Dynamically changing the user's domain session based on selected company

abdul_qulatein · ‎08-03-2016

How can we dynamically change the current domain session based on company's domain of an incident when a certain condition is met e.g a tick box is ticked.

In a domain separated instance, each company has its own domain. We want to change the engineer's session so they can execute an Orchestration workflow that requires the following elements to reside in the same domain as the engineer / user executing the workflow:

The IP Ranges

The MID Servers

The records containing the Credentials used by the MID server

The MID Server user

The target CIs

The incident / change record that triggers the Orchestration Workflow

Your input is greatly appreciated.

Michael Fry1 · ‎08-03-2016

There are several system properties that contain 'domain', one of them being glide.sys.domain.use_record_domain_for_data which says Use the record domain basically. Typically the MSP user belongs to a MSP domain. There is a role domain_expand_scope that gives you access to a UI action Toggle Domain Scope. When you click the Ui action, it blends the User's domain with the ticket domain so you can access resources in the MSP domain. Have you tried using something like that?

abdul_qulatein · ‎08-04-2016

Hi Michael,

Thanks for your input. I have tried your proposed solution and it does work to some degree, but it seems to be selecting a random mid server belonging to a different domain to the company on the incident.

This solution would have worked if we didn't have identical IP ranges and identical capabilities assigned in multiple domains.

The purpose of dynamically changing the logged in user's session is to overcome the identical IP ranges. Any other suggestions?

Michael Fry1 · ‎08-04-2016

Are you using glide.sys.domain.use_record_domain_for_data - which would change the domain of the user and use the domain of the record.

abdul_qulatein · ‎08-04-2016

Yes, I am and I have set the value to true in the system property record.

Just to add, I am passing the IP address to the workflow from the affected CI related list within the incident record and not the Configuration Item field on the incident record. Not sure if that makes any difference!