User permissions
BMC Remedyforce uses profiles and permission sets to grant users access to different functions. Profiles contain basic access rights and permissions for a group of users. Permission sets can be used in addition to profiles to provide additional levels of access and permissions to a user or multiple users.
Functions granted to profiles and permission sets
Different profiles and permission sets have been granted different functions in BMC Remedyforce.
- Remedyforce clients have access to Self Service only. In Self Service, the clients can create and view incidents and service requests raised by them. They can also view knowledge articles.
- Remedyforce change managers and staff members can access the Remedyforce Dashboard tab. Remedyforce staff members can also access Self Service.
System administrators and users with the Remedyforce Administrator permission set have access to the Remedyforce Administration tab.
System administrators can perform all the actions in BMC Remedyforce. However, users with the Remedyforce Administrator permission set cannot access the Salesforce standard objects and some of the Salesforce links that are available on the Remedyforce Administration tab. For more information, see Limitations of the Remedyforce Administrator permission set.Note
Users with the Remedyforce Administrator permission set can access the Remedyforce Administration tab only if the View Setup and Configuration check box is selected for their profile.
Access to modules based on profiles and permission sets
The following table lists the modules in BMC Remedyforce and the access that is given to the BMC Remedyforce profiles and permission sets. In the table, R represents Read, C represents Create; E represents Edit, and D represents Delete.
Note
Although the private sharing rule is enabled for the Incidents and Tasks objects, users with the Remedyforce Administrator permission set can also view and edit the records of other users because of the View All and Modify All permissions on these objects.
| Modules | Profiles | Permission sets | ||||
|---|---|---|---|---|---|---|
| ServiceDesk Change Manager | ServiceDesk Staff | ServiceDesk Staff | ServiceDesk Change Manager | ServiceDesk Release Coordinator | Remedyforce Administrator | |
Incidents | R, C, E, D | R, C, E, D | R, C, E | R, C, E | R | R, C, E, D, View All, Modify All |
Tasks | R, C, E, D | R, C, E, D | R, C, E | R, C, E | R | R, C, E, D, View All, Modify All |
Broadcasts | R, C, E, D | R, C, E, D | R, C, E | R, C, E | R, C, E, D, View All, Modify All | |
Problems | R, C, E, D | R, C, E, D | R, C, E | R, C, E | R | R, C, E, D, View All, Modify All |
Change Requests | R, C, E, D | R | R | R, C, E, D | R | R, C, E, D |
Releases | R, C, E, D | R | R | R, C, E, D | R, C, E, D | R, C, E, D |
Knowledge Articles | R, C, E, D, View All | R, C, E, D, View All | R, C, E, D, View All | R, C, E, D, View All | R, C, E, D, View All | |
Salesforce Reports tab | view, can create customized reports, run and export reports | view, can create customized reports, run and export reports | view, can create customized reports, run and export reports | view, can create customized reports, run and export reports | view, can create customized reports, run and export reports | |
CMDB | ||||||
| R, C, E, D | R, C, E, D | R, C, E | R, C, E | R, C, E, D | |
All other objects that map to CI and relationship classes | R, C, E, D | R, C, E, D | R, C, E, D | R, C, E, D | R, C, E, D | |
Note
Although in CMDB 2.0, all CI data is stored in the Base Element object, the R, C, E, D permissions are still configured for each object that maps to a CI or relationship class in CMDB 2.0. For example, to remove the edit access only for the Computer System CI in CMDB 1.0 and 2.0, you must update permissions for the Computer System object and not the Base Element object. However, if the Base Element object is not given a specific permission, such as delete, users cannot delete a CI even if the corresponding object is given the delete permission. For example, users with the ServiceDesk Staff permission set cannot delete a Computer System CI in CMDB 1.0 or 2.0 because the Base Element object is not given the delete permission.
