ACL for Mid Server

John Vo1 · ‎04-13-2017

I have an ITIL user trying to do a quick discovery and when he clicks on magnifying glass to select mid server he is getting security constraints. Which ACL do I need to edit for him to see the mid servers?

John Vo1 · ‎04-18-2017

This was ServiceNow recommendations. Create a Discover by ip address and update the script and it worked.

View solution in original post

Chuck Tomasi · ‎04-13-2017

Thanks John.

Best practice: If you don't already have it, create a group for those desktop techs.

Grant the appropriate role to those techs to allow them to read those records.

John Vo1 · ‎04-13-2017

Chuck,

The reason I don't want to give them roles is we want them limited as possible. I don't want them being able to mess with the mid servers or discovery schedules. So can I just add the role to read, write, delete and they should be able scan by ip address using quick discovery?

Thanks,

John

Chuck Tomasi · ‎04-13-2017

Technically, Quick Discovery creates a schedule (and runs now). I don't think you're going to get where you need to be with a limited approach on the ACLs. Eventually you'll find you need to open those ACLs up as much as the existing roles require.

glennpinto - any thoughts on this one?

John Vo1 · ‎04-13-2017

Chuck,

I added role ITIL to all ecc_agent ACL and when I try to run quick discovery I get this error. Mid servers are up and running.

Nilam Narote · 4 weeks ago

To resolve this issue, you have to add the "ITIL" role to the ACL created for the DiscoveryAjax script include.