How to automatically remove a user who is inactive from all roles and groups automatically?

Lauren Martinez · ‎09-28-2020

I do not want to delete the user record from the sys_user table, just remove the associated roles.
Example, removing ITIL.
I know I could have a scheduled job, with a script. I am not a developer so any assistance would be appreciated. I was trying to do this function with no code in flow designer but it would not allow me to dot walk to the roles action. Also, could apply via Business rule but also would need a script. Unless there is a glide reference that could be applied within the action field.

Thanks for your help!

Willem · ‎09-29-2020

Hi @Laur I have described the steps to create a Flow here:

https://community.servicenow.com/community?id=community_question&sys_id=71d742dedb9ed0149e691ea66896...

The steps:

Roles should be assigned to the group. Removing the user from the group results in the roles being removed. If you have set it up property, if not, set up properly first.

For workflow you can have the Trigger being scheduled:

Look up the users:

Find the groups the user is in:

For each of the found records we delete:

add the same for Group members Records but then for the Roles table: "sys_user_has_role":

Total flow is then:

Karun Thej · ‎07-18-2024

HI,

I tried the same steps for my req of removing roles and groups for a user after 14days from the deactivation.

Getting the below result. Not updating all the records.

could you please help me on this ?

Thanks