Host ID issue in NLB

[Sumit Vasudev]

Hi Experts,

I am facing one strange issue. 

Showing same host id on both AR server when checking "Current Host Id" on "Add 
or Remove Page" of remedy, but while checking the MAC Address of both the 
server, Both server have different MAC address and Host Id of remedy doesn't 
match with any of the MAC address.

1. In our environment we have 2 servers in group
2. Servers are in NLB and in multicast mode.
3. Both server have different IP an MAC address.
4. Servers are running on VM.
5. Host ID of remedy doesn't match with MAC address of any of the server.

I have restarted the Server and Services many times but no Luck. Please help me 
in resolving the issue.

Regards,
Sumit Vasudev

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

Re: BMC should have made upgrades easier - Customers loosing interests

[James Smith]

I have seen the service now UI, they have everything on singe UI say user 
access, import and export, workflow development. UI is mot attractive and its 
very clumsy.

Its very though for the non programmers to develop workflows or do 
customizations as at some point you need to know java scripting.

In remedy, customizations and integrations are very simple. You have a great 
tool (Developer Studio) to do all customizations which is pretty cool and I 
like it.

But as I said customers dnt see this. As per the last two posts from shown and 
jejus, it seems that upgrades are failing due to lack of knowlege of the person 
doing things.

I am eager to hear the stories of client who moved from SNow to Remedy.

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

Re: BMC should have made upgrades easier - Customers loosing interests

[Pierson, Shawn]

I'll step in to defend BMC in this regard, acknowledging that I've had issues 
with various decisions that BMC has made in the past.

However, we are running ITSM 8.1 in production, and it was a lot easier than 
going to 7.6.4 from an earlier hybrid 7.x version that we had.  To be clear, 
with three technical people, we completed an upgrade in place on super bowl 
weekend and were still able to watch the super bowl.  I single-handedly 
installed everything, then my two colleagues jumped in and we fixed the 
overlays and worked on the customizations we had made specifically for 8.1.  
Probably the most work intensive thing after the installs was that one of my 
colleagues spent a few hours replacing our custom email processing system with 
an overhauled version of the Rules Based Email engine.  We also have a very 
customized outgoing email system using HTML templates and code to display data 
from things that aren't on the same form (e.g. showing Tasks related to a 
Change Request on an Approval email, which uses a custom approval process that 
can update Work Info on a Change Request from the email, even with 
attachments.)  We also have a lot of well-designed customizations and non-OOtB 
configurations.  We have a third party SSO tool.  We have a highly enhanced 
version of BMC Analytics.

>From my perspective, the biggest issue we ran into that didn't come up in 
>testing was the Mid Tier performance and browser caching issues.  We also shot 
>ourselves in the foot when one of the developers turned on Developer Mode 
>Caching and forgot to turn it off.  However, in the grand scheme of things 
>these were solved either easily on our part or by applying patches and 
>hotfixes from BMC.  It was frustrating to have any issues whatsoever, but any 
>enterprise application is going to be difficult to upgrade.  There are things 
>I still don't like about the overlays, but now that I'm used to them, I think 
>they save us a lot of work with our customizations.  Maybe the process would 
>be different to some degree if we were hosted by BMC, but we have no plan to 
>go to RoD in the near future (I am not saying it's bad, just that it isn't a 
>model we do a lot with right now.)

So from the perspective of my company, we're fairly happy as BMC customers with 
the upgrade process.  I've seen demos of Service Now and I admit that I like a 
lot of things about it, but I still think Remedy is easily a better fit for 
most companies.  The few things that I liked better about Service Now seem like 
they're being addressed by BMC.  If you have a sales person ask them if they 
can get you to one of their customer briefings or something else to see what 
they're working on.

I can't speak to the zero downtime upgrade model for any product because I've 
not experienced that and I'm highly skeptical that any vendor could pull that 
off on any system with a lot of customizations, but being able to do a major 
upgrade on premise over the course of a weekend with three guys doesn't sound 
too bad to me.  I even kicked off the first installer over VPN from my 
cellphone on my ride home (someone else was driving, of course.)

