How are you able to do this? I tried this with a simple support staff user and tried to go into People and see if I was logged in as that support staff user with just Incident User and Asset viewer rights but I could not alter anything (permissions, group membership included) for other people except for the person's own profile.
ITSM 7.02 patch 005 Thanks Peter Lammey ESPN MIT Technical Services & Applications Management 860-766-4761 -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of strauss Sent: Tuesday, May 20, 2008 12:09 PM To: [email protected] Subject: ITSM 7 Support Staff permissions Has anyone run into an issue with ITSM 7 where it is entirely possible for a support staff user (Incident User, Asset Viewer, no Roles at all, just company and group membership) in a company to remove all of the application permissions for another Incident user in the same group? One of the departments has already experienced this. Remember how in ITSM 5.x and 6.x there were many different filters trapping who could update what fields in the SHR:People and User forms? I guess they left all of those out in ITSM 7. We had thought that the Contact People permission controlled this, but apparently not since our admin accounts are the only ones that have those. Has anyone dug into this enough to explain it? As usual, the BMC docs on permissions and roles are not much help. Christopher Strauss, Ph.D. Call Tracking Administration Manager University of North Texas Computing & IT Center _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are" Please consider the environment before printing this e-mail. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are"
