User Roles not limiting views

I am working on User Roles and Views in SCSM. I have created a User Role for our Development Support Staff. I have assigned only the Service Request views for that Support Group.
When I view the console with one of those users credentials, I see all Incidents, Change Management, and Problems that are in SCSM.
I have checked the User Role and they only have access to the View - Assigned to Me.
I would like to understand why this user can still see everything in SCSM and how I can go about blocking these views for all User Roles unless they need them.

User roles are cumulative. If you have user A who is in User role X that has access to all views and same user A who is in a user role that only has access to View 1, 2, and 3 then user A still has access to all views through the user role X.
In short. The users have access to all those views through another user role.
Cheers,
Anders Spælling
Senior Consultant
Blog:  
Twitter:   LinkedIn:
Please remember to 'Propose as answer' if you find a reply helpful

Similar Messages

  • WebCenter user role not getting propagated

    Hi,
    I am creating a WebCenter WSRP portlet application. I expected, after registering the application as a portlet, when I will consume it in WebCenter, the currently logged in user's name and role will be accessible. But in my case, when I am trying to check the logged in user's role using request.isUserInRole(...) method, it always return false. When I debugged the application, I saw that the user role is empty.
    Can someone please help me understand, if I have to do anything to successfully propagate the logged user's role to the custom portlet application.
    Just so you know, I could access the logged in user's name using request.getUserPrincipal().getName(). Please help.
    Thank you,
    Kanchan Upadhyay

    Hi,
    Yes, I am using LDAP and everything else in webcenter works fine. Just the user role is not getting propagated to my custom application developed using portlet. I have tried in taskflow also, seems like the user role is not accessible from there as well. Is there any specific way of accessing user information for custom application hosted in webcenter as portlets?
    Your help is appreciated!!
    Thank you,
    Kanchan

  • Changing User Roles not working

    I've changed a role to full "Admin" access, but the system is not presenting all the menu?  How do I get the system to update the role/access for a given user?  Any help would be appreciated.

    Got it!...
    It's due to an old menu hide setting in the V2 interface. 
    http://screencast.com/t/gKs1MKu3
    This is no longer available in the new V3 but I was able to enable menu access for Wendy. 
    So the correct answer is its not because of the user type in this case.  The menu hide option had this disabled for this user. 
    Hope this helps!
    -Sidney

  • Report Not apperaing in User's Query Report Viewer Menu

    Hello There!
    Continuing with below thread
    Report Category not Appearing in Report Definition
    When i search for a report i created, i'm(as a normal user) not able to find any report after searching.(assigned to me or to my role.)
    The view PSXPRPTSRCH_VW has two tables PSXPRPTDEFN and PSXPDATASRC .Both have oprid column which is blank and the above view's first where clause is asking for oprid.
    I don't understand how then all the doc./papers on internet i read, to create Report using XML Publisher says/shows the report appears in user menu(query report viewer). May be they still using PS login to show the output?
    Anybody have any idea where am going wrong?
    The category,datasource,Definition,query tree all set properly. Do user need any special role/permission assigned?
    BTW user can see the query report viewer menu.
    Regards!
    Edited by: user10569054 on Sep 27, 2012 2:32 PM
    Peoplesoft Version 9.00
    Database Oracle 10.2

    Thanks for the Reply.
    from the doc. you gave, this is what i found.
    Home > PeopleBooks > PeopleTools 8.52: BI Publisher for PeopleSoft > Running, Locating, and Viewing BI Publisher Reports
    The Query Report Viewer allows selection and online viewing of those reports that have a data source type of PeopleSoft Query. Existing Query security applies so that each user has access to run only the reports to which he or she has qualified Query access to the data source.
    The PS query and the data source is created by user PS then how can a normal user will have access to that?
    I'm bit confused here.
    Regards!

  • How to restrict / limit users NOT to view a particular type of costs !

    Hi,
    EBS - R12.1
    One of the requirements from our client is that, they want to cost employee salaries onto Projects (as overheads).
    Now, how to limit/restrict visibility (view) of these costs to all users (except PM).
    I mean, can we restrict a particular type of costs to everyone except PM.
    Please let me know.
    Thank you,
    Vish

