Smart IT roles and permissions
Smart IT has its own broadly defined concept of roles, which are described in the following table. These roles are described in detail in this topic when describing permissions and should not be confused with theBMC Helix ITSM functional roles described in the BMC Helix ITSM documentation.
The terminology used in the Related jobs column of the following table might be different from the terminology used by your organization. Use Related jobs only as a general guide to what the person does.
The activities listed in the Example activities column are dependent on the exact permissions granted to the user. For example, when updating knowledge articles, the extent to which knowledge article metadata can be updated by a Knowledge Author depends on their level of Knowledge Management permissions. Likewise, Change Agents cannot create change request tickets if they only have Infrastructure Change Viewer permissions.
Roles and permissions
(BMC Helix ITSM documentation)
Mapping roles to permission groups
(BMC Helix ITSM documentation)
Granting people access to companies
(Action Request System documentation)
Knowledge-Centered Service user roles and permissions
Roles and permissions
(Knowledge Management documentation)
Struct Admin group permissions
(Action Request System documentation)
Smart IT roles
The following video (3:23) provides an overview of roles offered in Smart IT.
The following video (2:00) provides the procedure for assigning permissions to users in Smart IT.
Smart IT role name | Related jobs | Example activities |
|---|---|---|
IT Admin | An administrator who configures Smart IT or performs other application related administrative functions. | IT Admins manage the following aspects of Smart IT from the Configuration menu:
|
IT Agent | Any Smart IT user who performs one or more of the following jobs in your organization:
| IT Agents perform the following kinds of activities in Smart IT, with the required permissions:
|
Change Agent | Any Smart IT user who performs one or more of the following jobs in your organization:
| Change Agents perform the following kinds of activities in Smart IT, with the required permissions:
|
Problem Agent | Any Smart IT user who performs one or more of the following jobs in your organization:
| Problem Agents perform the following kinds of activities in Smart IT, with the required permissions:
|
Knowledge Author | Any Smart IT user who performs the following activities in your organization:
Note: IT Agents and Problem Agents often also have Knowledge Author permissions. | Knowledge Authors perform the following kinds of activities in Smart IT, with the required permissions:
|
Asset Manager | Any Smart IT user who performs the following activities in your organization:
| Asset Managers perform the following kinds of activities in Smart IT, with the required permissions:
|
Smart IT basic access requirements
The following sections describe the basic permissions required to access the Smart IT interface.
Type of access | Description |
|---|---|
Smart IT user | A Smart IT user is anyone who accesses Smart IT with one of the following roles: IT Agent, Change Agent, Problem Agent, Knowledge Author, or Asset Manager. A user must have the necessary permissions to perform the duties described in the previous table. Make sure you review the necessary permissions for each Smart IT role to ensure you assign all of the required permissions for a particular Smart IT role. Additionally, users accessing Smart IT should have access to records belonging to one or more companies. Company access is defined in each user's People record, under Access Restrictions in the Login/Access Details tab. Smart IT uses access restrictions to determine what company information is displayed on the Dashboard and in the Consoles. Basic access requirements for a Smart IT user might look like the following examples:
|
Smart IT administrator access | A Smart IT administrator (IT Admin) is anyone who performs Smart IT configuration or administration activities. IT Admins have access to the Knowledge Template Styles and Screen Configuration options in the Configuration menu. For minimum access permissions, see IT Admin permissions. |
Smart IT user and administrator access | Anyone who needs to access Smart IT as a user and who also needs to work as an administrator must have access restrictions defined, Smart IT user permissions, and IT Admin permissions. Basic Smart IT access requirements for someone working as both a Smart IT user and as an administrator might look like the following examples:
|
Multiple Smart IT roles | People who fulfill multiple roles within an organization need multiple permissions. For example, Ian Plyment is a second level service desk agent who needs to look at incident tickets and to create change requests when required. This means that Ian needs both IT Agent and the Change Agent permissions. Ian also needs to publish knowledge articles and so he also has Knowledge Author permissions. Ian's access and permissions look like the following example:
Note In Smart IT, people without Viewer permissions are still able to see the high-level summary views of records. For example, in Smart IT, if you don't have Problem Viewer permissions, you are still able to see the Problem Summary view of the problem investigation ticket. This is because the Problem Summary view in Smart IT shows almost the same amount of information that you would see in a row of any Relationship table in the standard BMC Helix ITSM applications. |
Permissions for Smart IT roles
This section outlines the permissions needed to access Smart IT, organized according to the Smart ITroles table described in this topic. In some cases, there are several permissions from which you can choose. Select the permission that best matches the person's function in the organization. For example, if a manager needs one of the Change Agent permissions, you might give that person Infrastructure Change Master permissions, rather than Infrastructure Change User permissions.
Rules for granting permissions
The following rules apply to all Smart IT roles:
When there are multiple permission categories for a particular Smart IT role, the user must have one permission from each category. For example, Change Agents must have at least one permission from both the Change Managementand Asset Management categories.
A user ID can have more than one permission from each category.
The specific permissions that you assign depends on the specific role the person fulfills in your organization.
If the user fulfills more than one role where Asset permissions are required, you need to assign Asset permissions only once.
Users with Asset permissions can update their own profiles.
