Domain assignment

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Domain Assignment

    Domain separation in ServiceNow allows for the organization of data across different domains by adding asysdomainfield to tables and their extensions. This feature primarily separates platform and baseline application tables, while users can extend domain separation to new tables they create. However, caution is advised against domain-separating platform tables due to potential issues.

    Show full answer Show less

    Key Features

    • Domain Assignment: Each record is associated with a single domain stored in the sysdomain field. Domains can be assigned based on various factors, including the user's company, business rules, modules, and form templates.
    • User and Company Assignment: Administrators can assign users to a domain through company associations, ensuring that records created by users automatically inherit the corresponding domain.
    • Business Rules: Administrators can implement business rules to automatically set domain values for records upon creation, provided the sysdomain field is available.
    • Module and Form Templates: Domains can also be assigned using the sysparmdomain URL parameter in modules or by configuring form templates to include the sysdomain field.
    • Domain Inheritance: Related records typically inherit the domain of their parent records, ensuring consistency in domain assignment.

    Key Outcomes

    By leveraging domain separation, ServiceNow customers can effectively manage data across multiple domains, ensuring appropriate access and visibility while automating domain assignments based on user and record relationships. This structure enhances data security and organization, making it easier to maintain compliance and operational integrity within the platform.

    By default, domain separation adds a domain field to tables and their extensions.

    You can also extend domain separation to any new tables you create by adding a sys_domain field to the table's dictionary definition. By default, the system only domain-separates platform and baseline application tables where appropriate.

    Warning:
    ServiceNow does not recommend domain-separating platform tables (any table with the sys_ prefix such as the Dictionary Entry [sys_dictionary] and Dictionary Entry Override [sys_dictionary_override] tables) because it can produce unexpected results.

    Each record is assigned a single domain.  That domain is stored in the sys_domainfield. Several tables, by default, have the sys_domain column and are already domain separated. 

    The value of the sys_domain field contains the domain assigned to the record by any of the following:
    • Company to which the user belongs
    • Business rule when creating record
    • Module used when creating record
    • Form template used when creating record
    • Domain of the parent record
    • Domain assigned to User record
    • Domain of the user who creates it

    The system prevents the following tables from being domain separated:

    • Access Control [sys_security_acl]
    • Script Include [sys_script_include]
    • System Property [sys_properties]
    • Security Exclusion/Inclusion List Entities [sys_security_restricted_list]
    • Dictionary Entry [sys_dictionary]
    • Dictionary Entry Override [sys_dictionary_override]

    Assigning users to companies

    Administrators can quickly assign users to a domain by assigning them to a company. After users are assigned to a domain, records automatically inherit the user's domain.

    For example, assigning Bow Ruggeri to the ACME company automatically assigns him to the ACME domain. Assigning Don Goodliffe to the Initech company automatically assigns him to the Initech domain. Any records they create are automatically added to the appropriate domain.

    Using business rules to assign domains

    Administrators can use a business rule to automatically set a domain value when creating a record. The business rule must set a value in the sys_domain field. Administrators must ensure there is a sys_domain column available for the record's table. To learn more see Domain separation recommended practices for service providers.

    Using modules to assign domains

    Administrators can use the sysparm_domain URL parameter to automatically assign new records to a particular domain from a module. Administrators must create a module with an Argument value of: sysparm_domain=sys_ID of domain.

    Using form templates to assign domains

    Administrators can use a form template to automatically assign new records to a particular domain. Administrators must add the sys_domain field to the form and select a domain value. For example, setting the sys_domain field to TOP/ACME domain automatically assigns all records from this template to the TOP/ACME domain.

    Domain inheritance on tables

    By default, related records inherit the domain of the parent record. For example:

    • A change task record inherits the domain of the parent change request record.
    • A problem record inherits the domain of the parent incident record.

    Automatic domain assignment based on user domains

    If no other domain conditions apply, a record automatically inherits the domain of the user who creates it.