Granting users read only access to CMDB

Go to solution
William44
Mega Guru

‎09-14-2020 12:49 PM

We are looking to grant users read only access to the CMDB data tables and associated portals. These users need write access to service request and other applications within ServiceNow. What is the best way to implement these permissions and expose the Configuration navigation menu, or if there is better way for users to access this data?

Labels:
0 Helpfuls
  • 9,097 Views
1 ACCEPTED SOLUTION

Go to solution
Willem
Giga Sage
Giga Sage

‎09-18-2020 03:35 PM

Hi William,

Hope you are doing well.

Is your question resolved? Or do we need to follow-up on this?

Please mark the answer as correct if it solves your question. This will help others who are looking for a similar solution. Also marking this answer as correct takes the post of the unsolved list.
Thanks.

Kind regards,

Willem

View solution in original post

5 REPLIES 5

Go to solution
Willem
Giga Sage
Giga Sage

‎09-14-2020 12:54 PM

The cmdb_read role allows users to read any cmdb table. That role is also attached to the Navigation menu. Granting that role will allow them to access the menu and see the CMDB.

https://docs.servicenow.com/bundle/orlando-platform-administration/page/administer/roles/reference/r...

Go to solution
William44
Mega Guru
In response to Willem

‎09-16-2020 10:24 AM

Thanks for the info Willem, the cmdb_read role provides the appropriate level of access.

 

Do you have any guidance on the permissions required to view the Configuration Items menu, or an appropriate dashboard so users do not need to access the cmdb_ci tables directly? This has been the only way I've found so far. to expose the tables.

0 Helpfuls

Go to solution
Willem
Giga Sage
Giga Sage
In response to William44

‎09-16-2020 11:12 AM

Can you elaborate a bit more on what you want the users to see and do? What type of work do they do and what information do they need?

 

For the Configuration menu you can access it with cmdb_read:

find_real_file.png

 

The classes below that do not have roles specified, thus honoring the roles on the Menu itself.

 

The CMDB View dashboard, showing you a lot of information on the health of the cmdb for example is limited to asset, itil

 

If you want to limit the amount of Modules they can see, you could add a role to the Roles and assign that role to those users who should see the modules:

find_real_file.png

 

Preview file
6 KB
Preview file
6 KB

Go to solution
Willem
Giga Sage
Giga Sage

‎09-18-2020 03:35 PM

Hi William,

Hope you are doing well.

Is your question resolved? Or do we need to follow-up on this?

Please mark the answer as correct if it solves your question. This will help others who are looking for a similar solution. Also marking this answer as correct takes the post of the unsolved list.
Thanks.

Kind regards,

Willem