User Roles are a critical item nestled in the Service Desk module on the K1000. 
Roles are what we use to limit access to certain areas of the K1000. By default, you have 4 roles on the K1000; Admin, Read only Admin, User, and Login not allowed. These default-roles allow an admin user to have full access to the box at the admin or user level, the user role will show all available user portal tabs by default; the read-only admin role allows someone to login to the admin portal but they only have access to read the information not make changes, login not allowed simply makes it so that the user cannot even login to the K1000.
These initial roles are meant to get you started with assigning access to users on the K1000 but many customers prefer to create custom roles in order to give access to the appropriate areas for specific Users. For instance, if you have helpdesk personnel you may want to create a custom helpdesk role.
To create this role we must go to
1. Service Desk – > Roles – > Choose Action – > Add New Item.
2. This will take you to the editing page to create a new role. At the very top you can enter a Role Name, we’ll call ours Helpdesk Staff.
3. After entering the name enter a brief description, something to indicate this is for our helpdesk administrators.
4. After entering that information next click the “expand all”, this will show each available tab on the box as well as all of the sub tabs beneath it. You can select the custom value to give read, write or hide specific sub tabs, or all hide if you wish to hide an entire module from view.
5. Next go through each tab; home, inventory, asset, etc… and determine what you want your helpdesk personnel to have access to. Read means they can see the information for that area but can’t modify, write means they can modify information there and hide means it is hidden from sight. **It’s worthy of remembering that if you leave someone with write access to the users or roles tabs, you’re effectively saying they can grant themselves broader access. Another important point is that there is a different section for the Admin portal and the User portal, the User tabs are at the bottom.
6. Once finished editing simply click save at the bottom of the page.
Now that the role is created we simply need to assign it to users. Users may belong to only one role- so you may need a few roles to support the various worker types in your environment. There are two ways to assign this role one is through the LDAP import under the User Authentication- this assigns the role when the account is initially created; the other method is to manually apply this role to users that already exist in the Users tab, also located in the Service Desk module. To do this simply click the check box to the left of their name(s), next click the Choose Action – > Apply Role. This will change their existing role to the new one you’ve created.
Now it’s time to determine if there are more that you need in your environment. Roles can be used for Users or Administrators, to limit or hide tabs you feel could be confusing, or simply are not needed for their daily work duties. We recommend using roles whether you use Service Desk or not; granting people more access than they want or need can not only be scary for you, but them as well. You’ll find that many people prefer not to have access to tools they aren’t supposed to use. Here’s some examples: Common Users might not need access to the User portal’s software library and the Download log tabs if you aren’t publishing applications there. An Asset Manager role might be useful for someone in Finance that only has read access to inventory, reporting, and write access to Assets, but not metering. Managers might benefit from read access to reporting, helpdesk, and inventory, in the Admin portal, and write access to helpdesk in the user portal but nothing else.
