Service Now Application Related Questions

What is mean by Impersonate ? sanjeevreddy.palla@gmail.com

How to create Application ?

How to create module ?

What is plugins ?

What is meant by domain Separation ?

What is meant by MSP ?

What is meant by roles ?

Tables What is meant by tables ?

What are the field types in table ?

What is meant by reference type field ?

What is view ?

In a table how to move the fields into the form ?

How to make a field as unique in table ?

What is dictionary and dictionary overrides ?

How to give the roles to the table ?

What is meant number maintenance ?

How to create application from table and module ?

What is meant by extended table ?

What is meant by record and fields in a table ?

What are the base tables in service Now ?

What is the base table for Incident/change/problem ?

What is depend value ?

Update Sets : What is meant by update set ?

How to move the update set from Dev to Test and Prod ?

What is meant by Merge Update sets ?

Q). What are the update sets Scope,what they will do ?

 What is meant by Coleasce ?

There are two update sets A and B, I have captured few customizations A and
B by mistake I capture few customizations in B instated of A, now I want to
move this customizations from Update set B to Update set A? How will you do
that ?

What are the best parties while capturing the update sets ?

How will you solve the errors in update sets ?

UI Policy & Data Policy What is UI Policy and Data policy?

When will UI policy will execute?

In UI Policy If I un check the OnLoad check box how it will execute?

In UI Policy we have check box reverse if false what is it?

What is deference between UI Policy and Data Policy?

What is difference between UI policy and Client Scripts?

In UI policy and Client script which one will be first execute?

In UI Policy and Client script which one you will prefer?

Client Scripts What is meant by Client script?

 What are the types or methods of Client Script?

What is meant by OncellEdit Client Script?

When will we use the On Submit Client script use?

What are the functions used in Client Scripts?

While loading the incident form I want to get the users id in alert box how will
you achieve this ?

While changing the any fields on the table and save the form I want get the
confirmation alert ?

box these are fields are changes do you want save ok or cancel?

Shall I use the On Load Script In On change Client Script ?

How to call the Service Scripts (Script Incudes) in client Scripts ?

How to call the Business rules in client scripts ?

While loading the incident form I want to get the Current logged in users Id
role and in alert box . How you will achieve this ?

How will you remove the choice values in a field ?

Server Side Scripts- Business Rules

What is meant by Business rules?

What are the types of business rules?

What is meant by Display Business rules?

What are the functions used in Business rules?

What are the global Objects in Business rules?

What is Scratchpad object or variable in business rules?

What is meant by Asynchronous business rules and give me the example?

How will call the Scratchpad variable in client script?

What is meant Query business rule?

What is global business rules?

What is difference between script include and Global business rules and which
one you will prefer?

What is meant by current.update() function and when will it executed?

 What are the best practices of business rules?

Servicer Side Scripts-Script Includes What is Script Include?

Types of Script includes?

How will you call the function in with in function in script include?
In Script Include there is a check box called Client callable if I check or un
check what will happen?
In Script include while declaring the function if we suffix the _ what will
happen?
What is Asynchronous [Getxml()] and synchronous[GetXmlWait()] script
includes?
What is Getxml() and GetXmlWait() functions in Script include?
What is meant by GlideAjax ?

Service Catalogs

Q). What is meant by Service Catalogs ?

Service catalogs provide a customer-facing view of available service and product offerings
provided by departments within the organization. This allows organizations to promote these
offerings in a structured and easily navigatable way, and encourages customers to access
catalogs to serve their own needs. navigate to Self-Service > Service Catalog

A service catalog enables customers to view and order items from departments within
your organization. These catalog items can include goods, services, and information.

Anything that can be ordered individually can be ordered as a catalog item. Anything that only
exists as a part of a larger whole cannot be a catalog item. For example, a laptop can be a
catalog item, but a high-resolution display for a laptop cannot.

A well-defined and managed service catalog provides:

A self-service opportunity for customers.

A single portal to present all service and product offerings.

A standardized approach to request fulfillment.

Management of customer expectations.

Q). Explain me the life cycle process of service catalogs or Request?

Q). What is Maintain Item ? Catalog items are goods or services that are available to
order from a service catalog. Administrators and catalog administrators can define catalog items,
with details such as formatted descriptions, photos, and prices.

Maintain Items: Create and edit catalog items, the actual goods or services available to
order from a catalog. Service Catalog > Catalog Definition > Maintain Items > NEW .

Q). What are the base tables or when request is raised what are the
table will be create?
Q). What are the types/Categories of Service Catalogs ?

The Service Catalog application is a way for customers to order pre-defined,

bundled goods and services from your IT organization or other departments. It
offers a consistent and intuitive online ordering experience with as much
flexibility as you need. The catalog is a structured commodity with its own
description, fields, price, and execution schedule.

Types of Service Catalog : Record Producer, Order Guide, Normal Catalog Item.

Q). What is Order guides ? -- Order guides enable customers to make a single
service catalog request that generates several items. ... The order guide then submits an order for
catalog items like business cards, based on the details provided. ... Order guides determine which
catalog items to order by evaluating order guide rule conditions. ... Administrators and catalog
administrators can create order guides for the service catalog. ... Order guides can be run
automatically, generating a set of ordered items without needing to manually submit a service
catalog request .

Order Guides: Create and edit standard groups of related items, allowing end users to
easily order these items in one request. For example, define a New Hire Equipment order
guide.
Q). What is Record Procedure and how to declare the variable ?

Record Producers: Enable records to be created directly from the service catalog. For
example, allow customers to raise incidents from the service catalog.

Q). What is UI catalog Policy and UI Catalog Client script ?

Catalog Client Scripts: Define dynamic effects and validation to items or variable sets.
Catalog UI Policies: Define the appearance and behavior of fields. For example, make it
mandatory for anyone
Q). What is variable sets ? Variable sets allow you to group variables together, and
share this group between multiple catalog items and order guides. Changes made to a variable
set affect all items that use the variable set, allowing you to change the set once, then apply the
changes to all items using that set.

A service catalog variable provides the ability to capture and pass on information about choices a
customer makes when ordering a catalog item. Some variables can be defined to affect the order
price, depending on the selected value.

For example, a New PC catalog item can use a variable called "Memory", which provides
choices to allow customers to select extra memory, for associated extra prices.

Variables can be stored, accessed from multiple places, and passed between tasks in a process
when fulfilling a request.

Variables can be displayed on the Requested Item and Catalog Task forms after an item has
been ordered. Variables can also be associated with variable sets and re-used across multiple
catalog items.
Q). What is catalog task and Task ?

The Catalog Task activity creates a service catalog task record.A user must complete the catalog
task. This activity is available only for workflows running on the Catalog Request Item
[sc_req_item] table.
Q).In order guide what is Rule base ?

Import Sets What is an Import set ?

What is the process of Import set process ?

What is source table or staging area ?

In which format data will be load ?

Transform maps

What is meant by Transform map ?

What is force Mandatory field ?

What is meant by Auto Mapping and Mapping assistance ?

What is are the Transformation rules ?

How to restrict the duplicate values while transformation the data ?

What is the difference between OnAfter/OnBeofre/OnCompleteTransforamtion

rules ?

What is Coalesec and Choice actin in transform Map ?

If put Coalesec as true for two fields what will happen ?

Workflows Q). What is work Flow ? is a virtual representation of tasks consisting of

connected steps planned out in a sequential manner .

Q). What are the Activities in work flow ? Workflow activity is a workflow block
that organizes the individual actions the workflow performs as it runs.

Q). What are the tables in work flow ? For full flexibility, workflows store information
over a number of different tables. Usually these tables are not interacted with one-by-one; rather,
use the Workflow Editor to edit workflows. The following lists are provided for reference
purposes.

