ITIL users used to be an easy query, because it used to be the case that we manually added every ServiceNow user with an assignment group to a separate assignment group called ITIL.
After running like that for a year and a half, it was clear that this was a lot of work and mindless maintenance to keep things going.
Instead, we modified every assignment to grant the ITIL role, and we decommissioned the ITIL assignment group.
This change was non-controversial, and freed up the ServiceNow administrators to do more valuable things with their time.
However, this broke reporting Venkat was using for generating a report for ITIL users.
Venkat needed a new way to pull a report from ServiceNow of ITIL users. It's here:
The business rule is called: Itil Users
The UI page is called: user_has_role_itil
The PROD URL is: https://yale.service-now.com/user_has_role_itil.do
Tech details:
There is a cleaner way to do this, but here's one way to get this list:
var gr2 = new GlideRecord('sys_user_role');
gr2.addQuery('name','itil');
gr2.query();
if (gr2.next() ) {
gs.print('itil group sysid is: ' + gr2.sys_id);
}
//var gr = new GlideAggregate('sys_user'); //GlideAggregate query
var gr = new GlideRecord('sys_user');
gr.addQuery('roles','CONTAINS',gr2.sys_id);
gr.query();
var gr4 = new GlideAggregate('sys_user_has_role');
gr4.addQuery('role',gr2.sys_id);
gr4.groupBy('user');
gr4.query();
var count3=0;
while (gr4.next()) {
if (gr4.user.active!=false && gr4.user.email != '') {
gs.print('one user record is: ' + gr4.user.email);
count3++;
}
}
gs.print('4p,p,.puixx.eu count: ' + count3);
Tech details round two
function findItil() {
var user_array = [];
var role_id = []
var user_has_role = new GlideAggregate('sys_user_has_role');
user_has_role.addEncodedQuery('role=b4c1f5331011100094adb14c071ff154^user.active!=false^user.emailISNOTEMPTY^user.user_nameISNOTEMPTY');
user_has_role.addAggregate('COUNT', 'user');
user_has_role.query();
while (user_has_role.next()) {
user_array.push(user_has_role.user.user_name);
}
return user_array;
}
Getting a list of members of Financial Approvers (both all members, and isolating members who have no other assignment groups)
That's the basis for the maximum possible numbers. I'm counting 189 today.
What we really want is what we're describing at: https://yale.service-now.com/nav_to.do?uri=sc_task.do?sys_id=7af754d2f9146144fcb0542a9ae2793c%26sysparm_view=portal
which is that we want a collection of users who are Financial Approvers, but not a member of any other group.
Here's the listing I've been working with: https://yaledevelopment.service-now.com/sys_user_has_role_list.do
I've been working with Alan at Fruition to build up a list of Financial Approver group members who are not also members of any other assignment group. He came up with:
https://yaledevelopment.service-now.com/financial_group_members.do
I need to vet this and see whether it is true. I spot checked for Deb Bettley and Nancy Scanlon. Both were not members of the Alan version, but are members of the overall group. As such, this seems to really work.
function findFinancialMembers() {
var user_array = [];
var user_in_group = new GlideRecord('sys_user_grmember');
user_in_group.addQuery('group', '4da8813ea1a8990494ad46651315d87d'); //Financial Approvers group
user_in_group.query();
while (user_in_group.next()) {
var group_count = new GlideAggregate('sys_user_grmember');
group_count.addQuery('user', user_in_group.user.sys_id);
group_count.addAggregate('COUNT');
group_count.query();
var groups = 0;
if (group_count.next()) {
groups = group_count.getAggregate('COUNT');
if (groups == 1) {
user_array.push(user_in_group.user.user_name);
}
}
}
return user_array;
}
Isolating ITIL users who didn't get the role from Financial Approvers
So now that I have two sets of users, I really want to do set logic on it, and subtract the results of the financial_group_members.do list from the sys_user_has_role_list.do results.
I'm wondering if I can do exactly that using a script. Going to try. First, need to track down both scripts.