-admin) users running a report cannot see the inactive users in the report.
