Customize itil role.

Francisco Guasc
Tera Contributor

Hi, community

I need a group of users to be able to resolve incidents but I don't want them to have access to everything itil role offers. Would it be possible to do this?

8 REPLIES 8

I followed the steps to activate the ITSM Roles plugin and indeed, sn_incident_write solved my issue. Thanks.

Allen Andreas
Administrator
Administrator

Hello,

If you want the users to be able to resolve incidents, meaning they are "working" incidents and are technically still considered "fulfillers" (even with limited access), it's recommended to first review this with your ServiceNow Account Executive. This limited role, by your own design, does not mean ServiceNow will not audit you for it. So you could still be charged an itil level license rate anyway.

sn_incident_write will allow more than just "resolving" incidents.

What do you mean by this?

"but I don't want them to have access to everything itil role offers"

Can you perhaps give a bit more information as to what you don't want them to be able to do? As this is something you did not state or give any information about.

You should not customize or touch the itil role.

You should not customize or touch the sn_incident_write role.

You may need to approach this from a custom role that can only do 'x,y,z'...but again, without specifics from you, we can only speculate.

You did not give enough information here to properly answer your question.

Please mark reply as Helpful/Correct, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

Hello, Allen

The idea is to allow outsourced employees to resolve certain incidents, but that they do not have access to all the applications that the Itil role allows them to view, so as not to make mistakes. In this case, I enabled the ITSM Roles plugin in the non-production instance and assigned the sn_incident_write role to the group of these users, but I have no knowledge of what this implies in terms of license.

Thanks.

Hello,

So you mean work an incident (change field values, send comments, work-notes, resolve the incident, etc.) when you say "be able to resolve an incident". I was being very literal and thought you meant that you were wanting to lock down their privileges even more to where they could only resolve an incident (so not make changes to other fields on the record, but only set the incident to resolved and block other state values, etc.).

Either way, I'm glad you've found a solution that works for you.

From my understanding the sn_incident_write role is a fulfiller level role, even though it's lesser permission than the itil role. So you'll want to keep this in mind when considering the amount of fulfiller licenses you have utilized.

If you have any questions, please reach out to your ServiceNow Account Executive.

Please mark reply as Helpful/Correct, if applicable. Thanks! 


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!