User administrators or sn_si_manager roles can not edit the user groups that they manage - Known Error

User administrators or sn_si_manager roles can not edit the user groups that they manage Description Users with user_admin or average sn_si.* roles are not able to add/edit role/group that is in sn_si. scope.

Steps to Reproduce

Assign the role "sn_si_manager" to Abel Tuter". Make him the manager of any security group. Do not impersonate, Login as abel.tuter. Change the password in his sys_user record so you can login. Open the groups where Abel is the manager. Try removing or adding users from it. Notice that nothing changes. Workaround This is expected behaviour, due to the enhanced security introduced in Jakarta. Only scope admins with sn_si.admin role will be able to edit user/role/group within the security incident response scope.

Ref. documentation:

https://docs.servicenow.com/csh?topicname=sir-landing-page.html&version=latest https://docs.servicenow.com/csh?topicname=sir-landing-page.html&version=latest