Grant access to Easy Import using a role
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-06-2015 06:29 AM
We have a number of Licensed users who manage a large number of CI's (Mainly our networking guys).
My understanding is that the Easy Import function is locked down to Admin's, is there anyway I can give this access to someone with a custom role?
- Labels:
-
User Interface (UI)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-28-2015 08:40 AM
James,
Go to "UI Context Menus"
Locate "Import"
Modify the "Condition" field to expose it to another role that is allowed to see it.
In my environment, I actually created a new instance of the UI contect and called it "Import (ECMB Users) for a custom role called "ecmdb_users".
Be advised, person in that role do NOT have the ability to write to our CMDB. How we use it is to have persons download a template from a list of CI's they would like to update, if they try to import, they are not allowed to.
We have them submit the template through our catalog as a request so that someone on our Config Mgmt team can review.
Hope this helps.
R~
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-28-2015 08:48 AM
Hello Ronald,
Thanks for the direction; we have granted read/write access to certain tables based on roles elsewhere, so in theory if they have write access to the particular table that they create the template for, then they should be able to import their data?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-28-2015 08:58 AM
I don't believe that they will be able to, UNLESS they also hold the appropriate import role(s):
| import_admin | Can manage all aspects of Import Sets and imports |
| import_scheduler | Can schedule imports |
| import_set_loader | Can load Import Sets |
| import_transformer | Can manage Import Set Transform Maps and run transforms |
I have not played around with your scenario yet, as we are just now in the process of "normalizing" our CMDB and exposing to certain IT staff. So, we are taking a cautious approach to maintain CI integrity.
But, I believe that if a user also held "import_transformer" role, they should be able to complete an import. I recommend experimentation in a non-prod instance.
Also, FWIW, Fuji further enhances Easy Import to allow application context permissions.
For example, you could create a custom app for "Data Import", that app could have the ability to write to one or more (or all) tables.
You could remove write access to tables from individuals, but allow limited access to the Data Import application and extend their ability to import to those tables by way of the app. (clear as mud)?
For more, check out http://wiki.servicenow.com/index.php?title=Easy_Import#Fuji
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-17-2017 10:24 AM
I exposed "Import" to a custom role called "EasyImport" by changing the condition field to: (gs.hasRole('admin') || gs.hasRole('EasyImport')) && !ListProperties.isRelatedList() && !ListProperties.isRefList()
This worked.
