ServiceNowDevProgram · kmohit2809 · Oct 12, 2025 · Oct 12, 2025 · Oct 12, 2025
diff --git a/Server-Side Components/Background Scripts/Orphaned Users/README.md b/Server-Side Components/Background Scripts/Orphaned Users/README.md
@@ -0,0 +1,4 @@
+This script identifies active users in ServiceNow who have no group memberships and no roles assigned.
+It queries the sys_user table for all active users, then checks each user against the sys_user_grmember table (groups) and the sys_user_has_role table (roles).
+If a user has no associated groups and no assigned roles, their username is added to a list called orphanedUsers.
+Finally, the script prints the list, which can be used for user cleanup, security audits, or compliance purposes to ensure proper user management.
diff --git a/Server-Side Components/Background Scripts/Orphaned Users/Users with no groups and roles.js b/Server-Side Components/Background Scripts/Orphaned Users/Users with no groups and roles.js
@@ -0,0 +1,23 @@
+var userRecord = new GlideRecord('sys_user');
+userRecord.addQuery('active', true);
+userRecord.query();
+
+var orphanedUsers = [];
+
+while(userRecord.next()) {
+    var userSysId = userRecord.getValue('sys_id'); 
+
+    var userGroups = new GlideRecord('sys_user_grmember');
+    userGroups.addQuery('user', userSysId); 
+    userGroups.query();
+
+    var userRoles = new GlideRecord('sys_user_has_role');
+    userRoles.addQuery('user', userSysId); 
+    userRoles.query();
+
+    if(!userGroups.hasNext() && !userRoles.hasNext()) {
+        orphanedUsers.push(userRecord.getValue('user_name')); 
+    }
+}
+
+gs.print('Orphaned Users: ' + orphanedUsers.join(', '));