Hi,
If we have understood your issue correctly, following things can be configured as one of the solutions to get this done 1. Create two separate companies: one for HRIS and another for NON-HRIS 2. Give unrestricted access to HRIS member, so they will be able to see all the tickets including NON-HRIS 3. Do not give unrestricted access to NON-HRIS members, so they will have access only to their tickets HTH -- Regards, ITSM Support Vyom Labs Pvt. Ltd. BSM Solutions & Services || ITIL Consulting & Training Email: i...@vyomlabs.com || Web Site: www.vyomlabs.com Follow Vyom Labs http://twitter.com/#!/vyomlabs || http://www.linkedin.com/company/vyom-labs From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Logan, Kelly Sent: Saturday, June 30, 2012 2:32 AM To: arslist@ARSLIST.ORG Subject: Securing SRM tickets (SR,WO, Task) for HR ** Happy Friday all, I am setting up our HR department with SRM and we would like to have HR tickets segregated from the others 1. Avoid advance interface forms, to allow for self-administration of SR Catalog, and keep any maintenance tasks to a minimum 2. Non-HRIS personnel should not have access to HRIS Requests nor Work Order/Tasks 3. All HRIS personnel should have access to Requests, WOs, Tasks, regardless of assignment 4. Non-HRIS Requests, WOs, Tasks need to be available to the rest of the users I am looking at setting up row level security for this, so if you have tried this I'd be very appreciative of your experience. Here's what I have been able to discern so far: OOB SRM:Request's field 1, 'SysRequestID', has only the Assignee, Assignee Group, OBOAssignee, Submitter, Vendor Assignee Groups and 'Unrestricted Access' (role) that grant access to an entry. Though 'Assignee Group' is set, no field 112 has been created. The 'OBOAssignee' field is used, and workflow sets this to $USER$, $Requested By Login ID$, and $Requested For Login ID$. Similarly, the Vendor Assignee is set by workflow as well, if a vendor is assigned the request. My working plan is to remove the 'Unrestricted Access' from field 1, use the assignee group in field 112 and a parent group in a dynamic group field as described in the FormApp guide to grant access to the assignee group and all HRIS groups. Filters will set field 112, the system will set the dynamic group and all HRIS groups should have access to the tickets when an HRIS group is assigned. If the Assignee is not in HRIS, a generic permissions group (General Access?) will be put into 112. First, if anyone has a better idea on this, please let me know. Otherwise, what I'm going to be looking at is whether or not I a filter can determine if an assignee group is in a parent group (so I don't have to update code when HR adds a new support group). Kelly Logan, Sr. Systems Administrator (Remedy, Planview), GMS ProQuest | 789 E. Eisenhower Parkway, P.O. Box 1346 | Ann Arbor MI 48106-1346 USA | 734.997.4777 kelly.lo...@proquest.com www.proquest.com ProQuest...Start here. 2010 InformationWeek 500 Top Innovator P Please consider the environment before printing this email. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender, and delete the message from your computer. _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"