Managing permissions for CMDB classes
To view and manage (create, edit, and delete) a record of a class (configuration item (CI), asset, or Rule Based class), BMC Remedyforce validates the following permissions:
- Object-level permission to the profile—The user who is accessing the record of a class must have access (Read, Create, Edit, and Delete) to the object of the class. For example, a user whose profile is ServiceDesk Staff wants to access records of the Computer System class. BMC Remedyforce validates the permissions of the ServiceDesk Staff profile on the
Computer Systemobject. For all the out-of-the-box classes, a corresponding object is available. If you want to control access of a custom class for a profile, create an object in Salesforce with the name of the custom class and provide the required profile permissions to the object. For more information, see Assigning object-level permission to a profile.
- User-level permission to access CIs or assets—The Asset Management View and CI Management View permissions are added to the User page. The value selected in these permissions decide if a user can view, read, update, and delete an asset or CI in the Remedyforce CMDB tab. For example, if you select Hidden in the Asset Management View list, all asset classes are hidden for the user. To show a CI or asset to a user, after validating the object-level permission for the user profile, the value in these permissions are checked. For more information, see Assigning user-level permission to access CIs or assets.
Assigning object-level permission to a profile
The following procedure is based on the enhanced profile user interface provided by Salesforce. For information about enabling the enhanced profile interface, see the Salesforce Help.
- Click the Remedyforce Administration tab.
- On the Home page, click the Manage Users tile, and from the menu, select Profiles.
- On the Profiles page, click a user profile, such as ServiceDesk Staff.
- In the Apps section, click Object Settings.
- Click the object for which you want to manage permissions, such as Computer Systems.
- Click Edit.
- Configure the appropriate permissions of the object (Read, Create, Edit, or Delete).
For example, to enable users of a profile to create and edit computer system records, select the Read, Create, and Edit check boxes for the
For more information about permissions, see Salesforce Help.
- Click Save.
Assigning user-level permission to access CIs or assets
The Asset Management View and CI Management View permissions are not available on the User page by default.
- To show the Asset Management View and CI Management View permissions on the User page, perform the following actions:
- Navigate to Setup > Users > Page Layouts.
- In the User Page Layouts section, in the Action column, click Edit next to the page layout that is assigned to the System Administrator profile.
- From the Fields palette, drag CI Management View and Asset Management View to the appropriate section on the page layout.
- Click Save.
- Navigate to the User page by performing one of the following actions:
- Setup > Manage Users > Users
- Remedyforce Administration > Manage Users > Add and Edit User
- On the Users page, click Edit for the user whose CMDB permissions you want to manage.
- In the Asset Management View and CI Management View fields, select the required values.
- Click Save.