Unable to add/remove members to a group that has security_admin role

Chitra23 · ‎03-11-2024

Hi,

We have a group called ServiceNow Admins that has "admin" and "security_admin" roles added to it. I'm a member of that group and I want to remove few members from that group. Previously we were able to add/remove members from that group. But, now that group is not editable(all the fields are read-only) and I don't see the update, save or delete button when I open the group record. Even with the elevated access, I'm unable to update the group members. This is happening only in dev instance. It's working fine in test and production instance. Any help in this regard would be highly appreciated. Thanks in advance.

Petrociano Vall · ‎03-11-2024

Have you checked if there were any changes done on the ACLs for sys_user_group and sys_user_grmember?
You can use "System Diagnostics > Session Debug > Debug Security" to check what ACLs that is blocking the CREATE/WRITE/DELETE ACLs.

Sumanth16 · ‎03-11-2024

Hi @Chitra23 ,

Please refer to the below article:

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0714091#:~:text=Resolution,you%20must%20elevate%20your%20privilege

If I could help you with your Query then, please hit the Thumb Icon and mark it as Correct !!

Thanks & Regards,

Sumanth Meda

.

Danish Bhairag2 · ‎03-11-2024

Hi @Chitra23 ,

If u not able to do update/save/delete action then there must be some ACL which might have been updated recently.

Kindly check the ACL for Group Member table & Group table if there was any recent update made for the ACLs of write create n delete.

Thanks,

Danish

Maddysunil · ‎03-11-2024

@Chitra23

If its working fine in test and prod instance, then please compare the ACL written on sys_user_grmember and sys_user_group table from Dev instance to Test instance as there might be some update in Dev ACL.

Please Mark ✅Correct if this solves your query and also mark 👍Helpful if you find my response worthy based on the impact.

Thanks