User as a user-admin role

Puru2 · ‎08-22-2015

If a user has user-admin role in service now, then how can he/she change the password on another user ?

Deepak Ingale1 · ‎08-22-2015

User Admin role gives access to user table and so as the table columns. There is a write aceess to user table and also write access to some of the fields of the table. Hence user admin role can change password. If you want to restrict that, you can make password field as read only with the help of access control list or ACLs

For more info, check on wiki for ACL

View solution in original post

Deepak Ingale1 · ‎08-22-2015

User Admin role gives access to user table and so as the table columns. There is a write aceess to user table and also write access to some of the fields of the table. Hence user admin role can change password. If you want to restrict that, you can make password field as read only with the help of access control list or ACLs

For more info, check on wiki for ACL

Puru2 · ‎08-25-2015

Thank You for your help

Pradeep Sharma · ‎08-22-2015

Hi Pururava,

user_admin role cannot change the password as OOB there is a read and write ACL's which restrict the access.

OOB only admin role has the access.

Just change the instance name as per yours to check the ACL.

https://YOURINSTANCENAME.service-now.com/sys_security_acl_list.do?sysparm_query=name%3D*%5EORnameSTA...

You have to adjust the ACL's in order to give the access to specified role as per your req. Please go through the below link for more info.

http://wiki.servicenow.com/index.php?title=Using_Access_Control_Rules

I hope this answers your question.

Puru2 · ‎08-25-2015

Thank You for your help