Access to functionality based on profiles and permission sets
The following table lists the various functionalities in BMC Remedyforce and the access that is given to the BMC Remedyforce profiles and permission sets. In the table, R represents Read, C represents Create; E represents Edit, and D represents Delete.
| Modules | Profiles | Permission sets | ||||
|---|---|---|---|---|---|---|
| ServiceDesk Change Manager | ServiceDesk Staff | ServiceDesk Staff | ServiceDesk Change Manager | ServiceDesk Release Coordinator | Remedyforce Administrator | |
QuickViews (custom) | R | R | R | R | R | |
Agreements | R, C, E, D | R | R | R, C, E, D | R, C, E, D | |
Request Definitions | R, C, E, D | R | R | R, C, E, D | R, C, E, D | |
Chatter | Default On | Default On | Default On | Default On | Default On | Default On |
Clients | R, C, E | R, C, E | R, C, E | R, C, E | R, C, E | |
Projected Service Outages | R, C, E, D | R | R, C, E | R, C, E | R, C, E, D | |
Accounts | R, C, E, D | R, C, E, D | ||||
Templates | R, C, E, D | R, C, E, D | R, C, E | R, C, E | R | R, C, E, D |
Surveys | R, C, E | R, C, E | R, C, E | R, C, E | R, C, E, D, View All, Modify All | |
Global Search | R, C, E, D | R, C, E, D | R, C, E, D | R, C, E, D | R, C, E, D, View All, Modify All | |
Note
Users who are assigned the Remedyforce Administrator permission set are granted only Read access to custom QuickViews. You must also select the Remedyforce Administrator check box for these users to enable them to create, edit, and delete custom QuickViews, and copy out-of-the-box QuickViews.
Limitations of the Remedyforce Administrator permission set
The following are a few limitations of the Remedyforce Administrator permission set:
- The Remedyforce Administrator permission set does not enable users to populate BMC Remedyforce with demo data. On the Getting Started tab, for step 1 (Populate Remedyforce with demo data ), if the users select Click here to begin, an error message is shown.
To enable this link for users with the Salesforce license, the system administrator must grant the Manage Users profile-level permission. However, this profile-level permission is not available for users with the Salesforce Platform license. - The Remedyforce Administrator permission set does not grant access to any Salesforce standard object. Specifically, the Remedyforce Administrator permission set does not grant access to the following Salesforce standard objects and the BMC Remedyforce custom objects that have a master-detail relationship with a Salesforce standard object.
- Account
- Account CI Link
- Broadcast Account Link
- Entitlement
- SLA Account Link
- User Account Link
The system administrator can grant the required permissions for these objects to the user's profile.
The Remedyforce Administrator permission set does not grant access to the Salesforce links on the Remedyforce Administration tab. To enable users to access the Salesforce links, the system administrator must assign the required profile-level permissions.
The following table lists the profile-level permissions that are required to access the Salesforce links on the Remedyforce Administrationtab. The table also indicates the availability of the required profile-level permissions for Salesforce Platform license users. All the profile-level permissions listed in the table are available for Salesforce license users.Note
By default, the Salesforce Platform license users can only view all Salesforce pages listed in the table, except View Login History + and Storage History +.
Profile-level permissions required to access the Salesforce links on the Remedyforce Administration tab
Salesforce link on the Remedyforce Administration tab
Required profile-level permission to access the corresponding Salesforce page
Available for Salesforce Platform license users
Manage Users Tile
Add and Edit User +
On the profile page, in the Administrative Permissions section, select the Manage Users check box.
Not available
Edit Permission Set +
Manage Queues +
Manage Remedyforce Licenses +
Profiles +
Roles +
View Login History +
Create Dashboard and Reports Tile
Report Types +
On the profile page, in the Administrative Permissions section, select the Manage Custom Report Types check box.
Not available
Reports & Dashboards (Salesforce) +
On the profile page, in the Administrative Permissions section, select the Manage Dashboards check box.
Available
License and Storage Usage Tile
Remedyforce License Usage +
On the profile page, in the Administrative Permissions section, select the Manage Users check box.
Not available
Salesforce License Usage +
Storage Usage +
Configure Email Tile
Email Services +
On the profile page, in the Administrative Permissions section, select the Customize Application check box.
Not available
Email Templates +
On the profile page, in the Administrative Permissions section, select the Manage Public Templates check box.
Organization-Wide Addresses +
On the profile page, in the Administrative Permissions section, select the Modify All Data check box.
Manage Workflows and Other Processes Tile
Approval Processes +
On the profile page, in the Administrative Permissions section, select the Customize Application check box.
Not available
Email Alerts +
Field Updates +
Workflow Rules +
Related topic
Supported Salesforce platform versions, user types, and licenses
Comments
Log in or register to comment.