Home Analyst Portal

Create Request on Behalf Of

Paul_DalkinPaul_Dalkin Member IT Monkey ✭
All

We have several forms that are to be completed by non-analysts. I have made them members of the CreateOnBehalf group as they don't need to be part of the AnalystsAD Group. Should the correct User Role for this user be an End User or Advanced Operator?

Best Answers

  • Nicholas_VelichNicholas_Velich Cireson Consultant Ninja IT Monkey ✭✭✭✭
    Accepted Answer
    Either Service Request Analyst or Advanced Operator role profile would work, but the End User role profile should work just as well; however, the default End User role will not work, and you will need a custom role.

    The important setting regardless of role profile is the "Configuration Items Groups" part of the User Role setup. The "User" objects in that "Create on behalf of picker" are Configuration Items (CIs), and the users interacting with that picker need access to those items. The default roles are all un-editable, but if you have a custom End User role, you should be able to grant access to all configuration items.

Answers

  • Paul_DalkinPaul_Dalkin Member IT Monkey ✭
    HI Nicholas, yes, that is exactly what I'm referring to - they will be completing ROs with the ability to use CreateOnBehalf of (which points to a different AD group from the Analysts AD group). I'm guessing it should be a Service Request Analyst or Advanced Operator?
  • Nicholas_VelichNicholas_Velich Cireson Consultant Ninja IT Monkey ✭✭✭✭
    Accepted Answer
    Either Service Request Analyst or Advanced Operator role profile would work, but the End User role profile should work just as well; however, the default End User role will not work, and you will need a custom role.

    The important setting regardless of role profile is the "Configuration Items Groups" part of the User Role setup. The "User" objects in that "Create on behalf of picker" are Configuration Items (CIs), and the users interacting with that picker need access to those items. The default roles are all un-editable, but if you have a custom End User role, you should be able to grant access to all configuration items.
  • Paul_DalkinPaul_Dalkin Member IT Monkey ✭
    HI Nicholas, completely correct. As per usual (as most of the time I create ROs for analysts who have always had scoped user CI permissions for years) I forgot this aspect of the security user role. The excellent Cireson KB article of https://support.cireson.com/KnowledgeBase/View/1275#/ explained it also.
Sign In or Register to comment.