Smart IT permissions
This topic includes the following information:
Overview
General access to Smart IT, its capabilities, and data is controlled by BMC Remedy ITSM application permissions. For example, a Smart IT user with BMC Change Management application permissions has access to the change graphs in the Smart IT Dashboard as well as other Smart IT change management related capabilities and data. Some permissions are required before a user can open the Smart IT UI, while other optional permissions can extend the capabilities of the user. Which permissions are mandatory and which permissions are optional depend on the job the person associated with the login ID needs to do. Permissions can also be combined, so that one person can perform multiple jobs if necessary.
If you are setting up Smart IT to work with an existing BMC Remedy ITSM installation, the People records might already have the necessary permissions to work with Smart IT. BMC recommends, however, that you use the information in this topic to ensure that any existing People records have the correct permissions to access the Smart IT capabilities and data, according to the person's role in the organization.
Smart IT roles
Smart IT has its own broadly defined concept of roles, which are described in the following table. These roles are referred to later in this topic when describing permissions and should not be confused with the BMC Remedy ITSM functional roles described elsewhere in the BMC Remedy ITSM documentation.
Notes
- The terminology used in the Related jobs column of the following table might be different from that used by your organization. Use Related jobs only as a general guide to what the person does.
- The activities listed in the Example activities column and the extent to which they can be performed in some cases depend on the exact permissions granted to the individual. For example, when updating knowledge articles, the extent to which knowledge article metadata can be updated by a Knowledge Author depends on the level of BMC Knowledge Management permissions the Knowledge Author has. Likewise, Change Agents cannot create change request tickets if they only have Infrastructure Change Viewer permissions; however, they can access the Create New link.
| Smart IT role name | Related jobs | Example activities |
|---|---|---|
| ITSM Agent | Anyone who performs one or more of the following jobs in your organization:
| ITSM Agents perform the following activities in Smart IT:
|
| Change Agent | Anyone who performs one or more of the following jobs in your organization:
| Change Agents perform the following activities in Smart IT:
|
| Knowledge Author | Anyone who performs the following activities in your organization:
| Knowledge Authors perform the following activities in Smart IT:
|
| ITSM Admin | Anyone who configures Smart IT or performs other application related administrative functions. | ITSM Admins manage the following aspects of Smart IT from the Configuration menu:
|
Basic requirements to access Smart IT
The basic requirements for accessing Smart IT depend on what the person needs to do.
Smart IT access
Everyone who uses Smart IT as a user (that is, not as an administrator), must have permissions from the ITSM Agent role, the Change Agent role, or the Knowledge Author role, as described in the preceding table. Make sure you review the Permissions descriptions to ensure you assign all of the required permissions for a particular Smart IT role.
Note
Additionally, people accessing the Smart IT UI must have access restrictions defined in their People record. Smart IT uses access restrictions to determine what company information it displays on the dashboard.
For example, basic access requirements for a Smart IT user might look like this:
- Access restrictions defined + ITSM Agent role permissions
- Access restrictions defined + Change Agent role permissions
- Access restrictions defined + Knowledge Author role permissions
Administrator access
Anyone who performs Smart IT configuration or administration activities must have permissions from either the ITSM Agent role or the Change Agent role.
Additionally, an administrator also needs ITSM Admin permissions.
For example, basic Smart IT access requirements for an Administrator might look like this:
- ITSM Agent role + ITSM Admin role permissions
- Change Agent role + ITSM Admin role permissions
Smart IT user and Admin access
Anyone who needs to access Smart IT as a user and who also needs to work as an administrator must have: access restrictions defined, a role permission, and ITSM Admin permissions.
For example, basic Smart IT access requirements for someone working as both a Smart IT user and as an administrator might look like this:
- Access restrictions defined + ITSM Agent role permissions + ITSM Admin role permissions
- Access restrictions defined + Change Agent role permissions + ITSM Admin role permissions
Multiple roles
People who fulfill multiple roles within an organization need multiple permissions. For example, Ian Plyment is a second level service desk agent who needs to look at incident tickets and to create change requests when required. This means that Ian needs both ITSM Agent role and the Change Agent role permissions. Ian also needs to publish knowledge articles and so he also has Knowledge Author role permissions.
