Business Rule not Applying to users LDAP import
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-22-2025 07:53 PM
We currently have three sets of Business Rules that manage the assignment of the Business Stakeholder role, which is granted through a group. These rules are applied to three different tables: one targets managers via the sys_user table, another applies to Department Heads through the cmn_department table, and the third is based on values in the system property table. All 3 Business rules have the same logic applied.
With LDAP integration enabled in our ServiceNow environment, we've encountered an issue with the Business Rule associated with the sys_user table. Specifically, users identified as managers (i.e., those listed in the manager field of another user's profile) are not consistently receiving the expected access when user records are imported via LDAP. As a result, the Business Stakeholder role is not always correctly assigned to those managers. Even with the settings/configuration applied below, the business rule doesn't seem to apply the way we intended.
(function executeRule(current, previous /*null when async*/ ) {
if (current.manager != '') {
var gr = new GlideRecord('sys_user_grmember');
gr.addEncodedQuery('group=GROUP_ID^user=' + current.manager.toString());
gr.query();
if (!gr.next()) {
gr.initialize();
gr.setValue('user', current.manager.toString());
gr.setValue('group', 'GROUP_ID');
gr.insert();
}
}
if (previous.manager != '') {
var mgr = new GlideRecord('sys_user');
mgr.addQuery('manager', previous.manager.toString());
mgr.query();
var sowner = new GlideRecord('cmdb_ci_service');
sowner.addQuery('owned_by', previous.manager.toString());
sowner.query();
var ed = new GlideRecord('cmn_department');
ed.addQuery('primary_contact', previous.manager.toString());
ed.query();
if (sowner.getRowCount() <= 1 || mgr.getRowCount() <= 1 || ed.getRowCount() <= 1 || ceo.hasNext()) {
var gr1 = new GlideRecord('sys_user_grmember');
gr1.addEncodedQuery('group=GROUP_ID^user=' + previous.manager.toString());
gr1.query();
if (gr1.next()) {
gr1.deleteRecord();
gs.info('Manager ' + previous.manager.toString() + ' removed from the business stakeholders group.');
}
}
}
})(current, previous);
What would be a good way to manage all 3 codes within a buisness rule, and apply these business rules in a way that can dynamically keep up with the constant importation of LDAP? Any ideas or suggestions welcome, thank you!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-22-2025 08:08 PM
Hi @JayAdmin_16 ,
check if run business rules check box is checked on your ladap transform map and enable it
Please mark my answer as helpful/correct if it resolves your query.
Regards,
Chaitanya
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-22-2025 08:19 PM
Hi @Chaitanya ILCR - my LDAP Transform map looks the exact same to your screenshot, and the "Run business rules" is checked. Unfortunately it still doesn't resolve the problem. Thank you for your reply though!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-22-2025 08:26 PM
try to use combine rule to handle entire logic
something like this
(function executeRule(current, previous /*null when async*/) {
// Check if the current record is from the sys_user table
if (current.getTableName() == 'sys_user' && current.manager != '') {
assignBusinessStakeholderRole(current.manager);
}
// Check if the current record is from the cmn_department table
if (current.getTableName() == 'cmn_department' && current.primary_contact != '') {
assignBusinessStakeholderRole(current.primary_contact);
}
// Check if the current record is from the system properties table
if (current.getTableName() == 'sys_properties' && current.property_value != '') {
assignBusinessStakeholderRole(current.property_value);
}
// Function to assign the Business Stakeholder role
function assignBusinessStakeholderRole(userId) {
var gr = new GlideRecord('sys_user_grmember');
gr.addEncodedQuery('group=GROUP_ID^user=' + userId);
gr.query();
if (!gr.next()) {
gr.initialize();
gr.setValue('user', userId);
gr.setValue('group', 'GROUP_ID');
gr.insert();
}
}
// Function to remove the Business Stakeholder role
function removeBusinessStakeholderRole(userId) {
var gr = new GlideRecord('sys_user_grmember');
gr.addEncodedQuery('group=GROUP_ID^user=' + userId);
gr.query();
if (gr.next()) {
gr.deleteRecord();
gs.info('User ' + userId + ' removed from the business stakeholders group.');
}
}
// Handle previous manager removal logic
if (previous.manager != '') {
var mgr = new GlideRecord('sys_user');
mgr.addQuery('manager', previous.manager.toString());
mgr.query();
var sowner = new GlideRecord('cmdb_ci_service');
sowner.addQuery('owned_by', previous.manager.toString());
sowner.query();
var ed = new GlideRecord('cmn_department');
ed.addQuery('primary_contact', previous.manager.toString());
ed.query();
if (sowner.getRowCount() <= 1 || mgr.getRowCount() <= 1 || ed.getRowCount() <= 1) {
removeBusinessStakeholderRole(previous.manager.toString());
}
}
})(current, previous);
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader