Idea ID 1794041
For a read-only user customer expect that specific CITs should not be displayed in advanced tree search.
CITs are displayed, even that restricted user is not available to see search results.
Windows CI’s shouldn’t be displayed
The main point is to create a "test" user who does not have permissions to see "Windows" CIs in UCMDB Browser.
1. Go to CMDB Security -> Roles Manager and create new Role. In my case I create role with the name "user".
2. Once when my "user" role is created, I assign only the resources that this group should be able to use (read/write/view...... etc.). In Browser CI Access Control I need also to select which specific CIs should be viewed by browser and assign only them. Please note that "View All" and "Edit all" check marks are removed.
3. Once when my role is created please go to "User and Groups" and create new Group who customer can use for all users that need to be assigned to that group.
4. Click on new Group and follow the steps to assign roles association in our case it is "user". Late you can add Group Members once when you have the users who would be a part of this group. In my case it would be a test user who is still not created.
5. Then I go to user creation and create my new "test user". Once when user is created please assign the user to the proper group. In our case we use group with name "user". Please also assign a role to the use which we already created "user".
6. Save configuration
Once when you are done from Roles Manager you can decide which CIs by type can be visible for the role.
-> Customer wish restricted user to not be able to see that windows/specific CIs are available for search in browser advanced search.
Reference: QCCR1H116029 – ‘customer wish restricted CIs for read only users to not be show in the search tree in advanced search‘
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.