Adding and modifying user information

In BMC Remedy AR System, you can have registered users and guest users. Each type of user has different privileges within the system, as discussed in the following sections.

You enter data in the User form to define the components that work together to determine each user's access to BMC Remedy AR System: login name, password, group membership, and license type. You also define notification information for each user in this form. For information about the restrictions for creating or modifying user information, see Restrictions.

To grant a user permission for BMC Remedy AR System objects, add the user to the groups to which access will be given. To make a user part of a group, choose the appropriate group from the Group List menu in the User form. (Multiple group names in the Group List field are separated by spaces.) You can select from the reserved BMC Remedy AR System groups.

Only an administrator can access the Group List field. The following error is displayed if a non-admin user tries to access the Group List field:

You have no access to form :Group (ARERR 353)

For more information, see Groups-in-BMC-Remedy-AR-System.

User form in new mode

To open the User form, from the Remedy AR System Administration Console, click System > Application > Users / Groups / Roles > Users.

In the Login Name field, on the User form, you cannot use the word System as a user.

The following table lists the key fields in the User form.

Restrictions for users and groups

You cannot create other users with more administrative rights than yourself, and you cannot modify your own rights.

The new restrictions are applied to prevent:

• Creation of an administrative user by a non-administrative user.
• Creation of an administrative user with access to more overlay groups than the administrative user who created them.

The following restrictions are applied before and after you create or modify any user in the User and Group form.

• Only an administrator can create, modify, or delete other users belonging to the Administrator, Sub-Administrator, Struct Admin, or Struct Sub-Admin groups.
  A user must have Group ID 1 (AR Administrator) in the group list to create/modify/delete another user with any of the four administrative class groups in their group list.

• No Admin user can create or modify a user (themselves included) with lesser administrative restrictions than the user making the modification.
  For example, an administrator user with Overlay Group 1 cannot create or modify users with no overlay groups. Consider a situation where you have created an ABCGroup with an Overlay Group set to 1. User ABCAdmin is part of Administrator group and ABCGroup. However, ABCAdmin is restricted only to the ABCGroup. ABCAdmin can change (create/modify/delete) any user belonging only to the ABCGroup. For more information about creating a group as an overlay group, see Creating-groups.
  Additionally, a user cannot create another admin user with the ability to modify base objects if they themselves cannot do it. 

  Best practice
  We recommend that you restrict your users to make modifications only to custom objects and overlays.

• Only an unrestricted administrator can create, modify, or delete groups that restrict a user’s administrative capabilities.
  Only an administrator with no overlay specific groups can create, modify, or remove overlay specific groups.

Using advance search on the User form

Use advance search for searching Group List field or Row Level Security fields that store multiple group's data. For example, if you want to search for Contact Location Admin (group id 20023) group, use 'Group List' LIKE "%;20023;%" qualification.