I want to grant users read permissions on the “cmdb_ci_service_discovered” table.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Wednesday
I want to grant users only read permissions for records in the “cmdb_ci_service_discovered” table. They do not need permissions to create, update, or delete records. I assigned the “sn_cmdb_user” role to the user, but when opening the list view, it appears only records where the “operational status” field is set to “Non-Operational” are displayed. I suspect this is a control related to the cmdb_ci table. Could you please tell me which control is causing this? Also, if only read permissions for the “cmdb_ci_service_discovered” table are required, which role would be most appropriate to assign?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
9 hours ago
It likely means there is a Data Policy, UI Policy or a Business Rule applied on the table (or inherited class like cmdb_ci) that filters list views for that role to show only non-operational CIs (a common control in CMDB modules to restrict visibility of in use CIs). If you only need users to have read only access on cmdb_ci_service_discovered you can grant them the base read permission by creating a custom ACL (type record; operation = read) on that table and then assign a minimal custom role (for example u_cmdb_read_only_service_discovered) to those users instead of sn_cmdb_user, which carries broader inherited restrictions and filters.....
If you found my response helpful, please mark it as ‘Accept as Solution’ and ‘Helpful’. This helps other community members find the right answer more easily and supports the community.
Kaushal Kumar Jha - ServiceNow Consultant - Lets connect on Linkedin: https://www.linkedin.com/in/kaushalkrjha/
