000035880 - ServiceNow Collector reports "Insufficient rights for creating new records" in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Jan 6, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000035880
Applies ToRSA Product Set: RSA Identity Governance & Lifecycle
RSA Product/Service Type: Hosted
RSA Version/Condition: 6.9.1, 7.0.0+
IssueWhen attempting to use the out-of-the-box ServiceNow Collector, the following exception may occur during testing.

Collector test failed: com.aveksa.server.runtime.ServerException:
Test request failed with response: com.aveksa.server.runtime.ServerException: com.aveksa.common.DataReadException: Error occured while creating view View [viewName=AveksaUserView, tableName=sys_user, uiElements=[active, user_name, email, name, last_login_time, sys_id]].
Caused by javax.xml.ws.soap.SOAPFaultException: com.glide.processors.soap.SOAPProcessingException: Insufficient rights for creating new records.
CauseIncorrect permissions granted to the user that RSA Identity Governance & Lifecycle is using to access the ServiceNow service.
An examination of the following documentation for ServiceNow does not list the permissions required for the user accessing the ServiceNow service.
This oversight will be corrected in RSA Identity Governance & Lifecycle version 7.1.
ResolutionThe minimum permission required for the ServiceNow user is soap_query.  With this permission, the following ServiceNow capabilities were successful.
 
Capabilitysoap_query
createaccpass
ResetAccPasswordpass
updateaccpass
enableAccpass
deleteAccpass
disableAccpass
addapprole to accountpass
removeAppRoleToAccountPass
createGrpPass
DeleteGrppass
AddGrouptoGrppass
addaccounttoGrouppass
removeaccountoGrouppass
AddApprole to GroupPass
removeApproelfromGrouppass
AddApproleToApprolePass
RemoveAppRoleFromAppRolepass
create ticketpass
Updateticketpass
check ticketstatuspass
createreqPass
updatereqpass
check req statuspass

Attachments

    Outcomes