CA Service Management

Hi folks,

Customer has 12 tenants configured in their SDM. We have configured the federated search adapter to Sharepoint and it is working ok. However, each tenant wants to have their own "space" in Sharepoint where they can maintain their own knowledge documents. So use case is if I am logged in as user of Tenant A in SDM I only want to see my own Tenant A knowledge documents in a search result, not all the other tenants documents.

I see Openspace has the Tenant option in the config file but not Sharepoint.

Is there any way to achieve this?

Thank you

Werner

Hi Werner

It sounds to me that it is the behavior that the r14.1 C2 fixes. I have experienced the behavior you mentioned on r12.9 before. And one of the indivisual patch would modify the design behavior that will work by based on the login user's role. My memory might not be correct but the USRD#3479 is the modification. Please allow me if it is not correct.

https://support.ca.com/irj/portal/kbproblem?docid=636833&productcd=USRD&problemnbr=3479

The r14.1 C2 patch seems to have the solution.

However, the C3 seems not include this solution. So, if your environment is C3, please contact CA Support about this topic.

Hope this helps.

Kosei

Hey Kosei,

That's applicable only to SDM right?   I believe Werner's question was more about USS -> Sharepoint  native integration.

_R

Hi Raghu

Oops!! Sorry, it seems I mis-read the Werner's question. I thought his question was about the Sharepoint Search in the Knowledge tab. And I thought the USS was described as just for example. As I have not experienced the USS - Sharepoint integration, please ignore my previous update.

Best regards, Kosei

Hi,

As you know there are several ways to access the federated search engine, USS, Employee Interface in SDM, Incidents Knowledge TAB etc. But they all use the same federated search engine, right?

The problem as I explained is that Sharepoint is NOT tenant "aware". All I can do when configuring the sharepoint connector is to point it to the Sharepoint Server destination, I can't indicate that Tenant A must have destination of Folder A in Sharepoint. Hope this makes sense

Hi Werner

I have not experienced the USS. So, my understanding might be different from the real.  I will describe something I am understanding at this moment but please make sure it might be incorrect. So, please look through as my personal understanding.

When the Sharepoint search is kicked by the login user, the screen like list_kd.htmpl will send the message to the jar file and it will interact with the sharepoint server. The sharepoint server will return to the result to the SDM. Then, the domsrvr will check if the received each record can show the login user on the permission. The domsrvr decides about it by the role settings including the multi-tenancy.

When the r12.9 was released,  the domsrvr did not have the feature to check. The behavior you are encountering was a design then. This feature of the domsrvr was enhanced on the way. I think the r14.1 GA also will behave like that. When I responded the case about it on the r12.9, the r14.1 was already released. So, I think the r14.1 GA also has the same behavior.

I am not sure your environment is r14.1 GA or C3, and recommend you to check the behavior after applying the C3. It might be included the enhanced feature.

But if the USS does not involve the behavior with the domsrvr but original process in USS, it may be needed to be enhanced the function.

Sorry for the shortage information for you....

Kosei

Hi Kosei,

Thanks for your response. We don't use the USS so don't worry about that. I will "digest" what you are saying and discuss this with the SDM experts here on site. Thing that I still don't understand is where in Sharepoint does the result come from? We cannot "route" the request from list_kd.htmpl to different places in Sharepoint? There is just one destination defined in the sharepoint connecter properties and that is the only place where we can search. We cannot instruct Sharepoint to go to Folder X or Y for Tenant requesting results. It displays ALL results from one place. I think this is more a Sharepoint challenge than a SDM one. Will feedback a bit more as I learn more info.

Thanks

Werner

Hi Werner,

From my knowledge, out of the box, I don’t think there is a way to store KD data separately in SharePoint for each Tenant. As you may know Service Desk uses the metadata "CASDMTENANT" to identify which Tenant knowledge documents belong to when searched them from Service Desk Manager. I think you should open an idea for this.

If I misunderstand your query, please let me know.

