Roles 

    Each technician accessing the help desk tool will have a set of permissions to execute specific tasks in the application. These permissions are termed as Roles in ServiceDesk Plus. Roles are defined based on the various modules in the application.

    The Administrator can create multiple roles and assign it to technicians based on the requirement. You can also view the list of technicians assigned to a particular role from the Role List View page.

    Roles can be assigned only to technicians. Roles for requesters are pre-defined and hence cannot be configured.

    To access Roles Configuration Wizard, go to Admin > Users & Permissions > Roles (Old UI: Admin > MSP Details > Roles).

    The Roles List View page displays the list of default roles available in the application. You can perform actions such as adding, editing and deleting roles and viewing technicians assigned to a role.

    The list of technicians assigned to a particular role can be viewed from the Role List View page by clicking View Technicians configured with this role tech_role_icon icon. This makes it feasible for the administrator to assign permissions to technicians. To know more about viewing technicians assigned to a role, refer Viewing Technicians assigned to a Role.

    Default Roles

    The default roles (also known as System Roles) are pre-defined. The roles and their description is given in the tabular column below,

     

    Roles

    Description

    AERemote Control

    Role to perform Remote Control on workstations located remotely. This role should be combined with a role providing complete access to the assets module.

    AnnouncementConfig

    Role given to technicians to view, add, edit, and delete announcements. 

    Enable CMDB

    Role to access the CMDB module. If a technician is provided with this role alone, then he would be able to view the Assets and the CMDB module. Apart from viewing the relationship map in the CMDB module, he would be able to Import CIs from a CSV file.

    If the technician is provided add, edit and delete permissions over the Assets module, then the same operations can be performed in the CMDB module for the CIs. To add attributes and relationships, the technician should be provided with add and edit permission over the assets module.

    Technician, without SDAdmin role, would not be able to set up the Configuration Item Types and Relationship Types in the Admin module.

    HelpdeskConfig

    Role to make changes related to helpdesk configuration. A user with this role will have access to the Home tab and Admin tab to make request related configuration.

    MSPDashboardOwner

    Mandatory. Provides view permission to MSP business dashboard.

    SDAccountAdmin Mandatory. Provides full control to his/her associated accounts.
    SDAccountManager Mandatory. Provides view permission to his/her associated accounts.

    SDAdmin

    The role given to the administrator. The administrator has access to all the modules in the application. The administrator alone has the privilege to access the Admin module which is the key to operate the application.  

    SDChangeManager

    Role to access the entire Change module and perform operations such as adding change, editing, deleting and assigning change to technicians. The SDChange Manager alone has the privilege to approve/reject a change.

    The Dashboard display widgets related to Change module such as Change by Type, Approved Changes and Unapproved Changes. Technicians with this role can also view only their schedule in Schedule calendar.   

    SDCo-ordinator

    Role to access the entire Request module and perform actions such as creating incident/service requests, editing, deleting and performing all the actions over the requests.

    The Dashboard display widgets related to Requests module such as Requests by Technicians, Open Requests by Priority, SLA Violation by Priority, Unassigned and Open Requests, SLA Violated requests and Requests Approaching SLA Violation. Technicians with this role can also view the Technician Availability Chart.

    SDPointOfContact

    Mandatory. Provides view permission to his/her associated accounts

    SDReport

    This role, by default, provides permission to create and schedule survey reports alone. This role when combined with another role, allows the technician to access reports based on the modules enabled in the other role.   

    SDSiteAdmin

    If Sites are configured in the application, the SDSite Admin role provides complete access to his/her associated sites. The Site Administrator can configure all the Admin configurations pertaining to his/her site alone.

     

    The above nine default roles cannot be deleted. However, SDSiteAdmin Role can be edited to suit your organization's needs.

     


    Contents


     

    Add a Role

    To add a role:

    • Click Add New Role link.

    • On the Add Role form, enter a unique name in the Role Name field.

    • Enter the description in the Description field.

    • Enable Permissions for the role by selecting the check boxes beside the access levels defined for each module of the application.


    Permissions

    The following are the permissions for the eight modules in the application:

     

    Permissions

    Description

    View

    View permission enables the technician to view the selected module. They cannot perform any other operations.

    Add

    Add permission allows the technician to perform Add operation for the selected module. On selecting the Add option for a module, the View permission check box is automatically enabled.

    If you have selected Add checkbox for request module, then the Add option under Advanced Permission - Request module is automatically enabled. Similarly, if Add checkbox is selected for the purchase module, then the Add option under Advanced Permission - Purchase module is also enabled.

    Edit

    Edit permission enables the technician to perform Edit operation for the selected module. The technician cannot perform Add or Delete operation. However, on selecting the Edit option for a module, the View permission check box is automatically enabled.

    If you have selected Edit checkbox for request module, then the Edit option under Advanced Permission - Request module is automatically enabled. Similarly, if Edit checkbox is selected for the asset module, then the Edit option under Advanced Permission - Assets module is also enabled.

    Delete

    Delete permission allows the technician to perform Delete operation for the selected module. The technician cannot perform Add nor Edit operation. However, on selecting the Delete option for a module, the View permission check box is automatically enabled.

    If you have selected Delete checkbox for request module, then the Delete option under Advanced Permission - Request module is automatically enabled.

    Complete Access

    Selecting complete access check box for a module automatically enables View, Add, Edit and Delete checkbox for that module. Complete Access allows the technician with complete access to the selected module.

