Domain Sepa

Go to solution
Mahira
Tera Guru

‎08-11-2014 11:41 PM

Hi,

I have a query regarding report generation in Domain Separated instance.

Scenario is this.

I have say field1 created for domain1

&

I have field2 created for domain2.

When a domain 1 user , runs a report he can see the field2 listed for reporting. Is there a way to prevent field2   from being listed when a domain1 user runs a report.

Although ServiceNow prevents user from seeing the domain1 user from seeing domain2 records, it would be good if the fields which are not applicable is not shown for reporting.

Any pointers or suggestions will be greatly appreciated.

Regards,

Mahira

0 Helpfuls
  • 1,136 Views
1 ACCEPTED SOLUTION

Go to solution
Valor1
Giga Guru

‎08-12-2014 11:50 AM

DO NOT separate the dictionary table.


The only way to do this is by having a security role that you assign to each domain, and designate visibility to the domain-specific fields to that particular role.



Example: new role called "itil_domain1" and apply a security role on "field1/read" operation requires "itil_domain1" role.


View solution in original post

0 Helpfuls
4 REPLIES 4

Go to solution
Bhavesh Jain1
Giga Guru

‎08-11-2014 11:49 PM

OOB Servicenow does not provide Domain field on sys_domain field. If you add this field on this table and set the correct domain, you should not have this issue. I am not sure why Servicenow has not created Domain seperation on Dictionary table. I will not recommend this and I would suggest you check for impact and Servicenow HI support guidance.



Regards,


Bhavesh


IGate-logo.png


http://www.igate.com


Preview file
4 KB
0 Helpfuls

Go to solution
Valor1
Giga Guru

‎08-12-2014 11:50 AM

DO NOT separate the dictionary table.


The only way to do this is by having a security role that you assign to each domain, and designate visibility to the domain-specific fields to that particular role.



Example: new role called "itil_domain1" and apply a security role on "field1/read" operation requires "itil_domain1" role.


0 Helpfuls

Go to solution
Mahira
Tera Guru
In response to Valor1

‎08-12-2014 10:43 PM

Hi Valor,


This worked. Only thing I worry now is will there be any performance issue with too many Access Controls for a given table?



Regards,


Mahira


0 Helpfuls

Go to solution
Valor1
Giga Guru
In response to Mahira

‎09-04-2014 07:01 PM

ACLs are cached, so as long as you don't go crazy (1000s), you should be okay.



Just make sure you're doing "simple" ACL operations, like "requires role" -- this will reduce the compute overhead.


0 Helpfuls