Thanks,

Shawn Pierson
Remedy Developer | Energy Transfer

-Original Message-
From: Action Request System discussion list(ARSList) 
[mailto:arslist@ARSLIST.ORG] On Behalf Of James Smith
Sent: Monday, March 10, 2014 2:24 PM
To: arslist@ARSLIST.ORG
Subject: BMC should have made upgrades easier - Customers loosing interests

Hi List,

BMC made the upgrade process so complex that customer are scared to upgrade to 
new versions. Upgrade is eating almost a year to move to 8.1 with data 
migrations and all integrations.

In the past we used to upgrade on the existing server only which was easy but 
there was a risk in loosing a customization. But that was easy process and we 
need not had to bother about data migrations here. In upgrade data migration is 
something like a challenging thing.

I understand BMC made this change to preserve customizations and introduced the 
concept of overlays but still its not convencing the customers.

Customers are not bothered about any customization and preservation as they 
have assigned a team to handle that. Only thing they care about is time, money 
and data.

This is one of the main reason some of my company clients moved to Service Now 
as they are offering zero down time upgrades with no risk of loosing 
customization.

There must be a debate on this, Remedy or ServiceNow.

Regards
JS

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers 
Are, and have been for 20 years"

Private and confidential as detailed here: 
http://www.energytransfer.com/mail_disclaimer.aspx .  If you cannot access the 
link, please e-mail sender.

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where

Re: BMC should have made upgrades easier - Customers loosing interests

[James Smith]

Howard,

That a good question but I too do not have answer for that. I should have asked 
my customers about that. Maybe they are using some different techniques which 
is not publicly shared. God knows...

I am a core remedy resource and am very much concerned about it. I do not want 
my customers to loose to service now.

Just wanted to bring this to List that I am facing this situation. 

I hope BMC is planning something big in next release.

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

Re: BMC should have made upgrades easier - Customers loosing interests

[Ortega, Jesus A]

If it were easy to do, people like us wouldn't have jobs. You have to keep in 
mind that with Service Now your customizations are done with Java, not a nice 
GUI like ARS. When Service Now promises you a Zero Down Time migration we all 
know that there is still the long implementation path to work through where 
they are re-coding and migrating your custom workflow. While they tell you that 
they will be done in a short time period, it may not be as quick as you'd like. 
You may expect to have the newest version in 3 months, but with your 
customizations in play, it would be 9 months. Yes, you might be down for a 
shorter period of time, but you will have to wait a long time until their 
developers finish the work of upgrading your site. You lose control over the 
process as well since SNOW is doing the work on their end and I am sure you 
will have to wait in line. If you end up hiring Developers and admins to do the 
work what's the point of having a SAAS?

I bet Doug could provide some statistics about companies that have jumped ship 
and are coming back to Remedy after finding out that they were SNOW Blinded by 
marketing. I bet that if you look on the Service Now web page and look at those 
companies that they have on their page as users, a lot of those have switched 
back. You get what you paid for.  

-Original Message-
From: Action Request System discussion list(ARSList) 
[mailto:arslist@ARSLIST.ORG] On Behalf Of James Smith
Sent: Monday, March 10, 2014 2:24 PM
To: arslist@ARSLIST.ORG
Subject: BMC should have made upgrades easier - Customers loosing interests

Hi List,

BMC made the upgrade process so complex that customer are scared to upgrade to 
new versions. Upgrade is eating almost a year to move to 8.1 with data 
migrations and all integrations.

In the past we used to upgrade on the existing server only which was easy but 
there was a risk in loosing a customization. But that was easy process and we 
need not had to bother about data migrations here. In upgrade data migration is 
something like a challenging thing.

I understand BMC made this change to preserve customizations and introduced the 
concept of overlays but still its not convencing the customers.

Customers are not bothered about any customization and preservation as they 
have assigned a team to handle that. Only thing they care about is time, money 
and data.

This is one of the main reason some of my company clients moved to Service Now 
as they are offering zero down time upgrades with no risk of loosing 
customization. 

There must be a debate on this, Remedy or ServiceNow.

Regards
JS

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers 
Are, and have been for 20 years"




Information contained in this email is subject to the disclaimer found by 
clicking on the following link: http://www.lyondellbasell.com/Footer/Disclaimer/

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

Re: BMC should have made upgrades easier - Customers loosing interests

[Richter, Howard (CEI - Atlanta)]

I know we are talking about Remedy vs ServiceNow, what about other large apps 
like PeopleSoft or SAP.

