This recipe provides the steps required to add a user or group to a default SCSM security role.
We will use the End Users role to demonstrate these steps.
You need to have successfully installed the SCSM product, be a user in the SCSM Administrators role and have the SCSM console open.
The default members of the SCSM Administrators role are the user account used to install SCSM and the members of the Administrators group specified.
The following are the steps you need to perform to add a user to a default SCSM role:
The user(s) or members of the groups you add to a default SCSM security role will be granted the rights associated with the role.
A user can be a member of more than one role. The rights of a user in multiple roles are cumulative (for example, a user assigned the End User and Activity Implementer roles will have the combined rights of both roles).
Here are some additional real-world tips to consider.
The End Users and Report Users roles have the NT/Authenticated Users automatically assigned. Plan to remove this default setting and replace it with your specific users or groups. The default setting adds additional implied permissions (for example, a read-only operator will be able to create incidents because NT/Authenticated Users is part of the End Users role, which has the rights to create a work item).