Flow - Issue running the AD remove user from group activity inside a for each loop

Go to solution
art_jones
Kilo Sage

‎03-24-2022 03:34 PM

I have a flow that needs to remove a SN user from all of their groups in AD. After creating a list to run through by querying the group membership table I'm running the remove user from group action inside the for each loop. The resulting list of items is correct, but only the first removal is completed. Looking at the execution I see that for the iterations after the first, the item data pill has no values. The remove user from group action does seem to take awhile to run for a single removal, so I'm wondering if something is timing out? Anyone run into this, or know what may be happening?  

Images below show the issue, the log entry is right above the remove user from group action, and the first iteration works, all other fail as there is no group.

Thanks!

First item in loop:

find_real_file.png

Second item in loop

find_real_file.png

Labels:
Preview file
54 KB
Preview file
56 KB
  • 2,326 Views
1 ACCEPTED SOLUTION

Go to solution
art_jones
Kilo Sage

‎03-25-2022 09:00 AM

Found a solution to the issue (which must be timing related).  I moved the remove user from group action into a subflow (marked wait for completion) - and call the subflow in the for each loop. The process still takes a while to complete, but each group is updated in AD.

View solution in original post

4 REPLIES 4

Go to solution
Muralidharan BS
Mega Sage
Mega Sage

‎03-24-2022 10:35 PM

how do you use lookup records? 

1. Lookup user

2. lookup group members 

3. for each

4. delete them

find_real_file.png

 

logs

find_real_file.png

Preview file
53 KB
Preview file
35 KB
0 Helpfuls

Go to solution
art_jones
Kilo Sage
In response to Muralidharan BS

‎03-25-2022 06:12 AM

Hi Murali;

I'm not actually deleting the records in SN, I'm running the AD spoke action to remove the user from the group in AD (within the for each loop) - our groups are managed in AD so that takes cares of removing the user in SN.

The first iteration succeeds, but all others after fail. The log shows the subsequent runs are missing the group data from the group member record pill.

Thanks, Art

Go to solution
art_jones
Kilo Sage

‎03-25-2022 09:00 AM

Found a solution to the issue (which must be timing related).  I moved the remove user from group action into a subflow (marked wait for completion) - and call the subflow in the for each loop. The process still takes a while to complete, but each group is updated in AD.

Go to solution
Nicole Disbro
Tera Expert

‎05-16-2025 06:05 AM

I wonder if there is a way to do the group removal without relying on the ServiceNow groups table. We have some groups that we do not pull into SN from AD that still need removed upon termination. When trying to build this I was hoping we could enable the "MemberOf" data pill that is returned on "Look up user" action but I have not been successful yet.

0 Helpfuls