Issue with Instance Scan - Table Check for Inactive Users in sys_user

UmamaheshC32034 · ‎04-01-2025

Hi ServiceNow Community,

I’m trying to create a Table Check under Instance Scan to identify inactive users in the sys_user table. Here’s what I did:

Created a new Table Check in Instance Scan.
Set the condition as:
- Table: User (sys_user)
- Condition: Active is false
Ran the check, but no findings were generated, even though there are inactive users in the sys_user table.
To verify, I created a similar check for Active is true, and it successfully found active users.

Has anyone faced a similar issue or know why the scan is not detecting inactive users?

Troubleshooting Done:

Manually verified the sys_user table – confirmed inactive users exist.
Checked if there are ACLs restricting access to inactive users.
Ran Test Check, but still no findings.
Tried using Active is NOT true instead of Active is false but no success.

Would appreciate any insights or suggestions!

Thanks in advance.

Rohit Singh · ‎04-01-2025

Hi @UmamaheshC32034 ,

You can try using logging a case with ServiceNow to get this check.

If my response helped, please accept the solution and hit thumbs up.

Regards,

Rohit

Ankur Bawiskar · ‎04-01-2025

@UmamaheshC32034

there is OOB query business rule on sys_user and it shows only active users.

This might be conflicting with your table check.

Try to deactivate that BR and see

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Dorota Zieli_sk · Monday

I'm facing the same exact issue - no matter how I want to query inactive users, via Conditions or script, it somehow doesn't return those. I have checked the 'user query' Business rule which could affect the scan, but there on the conditions it says it is running for Interactive users, and when I log the Check, it says that isInteractive is false, so no idea why it doesn't work.