Depending on the Foundation – Contact permissions, the user is able to create new customers in Smart Recorder and update profiles for other people. For more information, see Foundation module permission groups
.Note
Non Agents users who have viewer application permissions, for example, Incident Viewer, Asset Viewer, Service Request User, Work Order View , Task User permissions cannot search for tickets in Smart IT.
IT Admin permissions
An IT Admin must have AR System Administrator permissions to perform screen configuration (for example, adding custom fields to Smart IT views) and to create knowledge template styles.
In addition, if an IT Admin provides administration for support groups in BMC Helix ITSM, that person needs Contact Organization Admin permissions. For more information, see
Foundation module permission groups
in the BMC Helix ITSM documentation.
IT Agent permissions
The following table lists the required permissions for IT Agents:
Category | Permission | Additional information |
|---|---|---|
Service Desk: Incident Management | At least one of the following permissions is required:
| None |
Asset Management | At least one of the following permissions is required:
| With the optional Receiving User permission, IT Agents can also scan assets, compare them with a purchase order, and mark them as received. |
Task Management System | At least one of the following permissions is required:
| None |
(Only if installed) | At least two of the following permissions are required (one from each type):
Examples
| When BMC Service Request Management is installed on your system, the IT Agent login ID must have at least two BMC Service Request Management permissions. You must grant these permissions when BMC Service Request Management is installed, even if the person to whom you are granting the permissions does not use the BMC Service Request Management application. |
For example, the following minimum permissions are needed for an IT agent:
Incident User
Asset Viewer
Task User
Work Order User
- Service Request User
Change Agent permissions
The following table lists the required permissions for Change Agents:
Notes
Access to Change Management functionality in Smart IT depends upon the level of permissions. For example, Infrastructure Change Viewers cannot create change requests, and users with only Infrastructure Change Submit or Infrastructure Change Viewer permissions cannot perform collision management or impact analysis. Users with Infrastructure Change User permission can perform these functions for change requests assigned to their support group.
In BMC Helix ITSM, users with Infrastructure Change User permissions can modify a change request if they belong to either the Change Manager group or to the Change Coordinator group specified on the change request. In Smart IT, a user with Infrastructure Change User permissions can only modify a change request if one of the following is true:
The user has the Change Manager functional role and belongs to the Change Manager group specified on the change request, or
The user has the Change Coordinator functional role and belongs to the Change Coordinator group specified on the change request
Category | Permission | Additional information |
|---|---|---|
Change Management | At least one of the following permissions is required:
| A user with Change Master permission can create a change request. |
Asset Management | At least one of the following permissions is required:
| With the optional Receiving User permission, Change Agents can also scan assets, compare them with a purchase order, and mark them as received. |
Problem Agent permissions
The following table lists the required permissions for Problem Agents:
Category | Permission | Additional information |
|---|---|---|
Problem Management | At least one of the following permissions is required:
| None |
Asset Management | At least one of the following permissions is required:
| With the optional Receiving User permission, Problem Agents can also scan assets, compare them with a purchase order, and mark them as received. |
Knowledge Author permissions
The following table lists the required permissions for Knowledge Authors:
Note
For Knowledge Authors to configure knowledge template styles from the Configuration menu in Smart IT, they must have IT Admin permissions.
Category | Permission | Additional information |
|---|---|---|
Knowledge Management | At least one of the following permissions is required:
| None |
Asset Management | At least one of the following permissions is required:
| None |
Knowledge Viewer permission
Users with Knowledge Viewer permission can search, view, share, follow, and unfollow Knowledge Articles in the Knowledge Console. This gives users the opportunity to discover and learn more. Users with the Knowledge Viewer permission will not be able to create, edit, and delete a Knowledge Article. This permission is given in the CTM:People form of BMC Helix ITSM. For detailed instructions on how to add permission, see
Creating or modifying people data
.
Asset Manager permissions
The following table lists the required permissions for Asset Managers:
Category | Permission | Additional information |
|---|---|---|
Asset Management | At least one of the following permissions is required:
(Optional) To receive assets, you must have Asset Viewer, Asset User, or Asset Admin permissions, and the following permission:
| None |
Progressive Views permissions
You can assign the new Progressive Views Config permissions to a user to enable or disable Progressive Views by using the Application Administration Console. For more information, see Enabling the Progressive Web Application screens.
Knowledge-Centered Service (KCS) user roles and permissions
This section outlines the user roles and permissions needed to access KCS features supported in Smart IT. The following KCS-defined user roles are supported:
User role | Description |
|---|---|
KCS Candidate | KCS Candidates search for relevant knowledge articles when resolving support tickets. They can use existing knowledge articles, propose amendments to them, or create new articles where no relevant article already exists. |
KCS Contributor | KCS Contributors review, enhance, and complete articles created by other users to suit a wider audience, flag articles that need improvement, and unflag articles after improvement. KCS Contributors also create and validate articles, without review by a KCS Coach. |
KCS Publisher | KCS Publishers publish content to an external audience such as users of BMC Digital Workplace, and they modify published articles. |
KCS Coach | KCS Coaches monitor, maintain, and improve the knowledge health of an organization by generating various reports and guiding users to adopt good knowledge management processes. A KCS Coach thereby helps to improve the KCS maturity level of an organization. |
Permissions introduced with KCS in Knowledge Management are explained in
Roles and permissions
.
For information about permissions assigned to each KCS role, see Knowledge-Centered Service user roles and permissions.
Comments
Log in or register to comment.