    Hi
    Here is the explanation from Oracle Help:
    Project and Labor Cost Security in Oracle Projects
    Oracle Projects provides three levels of project-based security to protect data ownership and sensitivity in relation to a given project or project template. For each level of security, Oracle Projects enforces default business rules depending on an employee's relationship to a project, as illustrated below:
    Action Key Member Cross- Project Other Users
    Query project information YES YES YES
    Update project information and perform functions on a project YES YES
    View labor costs of detail expenditure items (@) YES YES
    (@) Only if the user's project role type is configured to view labor costs.
    You can override the default logic or add additional security criteria via the Project Security Client Extension. For a detailed description of the project security extension, see: Project Security Extension.
    Key members are responsible for the management and administration of the project to which they are assigned. Each key member is assigned a project role type, which describes the type of role that the employee has on the project. Project role types include Project Manager and Project Administrator. You define whether each role type can view labor costs online and in reports.
    Cross-project users can view expenditure details and update information for any project, even if they are not assigned as a key member to the project. Cross-project users log in to Oracle Projects under a cross-project responsibility. You define an Oracle Projects responsibility as a cross-project responsibility by setting the PA: Cross-Project Responsibility profile option value to Yes.
    View Labor Cost Allowed
    This level of security determines whether or not you can view labor costs (both raw and burdened). The default business rule in Oracle Projects is that you may view labor costs if you are:
    ### A key member for the project and your project role type allows you to view labor costs
    ### A cross-project user
    If you are not permitted to view labor costs, the amount is not shown in the form field; that is, the field will be blank.
    Dina

  • ERROR VIRSA CC 5.2 - Management View -User Analisys - NOT UPDATED!!!!!

    Hi ,
    i executed the JOB of SYNK of users,  the Job of RISK analysis and the JOB of update of management Report .
    When i go in - Management View - User Analisys -( i select date , System , User Group ) Virsa CC shows me the correct number of users actually in the system, for this user group , according to USR02 SAP table , BUT Users with NO Violations and Users With Violations are not correct.
    I show results:
    No. of Users Analyzed : 25                CORRECT
    Users with no Violations : 95 379%     NOT CORRECT
    Users with Violations : -70 -279%        NOT CORRECT
    The Interactive pie chart shows the correct number of users with violations : 2
    Who it' s possible ?
    BEST REGARDS
    Maurizio

    Abdul,
    You stated in your initial comment that the Management Report check box was NOT selected? If this is the case then the graphs on the informer tab have not been updated. You must first execute the SOD (user/role/profile) analysis, once that job is complete then execute a separate job for the management reports. This will then update the informer tab (given that your rule set has been updated with your custom functions and risks).

  • Role not appearing in TLN for a particular user in portal

    Hello All,
    We are working on Federated Portal Network. We are facing problem where a user is not able to view a particular role assigned to him in Top Level Navigation in consumer portal. There are many users assigned to the same role and for them its visible. This problem is arising for this particular user only.
    Steps we took to resolve the issue are:
    1)Unassigned and then again reassigned the role to the user.
    2)Cleared the consumer cache.
    3)User tried to login from another machine but still found the same issue, so local machine settings are ruled out.
    Suggest some solution.
    Regards,
    Priyanka Singh

    Hi,
    Give the enduser permissions to that user for that role and check.
    Regards
    Basha

  • Assign views to user roles

    Hi,
    we have created views for a particular application. Now we want to assign it to particular user "roles". Iam not sure of few things.
    1) How to create a role ?
    2) How to assign a particular view to a respective role?
    Thanks in advance,
    Raviraj

    Follow given steps:
    1 . For creating roles use the transaction PFCG ( Role Maintenance)
    2 . After creating the role ,inorder to provide authorization access to PCUI application use the authorization object BSP_APPL.
    After adding the BSP_APPL auth object ,you get 2 rows under 'Application Scenario' add your PCUI application object name and under 'View for UI Display ' add the view name.
    Thanks,
    Thirumala.

  • Can not change user filed in CR Viewer

    I am using Crystal Reports 2011 and i created a user field. i opened the report in CR viewer 2008 and the change filed is greyed out and the user can not change the field. I have tried saving the report with out a date saved in the report to see if viewer will prompt for a date but the report will not let me take it out now that it is set. i have checked options on the filed and it is set to editable. Is there something i am over looking? How can i get the user fields to work in crystal reports viewer?

    thanks for helping.
    viewer 2008 is the only thing i can find right now, i thought that might be the problem but i can not find a 2011 to download so i assumed they dont have it available yet.
    the report does work in CR2011 but we can not get CR for everyone, and they are not going to use it, they only need viewer if it will work.
    the parameter is a date field based off a database field.
    thanks.
    angel

  • Users are not able to use Outlook 2010 to view free/busy information and cannot set Out Of Office automatic reply

