Is the Class Manager the only place to do the per attribute level access? From: Francois Seegers Sent: Monday, April 08, 2013 8:34 PM To: [email protected] Subject: Atrium CMDB: Attribute Security per Group/Role
Hi All, Is there a way to only allow certain roles/groups to update certain attributes in the CMDB and AST:Attributes table? I understand there are the following class and attributes to define row level security (read & write) but how can one accomplish this per attribute? character CMDBRowLevelSecurity<file:///C:\Users\francois\Documents\CDM-V80-HTMLHELP\html\BMC.CORE.CONFIG_BMC_ConfigBaseElement.html#CMDBRowLevelSecurity> Attribute that specifies a list of permission groups that have read-only access to the instance data. character CMDBWriteSecurity<file:///C:\Users\francois\Documents\CDM-V80-HTMLHELP\html\BMC.CORE.CONFIG_BMC_ConfigBaseElement.html#CMDBWriteSecurity> Attribute that specifies a list of permission groups that have read/write access to the instance data. BMC.CORE.CONFIG:BMC_DefaultAccountPermissions Data type Name and description character AccountName<file:///C:\Users\francois\Documents\CDM-V80-HTMLHELP\html\BMC.CORE.CONFIG_BMC_DefaultAccountPermissions.html#AccountName> Attribute that specifies the name of the account to which the instance belongs. his attribute has no effect on default permissions. character ASSIGNRowLevelSecurity<file:///C:\Users\francois\Documents\CDM-V80-HTMLHELP\html\BMC.CORE.CONFIG_BMC_DefaultAccountPermissions.html#ASSIGNRowLevelSecurity> Attribute that specifies the list of permission groups and roles that have read-only access to the instances specified by the MATCH attributes. character ASSIGNWriteSecurity<file:///C:\Users\francois\Documents\CDM-V80-HTMLHELP\html\BMC.CORE.CONFIG_BMC_DefaultAccountPermissions.html#ASSIGNWriteSecurity> Attribute that specifies the list of permission groups and roles that have read/write access to the instances specified by the MATCH attributes. character MATCHAccountID<file:///C:\Users\francois\Documents\CDM-V80-HTMLHELP\html\BMC.CORE.CONFIG_BMC_DefaultAccountPermissions.html#MATCHAccountID> Attribute that specifies an account ID. When this account ID is matched in a CI instance or a relationship instance and when the class IDs also match, then groups in the ASSIGN attributes receive permission to the instance. To match all account IDs, specify the value "default". character MATCHAppliedToClassId<file:///C:\Users\francois\Documents\CDM-V80-HTMLHELP\html\BMC.CORE.CONFIG_BMC_DefaultAccountPermissions.html#MATCHAppliedToClassId> Attribute that specifies a Class ID that, when matched in a configuration item (CI) or relationship instance and when account ID is also matched, causes the groups in the ASSIGN attributes to receive permissions on the CI. To match all class IDs, enter "default." Hope my question make sense... Thanks Francois Seegers Email: [email protected]<mailto:[email protected]> | Mobile: +27 (0)82 729 5273 Blue Turtle Technologies [http://www.blueturtle.co.za/images/blue-turtle02.gif] ________________________________ Blue Turtle Technologies (Pty) Limited | Reg. no.: 2003/002610/07 | http://www.blueturtle.co.za Gauteng : Tel: +27 (0)11 206 5600 | Fax: +27 (0)86 208 0237 | Midridge Office Estate, International Business Gateway, cnr New Road & Sixth Street, Midrand, 1685 | P O Box 31331, Kyalami, 1684 Western Cape: Tel: +27 (0)87 721 1874 | Fax: +27 (0)21 552 7764 | Unit E6, Century Square, Heron Crescent, Century City, Cape Town, 7446 DISCLAIMER: This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. This communication represents the originator's personal views and opinions, which do not necessarily reflect those of Blue Turtle Technologies (Pty) Ltd. If you are not the original recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you received this email in error, please immediately notify the sender. Thank you. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
<<inline: image001.gif>>
