Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Restrict ITIL users from creating, editing or deleting CMDB items

JJose
Tera Expert

‎06-24-2024 07:53 AM

Out-of-the-box ServiceNow configuration allows all users with the ITIL role to create, edit, and delete Configuration Items (CIs) in ServiceNow.

I would like to change this so that:

1) ITIL users have read-only access.
2) Only users with the admin role can create, edit, and delete CIs.
Can someone guide me on how to achieve this?

0 Helpfuls
  • 1,222 Views
2 REPLIES 2

Chetna_dev
Kilo Sage
Kilo Sage

‎06-24-2024 08:33 AM - edited ‎06-24-2024 08:34 AM

To achieve this, You need to create a new Access Control Rule and Modify ITIL Role Permissions, 

  • Create an Access Control Rule:

    • Create a rule for the cmdb_ci table.
    • Assign Create, Read, Write, and Delete operations to the admin role.

  • Modify ITIL Role Permissions:

    • Go to System User Roles and edit the ITIL role.
    • Remove Create, Write, and Delete permissions for the cmdb_ci table.
    • Ensure Read permission remains checked

If you found this helpful please accept as solution and mark helpful

best

Chetna

 

SK Chand Basha
Tera Sage
Tera Sage

‎06-24-2024 08:46 PM

Hi @JJose 

 

Please refer this thread : https://www.servicenow.com/community/itsm-forum/how-to-make-configuration-items-read-only-to-non-adm...

 

Mark it Helpful and Accept Solution!! If this helps you to solve your query.

0 Helpfuls