    If the selected module has Advanced Permissions, then those options are enabled automatically.

    If an action is disabled in Advanced Permission, say, Adding Requesters under Request module, then complete access to request module gets automatically disabled.

     

    Example: To provide complete access to requests, assets, contract, and solutions module, enable Complete Access check box beside these modules. This will automatically enable all the operations of corresponding modules.


     

    • Permissions for modules Requests, Purchase and Assets are further categorized and defined under Advanced Permission.

    Request FGA (Fine Grained Authorization)

    Enable advanced permissions for Add, Edit and Delete operations by enabling any of the following check boxes.

     

    Advanced Permissions

    Description

    Adding/Editing Request Task

    Permission to Add/Edit the request tasks.

    Adding Requesters

    Permission to add new requesters on the fly while creating a new requests/problem/change. Adding requesters without this permission pops up an error message stating "Requester Does not Exist".  

    Resolving Request

    Permission to change a request status to Resolved.

    Disabling Stop Timer

    Permission to change the status of a request to On hold.

    Merging Requests

    Permission to merge two or more requests.

    Closing Request

    Permission to change the status of a request to Closed.  

    Modifying Due Time

    Permission to change the Due By Time and also the First Response Time of a request.

    Modify Resolution

    Permission to add/edit a resolution for a request.

    Re-opening Request

    Permission to change the status of the request to Open from the previous state.

    Assigning Technicians

    Permission to assign/reassign requests to technicians.

    Editing Requester

    Permission to edit the requester's name while viewing the request.

    Deleting Others Notes

    Permission to edit/delete notes added by other users/technicians. If the option is disabled, then the technician can delete the notes added by him/her.

    Deleting Others Time Entry

    Permission to delete the Work Order details entered by other technicians. If the option is disabled, then the technician can only edit/delete his/her Work Order Entry.

    Deleting Request Task

    Permission to delete the request tasks of a request.

     

    Scan FGA (Fine Grained Authorization)

     

    Advanced Permissions

    Description

    Scan Now

    Permission to scan workstations from the workstation details page.

     

    Purchase FGA (Fine Grained Authorization)

     

    Advanced Permissions

    Description

    Adding New Product

    Permission to add new products while creating a purchase order.

    Adding New Vendor

    Permission to add new vendors while creating a purchase order.

     

    For instance, if all actions under Advanced Permission Request - Edit are disabled, then the technician is allowed other edit permissions such as editing the request type, status, mode, level, urgency, priority, impact, and category of the request.
    • You can provide permission to share requests, task technician to access requeststechnicians in a task group to access requests, and approve solutions by enabling the respective checkboxes.
       

    Permission Description
    Share requests Technicians with this role will have access to share their requests.
    Task technician to access requests Task Technicians with this role can access requests to which their tasks are associated.
    Technicians in a task group to access requests Technicians in a task group with this role can access requests associated with that task group.
    Approve solutions Technicians with this role will have access to approve solutions.

     

    For requests whose permission is obtained through these roles (Task technician to access requests & Technicians in a task group to access requests), request details can be accessed only from task details and the request will not be listed in the request list view. 
    • Example: A site has two groups, say Group1 and Group2. Adam is a technician associated to Group1 with the privilege to view requests All in group & assigned to him. Adam can view all the requests in Group1and the requests assigned to him. He has the privilege to re-assign the requests to other technicians in his associated sites but once this is executed, the request will not be visible to Adam. You can also choose to restrict technicians from viewing the requests, problems, changes, and assets in the application. To do this, select the corresponding radio button in Technicians allowed to view,

    • All: The technician can view the requests, problems, changes, and assets for all the configured sites.

    • All in associated Site: The technician can view the requests, problem, changes, and assets for his/her associated sites alone. To associate sites with a technician refer Technician.

    • All in Group & assigned to him [Requests only]: The technician can view only the requests assigned to his/her associated group, and also the requests that are assigned to him/her.

    • Assigned to him [Requests only]: The technician can view only the requests assigned to him/her alone.

     

    A technician has permission to view Requests, Problems, Changes, and Assets only if the View permission for these modules are enabled under Permissions.  
    • Click Save. The role is displayed on the list view page.  

    • Click Save and Add New to add another role.  

    • Click Cancel to cancel this operation.

    • Click View List link to go back to the Roles List View page.

     

    AnchorEdit a Role

    To edit an existing role:

    • On the Role List page, click edit iconEdit Iconbeside the role name that you want to edit.

    • On the Edit Role form, you can modify the name of the role, description, and permissions associated with the role.

    • Click Save.

    • Click Save and add new to add a new role after editing.
    • Click Cancel to cancel this operation.

     

    AnchorViewing Technicians Assigned to a Role

    To view technicians assigned to a role:

    • On the Roles List View page, click View Technicians configured with this Role icon tech_role_icon

    • The Role to Technicians pop-up appears with the list of technicians configured with this role.

    Deleting Role

    To delete a role:

    • On the Role List page, click the delete icondeleteiconbeside the role name that you want to delete. A dialog box confirming the delete operation appears.

    • Click OK to delete.

    • Click Cancel to cancel the operation.

    • Technician List is displayed on a pop-up window if technicians are assigned with a role.

    • Select the technician and enable the Send Notification check box to notify the technician. The e-mail address of the technician appears in the To field. You can add CC recipients for this notification if required. Enter the Subject and Description.

    • Click OK.

    Zoho Corp. All rights reserved.