- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-18-2023 11:01 PM
Hello community members,
We have requirement to re-classify our Assets from Asset Class/Table to Hardware.
I know in CMDB changing classes, upscaling, downscaling is easy and straightforward, using Class Manager or List view. However on Asset level i was not able to change class. (see screenshots) If trying to change Class on list level i would get error "Security prevents writing in this field".
One of the ways to delete and re-import, but this is least favorite option for now as Asset have direct relationships to CI's and it could be complicated.
Thanks,
Mantautas.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2023 03:08 AM
There is an ACL with the Name of alm_asset.sys_class_name. If you open the record with Operation=write for that ACL, you can find that it is configured to be read only for everyone. This ACL can be modified by admins who can elevate to security_admin role. After that it is possible to update the class for Assets. However the recommended best practice is to keep the Class field as read only for all to prevent the possibility of people updating Class by mistake. You can consider the following solution:
1. Modify the ACL to make the field as editable only for admins in non prod.
2. Update the Class for the required records in non prod.
3. Validate that the updating of Class in this manner does not lead to any data loss for existing attributes (including the existing link with configuration items), activities, audit history etc.
4. If no data loss issues are observed, make the changes in production also after modifying the ACL.
5. Update the ACL back to original state make it as read only in both prod and non prod.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2023 01:16 AM
Hello @Mantautas ,
Please check the field level ACL.
Thanks
Amarjeet Pal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2023 03:08 AM
There is an ACL with the Name of alm_asset.sys_class_name. If you open the record with Operation=write for that ACL, you can find that it is configured to be read only for everyone. This ACL can be modified by admins who can elevate to security_admin role. After that it is possible to update the class for Assets. However the recommended best practice is to keep the Class field as read only for all to prevent the possibility of people updating Class by mistake. You can consider the following solution:
1. Modify the ACL to make the field as editable only for admins in non prod.
2. Update the Class for the required records in non prod.
3. Validate that the updating of Class in this manner does not lead to any data loss for existing attributes (including the existing link with configuration items), activities, audit history etc.
4. If no data loss issues are observed, make the changes in production also after modifying the ACL.
5. Update the ACL back to original state make it as read only in both prod and non prod.