Skip to page contentSkip to chat
ServiceNow support
    • Community
      Ask questions, give advice, and connect with fellow ServiceNow professionals.
      Developer
      Build, test, and deploy applications
      Documentation
      Find detailed information about ServiceNow products, apps, features, and releases.
      Impact
      Accelerate ROI and amplify your expertise.
      Learning
      Build skills with instructor-led and online training.
      Partner
      Grow your business with promotions, news, and marketing tools
      ServiceNow
      Learn about ServiceNow products & solutions.
      Store
      Download certified apps and integrations that complement ServiceNow.
      Support
      Manage your instances, access self-help, and get technical support.
How the ACL Admin Overrides option works - Support and Troubleshooting
  • >
  • Knowledge Base
  • >
  • Support and Troubleshooting (Knowledge Base)
  • >
  • How the ACL Admin Overrides option works
KB0685046

How the ACL Admin Overrides option works


18101 Views Last updated : Jan 17, 2025 public Copy Permalink English (Original)
  • English (Original)
  • Japanese
KB Summary by Now Assist

Issue

When creating or modifying an ACL, one of the fields available is called Admin Overrides. This field sometimes can cause confusion because unchecking it and adding a role is not enough to prevent Admin users from accessing specific data.

This option permits users with the admin role to automatically pass the permissions check for this ACL rule regardless of what script or role restrictions apply. However, the nobody role takes precedence over the Admin Overrides option. If an ACL is assigned the nobody role, admin users cannot access the resource even when the Admin Overrides option is selected. 

If administrators must meet the permissions defined in this ACL rule to gain access to the secured object, uncheck this checkbox. Because administrators always pass role checks, use the condition builder or Script field to create a permissions check that administrators must pass.

This means that merely unchecking the Admin Override checkbox and adding a role is not enough to block Admin users from gaining access.

Release

All

Resolution

Add a condition in the condition builder or check the Advanced option and add a script that prevents the Admin user from gaining access.

For example, to prevent Admin users from accessing Table A:

  1. Create a read ACL.
  2. Uncheck the Admin Overrides option.
  3. (Optional) Add a role.
  4. Add a condition and/or a script and check the Advanced checkbox.

Example of a simple script:


var answer = true; 
if (gs.getUser().hasRole('admin')) 
{ 
answer = false; 
} 

The world works with ServiceNow.

Sign in for more! There's more content available only to authenticated users Sign in for more!
Did this KB article help you?
Did this KB article help you?

How would you rate your Now Support digital experience?

*

Very unsatisfied

Unsatisfied

Neutral

Satisfied

Very satisfied

Very unsatisfied

Unsatisfied

Neutral

Satisfied

Very satisfied

What can we improve? Please select all that apply.

What are we doing well? Please select all that apply.

Tell us more

*

Do you expect a response from this feedback?

  • Terms and conditions
  • Privacy statement
  • GDPR
  • Cookie policy
  • © 2025 ServiceNow. All rights reserved.