Workflow Tables [wf_workflow] -- The master records of workflows.

Workflow Context [wf_context] - Individual instances of a workflow being used.

Workflow Instance [wf_workflow_instance] - Connections of workflows to subflows

Activities Tables - Activity Designer [wf_element_activity]

Workflow Components ,History,Stages Table are available .

 Q). What is workflow context ?

Workflow Context [wf_context] Used for data separation

Q). What is publish and check out ?

Chek Out :- Means if any changes made to the workflow those are reflected on
the workflow when it is checked out. When the workflow was checked out.
Automatically set by the Checkout action in the workflow menu.

The user who has this workflow checked out. This value is automatically
set by the Checkout action in the workflow menu

Once you force a checkout of a workflow version, it then belongs to

you until you published it

Only one copy of a workflow version can be checked out at any time. If
you are unable to check out a workflow, check to make sure another
user hasn't already checked it out.

checked-out workflows run as the latest version for the user who has it checked-out

Publish :- When a workflow is complete, publish the workflow so that it is

available to all users . The workflow is then activated and can be used according to the
defined properties. A version is automatically created when a published workflow is checked-out.
To publish a workflow:

1. Navigate to Workflow > Workflow Editor.

2. Open the workflow that you want to publish.
3. In the title bar, click the menu icon and select Publish.
Q) What is Approval coordinator ?
The Approval Coordinator activity is used as a container for one or more Approval - User,
Approval - Group and Manual Approval activities.
The Approval Coordinator is then responsible for waiting for the approval activities that are
contained within it before deciding if it should complete with a result of approved or rejected.
When the Approval Coordinator activity completes, all pending approvals that were created by
any of the Approval Coordinator approval activities are immediately set to No Longer Required.
If a single user is called as an approver twice by the same workflow, such as when a single user is
both a product approver and an executive approver, any approvals for that user after the first are
skipped.
Q). What is wait for activity ? The Wait for WF Event activity causes the workflow
to wait at this activity until the specified event is fired. ... Use
this activity to wait foranother activity to fire an event. ... Wait For WF Event activity input
variables Field Description Wait for Event An event name to trigger the workflow. ... WaitFor WF
Event activity states State Description Executing The workflow engine knows to start the
onExecute function of the activity. ... See the result value forthe outcome of the activity.

The Wait for condition activity causes the workflow to wait at this activity until the current
record matches the specified condition. ... The workflow evaluates
 the Wait for condition activity each time the current record is updated. ... Note:
A Wait for condition activity should only be used towait for an external event such as a
record update, and not one from a workflow setting a value. ... Wait for condition activity input
variables Field Description Condition The workflow is paused at this activity until this condition
matches the current record. ... Wait for condition activity states State Description Executing
The workflow engine knows to start the onExecute function of the activity.

Q) What is timer activity ? The Timer activity pauses the workflow for a specified
period of time. ... Timer activity results Result Description Complete The activity successfully
reached the specified duration. ... Timer activity input variables Field Description Timer based on
How the timer duration is computed. ... Timer activitystates State Description Executing
The Timer activity is in this state very briefly while initializing, after which it immediately changes
to Waiting . ... Example You can use a Timer activity to pause the workflow until the end of the
business day.

Q) What is rollback and rollback to activity ?

The Rollback activity transitions to an earlier activity and updates all approvals and tasks
executed after that point. ... Approvals are reset to Not Requested and tasks are
reset to Open . ... Rollback updates all activities that have executed between
the rollback and the transitioned to activity, including those not directly joined by transition
lines. ... Use the Rollback To activity instead. ... Comment This comment is written to the
Comment field in the current task and is typically used to indicate that a rollback has
occurred.

Rollback To Activity When conditions in a workflow triggers a Rollback To activity, the

workflow moves processing backward to a specified activity in the workflow and resets
certain activities that have already executed back to their original state. ... When an activity is
reset during a workflow rollback, the following happens: Approvals are reset to Not
Requested . ... Only approval and task activity states are reset. ... Use
the Rollback To activity instead. ... TheRollback To activity resets activities based on the
actual workflow sequence (transition line attachments) of activities between itself and the
transitioned toactivity, rather than using the execution order to determine where processing
should restart.

How will you get the dynamic approvals ?

I want generate the two task from work flow while raiding the request ?

Shall I pause the work flow for 10ms then how ?

Q) What is run Script in workflow ?

The Run Script activity runs any script.. Use the Run Script template to create an activity
that runs any script .

Q). Orchestration extends the workflow engine to manage human processes and to automate
things outside of a ServiceNow instance.

What are the 3 basic components of Workflow ?

Ans. Approvals , Notifications, Task
 SLAs What is SLA and OLA n UP ?

Difference b/w SLA/OLA/UP

SLA = Service level Agreement = Agreement with the customer
OLA = Operation Level Agreement = Agreement with internal delivery processes
UP = Underpinning Contract = Contract with Supplier

The OLA's and UP's have to be in line with the SLA, which has to be fulfilled. Cause the OLA's
and UP's ensures that your customer get's the agreed service and value add by having a
partnership with your company.

Q). What are the condition in SLAs ? You can set four SLA conditions: start, pause,
stop, reset.

Start condition Enables you to define the conditions under which the SLA will be
attached. If one or more of the specified start conditions change, then the SLA will be
canceled.

Select Retroactive start to choose a date and time field from the task that will
provide the start time of the task SLA. If you select theRetroactive
start check box, the Set start to field appears offering the date and time
fields available on the task type that this SLA definition applies to. For
example if you select Retroactive start on a Priority 1 SLA definition and then
choose Created in the Set start to field, then the SLA is attached with the
start time being the date and time from the Created field on the Incident.
Pause condition Enables you to define the conditions under which the SLA will
suspend increasing elapsed time. If one or more of these conditions no longer
match, then the elapsed time will continue to increase.
Stop condition Enables you to define the conditions under which the SLA
completes. If all of the specified stop conditions match, then the task SLA will
complete regardless of whether it is breached.
Reset condition Enables you to define the conditions under which the running SLA
will be completed and a new SLA will be attached. For a new SLA to be attached,
the start condition must match.
Q). How to stop,Pause and cancel the SLA ?

start conditions: active is true and priority is high , or Status is NOT pending change
or Status is NOT pending problem .
Stop conditions: would be assignment group is NOT empty , or assigned to is not empty
and status is work in progress , or status is resolved or status is closed .

However, I didn't include all of my "pending" type status as negative conditions, so therefore,
I would have an incident that would get created and it would sit in a "new" status. So the
response time SLA would fire and the clock would be running. As soon as the assigned to
field or the assignment group field and status field were updated (i.e. the ticket gets assigned
to a group or person AND the status would change to work in progress) the SLA would be
achieved (if it was within it's defined time frame). However, as soon as someone would put
that ticket into a "pending" status, the Response time SLA would fire again.

Primary SLA
--------------------------
Start Condition - You already have this set
Stop condition - State is one of Closed/Cancelled(or any other similar state you may have)
Second SLA
-------------------------
Start Condition :- Assignment Group is XYZ and
Priority is P4
Pause :- Assignment Group is not XYZ
OR
Priority is not P4
OR
State is one of Pending change, Pending Vendor, Resolved
Stop :- State is one of Closed/Cancelled

Where SLA will be define ?

Where SLA will be stored ?

What is schedule in SLA ?

Q). If I didn t provided the Duration type in SLA what will happen ?

The SLA duration will work in conjunction with the SLA schedule.

If a schedule is not selected for an SLA, the SLA will run 24X7.

Schedules have an impact on the duration specified in an SLA definition.

