This documentation supports the 9.1 to 9.1 Service Pack 3 version and its patches of BMC Atrium Core. The documentation for version 9.1.04 and its patches is available here.

To view the latest version, select the version from the Product version menu.

Permission scenarios when managing user access to BMC Atrium CMDB data

BMC Atrium CMDB provides the following methods of managing user access to data:

  • Application roles
  • Class and attribute permissions
  • Instance permissions

The following table lists different scenarios of how data access-control might be configured for read and write access to a class and an instance of that class, and what happens when Joe Unser, an employee at Calbro Services, tries to read or modify that instance.

Data-access scenarios for reading and writing data

Member of CMDB Data View role?

Member of CMDB Data Change role?

Class permission

Permission for all attributes

CMDB RowLevel Security access?

CMDB Write Security access?

Result

N/A

Yes

Visible

View

Yes

N/A

Joe can see the class in his list of objects, and can see all attributes of the class. Joe can view and modify the instance.

Yes

No

Visible

View

Yes

No

Joe can see the class in his list of objects, and can see all attributes of the class. Joe can see the instance, but when he tries to modify the instance, he sees a permission error.

N/A

Yes

Visible

View

N/A

No

Joe can see the class in his list of objects, and can see all attributes of the class. Joe can see the instance, but when he tries to modify the instance, he sees a permission error.

N/A

Yes

Hidden

N/A

N/A

Yes

Joe cannot see the class in his list of objects. However, Joe can modify the data on that instance through workflow started in another class.

No

No

Visible

Change

N/A

N/A

Joe can see the class in his list of objects, and can see all attributes of the class. Joe can view and modify the instance.

Was this page helpful? Yes No Submitting... Thank you

Comments