Welcome to Community Week 2025! Join us to learn, connect, and be recognized as we celebrate the spirit of Community and the power of AI. Get the details  

Service Portal Search Stops Work for Non-Admins in Zurich

Go to solution
jmiskey
Kilo Sage

‎09-16-2025 01:27 PM

We are in the progress of upgrading from Xanadu to Zurich.  We promoted our DEV and TST instances to Zurich, and one thing we have noticed is that the Search functionality on the Service Portal no longer seems to work.  It was reported to us by a user, and when we try it as an admin, it seems to work.  But if we impersonate a non-admin user, it does not seem to work.  We just get a message like this:

 

jmiskey_0-1758054350298.png

 

I am guessing that maybe they updated some ACLs or something, though I am not sure which ones.  I am not sure if the change was actually done in Yokohoma or Zurich (since we skipped Yokohoma).

 

Does anyone have any information on this, or what we need to do to re-enable the Search functionality to work for non-admins again, like it always used to in the past?

0 Helpfuls
  • 2,004 Views
2 ACCEPTED SOLUTIONS

Go to solution
jmiskey
Kilo Sage
In response to jmiskey

‎09-17-2025 05:11 AM - edited ‎09-17-2025 05:12 AM

Upon further review, it appears that the issue may be more related to the Custom Service Portal wire frames we had made for us by a 3rd party vendor.  We tried it on the out-of-the-box Service Portal in our PDI, and it did not exhibit that behavior.  So I don't think it is an issue with the ServiceNow release.  The release may have changed things (maybe some new ACLs or something like that), but it appears that it did not break the OOTB Service Portal, but instead broke our customized version of it.

 

Thanks for looking anyway!

View solution in original post

0 Helpfuls

Go to solution
YummyAmericano
Tera Expert

3 weeks ago

Try this method: @mleonard @jmiskey 


Create a new ACL with these values:

  1. Type: Record
  2. Operation: Read
  3. Name: sp_search_source

Set Security Attribute Condition

  1. Condition Type: Existing
  2. Security Attribute: UserIsAuthenticated
  3. Leave Roles Empty: Do not add any roles. The security attribute will handle access.
  4. Leave Script Empty: You don’t need a script if you're using the security attribute.

Save the ACL


Disable the Old ACL

  1. Find the original READ ACL on sp_search_source.
  2. Set Active = false.


Test the Change

  1. Impersonate a non-admin user.
  2. Run a search in the Service Portal.
  3. Confirm that results appear.

 

Hit 👍 if this solution is helpful! 😉

View solution in original post

16 REPLIES 16

Go to solution
jmiskey
Kilo Sage
In response to Nadia F

a month ago

No, we did not pursue it since our Service Portal was customized with a 3rd party vendor.  But based on what you said, it sounds like something changed at the ServiceNow level with this upgrade that might affect it, regardless of whether you are using out-of-the-box or a customized Service Portal.

 

Our manager did not want to pursue it with our third party vendor, since we no longer are working with them and are going to be implementing the out-of-the-box Employee Service  Center in the very near future.  He thinks we will just need to educate our users in the meantime.

 

I would still like to know what changed.  If you find anything out, please post back and let us know!

 

Thanks

Go to solution
Nadia F
Tera Contributor
In response to jmiskey

a month ago

Our developer has determined what caused our issue. There was a change to the Search widget, GlideRecord has changed to GlideRecordSecure. GlideRecordSecure method automatically checks ACLs to perform the query. 

We then looked at our ACLs, and found that m2m_sp_portal_search_source (now/nav/ui/classic/params/target/sys_security_acl_list.do%3Fsysparm_query%3DnameLIKEm2m_s%255Ename%253Dm2m_sp_portal_search_source%26sysparm_view%3D), Operation: Read is restricted to sp_admin role. We updated it to allow role Public, and that resolved our issue.  Looks like this ACL was preventing non-admin roles from querying. 

0 Helpfuls

Go to solution
jmiskey
Kilo Sage
In response to kaushal_snow

a month ago

It seems that ServiceNow keeps making these ACLs harder and harder to maintain!  I guess the only way to be totally secure is to lock everyone out!

0 Helpfuls

Go to solution
Matt Orenstein
Tera Expert

a month ago

I am also experiencing this issue with the portal widget.  We have customized it but just size and text, nothing of substance in terms of client controller or script.  I've also tried putting the OOB search feature into the portal and it also does not return results for non-admins.

0 Helpfuls

Go to solution
Nadia F
Tera Contributor
In response to Matt Orenstein

a month ago

Our developer has determined what caused our issue. There was a change to the Search widget, GlideRecord has changed to GlideRecordSecure. GlideRecordSecure method automatically checks ACLs to perform the query. 

We then looked at our ACLs, and found that m2m_sp_portal_search_source (now/nav/ui/classic/params/target/sys_security_acl_list.do%3Fsysparm_query%3DnameLIKEm2m_s%255Ename%253Dm2m_sp_portal_search_source%26sysparm_view%3D), Operation: Read is restricted to sp_admin role. We updated it to allow role Public, and that resolved our issue.  Looks like this ACL was preventing non-admin roles from querying. 

Hope this works for you!