Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Search for | Example | Results |
---|---|---|
A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Search for | Operator | Example |
---|---|---|
Two or more words in the same topic |
|
|
Either word in a topic |
|
|
Topics that do not contain a specific word or phrase |
|
|
Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
A combination of search types | ( ) parentheses |
|
Change Management security
Micro Focus Service Manager controls access to Change Management functions based on security roles, security areas, and rights.
Change Management security areas
User Role: System Administrator
The security areas in Change Management are Changes, Change Tasks, and Change Management Configuration. These areas contain the default security rights and settings for Change Requests in the Change Management module. The security right settings will be inherited by the new roles created in an area when no settings are specified in the security role.
The change areas are used to set permissions to operators to provide access to particular area of Change Management. For example, for the Change Coordinator security role, set change area as Change Management Configuration and rights as View and Admin. Then, an operator with this security role can view and configure only the Change Management Configuration items under Change Management.
The following table lists the areas and the relevant Change Management menu items the operators can access.
System Navigator menu items for this area |
|
---|---|
This area contains the default security rights and settings for change requests in the Change Management module. For example, Create New Change, Change Queue, Task Queue, and Search Changes. |
|
This area contains the default security rights and settings for change tasks in the Change Management module. For example, Create New Tasks, and Search Tasks. |
|
This area contains the default security rights and settings for Change Management configuration. For example, Alerts, Approvals, Change Categories, Change Models, Change Workflows, Messages, Subcategories, and Task Categories. |
The default rights defined in areas are inherited when you create new security roles. The following table shows the out-of-box default rights defined in the Change, Change Task and Change Management Configuration areas.
Security area | View | New | Update | Delete/Close | Expert | Admin |
---|---|---|---|---|---|---|
Change | TRUE | FALSE | Never | Never | FALSE | FALSE |
Change Tasks | TRUE | FALSE | Never | Never | FALSE | FALSE |
Change Management Configuration | FALSE | FALSE | Never | Never | FALSE | FALSE |
Change Management security roles and settings
User Role: System Administrator
The out-of-box security roles for Change Management include the following:
- change advisory board (CAB)
-
change analyst change
- change analyst tasks
-
change approver
- change coordinator
- change coordinator change
- change coordinator tasks
- change domain expert (CDE)
-
change implementer
- change manager
- change owner
- change requestor
Tip If you have upgraded from a previous version of Change Management, which is not Process Designer based, see Change Management security profiles mappings for more information about the mappings between the legacy Change Management profiles and the current Process Designer security roles.
Rights and settings
To view the rights and settings that are defined for out-of-box Change Management security roles, follow these steps:
- Navigate to System Administration > Security > Roles.
- In the Name field, select a Change Management security role.
- Click Search.
-
Double-click a security area to open the Rights form.
This form lists the rights and settings of the security role for the selected security area.
-
View the Rights and Settings sections in the form.
The following table describes possible rights for Change Management security areas.
Security role rights Description New Can create new records in this area View Can view records in this area. Expert Has Expert rights in this area
Admin Has Admin rights in this area
Modify Template Can modify template records in this area Update Can update records in this area Delete/Close Can delete or close records in this area Allowed Categories Specifies the categories in this area that users with this role can select Allowed Statuses Specifies the status values in this area that users with this role can select The following is a list of settings available for Change Management security areas.
- Allow Inefficient Query: When this option is true, users with this role can run incomplete (inefficient) queries in this area, but receive a warning message. The Skip Inefficient Query Warning option overrides this setting. If not selected, users with this role cannot run inefficient queries in this area.
- Skip Inefficient Query Warning: Turns off inefficient query warnings for this area. This option overrides the Allow Inefficient Query option.
- Can Approve: Users with this role can approve records in this area.
- Can Delegate Approvals: Users with this role can delegate their own approvals in this area to another user.
- Reopen: Users with this role can reopen records in this area.
- Change Manage Format: The name of the form to display as the default change queue form. If left blank, sc.manage.chm is used.
- Default Category: Unused
- Default Task Category: Unused
- Initial Change View: Unused. Service Manager automatically saves the Change view that users with the role opened last time.