Not one to defend the BMC upgrade process, but as we know customization or 
integrations always throw a wrench in to any upgrade.

I do wonder how the zero downtime upgrade works with customizations or 
integrations that might need to be tuned.

Just saying.

hbr

From: Action Request System discussion list(ARSList) 
[mailto:arslist@ARSLIST.ORG] On Behalf Of John Sundberg
Sent: Monday, March 10, 2014 3:27 PM
To: arslist@ARSLIST.ORG
Subject: Re: [arslist] BMC should have made upgrades easier - Customers loosing 
interests

**
A debate would be good.

But I doubt you could you find anybody to defend the BMC approach.

Debate is now done.


-John




On Mon, Mar 10, 2014 at 2:24 PM, James Smith 
mailto:bmcremedyarslis...@gmail.com>> wrote:
Hi List,

BMC made the upgrade process so complex that customer are scared to upgrade to 
new versions. Upgrade is eating almost a year to move to 8.1 with data 
migrations and all integrations.

In the past we used to upgrade on the existing server only which was easy but 
there was a risk in loosing a customization. But that was easy process and we 
need not had to bother about data migrations here. In upgrade data migration is 
something like a challenging thing.

I understand BMC made this change to preserve customizations and introduced the 
concept of overlays but still its not convencing the customers.

Customers are not bothered about any customization and preservation as they 
have assigned a team to handle that. Only thing they care about is time, money 
and data.

This is one of the main reason some of my company clients moved to Service Now 
as they are offering zero down time upgrades with no risk of loosing 
customization.

There must be a debate on this, Remedy or ServiceNow.

Regards
JS

___
UNSUBSCRIBE or access ARSlist Archives at 
www.arslist.org
"Where the Answers Are, and have been for 20 years"



--

John Sundberg
Kinetic Data, Inc.
"Your Business. Your Process."

651-556-0930 I 
john.sundb...@kineticdata.com
www.kineticdata.com I 
community.kineticdata.com


_ARSlist: "Where the Answers Are" and have been for 20 years_

Click 
here
 to report this email as spam.

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

Re: blue frame on image

[Rick Westbrock]

Marcelo-

I think if you can show source code in your browser and snip out the section 
that is displaying the image in question that someone on the list would better 
be able to help you figure out a solution. There has to be some sort of 
formatting applied that is causing the blue border (it could be calling an 
external CSS style sheet for example).

-Rick

-Original Message-
From: Action Request System discussion list(ARSList) 
[mailto:arslist@ARSLIST.ORG] On Behalf Of Martinez, Marcelo A
Sent: Monday, March 10, 2014 7:05 AM
To: arslist@ARSLIST.ORG
Subject: Re: blue frame on image

Thanks for the suggestion, John. The image does not have a border. 
The image was uploaded to SRM via the Service Request Marketing Slide 
Management page. I'm asking if anyone with SRM experience has run into this 
issue and how they went about fixing it.


Thanks,
Marcelo

-Original Message-
From: Action Request System discussion list(ARSList) 
[mailto:arslist@ARSLIST.ORG] On Behalf Of John Baker
Sent: Friday, March 07, 2014 2:34 AM
To: arslist@ARSLIST.ORG
Subject: blue frame on image

I think it would be helpful to post the markup from the page containing the 
blue frame. There are various answers depending on how mid tier rendered the 
image/link. 

For a start, if the image has the border, you probably want 
style="border-style: none" on the image tag. 

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers 
Are, and have been for 20 years"

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers 
Are, and have been for 20 years"

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

Re: BMC should have made upgrades easier - Customers loosing interests

[John Sundberg]

A debate would be good.

But I doubt you could you find anybody to defend the BMC approach.

Debate is now done.


