TRIAL REQUEST A DEMO LOGIN

Configuring for non-admin user

If you have decided to not use a read-only admin user to configure your ServiceNow instance, you will need to ensure that Quality Clouds has access to all the code and configuration tables required by setting up individual Access Control Lists on them. You can do so manually, working from the list of tables provided on this list, which is quite time consuming.


Or you can apply an Update Set provided by Quality Clouds. This Update Set will make the following changes in your instance:

  1. Create the qc_access role
  2. Assign the following roles to the qc_access role
    1. business_rule_admin
    2. catalog_admin
    3. client_script_admin
    4. data_policy_admin
    5. form_admin
    6. import_admin
    7. personalize_styles
    8. script_include_admin
    9. sn_change_write
    10. sp_admin
    11. ui_action_admin
    12. ui_policy_admin
    13. ui_script_admin
    14. web_service_admin
    15. workflow_admin
  3. Create read-only ACLs for the qc_access role to those tables which have ACLs restricting access to admin only, which are:
    1. sys_app_cateogry
    2. sys_dictionary_override
    3. sys_data_policy2
    4. sys_script_email
    5. sys_script_pattern
    6. sys_security_acl
    7. sysevent_script_action
    8. sysevent_in_email_action
    9. syslog_transaction
    10. wf_workflow_version
    11. v_index_creator (since version 22.1.1.0)
    12. sys_user.roles (since version 22.2.1.0 - only to roles column)
    13. scheduled_import_set
    14. sysauto_bm_script
    15. sysauto_pa
    16. sysauto_query_builder
    17. sysauto_scripts
    18. sysauto_summary_generator
    19. sysauto_report
    20. sysauto_template
    21. sysauto_custom_chart


Important

Please consider that if you have ACLs in place which could conflict with the ones included in these Update Sets, you will need to resolve these conflicts manually.

Role Change from version 22.1.1.0

If you were using a non-admin user Update Set before version 22.1.1.0, you will need to re-assign the role qc_access to the user configured to run the full scans. The older role (qc_access_role) which relied exclusively on ACLs is no longer used. 

Download version 22.2.1.0 and later

sys_remote_update_set_QualityClouds_22_2_1_0.xml


After the update set has been applied, you will need to manually create the user which Quality Clouds will use to connect to your instance and assign the qc_access role to that user. The snc_read_only role should also be assigned, to ensure that the access is read-only.

Be aware that incremental Update Sets will be published as Quality Clouds expands the functionality and required access to additional tables.


You can now proceed to step 3. Configure the user


Update Sets for Operational Scans

The below update sets are required to enable access to the data fields which are used to monitor the operational behaviour of a productive ServiceNow instance. They are only required if the Quality Clouds Operational Scans product (aka admin bot) has been purchased. The update set for operational scans requires the base update set to be installed before it is applied.

This update set grants read only access to the following tables:

  • cmn_department
  • sys_user - only to the fields user_name, active, last_login
  • sys_user_role - via the role usage_admin
  • sys_user_has_role
Quality Clouds Release VersionRelease DateFull Configuration Update SetIncremental Update Set (from previous release)
20.2.1.0April 29th, 2020

sys_remote_update_set_Quality_Clouds_Operational.xml

N/A

See it in a video



Last modified on Mar 31, 2023
Copyright © QualityClouds 2021