Restrict ITIL users from creating, editing or deleting CMDB items
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-24-2024 07:53 AM
Out-of-the-box ServiceNow configuration allows all users with the ITIL role to create, edit, and delete Configuration Items (CIs) in ServiceNow.
I would like to change this so that:
1) ITIL users have read-only access.
2) Only users with the admin role can create, edit, and delete CIs.
Can someone guide me on how to achieve this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-24-2024 08:33 AM - edited ‎06-24-2024 08:34 AM
To achieve this, You need to create a new Access Control Rule and Modify ITIL Role Permissions,
Create an Access Control Rule:
- Create a rule for the cmdb_ci table.
- Assign Create, Read, Write, and Delete operations to the admin role.
Modify ITIL Role Permissions:
- Go to System User Roles and edit the ITIL role.
- Remove Create, Write, and Delete permissions for the cmdb_ci table.
- Ensure Read permission remains checked
If you found this helpful please accept as solution and mark helpful
best
Chetna
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-24-2024 08:46 PM
Hi @JJose
Please refer this thread : https://www.servicenow.com/community/itsm-forum/how-to-make-configuration-items-read-only-to-non-adm...
Mark it Helpful and Accept Solution!! If this helps you to solve your query.
