Security Scoping Analysts

Christopher_Carver

I am trying to security scope certain groups of analysts from seeing specific Service Offerings and it's not working as thought. I could use some help please.

Setup:
Portal: 5.0.2

I have three roles:

1. Cireson Portal IT Professionals (end user) - These are my end users/clients that have access to a group called IT Professionals Group. 
2. Cireson Portal IT Analysts (SR Analyst) - These are my analysts that have access to a group called IT Professionals Group. 
3. Cireson Portal Select Analysts (SR Analyst) - These are select analysts that have access to a group called Select IT Professionals Group.

The problem I am having is users from role #2 can see the service offering  that are only configured for role #3.

I have:

• Made absolutely sure that the Service Offering for role #3's group is not in group configured for role #2.
• Truncated the  [ServiceManagement].[dbo].[LastModified] table and restarted the CahceBuilder
• Recycled the application pool for the ITSM portal.

Note:

• Role #1 cannot see the service offering configured for role #3. This is good.

Thank you for any points that I have overlooked.

Joe_Burrows

Hi Chris

A little tricky to make assumptions without seeing the full configuration, is it possible some of the analysts in role 2 are potentially also a member of role 3? As service manager apply's a roll-up of role permissions. 

That said role 2 should still be able to see the catalog group you have configured for role 2. Can you check you are targeting the service offering in "IT Professionals Group" catalog group?

Maybe its worth doing a truncate of the service and request offering table and lastmodifed table to see if this helps.

If not id be happy to help you troubleshoot this one live in a support ticket.

Let me know
Cheers
Joe

Christopher_Carver

Thank you Joe, I'll be opening a ticket to talk with you on this in 2 wks. Project end and vacation.