Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Unable to remove role(s) from ACL

Mike49
Tera Contributor

‎07-11-2025 07:23 AM

I'm trying to remove the following roles from the kb_category.create ACL but I'm not able to.

sn_customerservice.requester
sn_esm_user

I've elevated my permission to security_admin and still unable to delete. I noticed that the 2 roles are in the Customer Service app so I've switched the scope to Customer Service and results are the same; still unable to remove these roles from the ACL.

0 Helpfuls
  • 1,060 Views
14 REPLIES 14

Chaitanya ILCR
Mega Patron

‎07-11-2025 07:30 AM

Hi @Mike49 ,

you can try going to the sys_security_acl_role table and filter with your acl and try deleting those records

 

ChaitanyaILCR_0-1752244155190.png

 

Please mark my answer as helpful/correct if it resolves your query.

Regards,
Chaitanya

 

0 Helpfuls

Mike49
Tera Contributor
In response to Chaitanya ILCR

‎07-11-2025 07:42 AM

Hi Chaitanya,

Here are the steps that I performed and nothing worked

 

1) Verify that the Global scope is selected
2) Navigate to the kb_category.create ACL
3) Under Requires role, only the sn_customerservice.requester role has the X to the left to it. The "sn_esm_user" role doesn't have the X (Mark for deletion) option
4) Click Save. The "sn_customerservice.requester" role remains
5) Change the Scope to Customer Service
6) Under Requires role, click the X next to "sn_customerservice.requester" and "sn_esm_user" roles
7) No Save option available. Only Insert and "Insert and Stay"
😎 Navigate to "sys_security_acl_role.list" (still in the Customer Service scope)
9) Filter based on the following condition: ACL Name = kb_category AND ACL Operation = create and ACL.Active = true
10) Select the records where Role = sn_customerservice.requester and sn_esm_user
11) In the Actions on selected rows, select Delete
12) Click Yes to any popup message. Records are not deleted.

0 Helpfuls

Chaitanya ILCR
Mega Patron
In response to Mike49

‎07-11-2025 08:12 AM

Hi @Mike49 ,

delete the ACL and create new one 

 

Please mark my answer as helpful/correct if it resolves your query.

Regards,
Chaitanya

0 Helpfuls

Chaitanya ILCR
Mega Patron
In response to Chaitanya ILCR

‎07-11-2025 09:16 AM

 

 
Mike49
Tera Contributor
 

23m ago

One method worked.  I exported the OOB version from my PDI, deleted the ACL in my instance and imported the OOB version.  

 

Hi @Mike49 ,

I did share the same thing

if your issue is resolved. could you please accept the appropriate answer and close the thread?

 

Please mark my answer as helpful/correct if it resolves your query.

Regards,
Chaitanya

0 Helpfuls