when a user is inactive, user should be removed from the assigned groups and assigned roles should be removed.

Swaraj Dalvi1 · ‎02-21-2022

..

Sulabh Garg · ‎02-21-2022

Hello Swaraj,

Its not currently happening as per OOB functionality, However you can create Scheduled job (weekly or on weekends) to track the Inactive users and remove their Groups and roles.

we have done this in the past for one of the implementation.

Please Mark ✅ Correct/helpful, if applicable, Thanks!!

Regards

Sulabh Garg

Please Mark ✅ Correct/helpful, if applicable, Thanks!!
Regards
Sulabh Garg

Jan Cernocky · ‎02-21-2022

Write an after business rule on [sys_user] table that will query [sys_user_grmember] and [sys_user_has_role] tables and delete the records.

Example for deleting from group, roles would be in the same script (I highly recommend logging in case you change your mind and want to reactivate the user to be able to track groups they were in):

(function executeRule(current, previous /*null when async*/) {
	
	var groupsGR = new GlideRecord('sys_user_grmember');
	groupsGR.addQuery('user',current.getUniqueValue());
	groupsGR.query();	
	var groupsCount = 0;
	while(groupsGR.next()){		
		groupsCount++;
		gs.info('Removing member ' + groupsGR.user.getDisplayValue() + ' from group ' + groupsGR.group.getDisplayValue());
		//groupsGR.deleteRecord();		
	}
	gs.addInfoMessage('Deleted from ' + groupsCount + ' groups');
	
})(current, previous);

Abhijit4 · ‎02-21-2022

Hi,

For future records you can write Asynch BR on User table. Whenever Active changes to False, remove Groups and Roles.

For existing record, you would need to write one time script to check all inactive users and remove their groups and roles.

Let me know if you have any further queries.

Please mark this as Correct or Helpful if it helps.

Thanks and Regards,
Abhijit

By marking my response as correct or helpful, you contribute to helping future readers with similar issues.
Regards,
Abhijit
ServiceNow MVP

ServiceNow Buddy Website LinkedIn