How to Allow Group Managers to Manage Group Members?

Yaseen2
Mega Expert

‎02-17-2020 06:48 AM

Dear All,

Kindly note I've followed the below guide to give access to the group mangers to add/delete their own group members, but with no luck

https://community.servicenow.com/community?id=community_question&sys_id=ed71cb29db98dbc01dcaf3231f96...

I've created 4 ACLs read/write/create/delete

table :sys_user_grmember

sys_user_grmember.* 

Condition: set Group.manager is dynamic

below you can find a sample of one of the ACLs:

find_real_file.png

find_real_file.png

List of ACLs:

find_real_file.png

Group manager view:

find_real_file.png

 

find_real_file.png

 

 

But still the group manger is unable to add or delete the group members noting that I've applied these ACLs both first with "itil, user_admin" roles and second time without roles but with no luck

Any suggestions please, if you can help me it's urgent.

Your feedback is highly appreciated 

Best regards,

Yaseen.

Labels:
Preview file
32 KB
Preview file
24 KB
Preview file
94 KB
Preview file
72 KB
Preview file
54 KB
0 Helpfuls
  • 8,684 Views
14 REPLIES 14

David Arbour
Tera Guru

‎02-17-2020 06:53 AM

Can the user read from the Group table? In your ACL condition, you're evaluating if the Group.Manager is me, but if the user can't read from the Group table, this will always return false.

0 Helpfuls

Yaseen2
Mega Expert
In response to David Arbour

‎02-17-2020 07:01 AM

Hi David,

Thanks for your swift response, do you mean like the below ACL

find_real_file.png

find_real_file.png

Thanks

Preview file
23 KB
Preview file
89 KB
Preview file
23 KB
0 Helpfuls

Yaseen2
Mega Expert
In response to Yaseen2

‎02-17-2020 07:05 AM

Hi David,

and also this ACL:

find_real_file.png

find_real_file.png

Preview file
87 KB
Preview file
26 KB
0 Helpfuls

David Arbour
Tera Guru

‎02-17-2020 07:45 AM

Yes, from what I can see here, these ACLs should be sufficient.

0 Helpfuls