Ian's access and permissions look like this:
- Access restrictions defined + ITSM Agent role permissions + Change Agent role permissions + Knowledge Author role permissions
Note
In Smart IT, people without Viewer permissions (for example, Problem Viewer permissions) are still able to see the high-level summary views of records that are not yet fully supported by Smart IT (known error and problem investigation) . For example, in Smart IT, if you don't have Problem Viewer permissions, you are still able to see the Problem Summary view of the problem investigation ticket. This is because the Problem Summary view in Smart IT shows almost the same amount of information that you would see in a row of any Relationship table in the Standard BMC Remedy ITSM applications.
Permissions descriptions
This section outlines the permissions needed to access Smart IT, organised according to the Smart IT roles described earlier in this topic. In some cases, there are several permissions that you can choose from. Select the permission that best matches the person's function in the organisation. For example, if a manager needs one of the Change Agent permissions, you might give that person Infrastructure Change Master permissions, rather than Infrastructure Change User permissions.
ITSM Admin permissions
An ITSM Admin must have AR System Administrator permissions to enable field configuration and perform general system level administrative tasks, such as configuration, setting up user accounts, and so on.
In addition, if an ITSM Admin provides administration for support groups, that person needs Struct Admin permissions.
ITSM Agent permissions
The following table lists the permissions that ITSM Agents must have:
Note
- An ITSM Agent needs one permission from each row in the following table.
- A user ID can have more than one permission from each row in the table.
| Category | Permission | Additional information |
|---|---|---|
| BMC Service Desk: Incident Management | At least one of the following permissions is required:
| None |
| BMC Asset Management | At least one of the following permissions is required:
| None |
| Task Management System | At least one of the following permissions is required:
| None |
(Only if installed) | At least two of the following permission are required (one from each type):
Examples
| When BMC Service Request Management is installed on your system, the ITSM Agent login ID must have at least two BMC Service Request Management permissions. You must grant these permissions when BMC Service Request Management is installed, even if the person to whom you are granting the permissions does not use the BMC Service Request Management application. |
The specific permission that you assign from each BMC Remedy ITSM application depends on the specific role the person fulfills in your organization. For example, depending on the ITSM Agent's exact role in the organization, you might need to assign the following permissions:
- Incident User
- Asset Viewer
- Task Manager
- Work Order Master (only if BMC Remedy Service Request Management is also installed)
- SRM Administrator (only if BMC Remedy Service Request Management is also installed)
Change Agent permissions
Change Agents must have at least one of the following permissions. The specific permissions that you assign depends on the specific role the person fulfills in your organization:
- Infrastructure Change User
- Infrastructure Change Master
- Infrastructure Change Viewer
- Infrastructure Change Submit
Note
Access to Change Management functionality in Smart IT depends upon the level of permissions. For example, Infrastructure Change Viewers cannot create change request tickets in Smart IT, but they can access the Create New link.
In addition to needing one of the BMC Change Management permissions listed above, a Change Agent must have Asset Viewer permissions (from the BMC Asset Management permissions). If the person for whom you are setting up the user ID is also a ITSM Agent, that person might already have this permission. If this is the case, you do not need to assign the permission again.
The specific permissions that you assign depends on the specific role the person fulfills in your organization.
Knowledge Author permissions
Knowledge Authors must have at least one of the following BMC Knowledge Management permission:
- Knowledge Admin
- Knowledge User
- Knowledge Submitter
In addition to one of the BMC Knowledge Management permissions, a Knowledge Author must be a member of a support group and have one of the following BMC Asset Management permissions:
- Asset Viewer
- Asset User
- Asset Admin
Notes
- If the person for whom you are setting up the user ID is also a ITSM Agent, they might already have some Asset permissions. If the person has already has these permissions, you do not need to assign the permissions again.
- With the Asset permissions, Knowledge Authors can update their own profile. If you add Foundation – Contact People permissions, which are not mandatory, the Knowledge Author is able to update profiles for other people (support and nonsupport).
- For Knowledge Authors to configure knowledge templates, they need ITSM Admin permissions.
The specific permissions that you assign depends on the specific role the person fulfills in your organization.
Updating or changing permissions
If you need to update the permissions for existing support staff, see the information under "Updating permissions for support staff" in the Adding support staff topic of the BMC Remedy ITSM suite online documentation.
Related topics
BMC Asset Management permissions (in the BMC Asset Management online technical documentation)
BMC Service Desk user permissions (in the BMC Service Desk online technical documentation)
Change Management permissions (in the BMC Change Management online technical documentation)
Foundation module permission groups (in the BMC Remedy ITSM suite online technical documentation)
Struct Admin permissions (in the BMC Remedy AR System online technical documentation)
Task Management System permissions (in the BMC Change Management online technical documentation)
Knowledge Management user permissions (in the BMC Knowledge Management online technical documentation)
Comments
This section talks about support staff members access but nothing on SmartIT When I selected the link from the previous section, it brought me here So what permissions do I need to grant to the End User to use Smart IT?