This impact is reflected in the timings that are taken into consideration while calculating an
SLA. Consider a scenario where you select a duration of one day, which is 24 hours, and
a schedule of 9 am to 5 pm, which is 8 hours. The SLA calculation will distribute the 24
hours across three working days of 8 hours each. So a team working on a task
associated with this SLA has 3 days to complete the task before the SLA is breached.
You can select one of two SLA durations types to define the length of time within which a
task must be completed before the SLA is breached. If an SLA schedule is defined, the
duration works in conjunction with the schedule.
When you define an SLA, you can select either a user specified duration or a relative
duration.
User specified duration
Specifies a static duration period, such as 8 hours, often in conjunction with a
business schedule.
Relative duration
Specifies a duration relative to the start time of the task SLA and is defined
using a script. For example, you can select a relative duration such as End of
next business day or Next business day by 4pm.
Q) . What is Retroactive start ?

You can use retroactive start to retain the timing information for an SLA when a task record
changes. About this task
When a task record changes, typically a new SLA may be attached, with a new set of timing
information. This is useful if you are re-assigning an incident to another group and want to attach a
new SLA record with new timing information.
However, you may want to retain the task's time information in specific situations. For example, an
incident is raised with a priority of 3 - Moderate and the priority changes to 1 - Critical after 3
hours. A priority 1 SLA is attached to the incident at that time. You can use retroactive start to
ensure this SLA timing is adjusted retroactively to count from when the incident was first created,
rather than from when the incident's priority changed. This reflects the actual time the user
contacted you.
Note: When retroactive start is enabled, it may result in task SLAs being breached as soon
they attach, which will trigger multiple notifications. To prevent the workflow from being
processed for these breached SLAs, set the com.snc.sla.workflow.run_for_breached
property to false.

Q). I want to send notification if SLA has breached 50% r 75% r 100% how will
you achieve?

Q). Email Notifications : Use email notifications to send selected users email about
specific activities in the system, such as updates to incidents or change requests. If you want to
change how the system processes incoming email, see Inbound Email Actions.

Email notifications allow administrators to specify:

When to send the notification

Who receives the notification

What content is in the notification

Event based Notifications :- Administrators can create a custom event to send an

email notification if an existing business rule does not provide the necessary event. For example,
you might want to notify people who initiate a service catalog request whenever a comment is
added to that request.

Events may exist in one of several states: Ready, Processed, Error, Transferred .

The following sample script adds a request.commented event with the user's Sys ID as parm1
and the user's user name for parm2.
if (current.operation() != insert && current.comments.changes()) {
gs.eventQueue(request.commented, current, gs.getUserID(),
gs.getUserName());
}

ACLs

Q).What is ACL ? An instance uses access control list (ACL) rules, also called access
control rules, to control what data users can access and how they can access it. ACL rules
require users to pass a set of requirements in order to gain access to particular data. Each ACL
rule specifies:

The object and operation being secured

The permissions required to access the object
In addition to other methods for securing data, ServiceNow utilizes access control list (ACL)
rules to control what data users can access and how they can access it. Most ACL rules restrict
or grant access by user role. Users who pass the user role requirement of an ACL rule gain
access to the protected object, such as a table, field, or database operation.

Users with access to the security_admin role can:

Create ACL rules to secure new objects

Update existing ACL rules to grant or deny users access to objects based on their
business requirements .

Debug ACL rules to determine why users cannot access certain objects
I'm trying to make every field on the cmn_location table form read only for all users except I want
just the users who are members of about 4 different groups to be able to update 2 of the fields
I've added to the table. For each of those groups I have a group specific role available. OOB the
ACL's already there allow users with the role of user_admin to write to the table.

Evaluating ACL Rule Permission Requirements

An ACL rule only grants a user access to an object if the user meets all of the permissions
required by the matching ACL rule.

The condition must evaluate to true.

The script must evaluate to true or return an answer variable with the value of true.
 The user must have one of the roles in the required roles list. If the list is empty, this
condition evaluates to true.
[Record ACL rules only] The matching table-level and field-level ACL rules must both
evaluate to true.

ACL Rule Workflow to Evaluate Permissions

Record ACL Rules

Record ACL rules consist of two parts:

Table name: the table being secured. If other tables extend from this table, then the table is
considered a parent table. ACL rules for parent tables apply to any table that extends the
parent table.
 Field name: the field being secured. Some fields are part of multiple tables because of table
extension. ACL rules for fields in a parent table apply to any table that extends the parent
table.

You want to retain these permissions:

Table: read-only access for all users

Write access for admin users

Two Fields: Write access for four specific groups of people

Adding the group roles easily gives the group members write access to the table but doesn't
restrict all fields except the two I want them to be able to update.
Where are you adding the roles? Are you adding them to a table write ACL or to an ACL for each
of the two fields that you need to modify the access for?

Is there a reason you are using the pre-existing group-based ACLs? You'd probably be happier
in the long run with adding a more specific ACL (cmn_location_editor or something like that) and
adding that role to all of the groups or roles that you want to grant the permission to. It's a lot
easier to see where the permissions are going that way, IMHO. Greater expertise is welcome to
chime in here. The read ACL already allows any user logged in to read the fields.

Check -- If I simply write a new field level ACL for the fields I want write access to and add the
roles I want to be able to write to those fields the users do not get write access to any field on the
table.

I think this is your problem right here. We need to dig into what's going wrong with the two field-
level ACLs you wrote for the fields you want to grant permission to. How complex are your two
field-specific ACLs? If all you want to do is add editing permission for those roles, that should be
the only part of the ACL that's filled out; no conditions or scripts necessary. If you add a script or
a condition, the evaulation is AND, not OR; that is, ALL of the three (role, condition, script) must
be true for the ACL to return true.

Are ACLs the best approach here? Do I need to create a field level ACL for every field
specifically?

Yes, ACLs are the right way to go. In fact, I'm not certain that there is another (reasonable and
non-destructive) way to do it.

The only fields you need to create an ACL for are the ones that you want MORE SPECIFIC
access controls on. There's a great charthere that can really shed some light; when I had a
particularly complex set of ACLs to juggle I printed the darn thing. It boils down to this:

ServiceNow will always look for more specific rules before it looks for more general rules.

First it's going to look for table_name.field_name permissions. If it finds those, it evaluates the
permissions against this rule (or set of rules). This more specific rule overrides any other rules
(coding formatting to preserve asterisks, because I can't reddit):
table_name.field_name > table_name.* > table_name > *.* > *
 For your fields that you don't want to change the permissions on, you should not need to make
any changes to the ACL. They'll look for table_field.field_name, not find it, and fall right through
to the correct permissions. You should only need to make ACLs for the two fields you need to be
able to modify. tl;dr
Yes, ACLs are the way to go here. They are able to do what you need them to (as described).
Only add new write ACLs for the fields you want to change the behavior of.
Consider using ONE role for the table and adding it to the roles you want to have that access.
I think the best way to handle this situation would be to do this:

1. You have to allow those groups to write to the table, first and foremost. Any field level ACLs are
going to get ignored if you fail a table ACL. Edit the cmn_location/write table ACL to check for
memberships in those groups. Remove any roles in the role list. If you want to still check for
specific roles, you can add a check for that in the script. The script would look like this:
var user = gs.getUser();answer = user.isMemberOf('group_name1') ||
user.isMemberOf('group_name2') || user.isMemberOf('group_name3') ||
gs.hasRole('user_admin');

2. Create 2 new ACLs for the 2 fields, and use the script field on each to check those group
memberships like you did in step 1. If you stopped right here, those groups' members would
have access to all the fields in cmn_location. Since you only want them to have write access to
specific fields, you have to deny access to the rest of the fields (step 3).

3. Use a cmn_location.*/write ACL to deny write access all fields in the table (say "answer = false"
in the script field). This will get overruled by the field level ACLs you create in step 3.

