Non-admin users with the "impersonator" role cannot impersonate any user if there are orphaned 'sys_user_has_role' records like "[user: null; role: admin]".Description Symptoms Non-admin users can use the functionality of "impersonate". However, they cannot see any users in the user drop list. Release Any release. Cause This issue is caused by the orphaned "sys_user_has_role" records like "[user: null; role: admin]" Resolution Troubleshooting steps: 1. Log in as admin 2. Navigate to the "/impersonate_dialog.do" page. 3. Click the user lookup to search users. 4. Copy the URL. 5. Log in as a non-admin user. 6. Repeat step 2~4 to get the URL. admin user: https://<instance_name>.service-now.com/sys_user_list.do?sysparm_target=QUERY:active%3Dtrue%5Elocked_out%3Dfalse%5Eweb_service_access_only%3Dfalse%5EORweb_service_access_onlyISEMPTY&sysparm_target_value=&sysparm_reference_value=&sysparm_nameofstack=reflist&sysparm_clear_stack=true&sysparm_element=not&sysparm_reference=sys_user&sysparm_view=sys_ref_list&sysparm_additional_qual=&sysparm_domain_restore=false non-admin user: https://<instance_name>.service-now.com/sys_user_list.do?sysparm_target=QUERY:active%3Dtrue%5Elocked_out%3Dfalse%5Eweb_service_access_only%3Dfalse%5EORweb_service_access_onlyISEMPTY%5Eroles!%3Dadmin&sysparm_target_value=&sysparm_reference_value=&sysparm_nameofstack=reflist&sysparm_clear_stack=true&sysparm_element=not&sysparm_reference=sys_user&sysparm_view=sys_ref_list&sysparm_additional_qual=&sysparm_domain_restore=false 7. Compare the differences between the two URLs. There is an extra query condition "roles!=admin" for non-admin user. 8. Log in as admin. 9. Navigate to 'sys_user.list'. 10. Add "roles!=admin" to the list condition builder. 11. The query result is empty. 12. Enable session SQL debug. 13. Query again and get SQL from session logs. 14. The system uses SQL like "select *** from sys_user where sys_id not in (select user from sys_user_has_role where role='sys_id_of_admin')". 15. This will cause "not in (null)" due to the orphaned "sys_user_has_role" records like "[user: null; role: admin]". 16. The issue is fixed after deleting these orphaned records.