There are cases that inherited roles become orphan. Symptoms are seen like a role no longer contained by its former parent still shown under some users with the flag 'inherit' set in true.

This article provides a simple way to clean up such orphan roles.


Please follow below steps to clean up the orphan roles:

  1. Login the instance as Admin.
  2. Elevate to the Security Admin role. This is very important as without the role, the clean-up is not doable.
  3. Navigate to Scripts - Background and execute below command. If the numbers of records in the sys_user table and sys_user_has_role table is big, please make sure to uncheck the option of 'Cancel after 4 hours' to avoid the clean-up process being terminated half way.
  4. Paste below code to the Script box and run it:
    new GlideUserHasRoleInhCountFixer().recalculateInhCounts();

The API will scan all the users and roles, re-calculate the inherit relationship to fix any orphan situation. It can run for a very long time in case there are large amount of users and roles. As such, it is always good to test the clean up on a full clone of your Production to get a better estimation.

Article Information

Last Updated:2020-03-23 18:29:04