My Dutch customer finds it unacceptable that users can update the Global ID field, if they can update CIs.
- This Global ID comes from the Master Data Repository (normally UCMDB)
- Unfortunately a lot of roles can update fields like Support Groups etc. (Config, ITAM, SLM, ...)
- This means that there is a risk that people (accidentally) update this Global ID
The consequences of corrupting the Global ID for a CI are:
- UCMDB integratie creates a duplicate CI as the existing CI is now considered for a CI with different Global ID
- The same will happen for relationships to these old and new CIs
- Data entered manually in the corrupted CI will not be in the new CI; e.g. Owner, 1st/2nd/3rd Level Support, ...
- Make the Global ID field in CIs Read-Only (on update)
This avoids the risk of (accidental) updates to the field, but still lets people or interfaces create any new CIs with a Global ID.