Configuration Management Security Role: Subscriber Groups Tab
You can assign Subscriber Group permissions to the Configuration Management Security Role. This includes setting permissions for viewing, creating and updating subscriber groups.
Before you start
You must have Security Roles setup selected in the Admin tab of your own General Access security role before you can assign or remove permissions for any security roles.
-
Display the Configuration Management Security Roles details window, if it is not already on screen.Select the Menu button
, then Admin, and then select System Administration. The System Administration window is displayed 
. In the Explorer pane, locate the System group 
, scrolling up or down if necessary. You may need to expand the group to see the options within it.Expand the Security Roles group in the Explorer pane
, scrolling up if necessary. Select the Configuration Management option from the list in the Explorer pane. A browse table displays all of the existing Configuration Management security roles. The pre-defined role All typically has all role options selected. However, some of the options are not selected by default and you should explore the permissions set before assigning the role.
If you want to create a role, select
and assign the role a name in the Role Name field. To view or update a role, select the role in the browse table and select 
. - Assign the global permissions for the security role:
|
|
Analysts with this role have unlimited access to the CMDB, including the External Resource Search and Federated CMDB Admin options. Select this option to effectively turning off the granular security system for access to the CMDB. All CMDB items will open in edit mode, regardless of other permissions. Leave this deselected to assign specific permissions to the role. |
| External Resource Search | Analysts with this role can search for CMDB items from the External Resources Search window. Analysts with this permission are restricted to a Cached Resource Search so searches can only return CMDB details that have been imported and not excluded from the Federated CMDB. This option also allows Analysts to view external resource data via the Linked Resources option. |
| Federated CMDB Admin |
Analysts with this role can import CMDB Items from the External Resource Search window. They can also perform a Full Resource Searchto search for Item Details within the CMDB which have not been imported into vFire Core, access the Federated CMDB Administration windows and access and process Discrepancy Reports through the CMDB Item Details Explorer option of the same name. This option is only enabled if External Resource Search is selected. |
- Select the Subscriber Groups tab
and make the necessary changes to the permissions.
| Subscriber Group View | Analysts with this role can search for and view Subscriber Groups |
| Subscriber Group New | Analysts with this role can create new Subscriber Groups. Subscriber Group View must be selected to enable this option. |
| Subscriber Group Update | Analysts with this role can update the details of Subscriber Groups. Subscriber Group View must be selected to enable this option. |
| Subscriber Group Delete | Analysts with this role can delete Subscriber Groups details. Subscriber Group View must be selected to enable this option. |
| Subscriber Group Cancel Lock | This option cancels the lock set on a Subscriber Group. By default, only one Analyst can update a Subscriber Group at any one time. Selecting this option disables this function and enables the Subscriber Group to be updated by two or more Analysts simultaneously. Subscriber Group View must be selected to enable this option. |
| Subscriber Group Action by Default | This option allows Analysts to open Subscriber Groups in edit mode directly. They do not need to use the Edit button to modify the details of a Subscriber Group. Subscriber Group View must be selected to enable this option. |
| Subscriber Group Access Orders |
User with this permission can view and edit all orders that contain Service Bundle/Service Actions to which they are linked as a subscriber. If portal visibility is managed by Stakeholder role, this setting is ignored. |
| Subscriber Group Subscriber Read | Analysts with this role can view the details of subscribers linked to a Subscriber Group. Subscriber Group View must be selected to enable this option. |
| Subscriber Group Subscriber Write | Analysts with this role can edit the details of subscribers linked to a Subscriber Group. Subscriber Group Subscriber Read must be selected to enable this option. |
| Subscriber Group Link Action | Analysts with this role can link Service Actions to a Subscriber Group |
| Subscriber Group Link Bundle | Analysts with this role can link Service Bundles to a Subscriber Group |
| Subscriber Group Stakeholder View | Analysts with this role can view Stakeholders linked to a Subscriber Group. Subscriber Group View must be selected to enable this option. |
| Subscriber Group Stakeholder Write | Analysts with this role can update the details of Stakeholders linked to a Subscriber Group. Subscriber Group Stakeholder View must be selected to enable this option. |
| Subscriber Group Object Read | Analysts with this role can download and view Objects that are attached to Subscriber Groups. Subscriber Group View must be selected to enable this option. |
| Subscriber Group Object Update | Analysts with this role can update Objects that are attached to Subscriber Groups. Subscriber Group Object Read must be selected to enable this option. |
| Subscriber Group Object Cancel | Analysts with this role can cancel and ‘override’ a checkout of an object that is attached to a Subscriber Group, restoring the object to its last checked-in state. Subscriber Group Object Version Control must be selected in the CMDB Settings to enable this option. |
| Subscriber Group Object Delete | Analysts with this role can delete Objects that are attached to Subscriber Groups. Subscriber Group Object Update must be selected to enable this option. |
- Select
to save the changes and close the window. Provide the Change Reasons if prompted to do so. Alternatively, select another tab, if appropriate.