How to automatically remove a user who is inactive from all roles and groups automatically?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-28-2020 11:13 AM
I do not want to delete the user record from the sys_user table, just remove the associated roles.
Example, removing ITIL.
I know I could have a scheduled job, with a script. I am not a developer so any assistance would be appreciated. I was trying to do this function with no code in flow designer but it would not allow me to dot walk to the roles action. Also, could apply via Business rule but also would need a script. Unless there is a glide reference that could be applied within the action field.
Thanks for your help!
- Labels:
-
Service Desk

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-28-2020 11:33 AM
I've done this with my company. Here's my code I use in my scheduled script every day
Be careful doing this though, make sure you don't disable any system accounts on accident. Adjust the getUsers.addQuery line below to add users who shouldn't be removed.
Condition Box (Optional)
var gdt = new GlideDateTime();
var dow = gdt.getDayOfWeekLocalTime();
if (dow < 6) //the 6 is the 6th day in the week (Saturday) so we are looking to only run this on days 1-5 or Monday - Friday
{
answer = true;
}
Script
//Find users who have not logged into the platform in the last 45 days
var getUsers = new GlideRecord('sys_user');
getUsers.addQuery('last_login_timeRELATIVELT@dayofweek@ago@45^user_nameNOT LIKEMid.Server');
getUsers.query();
while(getUsers.next())
{
//Set the users name to a variable.
var userName = getUsers.getDisplayValue('sys_id');
//Check the group membership table to see if they are a member of any groups
var grMember = new GlideRecord('sys_user_grmember');
grMember.addQuery('user=' + userName);
grMember.query();
while(grMember.next())
{
grMember.deleteRecord();
}
//Now let's check the roles table to ensure nothing was left behind
var chkRole = new GlideRecord('sys_user_has_role');
chkRole.addQuery('user=' + userName);
chkRole.query();
while(chkRole.next())
{
//Delete left over roles
chkRole.deleteRecord();
}
}

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-28-2020 11:35 AM
Hello Laur,
You answer is in you question only.
Flow degisner provide code less flow,and some time it is difficult to configure flow desginer for such type of requirment.where you need to perform complex operation.
So i would suggest you to go with either scheduled job or business rule.
Whats wrong to use code
You can use below script in scheduled job.
var gr=new GlideRecord('sys_user_grmember');//table where all user-group relationshil is stored
gr.query();
while(gr.next())
{
if(gr.user.active==false)
gr.deleteRecord();
}
var gr=new GlideRecord('sys_user_has_role');//table where all user-role relationshil is stored
gr.query();
while(gr.next())
{
if(gr.user.active==false)
gr.deleteRecord();
}
Please mark the answer as Correct if it resolved you query.
Regards
Yash Agrawal

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-28-2020 11:38 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-29-2022 04:28 AM