Defining IT Role Access

To define IT role access, use the IT Role Access component (IT_ROLE_ASSET_GRP) .

This topic provides an overview of IT role access and discusses how to define IT role access.

Page Name

Definition Name

Usage

IT Role Access Page

IT_ROLE_ASSET_GRP

Define the level of access in IT Asset Management for an IT user.

To establish access within PeopleSoft IT Asset Management, you must decide which level of access to establish throughout the system; that is, which pages, components, and processes to secure. You implement IT Role Access to restrict individual users or roles to specific asset types, business units, departments, or locations. You can also grant access to all assets within the system for each user or a group of users.

Access to pages, components, and processes is driven by Tools security. IT Role Access defines the data (business units, departments, locations, asset subtypes) to which one has access within those pages and processes. Pagelets such as Inventory Exceptions or Hardware Inventory display different data to different users depending upon IT role access. However, pagelets such as Lease End Metrics are not based on IT Role Access and present the same data to all users that have access to it.

The Manage Exception page is also governed by IT Role Access and users are able to view and resolve only those exceptions as permitted by IT Role Access.

This table describes access for functional areas within PeopleSoft IT Asset Management:

Functional Area

Access

Inventory Exceptions

Controlled by IT Role Access

Hardware Inventory

Controlled by IT Role Access

Lease End Metrics

Not controlled by IT Role Access

Manage Exceptions

Controlled by IT Role Access

Financial Statistics

Controlled by User Preference

Software Report

Not controlled by IT Role Access

Lease End Report

Not controlled by IT Role Access

Use the IT Role Access page (IT_ROLE_ASSET_GRP) to define the level of access in IT Asset Management for an IT user.

Image: IT Role Access page

This example illustrates the fields and controls on the IT Role Access page. You can find definitions for the fields and controls later on this page.

IT Role Access page

Note: When creating IT Role Access, the access granted to a group should be a subset of operator security, as asset groups do not account for operator security. Care is required in creating roles in IT Role Access. Roles must be mutually exclusive. Different roles must administer different assets – assets should not be visible to more than one role. Any metric that depends on IT Role Access depends on the exclusive distribution of assets across roles, otherwise errors are likely in asset counts for those roles.

Field or Control

Definition

All Assets

Select to enable the IT role access to all assets. Selecting All Assets effectively disables IT Role Access.

Field Selection

Depending on the value you select in the Field Name field, the subsequent fields within that page may vary.

Field or Control

Definition

Field Name

Select the value to define the access parameters for the IT Asset Group. The values are:

Asset Subtype: Select to limit access for a specific category of assets. Asset Subtypes are limited to the subset beneath Asset Type of IT Hardware.

See Defining IT Subtypes.

Business Unit: Select to limit access for a specific business unit.

The Business Unit defined in IT Role Access should be a subset of business units defined in PeopleTools level business unit security. The pages that use IT Role Access do not evaluate business unit security.

See Enterprise PeopleTools PeopleBook: Security Administration

Department: Select to limit access by department code.

Location Code: Select to limit access by location code.

Specified as

This group box enables you to set the parameters for the value defined in the Field Name field. Depending on your selection, the available fields within this group box may vary.

Field or Control

Definition

Selected Detail Value

Select to define a specific value. You can limit user group access to a specific value you define.

Selected Tree Nodes

Select to limit access to a specific table set. Using tree nodes limits the user access to a group of values within that tree node.

Range of Values

Enter the range of values to limit access.

Tree SetID

Select to establish the available default set of tables for the IT asset group defined.

Note: Used when Department or Location Code are selected. This value is the default SetID in the grid below.

Tree Name

Select to limit access within a tree. A tree provides a hierarchical view of data within the organization.

Level Name

Select to limit access to a level within the tree.

Specify Values/Range of Values/Tree Nodes

This grid enables you to set the parameters for the radio button selected in the Specified asgroup box. Depending on your selection, the available fields within this grid may vary.

Field or Control

Definition

SetID

Displays the value from the Default SetID field selected in the group box.

Select Value

Enter a value. This field works in conjunction with the SetID field. Only Department and Location codes require SetIDs.

To Value

Enter an end value. This field enables you to provide a range of values when used with Select Value field.