The result is this: if you have the right group memberships, you pass the field level ACL, and
table ACL, which grants access. If you don't have the right memberships, the table rule is going
to deny write access, period.

It's important to remember that if a field level ACL grants access, but the table ACL denies, then
the result is a DENY. Likewise, granting write access at the table level will grant access to all
fields in the absence of a field level ACL or a wilcard ACL.

Field ACL Rules

Field ACL rules are processed in the following order:

1. Match the table and field name. For example, incident.number.

2. Match the parent table and field name. For example, task.number.
3. Match any table (wildcard) and field name. For example, *.number.
4. Match the table and any field (wildcard). For example, incident.*.
5. Match the parent table and any field (wildcard). For example, task.*.
6. Match any table (wildcard) and any field (wildcard). For example, *.*.
The first matching evaluation stops ACL rule processing at that field level. This means that when
a user passes or fails a field ACL rule, the system stops searching for matching field ACL rules
below that level. For example, if there is a matching rule for the incident.number field, the system
stops searching for matching field ACL rules such as task.number or incident.* because the user
has already been granted or denied access to the field.

Table ACL Rules

In most cases there is not an individual field ACL rule for every field in the table the users is
trying to access. If no field ACL rule matches the record object, the user must pass the table ACL
rule. Since the base system includes wildcard table ACL rules that match every table, the user
must always pass at least one table ACL rule. The base system provides additional table ACL
rules to control access to specific tables.

Table ACL rules are processed in the following order:

1. Match the table name. For example, incident.

2. Match the parent table name. For example, task.
3. Match any table name (wildcard). For example, *.
Just like with field ACL rules, the system grants the user access to the record object secured by
the ACL rule and stops searching for matching ACL rules the first time a user passes a table ACL
rule's permissions. A user who passes the table ACL rule for incident has access to all fields in
the Incident table. A user who passes the table ACL rule for task has access to all fields in the
Task table as well as the fields in extended tables. A user who passes the table ACL rule for any
table has access to all fields in all tables.
Q). How many ways can restrict apply ACLs ?

Q). What are the operations in ACL ?

Q). What save a Template ?

Q). What is difference between If I put operation as Incident .* and

incident.None ?

Assign Roles by Group

User roles can be assigned to both groups and users. Every user in a group inherits the group's
user roles. Similarly, some roles also contain other roles. For example, the admin role contains
many other roles. Users with a parent user role inherit any child user roles contained by the
parent.

The preferred method of assigning roles to users is to add users to groups that have been
assigned the desired roles. When you assign a user to a group, the user inherits that group's
roles. When you remove a user from a group, the group roles are revoked for that user. This
method makes managing roles much easier than assigning roles to individual users.

To add users to groups and apply roles to groups:

1. Navigate to User Administration > Groups.

 2. Click the group to which you want to assign the users.
3. From the Group members related list, click Edit.
4. Select the users and click Add.
5. Click Save.
6. From the Roles related list, click Edit.
7. Add the roles and click Save.

A group is a set of users who share a common purpose. Groups may perform tasks such as
approving change requests, resolving incidents, receiving email notifications, or performing work
order tasks. Any business rules, assignment rules, system roles, or attributes that refer to the
group apply to all group members automatically. Users with the user_admin role can create and
edit groups. Creating the Group as follows .

1. Navigate to User Administration > Groups.

2. Click New.
3. Fill in the form.
Glide Reference

Q). What do you understand about Glide Record ?, Explain use of it ? How do you find
total number of records in a problem table using Glide Record?

GlideRecord is a special Java class (GlideRecord.java) that can be used in JavaScript exactly as
if it was a native JavaScript class.

GlideRecord is used for database operations instead of writing SQL queries.

GlideRecord is an object that contains zero or more records from one table. Another way to say
this is that a GlideRecord is an ordered list.
A GlideRecord contains both records (rows) and fields (columns). The field names are the same
as the underlying database column names.
Q). What is Glide Element ? Explain usage of it ?

GlideElement provides a number of convenient script methods for dealing with fields and
their values. GlideElement methods are available for the fields of the current GlideRecord.

Q). What is Glide System ? Explain use of it ?

The GlideSystem (referred to by the variable name 'gs' in Business Rules) provides a
number of convenient methods to get information about the system, the current logged in
user, etc. For example, the method addInfoMessage() permits communication with the user.

gs.addInfoMessage('Email address added for notification');

Many of the GlideSystem methods facilitate the easy inclusion of dates in query ranges and are
most often used in filters and reporting.
Q). How do you insert data into a table using Glide Record ? Explain the syntax
var rec = new GlideRecord('incident');
rec.initialize();
rec.short_description = 'Network problem';
rec.caller_id.setDisplayValue('Joe Employee');
rec.insert();

Q). Explain how do you perform a deletion on a specific table, specific row using Glide
Record ? var rec = new GlideRecord('incident');
rec.addQuery('active',false);
rec.query();
while (rec.next()) {
gs.print('Inactive incident ' + rec.number + ' deleted');
rec.deleteRecord();
}
Q). glide list A field defined as a glide list is an array of values stored in a single field.
Here are some examples of how to process a glide_list field when writing business rules.
Generally a glide_list field contains a list of reference values to other tables.

Examples: For example, the Watch list field within tasks is a glide_list containing
references to user records. The code below shows how to reference the field.

// list will contain a series of reference (sys_id) values separated by a comma

// array will be a javascript array of reference values

var list = current.watch_list.toString();

var array = list.split(",");

for (var i=0; i < array.length; i++) {

gs.print("Reference value is: " + array[i]);

You can also get the display values associated with the reference values by using the
getDisplayValue() method as shown below.

// list will contain a series of display values separated by a comma

// array will be a javascript array of display values

var list = current.watch_list.getDisplayValue();

var array = list.split(",");

for (var i=0; i < array.length; i++) {

gs.print("Display value is: " + array[i]); }

Note: For a script example of how to edit a glide list, see Add All Email Recipients to Watch List.

Q) ServiceNow can automatically assign a task to a user or group based on pre-defined

conditions by using:
 Data lookup rules
Assignment rules
Data Lookup Rules Data lookup rules offer a generic way to change any field value,
not just assignment fields. Data lookup rules offer the following improvements over
the Assignment module:

Ability to change any field value not just an assignment field

More options to define when a rule runs:
On form change (Allows assignment rules to apply to unsaved changes on a form)
On record insert
On record update
Option to replace existing values (including default values)
Assignment Rules Module The Assignment rules module allows you to
automatically set a value in the assigned_to and assignment_group fields when a set of
conditions occurs. An assignment rule must also meet these additional criteria to run:

The task record has been created or updated. Assignment rules do not apply to unsaved
changes on a form.
The task record must be unassigned. The record cannot have an existing value for either
the assigned_to or assignment_group fields. Assignment rules cannot overwrite existing
assignments (including assignments set by a default value or a previously run assignment
rule).
The assignment rule is the first rule that matches the table and conditions. If more than one
assignment rule matches the conditions, only the rule with the lowest order value runs.
Dot-walking provides access to fields on related tables from a form, list, or script. If
the current table contains a reference to another table, any field on the referenced table
can be accessed using dot-walking.

Dot-walking references a field by building a chain of field names separated by dots

(periods). For instance, incident.assigned_to.company references the company of the
user assigned to an incident. The recommended limit for chain length is three levels.

1) what is the difference between the glide record and glide Ajax ?
Glideajax is used for call include script
Gliderecord used for get data from tables.
If you write gliderecord in client script it will effect performance issue becuase we
are getting data from database.
In that case we can use Glideajax to call includescript . In includescript we can
write gliderecord and return data to client script. It would be faster.

