×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

 

This documentation supports the 21.05 version of BMC Helix ITSM. To view an earlier version, select the version from the Product version menu.
BMC Helix ITSM 21.05 ... Onboarding and implementing Setting up the Tenancy mode

Data access in a multitenant environment

Access control to data in a multitenant environment is the same as in a single tenant environment. Row Level Security (RLS) is used to control data access between companies and works in the same manner as it does within a company. Members who belong to several companies in a multitenant environment use the following types of data through BMC Helix ITSM applications:

Related topics

Access control for ticket data


Data typeDescription
Configuration

A company’s configuration data is accessible to the following users:

  • A member of the company or its parent company
  • A user with access to the company
Transactional (ticket) 

 Each ticket is treated as a row in BMC Helix ITSM. Access to this data can be of the following types:

  • Unrestricted: Users with the BMC Helix ITSM Unrestricted Access role can access all ticket data.
  • Row-level: You can choose to provide ticket data access at support group level or support group and company level. According to the Application Permissions Model setting available in System Settings form, the following users can access ticket data: 
      • Support Group: If you select this option for the Applications Permissions Model field, the following users can access ticket data:
        • User who submits the ticket
        • User who is assigned the ticket
        • Owner group that owns the ticket
        • A member of the support group associated with the ticket
        • A member of the parent group of the support group associated with the ticket
      • Support Group and Company: If you select this option for the Applications Permissions Model field, the following users can access ticket data:
        • User who submits the ticket
        • User who is assigned to the ticket
        • Owner group that owns the ticket
        • A member of a support group associated with the ticket
        • A member of the parent group of the support group associated with the ticket
        • All the members of a location and customer company referenced on the ticket
        • All the members of the parent group of a location and the customer companies referenced on the ticket

    • For details, see Access control with implicit groups: Row-level security and Inheriting permissions by using hierarchical groups.


Important

This setting is not available to BMC Service Request Management. Service Requests contains additional information that is required by the agents who work on the fulfilment of the Service Request. The fulfilment of the Service Request is done through incident, work order, or other ticket that is related to the Service Request.   The agent working on the fulfilment record needs to be able to see the Service Request and the related information.  This is why the Service Request row level security is only enforced at the Company level.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Dhanya Menon on Sep 27, 2023
data_access_in_multi_tenancy configuration_data_access_multi_tenancy ticket_data_access_multi_tenancy hierarchical_group_for_multi_tenancy

Comments

Log in or register to comment.

Setting up the Tenancy mode
Tickets that can be assigned to support staff in other companies
© Copyright 1991 - 2021 BMC Software, Inc. © Copyright 1991 - 2021 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.