how to give security_admin role to a user?

Go to solution
shalinikacham
Kilo Expert

‎08-01-2016 11:25 AM

looks like i cannot add users from security_admin role by clicking on New/Edit button.

find_real_file.png

Preview file
80 KB
0 Helpfuls
  • 17,916 Views
1 ACCEPTED SOLUTION

Go to solution
jbremer
Mega Guru
In response to Inactive_Us1474

‎08-01-2016 12:02 PM

I had run into this same issue. I found a thread awhile back that answered my question but I can't seem to find it now. Essentially, the security_admin role is only granted to the local out-of-box admin account. You cannot impersonate that account to grant the role to other users. You have to login directly with the local admin account and then grant the role in that manner. We just got a new instance with High Security and that exactly what I had to do.



Login with the local admin account (do not impersonate)


Grant security_admin role to whomever needs it


View solution in original post

15 REPLIES 15

Go to solution
Pradeep Sharma
ServiceNow Employee
ServiceNow Employee
In response to Inactive_Us1474

‎08-01-2016 12:27 PM

Yes but this is not required to assign roles.


0 Helpfuls

Go to solution
Inactive_Us1474
Giga Guru
In response to Pradeep Sharma

‎08-01-2016 12:37 PM

Hi,



The role of security_admin role is not visible under roles if i elevate my priviledge to get the role then only i am able to see and assign it to users.


Kindly correct me in this.


0 Helpfuls

Go to solution
Inactive_Us1474
Giga Guru
In response to Inactive_Us1474

‎08-01-2016 07:48 PM

If I elevate the security_admin role then only i am able to see it under roles module and assign the security_admin role to another user also.


Correct me if i am wrong.


0 Helpfuls

Go to solution
jbremer
Mega Guru
In response to Inactive_Us1474

‎08-01-2016 12:02 PM

I had run into this same issue. I found a thread awhile back that answered my question but I can't seem to find it now. Essentially, the security_admin role is only granted to the local out-of-box admin account. You cannot impersonate that account to grant the role to other users. You have to login directly with the local admin account and then grant the role in that manner. We just got a new instance with High Security and that exactly what I had to do.



Login with the local admin account (do not impersonate)


Grant security_admin role to whomever needs it


Go to solution
mike_bush
Kilo Guru

‎09-29-2016 04:19 AM

It would appear that in Helsinki this is finally working correctly.



Previously ANY "admin" role holder could "grab" security_admin which made it almost pointless (as an extra security measure)



NOW it has to be assigned BY SOMEONE WHO ALREADY HOLDS IT - and that starts off as only the oob "admin" who has to ELEVATE to pass it on.



So you CAN now maintain a separated list of "admin" role holders and "security_admin" role holders