-John





On Mon, Mar 10, 2014 at 2:24 PM, James Smith
wrote:

> Hi List,
>
> BMC made the upgrade process so complex that customer are scared to
> upgrade to new versions. Upgrade is eating almost a year to move to 8.1
> with data migrations and all integrations.
>
> In the past we used to upgrade on the existing server only which was easy
> but there was a risk in loosing a customization. But that was easy process
> and we need not had to bother about data migrations here. In upgrade data
> migration is something like a challenging thing.
>
> I understand BMC made this change to preserve customizations and
> introduced the concept of overlays but still its not convencing the
> customers.
>
> Customers are not bothered about any customization and preservation as
> they have assigned a team to handle that. Only thing they care about is
> time, money and data.
>
> This is one of the main reason some of my company clients moved to Service
> Now as they are offering zero down time upgrades with no risk of loosing
> customization.
>
> There must be a debate on this, Remedy or ServiceNow.
>
> Regards
> JS
>
>
> ___
> UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
> "Where the Answers Are, and have been for 20 years"
>



-- 

*John Sundberg*
Kinetic Data, Inc.
"Your Business. Your Process."

651-556-0930 I john.sundb...@kineticdata.com
www.kineticdata.com I community.kineticdata.com

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

BMC should have made upgrades easier - Customers loosing interests

[James Smith]

Hi List,

BMC made the upgrade process so complex that customer are scared to upgrade to 
new versions. Upgrade is eating almost a year to move to 8.1 with data 
migrations and all integrations.

In the past we used to upgrade on the existing server only which was easy but 
there was a risk in loosing a customization. But that was easy process and we 
need not had to bother about data migrations here. In upgrade data migration is 
something like a challenging thing.

I understand BMC made this change to preserve customizations and introduced the 
concept of overlays but still its not convencing the customers.

Customers are not bothered about any customization and preservation as they 
have assigned a team to handle that. Only thing they care about is time, money 
and data.

This is one of the main reason some of my company clients moved to Service Now 
as they are offering zero down time upgrades with no risk of loosing 
customization. 

There must be a debate on this, Remedy or ServiceNow.

Regards 
JS

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

Re: blue frame on image

[Martinez, Marcelo A]

Thanks for the suggestion, John. The image does not have a border. 
The image was uploaded to SRM via the Service Request Marketing Slide 
Management page. I'm asking if anyone with SRM experience has run into this 
issue and how they went about fixing it.


Thanks,
Marcelo

-Original Message-
From: Action Request System discussion list(ARSList) 
[mailto:arslist@ARSLIST.ORG] On Behalf Of John Baker
Sent: Friday, March 07, 2014 2:34 AM
To: arslist@ARSLIST.ORG
Subject: blue frame on image

I think it would be helpful to post the markup from the page containing the 
blue frame. There are various answers depending on how mid tier rendered the 
image/link. 

For a start, if the image has the border, you probably want 
style="border-style: none" on the image tag. 

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers 
Are, and have been for 20 years"

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

Re: Row-Level Security on HPD:Help Desk

[Pierson, Shawn]

That’s a pretty good idea.  I had two others that I could do as a “last resort” 
if for some reason setting the row-level security didn’t work the way I expect. 
 One is to create a field that only the assigned group has access to called 
“Confidential Notes” or something like that, but your idea seems cleaner.  The 
other one, which would be cool to work on but isn’t necessarily something that 
would be quickly implemented would be to add a flag that could encrypt all the 
data on the Incident via a run process on a Filter when they save the record, 
and on display a similar run process Active Link would decrypt it.  That would 
be fun to build, but not necessarily quick enough.

Thanks,

Shawn Pierson
Remedy Developer | Energy Transfer

From: Action Request System discussion list(ARSList) 
[mailto:arslist@ARSLIST.ORG] On Behalf Of Roney Samuel Varghese.
Sent: Sunday, March 09, 2014 8:01 AM
To: arslist@ARSLIST.ORG
Subject: Re: Row-Level Security on HPD:Help Desk

**
Shawn,

We had a similar requirement, the only difference being the confidentiality was 
supposed to be in the worklog instead of the Help Desk form. We repurposed the 
view option on the Helpdesk form and added a third option of confidential to 
public and locked options while configuring row level access on the HPD:Worklog 
form.

Regards,
Roney Samuel Varghese

Sent from my iPhone

On Mar 7, 2014, at 11:22 AM, "Pierson, Shawn" 
mailto:shawn.pier...@energytransfer.com>> 
wrote:
**
I think I’ve come up with a plan but it’s a bit of a scary idea to monkey 
around with permissions on ITSM forms in this way.

