Workflow Soluiton

Our imaging process places PCs into an ITMS7 OV.  We plan on using those OVs to assoceate rights.  I set up the rights to a test group/user and that user can move thoughtout the limited access and see only the PCs they have rights to (if the reports is configured to use user rights).  I hope to set up a workflow to do some actions like deploying applications.  I don't want to give those rights directly in the ITMS console.

SO... Here is my question.  How to I view/query the PCs the user has rights to in a workflow?  

Here is what I have tried.  I set up a report in the console that the user has access to and that report only shows the PC they have rights to ("Promote scoping information to the data source" checked).  I then configured an integration component to pull the results of that report.  I can log into the WF with my Admin ID, and pass my cradentals to the report integration object and the proper results come back.  When I try with the test user, I get "The user does not have permissions to run this report".... even though in the ITMS console, they do.  Only thing I can think of is that I'm an admin in ITMS, and the site admin is not.  They are more or less a user of ITMS.

Only other option I can think of is to query it directly via SQL, but that one is way over my head in how ITMS builds that query filter.  Other thoughts?

Thanks in advance!

I wrote a report that I used the checkbox "Promote scoping information to the data source".  Here is the resulting query for the report:

All Workflow components that integrate with the SMP require SMP credentials to run them, they will always run under the context / scope of those credentials.  Try these steps:

1) Create a custom report in the SMP

2) Use the "Report Component Generator for NS 7.0" in an integration library in Workflow to generate a component for that report.

3) In the Workflow add a "Create SMP Credentials" component, and dynamically set the credentials to whomever is logged into your process

4) The add the new custom report component downstream for the Create SMP Credentials component

That should allow the report to run under the desired credentials, and therefore return the desired result.

I did that, but I got the return "The user does not have permissions to run this report".  Even though the user can run that report in the itms console.  Is there some thing I need to add to there role privileges to allow access to the reports via the ASDK?

OK, here is what else I tried.  For the security role for my test user, I went in and checked EVERYTHING.  All privileges and all data classes/types/etc in the security role manager.  Nothing I did gave access to running this report via the ASDK.  Just as a test, I added "Symantec Administrators" to the membership of the test security role.  POOF, that user could now run queries via the ASDK.

So here is my question, can Symantec Administrators only run ASDK calls?  If so, that’s fine (sucks, but fine).  But then I would fall back on my last question to accomplish my goal.  How do I populate the SQL variable @v1_TrusteeScope for the logged in WF user?  If I could generate the query in its own module, then just pass in the scope as a variable, which would essentially do the same thing as trying to run this scoped report via the ASDK.

FYI, we got it figured out.  Create a SQL integration component and used this query: