none
Request Offerings: Token: Portal User Name properties

    Question

  • Hi,

    I'm trying to build a Service Request that allows users to select an Active Directory OU where they can place new users, and create an OU if it doesn't already exist.  I've created a new class for AD OU and created a relationship between it and the 'User' class so I can assign an owner. I've setup an SR that runs a Query Result against existing OUs and displays them back to the portal user.  However I don't want the Query Results to show all the OUs in the organisation otherwise the OU structure will become messy as users create objects pretty much anywhere. 

    The only way I've found to filter (constrain) the results for the portal user is to query the combination class I created for OU Owner User Name to use 'Token:Portal User Name.  This works a treat, however that means that when I create OU objects in the CMDB and assign a user as the 'owner', only that person will ever be able to query against their OUs.  This isn't desirable as it creates a bottleneck if that user isn't available to create OU SRs, so I'd like to be able to filter on another property such as Department or ideally assign an AD group as the 'owner' and have the SR setup so that it displays all OU objects if the portal user is a member of that AD group.

    Is this possible?

    We have SCSM 2012 SP1 and Orchestrator 2012 SP1

    Thanks,

    Tim

    Friday, May 17, 2013 9:05 AM

All replies

  • Hi !

    That sounds like a cool idea.

    1.) Limiting the Query to the OUAdmin-Group isnt possible

    2.) i would let the users select source and target ou and have a RA between the selection and the actual step of implementation

    R.

    Thursday, May 23, 2013 1:46 PM
  • The easiest  option here is to add one more relationship with n:n named co-owners or something like this. in this case you can assign many users as coowners and filter both relationship in your query

    SCSMSolutions
    email: freemanru (at) gmail (dot) com

    Friday, May 24, 2013 8:16 AM
    Moderator
  • Thanks for the suggestions.

    I'm going to mull it over during the weekend.

    Thanks,

    Tim

    Friday, May 24, 2013 2:17 PM
  • Hi ButtyT

    Expanding on Roman's comments above, the other option here I suppose is to create a configuration items group and restrict access to the group members via a User Role. 

    Cheers

    Shaun

    Wednesday, May 29, 2013 3:44 PM
  • Hi All,

    I've found a way round the problem.  By establishing 'Related to Configuration Item' relationships between OU and authorised user objects from the CMDB I can use the portal token for "Token:Portal User Name" when the class focus for the 'Query Result' in the SR includes the type projection for the above.  This allows the one-to-many relationship I need and I can filter the results where the token matches any username of the related configuration items.

    Thanks for your suggestions.

    Tim

    Wednesday, May 29, 2013 4:14 PM