- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2024 09:29 AM
Lets consider there are two users
User 1
User 2
User 1 have an admin role
User 2 doesn't have admin role.
There is incident created by user 3 then user 2 open the incident and he can see the error on the top of the incident form like "Read operation on table cmdb_ci_win_server from scope 'Nexthink Incident Management Connector' was denied. The application 'Nexthink Incident Management Connector' must declare a cross scope access privilege. Please contact the application author to update their privilege requests." When user 1 can see the same incident who have the admin role as well as user 3 who created an incident that they can't see an error. The question is why only user 2 can see the error. Please help us why showing an error and how to fix that error.
Solved! Go to Solution.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2024 09:51 AM
@ak49 Your application Nexthink Incident Management Connector need to declare cross scope access privilege using the following step.
Choose the Nexthink Incident Management Connector
Choose Application Restricted Caller Access application from menu
Create New
Create a Cross Scope access record as follows.
Hope this helps.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2024 09:51 AM
@ak49 Your application Nexthink Incident Management Connector need to declare cross scope access privilege using the following step.
Choose the Nexthink Incident Management Connector
Choose Application Restricted Caller Access application from menu
Create New
Create a Cross Scope access record as follows.
Hope this helps.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2024 10:03 AM - edited 01-09-2024 10:03 AM
Hello @ak49,
These errors can occur if certain scoped resources (tables, script includes, etc) are set to deny access to other scopes. To address this a scoped administrator would need to update the Restricted Caller Access record (sys_restricted_caller_access) to allow other scopes to access it.
Resolution:
On the sys_restricted_caller_access table, please add the "Updated" column and check the last updated Restricted Caller Access records for Target Scope Global and set status Allowed.
Here is a KB article that describes a similar error:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0960942