Hi,
If we have understood your issue correctly, following things can be
configured as one of the solutions to get this done
1. Create two separate companies: one for HRIS and another for NON-HRIS
2. Give unrestricted access to HRIS member, so they will be able to see all
the tickets including NON-HRIS
3. Do not give unrestricted access to NON-HRIS members, so they will have
access only to their tickets
HTH
--
Regards,
ITSM Support
Vyom Labs Pvt. Ltd.
BSM Solutions Services || ITIL Consulting Training
Email: i...@vyomlabs.com || Web Site: www.vyomlabs.com Follow Vyom Labs
http://twitter.com/#!/vyomlabs || http://www.linkedin.com/company/vyom-labs
From: Action Request System discussion list(ARSList)
[mailto:arslist@ARSLIST.ORG] On Behalf Of Logan, Kelly
Sent: Saturday, June 30, 2012 2:32 AM
To: arslist@ARSLIST.ORG
Subject: Securing SRM tickets (SR,WO, Task) for HR
**
Happy Friday all,
I am setting up our HR department with SRM and we would like to have HR
tickets segregated from the others
1. Avoid advance interface forms, to allow for self-administration of
SR Catalog, and keep any maintenance tasks to a minimum
2. Non-HRIS personnel should not have access to HRIS Requests nor Work
Order/Tasks
3. All HRIS personnel should have access to Requests, WOs, Tasks,
regardless of assignment
4. Non-HRIS Requests, WOs, Tasks need to be available to the rest of
the users
I am looking at setting up row level security for this, so if you have tried
this I'd be very appreciative of your experience. Here's what I have been
able to discern so far:
OOB SRM:Request's field 1, 'SysRequestID', has only the Assignee, Assignee
Group, OBOAssignee, Submitter, Vendor Assignee Groups and 'Unrestricted
Access' (role) that grant access to an entry.
Though 'Assignee Group' is set, no field 112 has been created. The
'OBOAssignee' field is used, and workflow sets this to $USER$, $Requested By
Login ID$, and $Requested For Login ID$. Similarly, the Vendor Assignee is
set by workflow as well, if a vendor is assigned the request.
My working plan is to remove the 'Unrestricted Access' from field 1, use the
assignee group in field 112 and a parent group in a dynamic group field as
described in the FormApp guide to grant access to the assignee group and all
HRIS groups. Filters will set field 112, the system will set the dynamic
group and all HRIS groups should have access to the tickets when an HRIS
group is assigned. If the Assignee is not in HRIS, a generic permissions
group (General Access?) will be put into 112.
First, if anyone has a better idea on this, please let me know.
Otherwise, what I'm going to be looking at is whether or not I a filter can
determine if an assignee group is in a parent group (so I don't have to
update code when HR adds a new support group).
Kelly Logan, Sr. Systems Administrator (Remedy, Planview), GMS
ProQuest | 789 E. Eisenhower Parkway, P.O. Box 1346 | Ann Arbor MI
48106-1346 USA | 734.997.4777
kelly.lo...@proquest.com
www.proquest.com
ProQuest...Start here. 2010 InformationWeek 500 Top Innovator
P Please consider the environment before printing this email.
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender, and
delete the message from your computer.
_attend WWRUG12 www.wwrug.com ARSlist: Where the Answers Are_
___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
attend wwrug12 www.wwrug12.com ARSList: Where the Answers Are
