Mapping relationship between role and access control names/lists

hamiltr · ‎07-06-2011

I am setting up a read access role only for some IT folks who only need read access to service-now.
We have about 200 read access control lists and I want to add this read role to all of these records.
Is there a quick way to update all these ACLs other than manually going into each ACL and adding the role?
thanks

gaidem · ‎07-06-2011

If I understand correctly, you could run a background script like this:



var x = new GlideRecord('sys_security_acl);
x.addQuery('operation','read');
x.query();
while(x.next()){
   var y = new GlideRecord('sys_security_acl_role');
   y.initialize();
   y.sys_security_acl = x.sys_id;
   y.sys_user_role = <role sys_id>;
   y.insert();
}

hamiltr · ‎07-07-2011

Not considered scripts yet - just planning how to bulk map all the read ACLs with a new role that has been created rather than going into each read ACL and adding the role manually (this could take a several hours) - thanks

sherman_1206 · ‎07-07-2011

The background scripting route is going to be the easiest option. gaidem's option is probably the easiest in this situation.

There are other ways to do mass updates on record in Service Now however, in this situation I would suggest the background script.

ctu1 · ‎07-07-2011

You could export them in XML, update offline (editor/macros/script) whatever and reimport them.