Filtering on principal class

KB15
Giga Guru

I'm trying to figure out what rights are needed for a non-admin to display principal classes.

From the CI table, there's a filter for principal classes. Would anyone know off hand what table/field access is required for a non-admin to show these records? Would it be a CMDB related role?

1 ACCEPTED SOLUTION

GV Saranesh Kum
Kilo Guru

Create a Read ACL on the class cmdb_class_info to the desired roles as per your requirement, that should solve the issue.

OOB, there are no ACL's on cmdb_class_info, because of which it is stoppind non-admin users from accessing the records.

find_real_file.png

 

Please mark as correct Answer, if it resolves your issue.

 

Regards

Saranesh

 

View solution in original post

10 REPLIES 10

That is really weird - the non-admin can filter manually, but a similar script action yields no results.  With what the script include is doing, if they can't read the cmdb_class_info table, I guess that would make the filter fail.  Can this user see results with cmdb_class_info.list in the left nav?  If not, I can't really see a reason to restrict read access to cmdb_class_info for anyone, so you could try inactivating the ACL(s).

GV Saranesh Kum
Kilo Guru

Create a Read ACL on the class cmdb_class_info to the desired roles as per your requirement, that should solve the issue.

OOB, there are no ACL's on cmdb_class_info, because of which it is stoppind non-admin users from accessing the records.

find_real_file.png

 

Please mark as correct Answer, if it resolves your issue.

 

Regards

Saranesh

 

This seems to be the correct answer based on ServiceNow's response.

 

peter_repan
Tera Guru

Hi @KB 

did you solve it? I have the same issue. Is the ACL solution for that? 

 

In addition, maybe you also have an answer for my fresh question about principal class filter in reports? 

https://community.servicenow.com/community?id=community_question&sys_id=c9e4f9fbdb3e2c106621d9d96896199e

 

KB15
Giga Guru

We contacted ServiceNow and it seems like ITIL users need access to the table "cmdb_class_info". Based on this, this seems like it's normal behavior.

ServiceNow suggests to add an read ACL on the table level for "cmdb_class_info".

I'm presuming this will work but the modification has not been put in place, yet.