snc_read_only role with minimal write options

Ed Laar2 · ‎02-09-2017

Dear community,

We have a need to give to certain users an operational role but read_only (ie these users can see the same as a real operational user but can not write anything). The OOB solution for this is to add the role called snc_read_only to these users.

This works great but .......... these users are not able to change the password (because change is write) for the user-id where snc_read_only is added. These users are also not able to select the option 'send a report/data dump to an email address' (because an event has to be created for this).

Has anyone solved this issue already? OOB there is the possibility to exclude some tables from snc_read_only so this should be the way to go.

Your reactions are af great help.

Best regards,

Ed Laar

KPN B.V. - The Netherlands

damodarreddyp · ‎02-10-2017

You can exempt the tables from the read_ony role.. using below prperties

http://wiki.servicenow.com/index.php?title=ServiceNow_Read_Only_Role#Properties

Hope this helps!

With regards,

Damdoar

Ed Laar2 · ‎02-11-2017

Thanks Damdoar for your reaction.

I was wondering if anyone has already found out which tables have to be extempted from the snc_read_only role making it possible to change the password and to enable te possibility to e-mail exports from the system.

If anyone knows this: Keep me posted!!

Regards,

Ed

jgjoling · ‎04-07-2017

HI Ed,

We have a solution for most of the simple enduser actions like saving filters and bookmarks and even for sending emails but the passwords is still an issue.
It looks like we have a solution for changing the passwords in the user profile by changing some ACL but what remains is not being able to reset the password when you login after your password has expired.
In that case you login and after entering the password ServiceNow requires to change it to an new password. This will still not be able.

I raisied anther question article to solve this issue.ny

Kind Regards

Jacob.