Removing 2 Roles from a Group Also Removed Roles Granted by Other Groups, Inherited By the 2 Roles

puffysleaves
Tera Expert

‎03-12-2025 09:09 AM

I have a group called Viewer. It had 2 Roles that granted too much access so they were removed: x_except_man.user and sm_user. Those Roles contained the itil Role. So removing those 2 Roles from the group also removed the itil Role from all group members even though they were getting the itil Role from other groups. Just went to the group record, removed the 2 Roles, and saved. 


ServiceNow isn't sure what happened. Has anyone seen this kind of behavior before? 

0 Helpfuls
  • 310 Views
1 REPLY 1

Dr Atul G- LNG
Tera Patron
Tera Patron

‎03-12-2025 09:35 AM

Hi @puffysleaves 

This is a core part of the system. A user can be part of many groups, and many roles can be assigned to multiple groups. So, even if you remove a user from one group, they may still be part of other groups. If another group has the ITIL role assigned, the user will still have the ITIL role, which is the expected behavior.

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************
0 Helpfuls