Reports not displaying content after ACL environment changes

HulkingIT · ‎05-14-2025

After ServiceNow performed proactive maintenance around the ACL's for all tables etc... I now have several users of ServiceNow complaint that custom reports are not working. Similar to what is attached. This is from me, I am an admin, I have role snc_intenral.

I need a way to fix this for more than 300 hundred users who would have access to making their own reports.

ServiceNow Support gave me this article but hasn't helped me to find resolution.

Troubleshooting query_range ACLs - Support and Troubleshooting

Any help on this would be great!

Dr Atul G- LNG · ‎05-14-2025

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2046494

Might be helpful.

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************

HulkingIT · ‎05-14-2025

Hi,

Thanks for the link but that is what support gave me.

It's not helpful for me. I'm looking for the answer to fix this issue.

Again, too many users have custom reports what use the query they have now blocked.

Thanks

Dr Atul G- LNG · ‎05-14-2025

Hi @HulkingIT

Log a Now support case and chase team to fix it.

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************

_ukasz Rybicki · ‎05-14-2025

🛠️ Problem Name: Report Access Denied Due to report_view ACLs

🔍 General Solution Proposal:

The error message “Access to this content denied based on report_view ACLs” indicates that users lack the necessary report_view permissions on the tables or fields utilized in the reports. To resolve this for over 300 users, you need to:

Identify the specific tables and fields used in the reports.
Ensure that users have both read and report_view access to these tables and fields.
Assign appropriate roles to users or modify existing ACLs to include the roles that users possess.

📝 Detailed Step-by-Step Solution:

Identify Affected Tables and Fields:
- Review the reports that users are unable to access.
- Note the tables and specific fields (especially those used in filters, groupings, or displayed columns) involved in these reports.
Review Existing ACLs:
- Navigate to System Security > Access Control (ACL).
- Filter ACLs where:
  - Operation is report_view.
  - Name matches the identified tables and fields.
- Examine the roles specified in these ACLs.
Modify or Create ACLs:
- Option A: Modify Existing ACLs
  - If the existing report_view ACLs are too restrictive, consider adding roles that your users have (e.g., itil, snc_internal) to these ACLs.
- Option B: Create New ACLs
  - Create new report_view ACLs for the identified tables and fields.
  - Specify the roles that should have access.
Assign Necessary Roles to Users:
- If modifying ACLs is not feasible, assign the required roles to users.
- For bulk role assignments:
  - Create a user group (e.g., report_users).
  - Assign the necessary roles to this group.
  - Add users to this group.
Test Access:
- Impersonate a user who was previously experiencing the issue.
- Attempt to access the reports to confirm that the issue is resolved.

✅ Example Resolution:

Scenario: Users cannot access reports based on the incident table.

Resolution:

Identify the ACL:
- Locate the report_view ACL for the incident table.
Modify the ACL:
- Add the itil role to the ACL's role list.
Assign Role to Users:
- Ensure all relevant users have the itil role, either directly or through group membership.
Test:
- Confirm that users can now access the reports.

🧪 Testing the Solution:

Impersonate Users:
- Use the Impersonate User feature to test access from the perspective of affected users.
Access Analyzer:
- Utilize the Access Analyzer tool to identify which ACLs are being evaluated and whether access is granted or denied.
Security Debugging:
- Enable Debug Security Rules to trace ACL evaluations during report access attempts.

📚 References:

ServiceNow Community Discussion:
- "Access to this content denied based on report_view ACLs - Dashboard Widget - Knowledge Articles"
  Link
  Summary: Discusses resolving report_view ACL issues by adjusting roles in ACLs.
ServiceNow Community Discussion:
- "Access to this content denied based on report_view ACLs"
  Link
  Summary: Highlights the importance of assigning appropriate roles to users for report_view access.
ServiceNow Community Discussion:
- "Error: Access to this content denied based on report_view ACLs"
  Link
  Summary: Emphasizes checking all related ACLs and ensuring users have necessary roles.

If you need assistance with scripting a bulk role assignment or further clarification on any step, feel free to ask!