Non-role (ESS) users are not able to see group (sys_user_group) recordsDescription<!-- div.margin{ padding: 10px 40px 40px 30px; } table.tocTable{ border: 1px solid; border-color:#E0E0E0; background-color: rgb(245, 245, 245); padding-top: .6em; padding-bottom: .6em; padding-left: .9em; padding-right: .6em; } table.noteTable{ border:1px solid; border-color:#E0E0E0; background-color: rgb(245, 245, 245); width: 100%; border-spacing:2; } table.internaltable { white-space:nowrap; text-align:left; border-width: 1px; border-collapse: collapse; font-size:14px; width: 85%; } table.internaltable th { border-width: 1px; padding: 5px; border-style: solid; border-color: rgb(245, 245, 245); background-color: rgb(245, 245, 245); } table.internaltable td { border-width: 1px; padding: 5px; border-style: solid; border-color: #E0E0E0; color: #000000; } .title { color: #D1232B; font-weight:normal; font-size:28px; } h1{ color: #D1232B; font-weight:normal; font-size:21px; margin-bottom:-5px } h2{ color: #646464; font-weight:bold; font-size:18px; } h3{ color: #000000; font-weight:BOLD; font-size:16px; text-decoration:underline; } h4{ color: #646464; font-weight:BOLD; font-size:15px; text-decoration:; } h5{ color: #000000; font-weight:BOLD; font-size:13px; text-decoration:; } h6{ color: #000000; font-weight:BOLD; font-size:14px; text-decoration:; } ul{ list-style: disc outside none; margin-left: 0; } li { padding-left: 1em; } --> Symptoms Non-role (ESS) users are not able to see group (sys_user_group) records when trying to select a group from any fields or variables that reference the group (sys_user_group) table. Release All releases Cause The users are failing the table level read ACL on sys_user_group table. The OOB ACL: /sys_security_acl.do?sys_id=811f2ddec0a801666be07f00f34794c7 Resolution The OOB ACL checks for: If the group has the admin role attached to it. If yes, then only users with admin role can view that groupIf the group has the security_admin role attached to it. If yes, then only users with security_admin role can view that groupOtherwise, if the group doesn't have any of the roles above and if the user has any roles in the instance then grant that user read access to the group record The OOB ACL can be modified as appropriate to grant non-role users access, or a new similar ACL can be created altogether for the same requirement. Additional Information Access control list rules