GlideAjax :
 GlideAjax class allows the execution of server-side code from the client. GlideAjax
calls pass parameters to the script includes, and, using naming conventions, allows the
use of these parameters.
GlideRecord :- Is a Java Class that is used for database operations instead of writing SQL queries.
is an object that contains zero or more records from one table. Another way to say this is that a
GlideRecord is an ordered list.
GlideAjax in server side is useless.
GlideRecord in Client Side is limitted, so, in order to perform some "GlideRecord"
operations from client side, you should call a GlideAjax in order to run the GlideRecord
from the server properly, and allow to perform some operations.

Glide Ajax is best to be used at client Side to call script include, so that u can get data from server
side . Glide record is like Select in SQL , to fire a query we use glide record.
In Script include glide record is used.

CLIENT AND SERVER-SIDE PROGRAMMING

ServiceNow uses JavaScript and makes use of both client-side and server-side
programming. Although there are tasks both types can do, there are some tasks that can only be
done client-side and other tasks that can only be done server-side.

Client-side programming is often preferred by users, due to the immediate interactivity of

the scripts. Server-side programming is often preferred by developers due to eased complexity
and better performance.

Let's look into what both types are and their advantages and disadvantages.

Client-side Programming

ServiceNow Client scripts are Javascript that runs on the client-side (the user's web browser)
and instead of the server (on the server). Often it is used for immediate form changes, form
validation, or user input, and when limited database lookups are needed. The ServiceNow
Service Catalog often uses client side, "Catalog Client Scripts".

Types of client scripts

onLoad(): Runs when a form is loaded.

onChange(): Runs when a particular widget changes value.

onSubmit(): Runs when a form is submitted.

onCellEdit(): Runs when a cell on a list changes value.

With the exception of the CellEdit client script, client scripts apply to forms only

Advantages

Can run immediately on field change or form load

Can provide interactive windows with AJAX

Disadvantages
 No sequencing for client scripts running on same table

Can affect performance

Can be more difficult to write than server-side programming such as business rules

Limited Glide Record queries (Should use GlideAjax instead)

No access to certain ServiceNow libraries such as GlideSystem

Can be affected by the type of browser used

Limited database calls should be utilized due to performance

Server-Side Programming

ServiceNow Server-side programming like business rules, is JavaScript configured to run when
a record is displayed, inserted, updated, deleted, or when a table is queried. Server scripts run
on the server or database.
ServiceNow uses server-side scripting in areas such as:

Business Rules ,Script Includes, Script Actions,Reference Qualifiers, Transform Map

Scripts, Workflow Scripting

Advantages

Performance. When running code on the server, it often has a faster load time and
processing time than a client script

Not affected by type of browser

Can perform complex database lookups

Can dot-walk many levels, however three levels is often a recommend maximum

Disadvantages

Not as interactive as client scripts, needs an event like save, delete, or display to run

They can change the appearance or behavior of ServiceNow or run as business rules
when records and tables are accessed or modified.
Server scripts run on the server or database.Server-side Glide APIs (Application
Programming Interfaces) provide classes and methods that you can use in scripts to
perform server-side tasks.
Business rules
A business rule is a server-side script that runs when a record is displayed, inserted,
updated, or deleted, or when a table is queried.
Script includes
Script includes are used to store JavaScript that runs on the server.
Script actions
You can use script actions to create server-side scripts that perform a variety of tasks,
such as modifying a configuration item (CI), or managing failed login attempts. Script
actions are triggered by events only.
UI pages
 UI pages can be used to create and display forms, dialogs, lists and other UI
components.
UI Macros
UI macros define modular, reusable components in the ServiceNow platform. For
example, UI Macros are used to apply formatters to various forms within ServiceNow that
provide additional information about the form without using a field. This functionality
requires the knowledge of Jelly script.
A client script is a piece of JavaScript code that runs on the client, rather than the
server. Well-designed client scripts can reduce the amount of time it takes to complete a form.
However, improperly implemented client scripts can significantly slow down form load times. With
the exception of the CellEdit client script, client scripts apply to forms only .
A business rule is a server-side script that runs when a record is displayed, inserted,
updated, or deleted, or when a table is queried.

Use business rules to accomplish tasks like automatically changing values in form fields when
certain conditions are met, or to create events for email notifications and script actions.

Note: Business rules can make use of scripts to take actions on records in the database.
However, there are several other scripting options available on the platform, such as client
scripts and UI actions.

How business rules work

To configure business rules, you first need to determine when the business rule should
run and what action it should take.
Create a business rule
You can create any type of business rule from the Business Rule form.
Business rules in scoped applications
Every business rule is assigned to either a private application scope or to the global
scope.
Scripting in business rules
A business rule script specifies the actions that a business rule takes.

To configure business rules, you first need to determine when the business rule should
run and what action it should take.

When business rules run, Business rules run based on two sets of criteria:

The time that the business rule is configured to run relative to a record being modified or
accessed.

The database operation that the system takes on the record.

The following options are provided to determine the time the business rule should run:
Time the business rule should run
Option When the rule runs
Before After the user submits the form but before any action is taken on the record in
the database.
 After After the user submits the form and after any action is taken on the record in the
database.
Async When the scheduler runs the scheduled job created from the business rule. The
system creates a scheduled job from the business rule after the user submits the
form and after any action is taken on the record in the database.
Display Before the form is presented to the user, just after the data is read from the
database.
Note: Asynchronous business rules do not have access to the previous version of a record.
Therefore, the changes(), changesTo(), and changesFrom() GlideElement methods do not work
with async rules.
The following options are provided to determine the database operation that the system takes on
the record:
Following are the Database operation that the system takes on the record
Option When the rule runs
Insert When the user creates a new record and the system inserts it into the database.
Update When the user modifies an existing record.
Query Before a query for a record or list of records is sent to the database. Typically you
should use query for before business rules. See Before-Query example.
Delete When the user deletes a record.

Note: Business rules apply consistently to records regardless of whether they are accessed
through forms, lists, or web services. This is one major difference between business rules and
client scripts, which apply only when the form is edited.

Business rule actions

Business rules can perform a variety of actions. Common types of actions are:

Changing field values on a form that the user is updating. Field values can be set to specific
values available for that field, values copied from other fields, and relative values determined by
the user's role.

Displaying information messages to the user.

Changing values of child tasks based on changes to parent tasks.

Preventing users from accessing or modifying certain fields on a form.

Aborting the current database transaction. For example, if certain conditions are met, prevent the
user from saving the record in the database.
Administrators can set field values, create information messages, and abort transactions without
writing a script. See Scripting in Business Rules for script examples.
Minimize Server Lookups
Client scripting uses either data available on the client or data retrieved from the server. Use
client data as much as possible to eliminate the need for time-consuming server lookups. The top
ways to get information from the server are g_scratchpad, and asynchronous GlideAjax lookup.

The primary difference between these methods is that g_scratchpad is sent once when a form
is loaded (information is pushed from the server to the client), whereas GlideAjax is dynamically
triggered when the client requests information from the server.

Other methods, GlideRecord and g_form.getReference() are also available for retrieving
server information. However, these methods are no longer recommended due to their
performance impact. Both methods retrieve all fields in the requested GlideRecord when most
cases only require one field.

Using Predefined Global Variables

Use the following predefined global variables to reference the system in a business rule script:

current: The current record being referenced.

previous: The record before any changes were made, available on update and delete
operations. This is not available on asynch operations.
g_scratchpad: Scratchpad object available on display rules, used to pass information to the
client to be accessed from client scripts.
system (or gs): References to GlideSystem functions.
Variables, such as current, previous, and g_scratchpad are global across all business rules
that run for a transaction. User-created variables are also globally scoped by default. If a new
variable is declared in an order 100 business rule, the business rule that runs next at order 200
also has access to the variable. This may introduce unexpected behavior.