Kind regards,

Kaori

Hi Kaori,

I think now you understand 100%. Thank you I will discuss and open an idea when appropriate.

Thanks

Werner

Hi Werner,

It's good to hear that. :-)

If my response helped to answer to your question,  could you click Mark Correct so that other folks can find which answer is correct?

Thank you,

Kaori

Hi Werner

I might fail to understand what you said. But I will reply you as follows.

Yes, the defined place is only one in the sharepoint connecter properties. And the place that the sharepoint search result shows is fixed place in the Knowledge tab and the Incident detail >Knowledge Management tab. I don't have any idea to show the result to the other place the customer wants.

You may know the tenanted contents will be embedded the meta tag. You may already saw the below DocOps.

https://docops.ca.com/ca-service-management/14-1/en/using/knowledge-management/integrating-multiple-search-engines-using… 

When the Sharepoint crawls the SDM content, the crawler surface will attach the meta tag and provide the data to the Sharepoint. The Sharepoint will create the index from the provided data. You can see the below flow by accessing the below URL on the SDM server's browser. (Sorry for the Japanese browser. I tried to find the English browser on my box but I could not find it soon...)

  http://localhost:8040/fscrawl/listObject.jsp?farm=KD  ("KD" is farm name.)

It might not show up like the below screen but show up the SDM login screen. Then, the browser cache causes the behavior. It is necessary to clear the browser cache and re-open the browser. And try again. I am sometimes confused the behavior. If the behavior still occurs, it was necessary for me to try to do that from the other client box...

Each content has this meta tag. This for example is a public tenant's knowledge. Hence, the Content's value is empty. If it is the tenanted content, the above meta tag will have the exact tenant name. SDM will decide each content is which tenant's content.

(If the patch later than USRD#3512 is applied, the meta tag may be changed from CASDMTENANT to CASDMCRAWLERFILE.)

If the login user is in Tenant A, the login user can see the Tenant A's content only. Sharepoint search result will show up the Tenant A's seached record.

Also, I suppose if the login user is the "ServiceDesk" user as the administrator role, it has the permission to read/update all content, it should see all of the content. But if the login user is not the administrator role, the sharepoint search should show the login user's tenant data only. It is the same behavior as the EBR search.

A lot of patch of the Sharepoint Search feature were created before in r12.9. So, I recommend to apply the latest patches related to Sharepoint search and check the behavior. However, I strongly recommend to apply the latest cumulative patch at first and check the behavior.

Best regards, Kosei

Sorry for passing each other

Hi Kosei,

As I understand it the crawler configuration is only done to allow Sharepoint "access" back to the SDM knowledge base?

From your URL: How to Configure the Crawler Surface for SharePoint - CA Service Management - 14.1 - CA Technologies Documentation 

"The administrators can configure CA SDM to allow Microsoft SharePoint 2010 and SharePoint 2013 Servers to crawl the Crawler Surface. The Crawler Surface contains a FSCrawl Servlet component that lets you search the CA SDM knowledge solutions and articles.

A crawler is a search engine component that browses the Internet and indexes search terms. The Crawler Surface is a read-only web-based interface to the CA Service Desk Manager application. With this interface, external search engine crawlers can discover information using the Java Server Page (JSP) technology. The Crawler Surface uses the JSP to provide the information in plain text and individual hyperlinks to tickets and knowledge documents".

Our intention is only SDM to Sharepoint direction, do we need to configure crawling for this as well? 

Like Kaori states we don't think it is possible for each Tenant to have seperate space in Sharepoint as it is a shared environment and not Tenant aware. If I'm missing something let me know please.

Thanks

Werner

Hi Werner

Like Kaori states we don't think it is possible for each Tenant to have seperate space in Sharepoint as it is a shared environment and not Tenant aware. If I'm missing something let me know please.

It is correct. It is impossible to do that and I also recommend to raise the idea.

Best regards, Kosei

Hi Kosei,

Thanks for responding. I will raise an idea on this.

Regards

Werner