Odd ACL locking out inactive Users from List
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
6 hours ago
Short back story
I inherited this instance, and the previous admin did a lot of blocks on items, so I am untangling it as we go
We have a Remove User request form
there is a reference field that looks at the user table
this is not limited to those that are active or not, you should be able to see any and all user accounts.
Anyone with an ITIL license can, any of my standard users can only see accounts that are Active.
I have no idea which ACL to look at to remove this block.
Any ideas?
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
6 hours ago
resolved
Non-ITIL users cannot see inactive sys_user records in ServiceNow due to the out-of-the-box (OOB) User Query "before query" Business Rule. This rule, which adds current.addActiveQuery() for non-admins, restricts access to inactive users in lists, reports, and reference fields. [1, 2, 3]
Solution: Modify/Deactivate the "User Query" Business Rule
To allow non-ITIL users to see inactive users, deactivate or modify this business rule. [1, 2, 3]
To allow non-ITIL users to see inactive users, deactivate or modify this business rule. [1, 2, 3]
- Locate the Rule: Search for Business Rules named "user query" on the sys_user table.
- Deactivate: Uncheck the "Active" box to allow all users to see all (active and inactive) users.
- Modify (Recommended): Instead of deactivating, modify the script to allow specific roles, or add a condition to the rule to skip for certain scenarios.