The recommended method for preventing such unexpected behavior is to always wrap your code
in a function. This protects your variables from conflicting with system variables or global
variables in other business rules that are not wrapped in a function. Additionally, variables such
as current must be available when a function is invoked in order to be used.

This is an example of a script that is vulnerable to conflicts with other code. If the variable gr is
used in other rules, the value of the variable may unexpectedly change.
var gr = new GlideRecord('incident');
gr.query();
while (gr.next()) {

//do something

When this script is wrapped in a function, the variable is available only within the function and
does not conflict with other functions using a variable named gr.
myFunction();

function myFunction() {
var gr = new GlideRecord('incident');
gr.query();
while (gr.next()) {
//do something
}
}

-- Example: g_scratchpad
The g_scratchpad object passes information from the server to the client, such as when the
client requires information not available on the form. For example, if you have a client script that
needs to access the field u_retrieve, and the field is not on the form, the data is not available to
the client script. A typical solution to this situation is to place the field on the form and then
always hide it with a client script or UI policy. While this solution may be faster to configure, it is
slower to execute.

If you know what information the client needs from the server before the form is loaded, a display
business rule can create g_scratchpad properties to hold this information.
The g_scratchpad is sent to the client when the form is requested, making it available to all
client-side scripting methods. This is a very efficient means of sending information from the
server to the client. However, you can only load data this way when the form is loaded. The
business rule cannot be triggered dynamically. In those cases, use an asynchronous GlideAjax
call.

For example, assume you open an incident and need to pass this information to the client:

The value of the system property css.base.color

Whether or not the current record has attachments
The name of the caller's manager
A display business rule sends this information to the client using the following script:
g_scratchpad.css = gs.getProperty('css.base.color');
g_scratchpad.hasAttachments = current.hasAttachments();
g_scratchpad.managerName =
current.caller_id.manager.getDisplayValue();

To access scratchpad data using a client script:

// Check if the form has attachments
if (g_scratchpad.hasAttachments)
// do something interesting here
else
alert('You need to attach a form signed by ' +
g_scratchpad.managerName);
 Script Include
Create script includes to store JavaScript functions and classes for use by server scripts. Each
script include defines either an object class or a function. Script includes run only when called by
a server script. Script includes have a name, description and script. They also specify whether
they are active or not, and whether they can be called from a Client Script.

Consider using script includes instead of global business rules because script includes
are only loaded on request.

Using :- Script includes are found under System Definition or System UI. You can call existing
script includes from a script.

To create an entirely new script include, you can follow the format of any of the existing script
includes. In the example, the name of your Script Include is 'NewInclude' and there is a single
function called 'myFunction.' It is important that the name of the script include match the name of
the class, prototype, and type. When you create a new script include and give it a name, the
system provides you a code snippet with the class and prototype set up properly.
var NewInclude = Class.create();

NewInclude.prototype = {
initialize : function() {
},

myFunction : function() {
//Put function code here
},

type : 'NewInclude'
};

You could then use the 'myFunction' line like this:

var foo = new NewInclude();
foo.myFunction();
NOTE :- Client callable field Makes the script include available to client scripts, list/report filters,
reference qualifiers, or if specified as part of the URL.
Q) What is work Flow ?

WorkFlows :-
is a virtual representation of tasks consisting of connected steps planned out in a
sequential manner.A workflow is primarily use to automate a sequenceof activities.
Users with the workflow_admin or workflow_creator roles can use the Workflow Editor to create
workflows.
Workflow activity is a workflow block that organizes the individual actions the workflow
performs as it runs .
The workflow activity contains instructions that are processed by the workflow. This can include
performing scripts, manipulating records, waiting for a set period of time, or logging an event.
Workflow conditions determine whether or not the activity is performed. Activities can be added,
removed, or rearranged. Transitions can be drawn between activities.
Activities determine the functionality of the workflow. Each activity performs a different task, such
as run a script, send notifications, or request approvals. Activities can succeed or fail, which can
result in actions performed by other activities.

Approval Activities
Condition Activities
Notification Activities
Timer Activities
Task Activities
Utility Activities
Subflow Activities
Creating WorkFlows:- To create a new workflow:
1. Navigate to Workflow > Workflow Editor.

The Welcome tab displays links to workflow documentation and other related resources.
If ServiceNow Orchestration is activated, the welcome screen contains resources for that
feature as well.

2. Select the Workflows tab in the palette, and click the + icon.
3. Complete the fields in the General, Schedule, and Documentation tabs.
4. Create the workflow by clicking Submit in any tab.

When the workflow is created, it contains Start and End activities.

1. In the title bar, click the menu icon ( ) and select Properties.
2. Complete configuration of the additional workflow properties.
3. Build the workflow by dragging activities onto the canvas and configuring activity
properties.

See Adding Workflow Activities for details.

4. If your workflow contains branches of activities, verify that the workflow ends correctly.

For more information, see Ending Workflows with Multiple Branches.

5. Validate the workflow.

Workflow validation tests the workflow for potential issues that might cause it to fail, such
as missing subflows or disconnected transitions. A workflow validation report lists the
results of each validator and provides enough information to trace problems and make
any changes that are necessary.
6. Publish the workflow by clicking the menu icon and selecting Publish.

The workflow is then activated and can be used according to the defined properties.
LDAP Integration :- Certificates and Encodings

At its core an X.509 certificate is a digital document that has been encoded and/or digitally signed
according to RFC 5280.

In fact, the term X.509 certificate usually refers to the IETFs PKIX Certificate and CRL Profile of
the X.509 v3 certificate standard, as specified in RFC 5280, commonly referred to as PKIX
for Public Key Infrastructure (X.509).

Encodings (also used as extensions)

.DER = The DER extension is used for binary DER encoded certificates. These files may
also bear the CER or the CRT extension. Proper English usage would be I have a DER
encoded certificate not I have a DER certificate.
.PEM = The PEM extension is used for different types of X.509v3 files which contain ASCII
(Base64) armored data prefixed with a BEGIN line.

1). Load certificate x.509, Type DER , PEM (Like .doc, .pdf file type ) from Active Directory ( A.D )
Admin we get it. Privacy Enhanced Mail (PEM) ,

2).Create Server

3).LDAP configuration

4).O.U Definition

5).Define Data Source

6).Define Transformer

7).Create Schedules

PEM Format It is the most common format that Certificate Authorities issue certificates in. It
contains the BEGIN CERTIFICATE and END CERTIFICATE statements.
Several PEM certificates and even the Private key can be included in one file, one below the other.
But most platforms(eg:- Apache) expects the certificates and Private key to be in separate files.
> They are Base64 encoded ACII files
> They have extensions such as .pem, .crt, .cer, .key
> Apache and similar servers uses PEM format certificates
DER Format It is a Binary form of ASCII PEM format certificate. All types of Certificates &
Private Keys can be encoded in DER format
> They are Binary format files
> They have extensions .cer & .der
> DER is typically used in Java platform
Q1 : Can we create Existing groups as a subgroup while creating a new group?
Ans : It can be done by adding related links , will let you the workaround later.
Q2 :Why do we create subgroups ?
Creating subgroups allows you to customize your contact list to send messages to a targeted
group of members within your system.
Q3: What are Elevated Privileges ?
An elevated privilege is a role that has the elevated_privilege field set to true. After the plugin is
activated, a new security_admin elevated privilege is created and assigned to the default System
Administrator user. This role grants modification access to the High Security Settings and allows
the user to modify the Access Control List, directly import XML files, and access the Scripts -
Background module. A user can get an elevated privilege role in his session only by manually
elevating to it. The role is in the user's session only for the duration of the session. Session
timeout or log-out removes the role.
A role that is an elevated_privilege does not appear in an assigned user's session when the
user logs in. The user must manually elevate to that role. See the following section for details.
(Requires admin or security_admin role) Presents the Activate an Elevated Privilege dialog box,
which allows the administrator to select an elevated role, which will expire at the end of the
session.
other roles available are :

