This article provides important technical information about Line of Business.
- Datto Autotask PSA
- LOB security is not applied until you associate the resource with a LOB via the Organizational Structure page or Edit Resource → Associations tab. If a resource has no LOB associations they will only be limited by their security level.
- LOB security works in conjunction with the Resources security level. LOB filtering is applied first, followed by the Resources security level limitations.
- Users will always be able to see the data to which they are assigned, regardless of LOB (think "Mine"). If users call because they see something they think they shouldn't, it's probably because they are associated with it in some way ("Mine" security).
- We do not stop the user from creating data that they will not be able to see. If they create a ticket and apply a LOB to which they are not associated, they will not be able to see that ticket once it is saved.
- There is a setting on the Profile page to set a default LOB. This will populate the LOB field with that selection when creating any entities where LOB can be applied. If an association is removed from a resource and that pairing is set as the default, that default is not removed.
- A resource can be associated with multiple LOB's; entities cannot.
- LOB security is respected in the API.
- LOB security is respected in legacy Reports and LiveReports.
- For LOB to be turned off (via the Organizational Structure page) all LOB associations to resources must first be removed. The easiest way to do this is by editing the pairings on the Organizational Structure page and removing them there.
- When turned off, all LOB configuration throughout the app will be maintained.
- If users call in about seeing Projects that they think they shouldn't be able to see (because they applied LOB security to them), make sure to check all of the conditions where a user is considered associated to the project.