How to restrict users from viewing Catalog Items to AD Group without having ServiceNow Group?

VIKAS45
Tera Guru

‎09-21-2023 11:48 AM

How to restrict users from viewing Catalog Items to AD Group without having ServiceNow Group?

 

As using  ServiceNow Group will involve modification of Group from ServiceNow which we do not want.

 

We want Active directory Group Modifications should directly restrict users from viewing Catalog Items to AD Group

  • 1,340 Views
4 REPLIES 4

Jaspal Singh
Mega Patron
Mega Patron

‎09-21-2023 11:55 AM

Hi Vikas,

If it is understood you wish to limit the update to Group-Members from ServiceNow and want it to be updated as pulled from AD?

If so, you can limit creation, deletion for groups using ACL for Group Membership table.

0 Helpfuls

VIKAS45
Tera Guru

‎09-21-2023 07:25 PM

How can we use Available For in Catalog Item directly from Active directory Group?

0 Helpfuls

Ankur Bawiskar
Tera Patron
Tera Patron

‎09-21-2023 08:13 PM

@VIKAS45 

you can use User criteria and restrict but it can check only things within ServiceNow and cannot show/hide using AD group which is not within ServiceNow.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Revanth Karra
Tera Expert

‎09-21-2023 09:14 PM - edited ‎09-21-2023 11:54 PM

Dear Vikas,

 

Hi @VIKAS45 @Ankur Bawiskar @Jaspal Singh . Hope you're doing great! 

 

@Ankur Bawiskar , Correct! You need to use User Criteria. 

 

User Criteria is used to determine whether or not a user has access to a catalog item and to restrict access to a catalog item to users who are members of an AD group.

 

To create a User Criteria to restrict access to a catalog item to users who are members of an AD group:

  1. Navigate to Service Catalog > Maintain User Criterias.
  2. Click the New button.
  3. Enter a name and description for the User Criteria.
  4. Click the Add Condition button.
  5. Select the AD Group condition.
  6. Enter the name of the AD group in the Value field.
  7. Click the OK button.
  8. Click the Save button.

Once you have created the User Criteria, you can attach it to the catalog item.

  1. Navigate to Service Catalog > Maintain Catalog Items.
  2. Open the catalog item that you want to restrict access to.
  3. Click the Available for tab.
  4. Click the Add button.
  5. Select the User Criteria option.
  6. Select the User Criteria that you created in the User Criteria field.
  7. Click the OK button.
  8. Click the Save button.

Once you have attached the User Criteria to the catalog item, only users who are members of the AD group will be able to view the catalog item.

 

NOTE:

This method does not involve modifying any ServiceNow groups, and it allows you to directly restrict users from viewing catalog items based on their AD group membership !!!

 

Kindly, please mark my solution as Helpful/Correct, if applicable. If I could help you with your Query then, please hit the Thumb Icon and mark as Correct!!!

 

Thanks & Regards, 

Revanth. K

Product Test Automation Engineer