High Security Settings: provide default property values to harden security on your platform by
centralizing all critical security settings to one location for management and auditing.
Default Deny Property: provides a security manager property controls the default security
behavior for table access.
Security Administrator Role: provides a role to prevent modification of key security settings
and resources. The Security Administrator role is not inherited by the admin role and must be
explicitly assigned.
Elevated Privilege: allows users with the security admin role to operate in the context of a
normal user and elevate to higher security role when needed.
Property Access Control: allows security administrators to set the roles required to read and
write properties.
Transaction and system logs: are read only.
Access Control Rules: control what data users can access and how they can access it
Q4 : Use case for Understanding groups and roles?
It is fact that you can assign roles to individual users as well, and not just to groups.
use case:
A university Physics professor has "Grade Test" role (aka right or privilege) for a particular
course or set of courses. However, he decides to go on sabbatical for year and wants another
instructor (or perhaps, several instructors - a group), i.e. his replacement(s), to have the same
role(s) (privileges) over the same set of courses. Note that the substituting instructors may
belong to different user groups. The administrator can easily assign the role(s) in question to
individual users or groups of users. Of course, after the tenured professor returns, the
administrator can revoke those roles (privileges).
From a system perspective we only care which methods a user (or a group of users) is allowed
to execute. Before executing restricted method we check user roles by calling other methods that
normally return Boolean values.
Q5: What is internal integration User ?
Select this check box to designate this user as an internal integration user.
Enabling WSS[web services security] requires authentication for all SOAP requests including
internal integration communications such as the MID Server, ODBC Driver, Remote Update Sets,
and high availability cloning. SOAP requests for these internal integration communications
cannot implement WSS due to technical implications. If your instance uses these SOAP
interfaces, you can allow them to bypass the WSS authentication requirement by marking their
user accounts as internal integration users

Q6: What is web services access only ?

Web service access enforces web service security using a combination of basic authentication
challenge/response over the HTTP protocol and system level access control using theContextual
Security. Administrators can control what system resources web services users can access by
granting them one of the SOAP Roles
Select this check box to designate this user as a non-interactive user. This field is available with
Non-Interactive Sessions.

Q7: why do we have hourly rate in a group ?

Once the Project Management v2 Costing Add-on Plugin is installed Group Hourly rate is
displayed.
The plugin creates an Hourly rate field on the Group form and adds a new form called Group
resource, which calculates the estimated cost for the group, based on the hourly rate provided.
The Group Resources will be added automatically based on the groups associated with the
Project or its associated Project Tasks.
Defines the hourly rate for members of this group, as defined in the Group record , The hourly
rate is multiplied by the Estimated hours for the group to estimate project costs.

Q8 : what is Role delegator ?

Role Delegator : Administrators can grant users the right to be role delegators. These delegators
can assign roles to users who are in a particular group. The roles that delegators can assign to
other users include the roles that the delegator inherits from a group those roles that the
administrator specifies.
Ans. Delegate-Delegation is the ability to designate other users to receive and interact with
approvals and task assigned to you.

Q9 : Difference between roles and groups ?

Roles and groups serve distinct purposes. You can't assign permissions to a role or capabilities
to a group.
The identity hierarchy is relevant for groups, but not for roles. If you are a member of a role, you
have all of that role's capabilities, regardless of whether you are a direct member of that role and
what your other memberships are.
You can deny a permission to a group, but you can't deny a capability to a role. Each role either
provides or doesn't provide each capability. No role takes capabilities away from its members.
A group's permissions are not displayed as part of a group definition, but a role's capabilities are
displayed as part of a role definition.
A group can be a member of another group, but a role cannot be a member of another role.
Instead, one role can contribute its capabilities to another role.

What will run first business rule or client script? what will run first?
Client script, Business rule, UI policy or Data policy.

Client-based code: "Client-based code that executes in the browser, using Ajax or running as
Javascript, always executes before the form submission to the server."

This includes Client scripts and UI Policies.

First onLoad Client scripts, after that the first UI Policies kick in.

After that, the Client scripts and UI Policies that work onChange.

After that, the Client scripts that work onSubmit.

 Server-side code: (More info: Execution Order of Scripts and Engines)
1. Before business rules:
2. Before engines.
3. Before business rules:
4. The data base operation (insert, update, delete).
5. After business rules:
6. After engines.
7. Email notifications.
8. After business rules.
It goes something like this:
Business Rule display/query
Client Script/UI Policy onLoad
Client Script onChange
Client Script onSubmit
Data Policy
if order < 1000
Business Rule before
Business Rule after
Global things like workflow, metrics, etc. run at order 1000
order > 1000
Business Rule before
Business Rule after
The most important differences among scripts are

the function of the script (what it is used for) and

whether the script runs on the client or server.

Client vs. Server

The web browser is the client, and is often the only software that is installed at the customer site.

The application server and the database are located at the data center.

Client scripts run on the client (which is the web browser)

Server scripts run on the server (which includes the application server and the database)
The web browser is where you control and communicate with an instance, including
communicating with the server and database.

GlideRecord Query Examples

To view additional examples as well as additional query related methods, refer to GlideRecord.

1 query
var rec = new GlideRecord('incident');
rec.query();
while (rec.next()) {
gs.print(rec.number + ' exists');
}

3.2 update
var rec = new GlideRecord('incident');
rec.addQuery('active',true);
rec.query();
while (rec.next()) {
rec.active = false;
gs.print('Active incident ' + rec.number = ' closed');
rec.update();
}

3.3 insert
var rec = new GlideRecord('incident');
rec.initialize();
rec.short_description = 'Network problem';
rec.caller_id.setDisplayValue('Joe Employee');
rec.insert();

3.4 delete
var rec = new GlideRecord('incident');
rec.addQuery('active',false);
rec.query();
while (rec.next()) {
gs.print('Inactive incident ' + rec.number + ' deleted');
rec.deleteRecord();
}

Q). How to get CSV/WSDL/XML from any Table in Service Now ?

Answer : Service Now Instance URL / <Table Name>.do?CSV - For CSV file

Service Now Instance URL / <Table Name>.do?XML - For XML file

Service Now Instance URL / <Table Name>.do?WSDL - For WSDLfile

Example : https://demo005.service-now.com/incident.do?CSV

Q). How to open Java Script Executor ?

Answer : Ctr + Shift + Alt + J - Press this key on any form

Q). How do you Impersonate User in Service Now ?

Answer : Click on 'Administrator Icon' , Enter the User Name and click on 'Ok

Q). How to Edit Application and Modules

Answer : Search for the application which you want to Edit, Right click on the application,
choose ' Edit Application Menu, This will display all the modules in the applications, you can
verify the table name, roles associated at application level and module level.

Q). How to find the sys_id of a specific object in service now ? For eg : I want to know the
sys_id of 'Create New' Module in 'Change' Application

Answer : Search for 'Change' Application, Edit , Right click on the Module which you want to find
the sys_id,, choose 'Copy sys_id' field, this will display you the corresponding sys_id of selected
module/application/workflow/table/etc..

Q). Shortcut to see contents of the table

Answer : Type <table_Name>.list : For eg : 'change_request.list' in Search Menu

Q). How to find out a table for a specific form ?

Answer : Launch the form, Right click on top header section, choose Personalize( Configure ) ->
Table, This will list out the table name and all the existing columns in a table.

Q). How to see and modify the Work flow?

Answer : Search for 'Workflow Editor' -> Choose 'Open' Menu -> Search for the work flow that
you want to open, and select it -> If it is already published, then choose 'Check out' from the
'Gear' Menu -> Modify the work flow, and publish finally.