- I’m going to remove the “Unrestricted Access” Role from the Request ID field 
on HPD:Help Desk.
- Then I’ll create a custom field to take its place, let’s say 60701, which I 
will create a Dynamic Group for that I can have the “Unrestricted Access” Role 
be put into as a default.
- I’ll add a Radio button called “Confidential” on the HPD:Help Desk form, 
which will have workflow to set fields 60701 and 112 automatically to $NULL$ if 
the Confidential button is checked.  If it is unchecked, I’ll set 60701 to the 
“Unrestricted Access” Role, and field 112 to the Regular Group where the Long 
Group name is the same as the company on the Customer+.
- Look for any workflow that sets these fields and find some way to override 
them when the Confidential radio button is checked.

Is there a better supported way to do this?

Thanks,

Shawn Pierson
Remedy Developer | Energy Transfer

From: Pierson, Shawn
Sent: Friday, March 07, 2014 9:30 AM
To: arslist@ARSLIST.ORG
Subject: Row-Level Security on HPD:Help Desk

Good morning,

I’m working on something that has been discussed by others here but I’m having 
trouble conceptualizing how I can do this.  The user’s requirement is to track 
confidential Incidents in ITSM.  This is defined by setting a flag of some sort 
(I’m debating making it either a custom field or an Operational Category) which 
will trigger a lock down to remove read access from all but the Assigned Group 
on the Incident (who will also be the Incident Owner Group in this scenario.)

To do this, I was thinking about creating a custom field, with a Field ID of 
60700 or something.  Would I then set a default to be the same as the Assignee 
Group (7) as well as the Unrestricted Access Role, then when the flag is 
checked just remove the ID of the Unrestricted Access Role?  What would I do to 
the Request ID field to make it work on combination with this new field to 
restrict visibility into the Incidents?  It seems pretty straight forward to 
create a new field and give change access to a group that has read only access, 
but I’m struggling to come up with a good way to lock things down.

Also, using multi-tenancy isn’t an option, unfortunately.  There are a lot of 
legitimate reasons, as a shared service organization, that we have many people 
with Unrestricted Access.  It seems to be required to make SRM work without 
creating dozens of the exact same things for each division.  Another thing that 
will be a factor is that we use BMC Analytics for reporting.  Based on how it 
handles security, we’ll have to be very careful to ensure these don’t show up 
on reports either.

My backup plan is going to be to build a custom form that can be fully locked 
down in the way that I need, and integrating that with Incident Management.

Thanks,

Shawn Pierson
Remedy Developer | Energy Transfer

Private and confidential as detailed 
here. If you cannot access 
hyperlink, please e-mail sender. _ARSlist: "Where the Answers Are" and have 
been for 20 years_
_ARSlist: "Where the Answers Are" and have been for 20 years_

Private and confidential as detailed here: 
http://www.energytransfer.com/mail_disclaimer.aspx .  If you cannot access the 
link, please e-mail sender.

___
UNSUBSCRIBE or access AR

Re: Row-Level Security on HPD:Help Desk

[Pierson, Shawn]

Multi-tenancy isn’t really designed in such a way that it could be used for 
this because we had to basically give everyone “Unrestricted Access”.  
Unfortunately, multi-tenancy is pretty useless if you’re using SRM unless 
you’re a big fan of creating duplicates of every single thing that is shared 
between different companies (I have no idea why BMC doesn’t allow you to use “- 
Global -“ in SRM.)

Thanks,

Shawn Pierson
Remedy Developer | Energy Transfer

From: patchsk [mailto:vamsi...@gmail.com]
Sent: Friday, March 07, 2014 11:57 PM
To: arsl...@googlegroups.com
Cc: arslist@ARSLIST.ORG; arslist@ARSLIST.ORG; Pierson, Shawn
Subject: Re: Row-Level Security on HPD:Help Desk

Multitenancy is for security in a shared environment between different 
companies or different business units with in the same company.

You might want to check if you can use this feature if your ITSM env is 
multitenant enabled?



Private and confidential as detailed here: 
http://www.energytransfer.com/mail_disclaimer.aspx .  If you cannot access the 
link, please e-mail sender.

___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

Re: Row-Level Security on HPD:Help Desk

[Pierson, Shawn]

The filter would be a good idea but in our situation we are using BMC Analytics 
for reporting, which goes directly against the database via a SQL driver rather 
than through the Remedy ODBC driver.  It also has what Business Objects calls a 
"derived table" for permissions that I may need to modify for this stuff to 
work as well, but I'll leave that to the reporting team to figure out.