- Initial Task View: Unused. Service Manager automatically opens the Change Task view that users with this role opened last time.
- Initial Format: The initial format that is used when users with this role search change records. If left blank, cm3r.search is used.
- List Format: Also known as QBE Format. This is the QBE form to use when displaying records to users with this role. If left blank, cm3r.qbe is used.
- Task Manage Format: The name of the form to display as the default task queue form. If left blank, sc.manage.cmt is used.
- Append Query: This field stores an expression to append to all queries in this area run by users with this role. This expression restricts the records that the user with this security role can see, by appending (adding on) this query to everything the user does in this module. You must use the field name from the dbdict in the expression. For example, you can enter priority.code=”3” so that users with this security role can only see Priority 3 records.
-
View the Security Folders section.
This section specifies security folders that are accessible to this Role for records of this area. For more information, see Add folder permissions to a security role.
The out-of-box security folders available in Service Manager are DEFAULT and advantage. You can also create security folders to meet your business needs. By default, all security folders are assigned to a new security role created. Once a role is created and rights are configured, you can modify the security rights for a role within an area.
Configuring Change Management security
User Role: System Administrator
Change Management Administration enables you to perform the following Change Management security configurations:
Set rights to changes and change tasks
The Change Administrator can set rights to changes and tasks using the role-based security. The Changes, Change Tasks, and Change Management Configuration areas contain default security rights and settings. The rights are copied to new roles created for these areas. However, the settings are inherited only if there are no settings specified on the roles.
Note Whenever the roles in an operator record are updated, the operator must log out and then log in for the changes to take effect.
Add security roles and settings
User Role: System Administrator
To create a security role and assign rights and settings to it, follow these steps:
- Click System Administration > Security > Roles.
-
Click New.
The security role form is displayed.
- Type a security role name.
- Type a security role description.
- Click Save.
-
Select a security area.
The security rights and settings form is displayed.
-
Under Rights, select the rights to be assigned to the security role.
For example, set Expert rights for the security role. The Expert security right enables the operator to view alert logs, opened tasks, affected services, and clocks of change requests. It also enables the operator to set reminders, send notifications, create hot news, and associate change requests to incidents, interactions, requests, and know errors.
-
- Under Settings, add required settings.
-
Under Folders, add folder permissions to the security role.
The out-of-box security folders available in Service Manager are DEFAULT and advantage. You can also create security folders to meet your business needs. By default, all security folders are assigned to a new security role created. Once a role is created and rights are configured, you can modify the security rights for a role within an area.
Modify an operator record to enable Change Management access
Applies to User roles: System Administrator
To modify an operator record to enable Change Management access, follow these steps:
- Click System Administration > Ongoing Maintenance > Operators.
- Use search or advanced search to find one or more records.
- Click the operator record that you want to view.
- Click the General tab.
- Add the desired Change Management security roles to the Security Roles table.
- Click Save.
- Click OK.
Enable approval delegation
Approval delegation is an optional feature that enables users with approval rights to temporarily delegate their approval authority to another qualified operator. For more information, see Approval delegation.
To enable an operator to delegate approval authority, a System Administrator must make changes to a specific security role of the operator.
The following example illustrates how to enable approval delegation for the Change Management application.
To edit the security role to which you want to grant approval delegation authority, follow these steps:
- Log in to Service Manager with a System Administrator account.
-
Click System Administration > Security > Roles.
Service Manager displays a list of security roles.
- Optionally, in the Name field, type the name of the security role to which you want to grant approvals, for example, change approver.
-
Click Search. The security role or a list of security roles opens.
- Locate the security role you want to edit, and select a Change Management security area, Change or Change Tasks.
- Select Can Delegate Approvals under Settings.
- Click Save.
Note It is a best practice to enable the Delegate Approvals or Can Delegate Approvals option only for operators who can also view and approve objects in the application.
Now, the operator can delegate approvals for the selected security area. For information about how to delegate approvals to another operator, see Delegate approvals to another operator.
Related topics
Process Designer security model
Add folder permissions to a security role