- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 03:02 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 04:16 AM
So what did you start with and where are you stuck?
Unless we know what's the script or error we can't help.
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 04:56 AM
Hello @Poonam Joshi ,
This is a question that’s been asked many times over the years in the community.
From what I’ve seen in various expert discussions and threads, the general consensus is that deleting inactive users is usually not recommended. While it might sound like a clean approach, removing user records can break historical links — like incident assignments, approvals, or change history — and result in orphaned sys_ids, which can make auditing and tracking really difficult down the line.
Instead, most experts recommend the following:
Recommended Approach:
-
Mark users as inactive instead of deleting them.
-
Remove them from their group memberships and roles if no longer needed.
-
Log or archive their data, if you want to keep your active directories clean, while still maintaining historical integrity.
Some teams even maintain a separate "archived" user handling strategy — such as tagging users with a specific role or flag so that reports and filters can exclude them but records still retain ownership or creator information or you can create separate tables as well for this.
Example Use Case: Clean up inactive users from groups
A common automation teams implement is to remove inactive users from groups — with exceptions to protect key historical relationships. For example, you might decide:
-
If the inactive user is part of less than 5 groups, remove them.
-
If they're in 5 or more groups, log their info for review instead of deleting.
Here’s a sample script that shows how this logic could be implemented:
var inactiveUsers = new GlideRecord('sys_user');
inactiveUsers.addQuery('active', false);
inactiveUsers.query();
while (inactiveUsers.next()) {
var userGroupMembership = new GlideRecord('sys_user_grmember');
userGroupMembership.addQuery('user', inactiveUsers.sys_id);
userGroupMembership.query();
var groupCount = 0;
while (userGroupMembership.next()) {
groupCount++;
}
if (groupCount >= 5) {
gs.print('User with 5+ groups: ' + inactiveUsers.name + ' (' + inactiveUsers.email + ')');
} else {
userGroupMembership.query(); // requery
while (userGroupMembership.next()) {
userGroupMembership.deleteRecord();
}
}
}
So to summarize:
🔹 Don’t delete inactive users unless absolutely necessary
🔹 Remove from groups/roles with caution and logging
🔹 Use scripts to automate cleanup while preserving audit trails
Hope this gives you a solid direction. Let me know if you’re views or what you are planning....
🔹 Please mark ✅ Correct if this solves your query, and 👍 Helpful if you found the response valuable.
Best regards,
Aniket Chavan
🏆 ServiceNow MVP 2025 | 🌟 ServiceNow Rising Star 2024
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 03:22 AM
there are my ways how to do such cleanup.
What is your blocker or question? :))
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 03:22 AM
Hi @Poonam Joshi ,
Move those to Archive table. Don't delete as historical data will be required for reproting/compliance purpose.
Regards,
Nikhil Bajaj
Regards,
Nikhil Bajaj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 04:16 AM
So what did you start with and where are you stuck?
Unless we know what's the script or error we can't help.
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 04:56 AM
Hello @Poonam Joshi ,
This is a question that’s been asked many times over the years in the community.
From what I’ve seen in various expert discussions and threads, the general consensus is that deleting inactive users is usually not recommended. While it might sound like a clean approach, removing user records can break historical links — like incident assignments, approvals, or change history — and result in orphaned sys_ids, which can make auditing and tracking really difficult down the line.
Instead, most experts recommend the following:
Recommended Approach:
-
Mark users as inactive instead of deleting them.
-
Remove them from their group memberships and roles if no longer needed.
-
Log or archive their data, if you want to keep your active directories clean, while still maintaining historical integrity.
Some teams even maintain a separate "archived" user handling strategy — such as tagging users with a specific role or flag so that reports and filters can exclude them but records still retain ownership or creator information or you can create separate tables as well for this.
Example Use Case: Clean up inactive users from groups
A common automation teams implement is to remove inactive users from groups — with exceptions to protect key historical relationships. For example, you might decide:
-
If the inactive user is part of less than 5 groups, remove them.
-
If they're in 5 or more groups, log their info for review instead of deleting.
Here’s a sample script that shows how this logic could be implemented:
var inactiveUsers = new GlideRecord('sys_user');
inactiveUsers.addQuery('active', false);
inactiveUsers.query();
while (inactiveUsers.next()) {
var userGroupMembership = new GlideRecord('sys_user_grmember');
userGroupMembership.addQuery('user', inactiveUsers.sys_id);
userGroupMembership.query();
var groupCount = 0;
while (userGroupMembership.next()) {
groupCount++;
}
if (groupCount >= 5) {
gs.print('User with 5+ groups: ' + inactiveUsers.name + ' (' + inactiveUsers.email + ')');
} else {
userGroupMembership.query(); // requery
while (userGroupMembership.next()) {
userGroupMembership.deleteRecord();
}
}
}
So to summarize:
🔹 Don’t delete inactive users unless absolutely necessary
🔹 Remove from groups/roles with caution and logging
🔹 Use scripts to automate cleanup while preserving audit trails
Hope this gives you a solid direction. Let me know if you’re views or what you are planning....
🔹 Please mark ✅ Correct if this solves your query, and 👍 Helpful if you found the response valuable.
Best regards,
Aniket Chavan
🏆 ServiceNow MVP 2025 | 🌟 ServiceNow Rising Star 2024