Hitachi

JP1 Version 12 JP1/Service Support Configuration and Administration Guide


5.2.1 Designing users and roles

All members who need to access JP1/Service Support must be registered as users. The IDs and passwords, which are required for logging in to JP1/Service Support, and the departments, phone numbers, and email addresses for individual users must be also registered.

When you initially introduce JP1/Service Support, consider the use of the jssuserimport command. This command will enable you to batch register users. For details, see jssuserimport (imports user information) in Chapter 12. Commands.

In the window of JP1/Service Support, you can register users one by one, and also edit and delete the registered user information.

In addition, in JP1/Service Support, you can define roles that correspond to users' work assignments, and assign users to appropriate roles.

Taking 5.2 Deciding the target system and processes and establishing the structure as an example, you can define role names using the contents of the person in charge column of Table 5-2.

Examples of role names:

Incident specialist, Incident manager, Problem management specialist, Problem manager, Change manager, CAB member, CAB representative, Release manager, Release specialist (Planning), Release specialist (Procurement), Release specialist (Implementation), and Configuration change specialist

Consideration of the use of roles

Note the following and consider whether to use roles:

  • In a small-scale system that has fewer users, you can register users by just using User management without using roles.

  • In a large-scale system that has many users and departments, we recommend that you utilize roles. By using roles, you can grant the same access permissions to multiple users all at once.

  • Only the users and roles belonging to the user management role can register and update users. Only the users and roles belonging to a process work board management role can create process work boards. Only the jp1admin user belongs to these administrator roles from the beginning.

    By strictly managing the users and roles belonging to administrator roles, you can improve information security even when a process work board that deals with important information is created.

  • You can create roles from the viewpoint of department, work assignment, or project, and grant these roles access permissions to the relevant process work boards. By doing so, you can grant access permissions to uses related to the relevant process work boards without regard to the users.

  • If you do not want to perform complicated management, you can use the same name for an access permission and a role (such as View role or Acknowledged role). By doing so, you can manage the setting of access permissions (which is likely to become complicated) easily and simply.

  • If you enable view permissions for individual Items and wish to allow only certain users to view an Item, you can use roles to assign view permissions for the Item to a group of users.

Notes:
  • To register user information and role information in JP1/Service Support from the window of JP1/Service Support, you need to have the user management role permission.

  • You can register no more than 1,000 users.

  • You can register no more than 1,000 roles. You can register no more than 1,000 users per role.

  • When you delete a use or role, you must check whether the user or role is in charge of some Items. If the user or role is in charge of an Item, change the person in charge of the Item to another user or role.

    JP1/Service Support has the function of sending emails to all users who have the process work board manager permission when a user or role is deleted. The use of this function must also be considered.

    For details, see 5.5 Considering email notifications.

  • You cannot use names beginning with _jp1 for role IDs because they are reserved by the system.

  • When you use emails (for example, using an email to notify that the deadline of an Item is approaching or sending an email to create an Item), make sure that you register the users' email addresses.