5 Replies Latest reply on Aug 21, 2013 8:25 PM by dmshimself

    Data Partitioning in Service Desk

    Jamie Cannon ITSMMVPGroup

      Is it possible to apply partitioning rules for Roles instead of Groups?  In reading the Admin guide it doesn't seem that way:

       

      Enabling data partitioning

      You need to specify which customers and support groups you want to apply data partitioning to. You do this using the Administration component.

      To enable data partitioning:

      1. In the Administration component, expand the User Management tree.

      2. Expand the Groups branch, then select the Customer or Support Group folder as required.

      3. On the Actions list click Enable Partitioning.

      A message box appears advising that if you have a large number of groups, that this may take some

      time.

       

      Has anyone done data partitioning for a Role in the system?

       

      Thanks,

        • 1. Re: Data Partitioning in Service Desk
          Apprentice

          an analyst can switch groups on the fly, but I don't think they can switch roles as easily since you can't have a "current" or "primary" role.

           

          I switch groups to maintain things and troubleshoot errors frequently.  I don't know how this would be done using roles to seperate things?

          • 2. Re: Data Partitioning in Service Desk
            Jamie Cannon ITSMMVPGroup

            Yeah.  I just don't think it can be done against a role and you can't remove Read access from must one lifecycle in the permissions for a Role.

            • 3. Re: Data Partitioning in Service Desk
              dmshimself ITSMMVPGroup

              I've not used a role, but I have used a user defined attribute to do the partitioning.  So it might be worth a play with that.  I used a category as the partitioning attribute so that the right to access a process could be allocated in a hierarchical way to analyst.  The idea was that the process had the attribute as a lock and the analyst had the attribute as a key which could open the lock if it was the right value.  It worked well and allowed people to do things like work on an incident, change their key and not even be able to see the original incident again! The value of the attribute was set as part of the process so I could give people the ability to switch keys based on permissions to the process actions that change the partitioning attribute.

               

              OK so it's not a role, but you might be able to use something like this?  Controlling partitioning via process actions themselves gives you a lot of flexibility

              • 4. Re: Data Partitioning in Service Desk
                ITSMMVPGroup

                Can you configure more than one partitioning attribute?  I haven't gotten into implementing any sort of partitioning yet, but may need to in the nearer future as we bring more groups into using SD.

                 

                 

                -B

                • 5. Re: Data Partitioning in Service Desk
                  dmshimself ITSMMVPGroup

                  Quote from the manual ...

                  NOTE: Only one attribute on an object can be set as the Partition Type for analyst partitioning, and one for

                  customer partitioning. These could be the same attribute if you selected the Partition Type of Both.

                   

                  You can also partition config data.

                   

                  If you want to check this area out I'd recommended using a category as the partitioning attribute because this allows for hierarchical partitions.  e.g. someone could look at data with a partition of Accounts/Accounts Receivable, someone else only Accounts/Accounts Payable and a supervisor with access to the top level Accounts could see both partitions.

                   

                  You can have some fun where a person can assign a process and you set the partition attribute on the fly so that they can no longer even see the process they just assigned.