In my experience, EVERYONE who has access to the customer record will be able to see ANY tickets associated with that customer, or for that matter the entire customer company, even if the ticket is owned and assigned in a separate company that you do NOT have access to at all. The Customer Company Group ID is present in field 112 (Assignee Groups) of the record, making it visible to anyone with Customer company access. Another alternative to two sets of customer data might be a customization to remove (or never insert) the customer company Group ID in field 112, at which point all access to the record requires Owner Group or Assigned Group membership. I have not tried that... I'm sure it breaks something somewhere else in the ITSM app, including customer access to their own ticket.
Christopher Strauss, Ph.D. Call Tracking Administration Manager University of North Texas Computing & IT Center http://itsm.unt.edu/ From: Action Request System discussion list(ARSList) [mailto:arsl...@arslist.org] On Behalf Of Ramy S. Ayoub Sent: Monday, April 12, 2010 12:43 PM To: arslist@ARSLIST.ORG Subject: Re: Segregating HR & IS/IT data ** ****************** what you need only to do , create new company with name of Employee for example and you will configure all the People to have access to this Company , So another Company IT Support and Another one HR Support For example you need to give all the organization ( Employee Company) in CTM People Access Restrictions Table For the IT Support they should have ( Employee Company and IT Support ) in CTM People Access Restrictions Table For the HR Support they should have ( Employee Company and HR Support ) in CTM People Access Restrictions Table also you will build the Support Groups under this Companies base on the role. On 4/12/10, strauss <stra...@unt.edu<mailto:stra...@unt.edu>> wrote: ** ...and the only way to avoid having to duplicate all of that data would most likely be to use Stanford's solution where customer records are created as needed by pulling the people data from LDAP - on demand. Anne Pinkowski can probably give you more information on that. When you duplicated the data, how did you handle the duplication of Login Names for the CTM:People and User forms? Christopher Strauss, Ph.D. Call Tracking Administration Manager University of North Texas Computing & IT Center http://itsm.unt.edu/ From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG>] On Behalf Of Ramey, Anne Sent: Monday, April 12, 2010 11:50 AM To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> Subject: Re: Segregating HR & IS/IT data ** Sites cross tenancies, you just have to associate the HR tenancy with them. Yes, you have to duplicate the people data. It's not a perfect solution, but it works. Anne Ramey E-mail correspondence to and from this address may be subject to the North Carolina Public Records Law and may be disclosed to third parties only by an authorized State Official. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG>] On Behalf Of Pargeter, Christie :CO IS Sent: Friday, April 09, 2010 5:36 PM To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> Subject: Re: Segregating HR & IS/IT data ** How do you handle the employee base & location base? Do you have to duplicate these data sets? ________________________________ From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG>] On Behalf Of Roger Justice Sent: Friday, April 09, 2010 2:25 PM To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> Subject: Re: Segregating HR & IS/IT data ** Multi-tenancy is the easiest way. You could create new Supprt Groups the HR use field 112 to limit who can see the record and review the workflow that will allow a group member the see the entry. You will have the insure on these records that the unrestricted group is not one of the entries in field 112. -----Original Message----- From: Pargeter, Christie :CO IS <cparg...@lhs.org<mailto:cparg...@lhs.org>> To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> Sent: Fri, Apr 9, 2010 4:10 pm Subject: Segregating HR & IS/IT data ** We are looking at adding our HR Help Desk to using ITSM on the same server. But we wanted to keep the incident & change tickets segregated. But we don't really want to do multi-tendency if we don't have to. The 2 desks have the same employee & location bases we just don't want them to see each other's tickets. How have other companies handled this? ARS 7.1 p 6 ITSM 7.0.3 p 9 Window 2003 MS SQ 2005 IIS/Tomcat RKM 7.2 p 2 MidTier 7.1 p 6 ________________________________ Christie Pargeter Legacy Health IS - Programming SR Technical Analyst cparge...@lhs.org <mailto:cparge...@lhs.org> 1120 Building tel: 503-415-5149 _attend WWRUG10 www.wwrug.com<http://www.wwrug.com/> ARSlist: "Where the Answers Are"_ _attend WWRUG10 www.wwrug.com<http://www.wwrug.com/> ARSlist: "Where the Answers Are"_ _attend WWRUG10 www.wwrug.com<http://www.wwrug.com/> ARSlist: "Where the Answers Are"_ _attend WWRUG10 www.wwrug.com<http://www.wwrug.com/> ARSlist: "Where the Answers Are"_ _attend WWRUG10 www.wwrug.com<http://www.wwrug.com/> ARSlist: "Where the Answers Are"_ _attend WWRUG10 www.wwrug.com ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: "Where the Answers Are"