Thanks,

Shawn Pierson
Remedy Developer | Energy Transfer

From: Action Request System discussion list(ARSList) 
[mailto:arslist@ARSLIST.ORG] On Behalf Of Jason Miller
Sent: Friday, March 07, 2014 5:33 PM
To: arslist@ARSLIST.ORG
Subject: Re: Row-Level Security on HPD:Help Desk

**

That is loosely what I did years ago adding row level permissions to ITSM 6.  
This probably isn't as scary of a customization as it appears at first glance. 
One thing to consider are permissions to related records. Not only 
relationships to incidents, changes, work orders (you may never even relate any 
of those to confidential tickets) but to tasks and probably more importantly 
work info records.  Those are searchable and will not be restricted unless to 
modify them to fit your permissions scheme as well.

Or...

You created a filter that fires on get that checks if the ticket is 
confidential and referencing the groups that are allowed to see confidential 
requests and throw an error if the don't have access. This also works for all 
clients (ARODBC, Web services, import tool, Migrator) like permission do.

I think permissions provides for a better experience and scalability but a 
filter avoids changing the out of the box permissions model. For example if a 
person runs a report and a confidential record they don't have access to is in 
the results *I think* they will not be a able to run the report until the 
confidential records are no long in the results.

Jason
On Mar 7, 2014 9:22 AM, "Pierson, Shawn" 
mailto:shawn.pier...@energytransfer.com>> 
wrote:
**
I think I've come up with a plan but it's a bit of a scary idea to monkey 
around with permissions on ITSM forms in this way.

- I'm going to remove the "Unrestricted Access" Role from the Request ID field 
on HPD:Help Desk.
- Then I'll create a custom field to take its place, let's say 60701, which I 
will create a Dynamic Group for that I can have the "Unrestricted Access" Role 
be put into as a default.
- I'll add a Radio button called "Confidential" on the HPD:Help Desk form, 
which will have workflow to set fields 60701 and 112 automatically to $NULL$ if 
the Confidential button is checked.  If it is unchecked, I'll set 60701 to the 
"Unrestricted Access" Role, and field 112 to the Regular Group where the Long 
Group name is the same as the company on the Customer+.
- Look for any workflow that sets these fields and find some way to override 
them when the Confidential radio button is checked.

Is there a better supported way to do this?

Thanks,

Shawn Pierson
Remedy Developer | Energy Transfer

From: Pierson, Shawn
Sent: Friday, March 07, 2014 9:30 AM
To: arslist@ARSLIST.ORG
Subject: Row-Level Security on HPD:Help Desk

Good morning,

I'm working on something that has been discussed by others here but I'm having 
trouble conceptualizing how I can do this.  The user's requirement is to track 
confidential Incidents in ITSM.  This is defined by setting a flag of some sort 
(I'm debating making it either a custom field or an Operational Category) which 
will trigger a lock down to remove read access from all but the Assigned Group 
on the Incident (who will also be the Incident Owner Group in this scenario.)

To do this, I was thinking about creating a custom field, with a Field ID of 
60700 or something.  Would I then set a default to be the same as the Assignee 
Group (7) as well as the Unrestricted Access Role, then when the flag is 
checked just remove the ID of the Unrestricted Access Role?  What would I do to 
the Request ID field to make it work on combination with this new field to 
restrict visibility into the Incidents?  It seems pretty straight forward to 
create a new field and give change access to a group that has read only access, 
but I'm struggling to come up with a good way to lock things down.

Also, using multi-tenancy isn't an option, unfortunately.  There are a lot of 
legitimate reasons, as a shared service organization, that we have many people 
with Unrestricted Access.  It seems to be required to make SRM work without 
creating dozens of the exact same things for each division.  Another thing that 
will be a factor is that we use BMC Analytics for reporting.  Based on how it 
handles security, we'll have to be very careful to ensure these don't show up 
on reports either.

My backup plan is going to be to build a custom form that can be fully locked 
down in the way that I need, and integrating that with Incident Management.

Thanks,

Shawn Pierson
Remedy Developer | Energy Transfer

Private and confidential as detailed 
here