    Hi All,
    Please help me.
    I have an issue where users are not able to use Outlook 2010 to view free/busy information and cannot set Out Of Office automatic reply. But they are can set Out Of Office automatic reply from OWA. My exchange server is Ms Exchange 2010.
    The test E-mail AutoConfiguration failed with this error:
    Autodiscover to https://mydomain.com/autodiscover/autodiscover.xml starting
    GetLastError=12175; httpStatus=0.
    Autodiscover to https://mydomain.com/autodiscover/autodiscover.xml Failed (0x800C8203)
    Autodiscover to https://autodiscover.mydomain.com/autodiscover/autodiscover.xml starting
    GetLastError=12007; httpStatus=0.
    Autodiscover to https://autodiscover.mydomain.com/autodiscover/autodiscover.xml Failed (0x800C8203)
    Local autodiscover for mydomain.com starting
    Local autodiscover for mydomain.com Failed (0x8004010F)
    Redirect check to http://autodiscover.mydomain.com/autodiscover/autodiscover.xml starting
    Srv Record lookup for http://autodiscover.mydomain.com/autodiscover/autodiscover.xml Failed (0x80072EE7)
    Srv Record lookup for mydomain.com starting
    Srv Record lookup for mydomain.com Failed (0x8004010F)
    Any idea?
    Thanks,
    Pieter

    OK.
    Please follow this step.
    1. As you said you are in coexistence step , so for now all endpoint already point to Exchange 2010 right?
    2. Check legacy owa redirect that you already configure
    3. In Exchange 2010 , Make sure that you already configure "Autodiscoverinternaluri" by this command set-clientaccessserver -identity "servername" -autodiscoverinternaluri
    https://autodiscover.domain.com/autodiscover/autodiscover.xml. and don't forget to create autodiscover record in DNS
    4. in Exchange 2010 , Make sure that you already configure "EWS" path by this command set-webservicesvertualdirectory -identity "XXX\Default web site name" -internalurl
    https://yourinternalurl/EWS/Exchange.asmx -externalurl https://yourexternalurl/EWS/Exchange.asmx
    5. don't forget to replicate freebusy from Exchange 2003 to Excahnge 2010 via public folder.
    You error look like client cannot get autodiscover process please check it again.

  • I have 100 groups in planning for those 100 groups i want to build roles like interactive,view user,planner etc.for those how to change in export -import folder .xml file  in that edit  how  to change user roles in that xml it will generate automatic id.h

    I have 100 groups in planning for those 100 groups i want to build roles like interactive,view user,planner etc.for those how to change in export -import folder .xml file  in that edit  how  to change user roles in that xml it will generate automatic id.how to do that in xml file ?

    Thanks john for you are reply.
    I had tried what you sad.I open shared service in that foundation project i had export shared service.after that in import-export file.In that role.csv,user.csv,group.csv.Like this file have.When i open user file added some users after i trying save in excel it shown messgse
    I click yes and save the .csv file and import from share servie. i got error like this
    am i doing right way john.or explain clearly

  • New Request/Service Offerings not displaying on Portal via Catalog Group/ User Role

    I have created some new service offerings and request offerings which I have published and are visible on the portal when logged in as an administrator.
    I have then added these new items into a catalog group which is tied to a pre-existing user role to target our IT department ( this user role is currently working fine and shows all the other IT related offerings)
    The new published items do are not showing up on the portal.
    AD sync completed with no errors.
    I have done the following to troubleshoot to no avail:
    -  created a new catalog group and user role to target the new SO RO's to
    - targeted directly to a test user rather than the AD group 
    Some other weird things that I  believe to be  related to this is that the contents of catalog groups appear empty on local console but when logging on to the SM server to launch console all catalog group items are visible.
    we are seeing a lot of  error and warning event logs 26319 & 3333
    Any suggestions?
    Thanks
    Pete

    did you try to restart the Microsoft Monitoring Agent?
    Antoine AL Ibry

  • How do you configure the iMac so separate users can access each other's files, especially iPhoto and iTunes? I need to be able to transfer media between two users and not just gain limited access using 'share'.

    How do you configure the iMac so separate users can access each other's files, especially iPhoto and iTunes? I need to be able to transfer media between two users and not just gain limited access using 'share'.

    See Terence Devlin's thorough explanation here.

  • Create Limited user role on SCVMM 2012

    Hi ,
    Hi ,
    I want to create user Role do the following actions only
    Start / Stop VM
    Delete VM
    Create VM
    Do you have any idea ?
    Ramy

    Hi Ramy,
    Please try to post this question in  forum below , you  may get further assistance from SCVMM experts :
    https://social.technet.microsoft.com/Forums/en-US/home?forum=virtualmachinemanager&filter=alltypes&sort=lastpostdesc
    Best Regards
    Elton Ji
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • All Data not getting viewed from one user

    Hello,
    I have created a user named "ABC" in SAP and have given full authorization to that user.
    But while logging through that user and viewing the Sales Order all data are not viewed through the form as i haven't
    defined Data Ownership for that user but still i am not able to view all data from that user login.
    Please suggest  what i have to do view all data from that login.
    Thanks & Regards,
    Amit

    Hello Amit,
    Data ownership authorization would not be override by general authorization.  If this user has not been assigned for data ownership authorization, the sales order may not be available to the user.
    Thanks,
    Gordon

Maybe you are looking for