Q). How to see the existing Events logs?

Answer : Search for 'Events' -> Select 'Events' Module under 'System Logs'

Q). How to see existing events defined in service now?

Answer : Search for 'Events' -> System Policy -> Registry

Q). How to See Approvers tab when a catalog item is requested ?

Answer : Once the catalog item order is submitted, You should see a message 'Thank you , your
request has been Submitted' , click on the 'Description Link' -> Right click on Request Item
page -> View -> Default -> You will see approver tab, if you belongs to approver group.

Q). How to see the WSDL for any table ?

Answer : <host name>/tablename.do?wsdl

Example : https://dev15439.service-now.com/incident.do?wsdl

Q). How to trigger an event using script?

Answer: gs.eventQueue('change.release.window.rejected', current, gs.getUserID(),

current.number);

Q). How to see all the existing work flows ? and belongs to which table ? etc . ?

Answer : Search for 'Workflow Versions', You can filter by work flow name, table name etc..

Q). How to add log messages and view them in Service Now ?
Answer : Below are all the possible ways how we can log specific message

current.field_name.setError("Hello World"); Will put "Hello World" below the specified field

gs.addInfoMessage("Hello World"); Will put "Hello World" on the top of the screen

gs.print("Hello World"); Will write to the text log on the file system but not to the sys_log table in
the database

gs.log("Hello World"); Will write to the database and the log file. Too much of this can adversely
affect performance

To view - System Log -> All , It will show all the log messages

Q). What role you are required to create/update ACL ? security_admin

Q). How you can check on which servicenow instance node you are working ?
Goto SystemDiagnostic -> Stats. Statistic page will be open where you can get the details of
node and the instance on which you are working on .

Q). How do you check the upgrades that are made to the system, using which
module? Ans. System Diagnostics-- Upgrade History

Q). Do you know anything about SaaS and PaaS. Service Now comes under what
category?

Software as a service (SaaS; pronounced /ss/ or /ss/) is a software licensing and

delivery model in which software is licensed on a subscription basis and is centrally hosted.

Platform as a service (PaaS) is a category of cloud computing services that provides a

platform allowing customers to develop, run and manage Web applicationswithout the
complexity of building and maintaining the infrastructure typically associated with developing
and launching an app.

ServiceNow is a PaaS service.

Q). My manager is going to be out of town and needs to have the supervisor approve
while he/she is out of town, what would he/she utilize in ServiceNow?
Ans: Delegate-Delegation is the ability to designate other users to receive and interact with
approvals and task assigned to you

Q). What is this MID Server and How are the MID servers administered?

It is a small Java process that runs the probes for the discovery.All administration (with the

exception of the installation) is handled centrally from your instance. Configuration of IP

ranges,credentials, schedules for discovery are all in a web-based UI.

Q). Do integrations need to be done before the ServiceNow implementation goes live?
You can establish integrations before or after the ServiceNow implementation goes live,
however the best practice is to enable integrations before your implementation goes live.
Enabling integrations prior to going live allows you to test the integration. This is especially
important for integrations to user lists or single sign-on applications since a problem in one of
these integrations can prevent users from logging on.

Q). What are import sets?

The Import Sets workspace provides tables that are a staging area for your data. Data in
multiple formats is accepted and transformations can be done before passing the data to
your ServiceNow instance.

Q). How are integrations secured?

Security is one of the first concerns mentioned in doing an integration project. These
mechanisms contribute to a secure integration:
A ServiceNow implementation connects from a single machine using a fixed IP address and
through a specific port on your firewall. This allows firewalls to limit all traffic to a particular IP
address and communications port.
Many integrations communicate over the HTTPS protocol. This ensures that all
communications are encrypted.
Mutual Authentication (Single sign-on (SSO)) and other login techniques provide user
verification and role assignment.
Access Control Lists (ACLs) provide protection of assets that do not need to be exposed in
integration processing.
The High Security Plugin provides additional security controls.

Q). Do you have any idea on how to implement Automation in servicenow?

Ans. Using Orchestration

Q). What is Orchestration?

Ans.Orchestration automates simple or complex multi-system tasks on remote servers that
are normally done manually. An Orchestration process can cross all management disciplines
and interact with all types of infrastructure elements, such as applications, databases, and
hardware. Orchestration combines the ServiceNow graphical workflow with the MID Server
to run Orchestration-specific workflow activities.

Q). Why Use Orchestration?

Orchestration enables an IT organization to automate complex tasks on remote computers
quickly and reliably, with best practices every time. Orchestration workflows employ the skills
and knowledge of an entire organization, while requiring less skill and labor to execute .

Q). How Orchestration Works

When an Orchestration activity starts within a workflow, Orchestration launches a
probe and writes a probe record to the ECC Queue. The workflow pauses as the MID Server
picks up the request and executes the probe. When the probe reports back, the workflow
resumes as the results are analyzed. The workflow can exit or continue at this point.

Q). What are Reference Qualifiers and Dependent fields.

Reference qualifiers and Dependent fields allow you to present context-sensitive
choices to your users when they fill out a form. Reference fields are usually used when
youve got a lot of choices or youve got some complex filtering needs. Dependent fields are
great when you just have a simple filtering need based on another field value on the
form.Set up a filter on the incident list. Copy the query for this filter and understand how it is
formatted.
Set up the Configuration Item field on the Incident form to only show Business services.
You should not change the referenced table to accomplish this.Modify your reference
qualifier to show Computers. Check against the Computers module to verify the count. If
the numbers didnt match up, why?

Modify your reference qualifier to show ALL Computers, Servers, etc. Hint: The query for this
should only reference a single table.
Open a couple of Business service and computer records and assign them to a particular
user. Modify your reference qualifier to only display Business services and computers
assigned to the user populated in the Caller field.Set up a new field on the incident form
called Sub-subcategory. Without writing any code, make this field dependent on the
Subcategory field.

Q). Difference b/w Eureka and FUJI versions in Service Now ?

Answer :
1. In the application model few key concepts such as application scope and unique
namespaces to prevent inadvertent cross-application conflicts are introduced.

2. It also includes functionality to limit the number of events triggered to ensure the
application doesnt tie up system resources and cause a degradation in performance.

3. Developers can now put controls in place to manage scripts for each application by setting
them up as fully editable, read-only, or protected, with the latter capable of hiding and
encrypting scripts.

4. A new application called IT Financial Management is introduced which allows

organizations to distribute, manage, dashboard, and report on expenses using components
such as a general ledger, fiscal periods, cost models, and an allocation engine.

5. Another new application called Test Management is introduced which helps manage the
software testing process and integrate with PPM. This is used to track test cases,
Executions, and results to allow users to report on the overall status.

6. The reporting list user interface now aligns with the rest of the platform. There are a
number of new chart types including a speedometer and dial, pyramid, and funnel; reports
are now grouped into categories including the most heavily used vs. unused; and where or
when aggregation can be used with reports has been improve.

7. Not only was out of box reporting improved but there were also a number of additions to

Performance Analytics including the ability to setup second level breakdowns or specify what

the default chart type is for an indicator.

8. There are several things introduced specific to the CMDB including The Next Generation
BSM application which replaced the version in Eureka, the ability to create a baseline for a
particular business service, and functionality to log proposed changes against a CI
relationship.

9. Discovery now includes a dashboard that provides a high-level status of schedules and
status, enhanced caching ability and probes, and support for SNMPv3 enabled devices.

10. The authority documents, citations and controls from the Unified Compliance Framework
(UFC) can now be downloaded and imported into IT GRC application. Quarterly updates are
also proposed to the Administrators to make sure the Authority library is kept up to date. A
new certification survey and IT GRC reports are also part of the release.