Users can't revert customized out-of-box records if Protection Policy is Read-Only, although this is what we actively want them to do.

If an instance has a Customized version of an out-of-box record, but that record has Protection Policy set to Read-Only, then it is not possible to revert this record to the current out-of-box version.
- The 'Revert to this version' related link is not displayed on the 'System Upgrades..' Update Versions [sys_update_version] form.
- After clicking 'Compare to Current', 'Revert to Selected Version' button is not shown.

The only purpose of Protection Policy is to try and keep all of the records that development have deemed to need protecting, to prevent customization breaking features, or breaking features after upgrades due to version mismatches due to the skipped items. To actively prevent users easily putting those back to that out-of-box state is counterproductive, and leads to a maint role user having to do it instead, which results in a Tech Support Case being opened, and a time consuming Change Request being done.

The expected behavior is to allow customers' admin users to revert anything to out-of-box state, regardless of protection policy.

Common reasons why the record may be customized yet have read-only policy are:
- ServiceNow development decided to set the record read-only as part of an upgrade, for an existing record that didn't previously have protection policy
- ServiceNow Professional Services, or a Partner customized a read-only record as part of a custom implementation.
- One of the tricks for circumventing protection policy was used by the Customer, perhaps under the advice of ServiceNow Tech Support, perhaps to implement a workaround for a known Problem

Steps to Reproduce

The following will simulate the issue, and is not specific to one of the real-world examples:

  1. As a maint user, edit an out of box record that has read-only protection policy, to turn that off. e.g. PwdAjaxVerifyIdentity script include from Password Reset plugin.
    2. As an admin user, open the Version record of the original 'System Upgrades' version of that record, and try to revert to that version.

Actual Behavior:
Users cannot revert the file to out-of-box.

Expected Behavior:
The purpose of this system is to try to stop customers customizing in the first place, because custom is bad and out-of-box is good. It should not be preventing reverting back to out-of-box.


This problem is currently under review. You can contact ServiceNow Technical Support or subscribe to this Known Error article by clicking the Subscribe button at the top right of this form to be notified when more information will become available.

To remove the protection policy, so that the record can then be reverted to out-of-box version, will require a Case for Technical Support, as customers do not have the required 'maint' role access.


If you have upgraded and encounter this issue, you can go to the [sys_upgrade_history] table and under "Upgrade details" tab, search for the file you are trying to modify and open the file. You will have an option to "Revert to base version" that you can use that to modify the file.



Related Problem: PRB1367235

Seen In

London Patch 10 Hot Fix 1
Madrid Patch 7 Hot Fix 1
SR - IRM - GRC Profiles - Madrid 2019 Q2
SR - IRM - Policy and Compliance - Madrid 2019 Q2
SR - Security - Integration Framework - Madrid 2019 Q2
SR - Security - Support Common - Madrid 2019 Q2
SR - Security - Support Orchestration - Madrid 2019 Q2
SR - SIR - Security Incident Response - Madrid 2019 Q2
SR - SIR - Store SecOps Setup Assistant - Madrid 2019 Q2
SR - SIR - Store Threat Core - Madrid 2019 Q2
SR - SIR - Store Trusted Security Circles Client - New York 2019 Q3

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2019-11-27 05:45:32