3 Replies Latest reply on May 15, 2012 5:29 PM by Carey Walker

    Question on CMDB--> Multi Tenancy



      we are planning to move to a multi tenancy environment. As part pf this we would like to know from CMDB perspective


      1. What all are the changes needed in CMDB ?

      2. When we create a new company 'Y', how do we go about migrating the CIs to the new company ?


      Any information/document that you can provide on the changes required in CMDB end would be of great help!


      CMDB Ver 7.6




        • 1. Question on CMDB--> Multi Tenancy
          Carl Wilson


          for multi-tenancy in the CMDB, you use the "Company" field as you would on the other ITSM Applications.

          By placing a defined Company into the field on the CI, only users with permissions to the Company will be able to view that CI. 

          Every CI that needs to be segregated will require the update of the "Company" field - you can perform a bulk update of the CI's by various methods.







          • 2. Question on CMDB--> Multi Tenancy



            Company attribute which is added on baselement through installation of ITSM extensions, there are also workflows which come attached to the attribute which take the company name & based on its type (in ITSM we have certain company types that drive tenancy) do a lookup to fetch its group id, this group id is then updated in Row level Security attribute field in cmdb which provides for row level access.



            Josie George

            • 3. Question on CMDB--> Multi Tenancy
              Carey Walker

              In addition to Josie's comments, the final piece of the puzzle is on the People form. Under the Login details tab you will see an area where you can define access control. This is where you can say which 'Company' the person can see (one or more). There is an option to assign Unrestricted Access to a person, which should be used with caution since it means they can see everything in the CMDB (i.e. all companies).


              So once this is set up, every time a person wants to see an item in the CMDB, Remedy will look at the list of companies they have access to, and if the group id of those one or more companies is one of the group ids held in the CMDB RowLevelSecurity field for the CI, access is allowed. As Josie explains, that RowLevelSecurity field is set by workflow based on the Company attribute set for the CI.

              1 of 1 people found this helpful