Allow non itil users to view sys_user table

Nic Omaha
Tera Guru

‎05-06-2015 11:02 AM

We have a catalog item caland one of the variables is a reference field to the sys_user table so they can select who needs access. When a non itil user tries they get a error that security rules block them from seeing this list. Im drawing a blank on how to allow non itil users to see this list and select. Help?error.png

Labels:
Preview file
25 KB
0 Helpfuls
  • 3,675 Views
4 REPLIES 4

Joe Wilmoth
ServiceNow Employee
ServiceNow Employee

‎05-06-2015 11:05 AM

Hi Nicholas,



You can adjust the Access Control on the User table. You will need to create new rules for the roles needing access.



This information will be helpful: http://wiki.servicenow.com/index.php?title=Using_Access_Control_Rules#Creating_ACL_Rules



Thank you,


Joe


0 Helpfuls

venkat2
Kilo Expert

‎05-06-2015 11:05 AM

The access control set on the User[sys_user] table should be modified to extend the access to end user.



The read ACL sys_user.* is set to provide access to self profile(for non-itil users) and all users (for itil users). Modify this ACL for the read access.


0 Helpfuls

Pradeep Sharma
ServiceNow Employee
ServiceNow Employee

‎05-06-2015 11:58 AM

HI Nicholas,



As per your req, you will need to remove the script section from the below ACL and that should solve your problem. Just replace instancename in the below URL and open it to make the changes.


https://instancename.service-now.com/sys_security_acl_list.do?sysparm_query=name%3D*%5EORnameSTARTSW...


0 Helpfuls

kungfuu72
Giga Expert

‎05-06-2015 12:52 PM

If you're getting that message on a list view, that will definitely be ACL's you need to update.


Also make sure that the user is logged into the instance and not using any Wizards or CMS content to navigate to the table.



I'm not sure if this works in your instance, but


Non-itil users in our instance can view the user table by typing in sys_user.list in the Type filter text navigation bar (at least they can in our instance). Typing in sys_user.LIST will open up the table in a new window/tab. I didn't check our ACL's but we do have high-security enabled.



As long as they have a user account and they are logged in, they might able to do this.



This might be a quick workaround until you get your actual access controls set in place.


0 Helpfuls