This documentation supports the 9.1 version of Remedy IT Service Management Suite.

To view the latest version, select the version from the Product version menu.

Row-level security

The BMC Remedy ITSM applications use row-level security (RLS), a BMC Remedy Action Request System feature to control access to BMC Remedy ITSM ticket data. For a detailed description of the BMC Remedy AR System RLS feature, see Controlling access by using implicit groups: Row-level security.     

RLS feature of BMC Remedy ITSM enables you to categorize tickets into different typesBMC Remedy ITSM ticket data access is granted to individuals (for example, submitter, on behalf of, and assignee) and support groups associated with a ticket. This restricts ticket data access to only those users who require it. 

Using the hierarchical groups, you can extend the ticket access. For example, you can extend the ticket access to the entire IT Staff group and restrict the access to non-IT staff in a company. For details on hierarchical groups, see Hierarchical groups: Using a parent group for permission inheritance.


This topic includes the following sub-topics:

Row-level access: Permissions defined on Request ID

Every form defined in BMC Remedy AR System contains a set of core fields. The Request ID core field has a unique field ID of 1. The BMC Remedy AR System uses the permissions defined on the Request ID (Field ID 1) field to determine who should have access to a ticket. The following permissions are defined on most BMC Remedy ITSM forms. Individual or groups defined under these permissions can access a ticket.

Note

For information about BMC Remedy ITSM data access model in Remedy 9.1.02, see Data access model in BMC Remedy ITSM 9.1.02.


Request ID permissionDetails
Assignee (field 4)Individual who is assigned a ticket.
Submitter (field 2)Individual who submitted a ticket.
Assignee Group (field 112)

Individuals and groups to whom the ticket is assigned.

For a detailed description of data contained in this field, see BMC Remedy ITSM application usage of Assignee Group (field 112) field.

Assignee Group Parent (field 60989)Parent group of the Assignee Group. For details, see Hierarchical groups: Using a parent group for permission inheritance.
Unrestricted access (role)Individuals with this role.
Vendor Assignee Group (field 60900)

A group or individual defined in this field has access to a ticket. This field is left blank for all BMC Remedy ITSM applications and is meant for customer use. Customers can write their own workflow to populate this field for any additional data access requirement.

Vendor Assignee Group Parent (field 60901)Parent group of the Vendor Assignee Group. For details, see Hierarchical groups: Using a parent group for permission inheritance.

Example

Allen creates an Incident Management ticket with the following details:

  • Customer: Allen
  • Direct Contact: Ian
  • Assigned Group: Backoffice Support (Parent of Backoffice Support is IT Data Access)
  • Owner Group: Service Desk (Parent of Service Desk is IT Data Access)

Who can access the ticket?

  • Allen (Customer)
  • Ian (Contact)
  • Members of Backoffice Support, Service Desk, and IT Data Access (Assigned support group, Owner support group, parent of Assigned and Owner support groups)

As RLS can further be rolled up using the hierarchical groups, in this example, IT Data Access group being a parent of Backoffice Support and Service Desk can access the ticket.

Assignee Group (field ID 112) values for various BMC Remedy ITSM applications

Individuals and groups mentioned in field 112 have access to ticket data. The table below lists the individuals and groups included in field 112 for various BMC Remedy ITSM applications.

BMC Remedy ITSM applicationForm nameField 112 includes
Incident Management

HPD:Help Desk

  • Customer Login ID
  • Contact Login ID  
  • Assigned Support Group ID  
  • Owner Support Group ID
Problem Management

PBM:Problem Investigation

  • Assigned Support Group ID
  • Problem Coordinator Support Group ID
PBM:Known Error
  • Company ID
PBM:Solution Database
  • Company ID
Change Management

CHG:Infrastructure Change

  • Requested For Login ID
  • Requested By Login ID  
  • Coordinator Support Group ID  
  • Manager Support Group ID 
  • Implementer Support Group ID
Release ManagementRMS:Release
  • Assigned Support Group ID
Asset Management


AST:PurchaseRequisition
  • Company ID
CTR:ContractBase
  • Company ID
CTR:ContractBase
  • Company ID
AST:CI Unavailability
  • Company ID

Note: For individual configuration item (CI) records, the tenancy is set by the value in the Company field on the CI, and by the Used by relationship of Company entries associated with the CI. For more details, see Working with Configuration Items.

Task ManagementTMS:Task
  • Field 112 values from a parent ticket (for example, an Incident Management or Change Management ticket) and the Assigned Support Group ID
Service Request ManagementWOI:WorkOrder
  • Customer Login ID
  • Contact Login ID  
  • Manager Support Group ID  
  • Assignee Support Group ID
SRM:Request
  • Requested For Login ID  
  • Requested By Login ID  
  • Assigned Support Group ID

Related topics

The following topics provide additional information:

BMC Remedy ITSM data access model

Hierarchical groups: Using a parent group for permission inheritance

Controlling access by using implicit groups: Row-level security

Multi-tenancy

Working with Configuration Items

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Colin Rolls

    A large and red bold heading is needed on this page noting all of this has changed in 9.1.02 and this is the page that needs referring to if users are using 9.1.02:

    https://docs.bmc.com/docs/display/public/itsm91/Row-level+security+9.1.02

    Now that there is an 'Application Permission Model' setting in 9.1.02 this changes the example on this page to be different depending on what is in that setting, also the entire table showing what is put in 112 is different depending on the setting. 

     

    Jul 17, 2017 08:38
    1. Mokshada Shivarekar

      Hello Colin,

      Thank you for your comment. I will work on it and update the docs.

      Regards,

      Mokshada 

      Jul 17, 2017 11:31
    1. Jyoti Nerkar

      Hello Colin,


      We have added the following note:

      For information about BMC Remedy ITSM data access model in Remedy 9.1.02, see Data access model in BMC Remedy ITSM 9.1.02.


      Regards,

      Jyoti

      Apr 17, 2019 02:03