Predefined User Roles
Introduction
What are user roles?
Matrix42 Enterprise Service Management comes with predefined user roles. Each user role comes with specific rights that detail what can and cannot be done in Matrix42 Enterprise Service Management. Each Matrix42 Enterprise Service Management person can be a member of one or more user roles. This ensures that each user is only allowed to modify or view data that is within his or her area of responsibility. The rights take effect as soon as the person logs on to Matrix42 Enterprise Service Management via an assigned user account.
Every person registered in Matrix42 Enterprise Service Management is automatically a member of the Everyone role. Members of the Administrators role have all permissions in Matrix42 Enterprise Service Management. Additional roles may be defined as required.
User accounts and persons
In Matrix42 Enterprise Service Management the management of employees and user accounts is located in the Master Data application. There, navigate to:
- Users
- Persons
- Accounts
Available information about the employee is stored under Persons. Initially, the object is usually filled with information from the AD and can be supplemented later via other information carriers. User accounts contain information about existing (AD) accounts. An initial filling is done when the object is created for the first time. Here, a N : 1 relation applies; several user accounts can be assigned to a single person.
People
A Person configuration item and at least one user account must be recorded for each employee in a company so that they can access Matrix42 Enterprise Service Management.
These configuration elements are linked in such a way that each user account belongs to exactly one person, but each person can have multiple user accounts. Matrix42 Enterprise Service Management uses the user account to determine which person logs on to the console or portal.
Each defined person is assigned to at least one user role. A person can be a member of several roles; in such a case, the rights of all assigned roles are accumulated.
User account
A user account is used to identify an assigned person who logs on to Matrix42 Enterprise Service Management. User accounts belong to an Active Directory domain and must be associated with an Active Directory user. User accounts can be members of one or more Active Directory groups.
Standard Roles
Matrix42 already delivers predefined standard roles. As for Software Asset Management following roles are relevant:
- Core Roles:
- Compliance Management: Employees who manage software compliance from a business and process perspective. This role usually oversees Software Asset Management from a strategic point of view, being accountable for the success of this activity.
- License Management: Employees who manage software compliance on an operational level. This role usually works with and manages imported data records, being responsible for the reported information.
- IT Asset Management: Employees responsible for the assets lifecycle.
- Supporting Roles:
- Contract Management: Employees who manage master agreements and requisition contracts with suppliers and other business partners.
- Executive Management: Employees in higher and top management, in executive positions for the business and its operations.
- Financial Accounting: Employees dealing with and managing data from financial accounting.
- Operation: Employees who oversee and manage the technical operation of the Software Asset Management tool.
- Purchase Management: Employees who manage strategic purchase activities and business relationships.
- Purchase: Employees who handle operational purchases, working with and managing data records; also responsible for reported information.
- Revision: Employees who are responsible for auditing and verifying all information stored and processed in the Software Asset Management tool. This role has read-access only.
Besides the predefined standard roles, you can also define custom roles within your organization. Custom roles appear in Reports.
Permissions
Following article provide information about predefined permissions in the application:
- Permissions for navigation items in the Licenses application
- Permissions to actions available in the Licenses application
- Permissions to dialogs available in the Licenses application
- Permissions to previews available in the Licenses application
A detailed list of data, navigation items, actions, dialogs, and other elements can be viewed in the system Administration area → Reports → Role Permissions report.