This documentation applies to the 8.1 version of BMC Atrium Core, which is in "End of Version Support." You will not be able to leave comments.

To view the latest version, select the version from the Product version menu.

Permission scenarios when managing user access to BMC Atrium CMDB data

BMC Atrium CMDB provides the following methods of managing user access to data:

  • Application roles
  • Class and attribute permissions
  • Instance permissions

The following table lists different scenarios of how data access-control might be configured for read and write access to a class and an instance of that class, and what happens when Joe Unser, an employee at Calbro Services, tries to read or modify that instance.

Data-access scenarios for reading and writing data

Member of CMDB Data View role?

Member of CMDB Data Change role?

Class permission

Permission for all attributes

CMDB RowLevel Security access?

CMDB Write Security access?

Result

N/A

Yes

Visible

View

Yes

N/A

Joe can see the class in his list of objects, and can see all attributes of the class. Joe can view and modify the instance.

Yes

No

Visible

View

Yes

No

Joe can see the class in his list of objects, and can see all attributes of the class. Joe can see the instance, but when he tries to modify the instance, he sees a permission error.

N/A

Yes

Visible

View

N/A

No

Joe can see the class in his list of objects, and can see all attributes of the class. Joe can see the instance, but when he tries to modify the instance, he sees a permission error.

N/A

Yes

Hidden

N/A

N/A

Yes

Joe cannot see the class in his list of objects. However, Joe can modify the data on that instance through workflow started in another class.

No

No

Visible

Change

N/A

N/A

Joe can see the class in his list of objects, and can see all attributes of the class. Joe can view and modify the instance.

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Comments

  1. Doug Mueller

    If going to leave as a table, can you at least change the titles of two columns to be something like

    CMDBRowLevel-                  CMDBWrite-

    Security access                   Security access

     

    These two columns have an entry of yes/no/n/a but they take up enormous space and the one column with lots of content has a small header so the important data is all vertical.  No one will be confused by the attribute name having the split in it an dit would sure make this table more readable.

    May 17, 2013 12:51