- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
best community,
In Business Service form the user how have a role to write can add CI relationship.
can be possible to let the user add CI relationship with out have this role.
I want to let the user add CI relationship without changing anything in the record
kind regards
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @NajiASR
Here some options the may you try
1. ACL on CI Relationship Table (cmdb_rel_ci)
- The relationships are stored in the cmdb_rel_ci table, not directly in the Business Service record.
- You can create a new Write ACL on cmdb_rel_ci where condition = source or target is a Business Service.
- Grant access via a custom role (e.g., ci_relationship_editor) only for relationship creation.
- This way, the user doesn’t need write access on the Business Service itself, only permission to create relationships.
2. UI Action or Custom Related List
- You can build a custom UI Action or UI Page that allows users to add relationships (calls a script to insert into cmdb_rel_ci).
- Display this on the Business Service form so they feel like they’re adding relationships, but technically you’re bypassing the form’s write restriction.
3. Delegated Admin / Scoped Role
- If you want finer control, create a new role and assign it only to relationship creation.
• Add this role in the cmdb_rel_ci ACLs (Create/Write) but not in cmdb_ci_service.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @NajiASR
No mate, in ServiceNow, roles work at the table level—not at the form level. If you want to restrict access, you’d need to look into ACLs or Business Rules. However, that approach adds technical debt. It’s generally better to guide or educate users and use the system as designed.
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]
****************************************************************************************************************
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @NajiASR
Here some options the may you try
1. ACL on CI Relationship Table (cmdb_rel_ci)
- The relationships are stored in the cmdb_rel_ci table, not directly in the Business Service record.
- You can create a new Write ACL on cmdb_rel_ci where condition = source or target is a Business Service.
- Grant access via a custom role (e.g., ci_relationship_editor) only for relationship creation.
- This way, the user doesn’t need write access on the Business Service itself, only permission to create relationships.
2. UI Action or Custom Related List
- You can build a custom UI Action or UI Page that allows users to add relationships (calls a script to insert into cmdb_rel_ci).
- Display this on the Business Service form so they feel like they’re adding relationships, but technically you’re bypassing the form’s write restriction.
3. Delegated Admin / Scoped Role
- If you want finer control, create a new role and assign it only to relationship creation.
• Add this role in the cmdb_rel_ci ACLs (Create/Write) but not in cmdb_ci_service.
