The Zurich release has arrived! Interested in new features and functionalities? Click here for more

How can I find out which ACL is blocking users and how can I fix it?

Wendy20
Tera Expert

‎09-20-2022 08:06 AM

Hello experts,

I am new to SNow and still learning. I am working on a task to provide appropriate roles to ITSM process managers and I'm having some issues with change management module.  User should have access to do list edit on schedules. seems like an ACL is blocking this.  I would like to know How can I find out which ACL is blocking users and how can I fix it? Thank you in advance!

Wendy

0 Helpfuls
  • 3,747 Views
4 REPLIES 4

Sagar Pagar
Tera Patron

‎09-20-2022 08:31 AM

Hi,

Try to Debug the ACL rules using Debug Security rules and find out the ACLs blocking the users.

ACL debugging tools

Enabling Debugging

Debugging Access Controls - Session Log

 

Thanks,
Sagar Pagar

The world works with ServiceNow

Bhushan216
Tera Guru

‎06-25-2024 12:51 AM

Hello Wendy,

 

You can try new UI available to debug the security rules / ACL by Access Analyzer which will return all the ACL's working for that user.

 

Please mark correct if it helps.

 

Thanks,

Bhushan

0 Helpfuls

Thrishulkd
Tera Contributor
In response to Bhushan216

‎08-27-2024 08:33 AM

Hi Bhushan,

cant be it on the one particular record? for example I will apply filter for one specific record which is not visible to the user. I will impersonate that user and alert shows no record found.

Actually there are many records which user cannot see. but If i know for one record  then I can implement to other also. because debugger gives me so many results which don't know which one restricts.

although in dev the user has the access even having same role, acl everything in PROD he doesn't have the access.
I have tried in all the possible way comparing dev and prod everything is same to same still user have no access in prod.

any help is most apricated.
thanks in advance 

0 Helpfuls

Bhushan216
Tera Guru
In response to Thrishulkd

‎08-28-2024 12:02 AM

Hello @Thrishulkd ,

 

You can Enable Access Analyzer for record specific Access also, for example in the image attached you can see I am analyzing the access for Abel tutor on Incident Record for "INC0000001".

 

If still the issue persist please try checking the Query business rule on the table.

 

BhushanBhosal1_0-1724828469853.png

 

Please mark Helpful if it resolves the issue / provide me snapshot what exactly you are trying to debug.

 

Thanks,

Bhushan