Workflow is not working for add or remove the users.

Go to solution
ar1
Kilo Sage

‎03-26-2024 04:11 AM

Hi All,


With the below script,, when ever a ITIL user submit a request to add or remove the users on group level it's not working.

As per the logs, we found out that Non admin users don't have the privilege  to impersonate rights to system admin profile even though we gave the neccessary role permission to the ITIL users.

Can anyone pls provide the best solution to resolve the issue.

var myString = current.variable_pool.u_users.toString();
workflow.info('Splitting Pool: ' + myString);
//var myString = current.variables.u_users;

var currentUser = gs.getUserID();  // Logged in user
var impUser = new GlideImpersonate();
impUser.impersonate('6816f79cc0a8016401c5a33be04be441'); // Impersonate Admin to update record
var mySplitResult = myString.split(",");

for(i = 0; i < mySplitResult.length; i++)
{  
workflow.info('Adding user: ' + mySplitResult[i]);  
var rec = new GlideRecord('sys_user_grmember');
rec.group = current.variables.u_group;
rec.user =  mySplitResult[i];
rec.insert();
}

impUser.impersonate(currentUser); // End impersonate of admin





 Thanks.
0 Helpfuls
  • 537 Views
1 ACCEPTED SOLUTION

Go to solution
Sagar Pagar
Tera Patron

‎03-26-2024 04:33 AM

Hi @ar1,

 

I would suggest to use Timer activity with 3 seconds within workflow before run-scripts, So that no need to impersonate to admin users. You can try this and let me know.

 

Updated run-scripts:

var myString = current.variable_pool.u_users.toString();
workflow.info('Splitting Pool: ' + myString);
//var myString = current.variables.u_users;

// var currentUser = gs.getUserID();  // Logged in user
// var impUser = new GlideImpersonate();
// impUser.impersonate('6816f79cc0a8016401c5a33be04be441'); // Impersonate Admin to update record

var mySplitResult = myString.toSting().split(",");

for (i = 0; i < mySplitResult.length; i++) {
	workflow.info('Adding user: ' + mySplitResult[i]);
	var rec = new GlideRecord('sys_user_grmember');
	rec.group = current.variables.u_group.toString();
	rec.user = mySplitResult[i];
	rec.insert();
}

 

Thanks,

Sagar Pagar

The world works with ServiceNow

View solution in original post

3 REPLIES 3

Go to solution
Mark Manders
Mega Patron

‎03-26-2024 04:31 AM

Why do you need admin rights to add a user to a group? User_admin should suffice.


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark

Go to solution
Sagar Pagar
Tera Patron

‎03-26-2024 04:33 AM

Hi @ar1,

 

I would suggest to use Timer activity with 3 seconds within workflow before run-scripts, So that no need to impersonate to admin users. You can try this and let me know.

 

Updated run-scripts:

var myString = current.variable_pool.u_users.toString();
workflow.info('Splitting Pool: ' + myString);
//var myString = current.variables.u_users;

// var currentUser = gs.getUserID();  // Logged in user
// var impUser = new GlideImpersonate();
// impUser.impersonate('6816f79cc0a8016401c5a33be04be441'); // Impersonate Admin to update record

var mySplitResult = myString.toSting().split(",");

for (i = 0; i < mySplitResult.length; i++) {
	workflow.info('Adding user: ' + mySplitResult[i]);
	var rec = new GlideRecord('sys_user_grmember');
	rec.group = current.variables.u_group.toString();
	rec.user = mySplitResult[i];
	rec.insert();
}

 

Thanks,

Sagar Pagar

The world works with ServiceNow

Go to solution
ar1
Kilo Sage
In response to Sagar Pagar

‎03-27-2024 05:49 AM

Hi Sagar,

Thanks for the response.

Is there any way we can build the same login on flow designer level ???

0 Helpfuls