We're reclaiming inactive PDIs to keep them available for active builders. Learn what's changing, who's affected, and how to protect your work. Read More

Regarding catalog item

shreya_3009
ServiceNow Employee

I created a catalog item and in user criteria, i have mentioned the department to which then catalog item should be visible. It is visible to the department members and also admins. Cant we restrict admins here?

5 REPLIES 5

Tanushree Maiti
Tera Patron

Hi @shreya_3009 

 

1) By default, ServiceNow admins override User Criteria. To prevent admins from bypassing your criteria, modify the system property glide.sc.entitlement.override to change the overriding role from admin to security_admin

 

Refer: https://www.servicenow.com/community/developer-forum/user-criteria-to-exclude-admins/m-p/1608714

 

Also check:

https://www.servicenow.com/community/itsm-forum/how-to-restrict-catalog-item-for-the-role-admin/m-p/...

 

https://www.servicenow.com/community/developer-forum/restrict-catalog-item-to-admins-make-it-availab...

 

Please Accept the solution if it assisted you with your question & Mark this response as Helpful.
Regards
Tanushree Maiti
ServiceNow Technical Architect
LinkedIn: https://www.linkedin.com/in/tanushreemaiti

AndersBGS
Tera Patron

Hi @shreya_3009 

 

I think the big reason is why you would do such a thing?

 

If my answer has helped with your question, please mark my answer as the accepted solution and give a thumbs up.

Best regards
Anders

Rising star 2024
MVP 2025
linkedIn: https://www.linkedin.com/in/andersskovbjerg/

yashkamde
Mega Sage

Hello @shreya_3009 ,

 

Unless there's a strong compliance or security reason, I'd leave it as is it's standard ServiceNow behavior. If restriction is a hard requirement, go with the ACL approach (Read ACL on sc_cat_item with Admin overrides unchecked) rather than UI policies or client scripts, since those can be bypassed.

 

If my response helped mark as helpful and accept the solution.

Aditya_hublikar
Giga Sage

Hello @shreya_3009 ,

 

Just change system property value to security_admin so admin will not override catalog item .

Aditya_hublikar_0-1781844819847.png

 

 

If this helps you then mark it as helpful and accept as solution.

Regards,

Aditya