Hi, Leonard.
The intro to "Permissions for core BMC Remedy ITSM suite applications and components" states for Smart IT users, their login ID must have at least one permission from each of the permission groupings in the table. So, users need at least 1 each of the Foundation, Task Management, Asset Management, and Incident Management permissions.
I take it that Service Request User permissions are also required for SRM creation? Is the Foundation permission for updating People profiles?
Hi Leonard,
Yes, your assumptions are correct.
-Bruce.
Hi Leonard,
One more clarification... Smart IT is used by support staff rather than end users. Smart IT allows support staff to submit service requests for customers/end users who might need a request created to help resolve an issue.
Regards,
Cathy
Hi Leonard,
Sorry, I needed to edit my response above, and I will clarify further. Service requests are created in Smart IT just as if the customer created them for him/herself, as explained in Submitting service requests using Smart IT.
Regards,
Cathy
Hi,
How can I link Incident ticket to problem/change ticket in Smart IT? from the Link I cannot find find it although I have all the ITSM permissions in People profile, please advise thanks!
Hi, I'm looking into this and will get back to you ASAP.
Hi,
I've spoken to our subject matter experts about this, and unfortunately the type of linking that you are trying is not currently supported in Smart IT.
-Bruce.
Hi we are in the process of configuring Smart IT in our Dev environment We currently do not use work orders and we understand users need this permission to access Smart IT, however we do not want users to be able to see the Work Order menu options in ITSM Remedy in the applications menu
We feel users will try to use this functionality before we are ready to have it implemented How can we hide these menu options until we are ready to fully deploy work orders?
Hi Shannon,
Thanks for your question, and sorry for the delayed response. I'm looking into this.
Regards,
Cathy
Hi ,
What is request Console Master permission, i cannot find it in remedy 8.1.02 version?
Hi Anusha,
Thanks for your question. I'm looking into it.
Cathy
Hi Anusha,
The Request Console Master permission was incorrectly included in the documentation, so I removed it.
Thanks,
Cathy
Hello,
Would you please provide a minimum set of permissions required for user to access Smart IT ? Let's say, he needs read only access for all the ITSM modules available in Smart IT.
I have a user who is getting the message "You are not authorized..." while trying to access Smart IT. And in this article it's not clear, which are the user permissions to at least access the tool. For instance, should I set Support Staff = Yes in People form ?
Regards,
Pavlo
Hi Pavlo,
The permissions a user needs depends on the person's Smart IT role, such as ITSM Agent, Change Agent, or Knowledge Author.
See the section above called Permissions descriptions - For ITSM Agent, for example, viewer permissions are not enough. You must have Incident User, and Asset Viewer, and Task User, and if SRM is installed, one of the Work Order permissions listed above (like Work Order User) and an SRM permission (like Service Request User).
Incident Users must be members of a support group to access the Incident form. The particular support group they belong to also determines which records they can modify. See Permission groups and application access (and sub-topics) in the BMC Remedy ITSM documentation for details.
Finally, Smart IT requires that you apply Access Restrictions, as explained in the section above called Basic requirements to access Smart IT. Access Restrictions determine which records users can see, for example, records for certain companies. See Configuring access for people for more details.
Let me know if this additional information is helpful.
Regards,
Cathy
This permission scheme is complex and burdensome. I'd recommend streamlining this for future releases. Perhaps a single role for each of the mentioned roles that would encompass "user level" permissions, with the ability to fine-tune by adding additional permissions via the People form.
Thank you for your comment Jordan. We will work on restructuring this information to make it easier to read.
Regards,
Priya
Thanks Priya,
It's not so much the presentation of the information I have an issue with - it's the way the permission scheme is designed. It seems cumbersome from an administration perspective. It would be nice if it were more adaptable, or if there was a single role that could be applied instead of mandatory, multiple roles.
Hi Jordan,
The BMC Remedy with Smart IT team invites customer ideas and suggestions. You can leave your feedback at the following communities page and the development team will work on it.
https://communities.bmc.com/community/bmcdn/bmc_it_service_support/content?filterID=contentstatus%5Bpublished%5D~objecttype~objecttype%5Bidea%5D
Since this is a shared community, other users can vote on the idea to get a high rank to be considered for future releases.
Log in or register to comment.