I'd like to be able to administratively access another user's workspace for various troubleshooting scenarios.
This will be a good usecase, but will need to show who did the "new" server side check-in...or reassociate the whole workspace to a new user.
We've recently dicussed this at the TC's as well. There's not much for an admin to do except search for a user's workspace and delete it. There's no manipulation of the workspace or it's contents. We've recently had an issue where a user was not coming back into work and he had data in his workspace that we needed. The user had information that was new and uploaded. All I could do was verify that it was there and tell the program I can only delete the workspace. We got the data through other means (with tremendous effort). Windchill admins should be allowed to take ownership (or something like that) of the workspace and recover the data.
I wish they showed up under the user profile for an admin of their Org. Same as the list we have on our default homepages today.
Adding to Charles' note, How about "Reassign Workspace" same as calendar notices. Workspace instance would just have to be repointed to the new owner.
We should at least be able to checkin or cancel a checkout in a user workspace, when we are logged in as an administrator. I agree with Tim that we need to maintain the correct history - if the admin checks in a user's file, the admin should be documented as doing the checkin (not the user).
Can't you reset the user's password, login as user, and the WS will update on the machine you log in from? Then do what work you need to, check-in/delete. Downside is that anything done will be shown as done by an admin.
This topic is in another Product Idea "Access other users workspace". Should these be merged?
As discussed in another thread not all businesses allow (or at least not without numerous approvals) the use of another user's account. This is an even bigger deal for those using SSO where an LDAP outside of Windchill holds the user account.
Thanks, makes sense. Coming in at the end of the conversation I guess. Is the question defined regarding if the user is still employed with the company, or does it matter? If still employed, why cant the admin use a remote access tool to troubleshoot?
Employment status really does not matter. The issue is allowing an administrative role holder the ability to see and act upon the contents of any workspace. I agree for user support the remote access/screen sharing is just great. But if the user is away (vacation, leave, or no longer employed) then knowing what is in the workspace is important and being able to properly dispose of the contents is super important. Now much of this discussion also hinges on having content uploaded to the server side as well. At the end of the day administrative roles should be able to access any workspace for viewing and that role should also be able to transfer ownership of that workspace so that an active user (likely the administrative role holder) can act on the objects in the workspace (check-in, remove from workspace, etc.).
So the PDM admin can't change the password? Is that because they are using Active Directory linked to corporate?
Isn't doing these kinds of tasks what an administrator is for?
Windchill administrator does not necessarily equal network/domain administrator. We have Windchill linked to our corporate LDAP to make it easier to manage user's credentials, but our Windchill administrators have no control over the corporate LDAP, even though they have complete control over Windchill.
Tom is spot on. But also it should be clear from a log point of view who did what and when. So if an administrative role holder were to authenticate to Windchill as another user then the log would not be reliable of audit purposes. So the other part of this discussion is to keep that record correct. I have seen where another enterprise goes in an changes the personnel cabinet of the user to another user (admin) in the database. My thought is why not have this OOTB with logging and all.
Got it. Then I would agree to give the admin access to user's workspaces. As you said it would still be required to set the system to upload automatically. If the files are not then this is still useless.
Since this functionality hinges on the files being uploaded, to be implemented well there would need to be the ability to notify if a file was not successfully uploaded to make sure the correct file is being used.
Currently if a user works in Creo, then later logs into a browser there is no way (to my knowledge) to know if the file you are looking at is the latest and something didn't fail to be uploaded after the last upload.
This is very clear when working in Creo, but apparently not in the browser, and that is a problem...Both for the user, and for the admin who may not have easy access to open their session of Creo on their computer.
The other idea does mention "an admin could access..." So I would think so.
Bumping and voting for the idea of having a "Reassign Workspace" in administrators' (Org / Site) login would really be usefull.
Reassigning owner for the workspaces would really helpful.
Reassign user's workspace in administrators (Org / Site) login would really be usefull in many cases.
We have a very simple solution for this.
1. Grab the users cache folder from the PC and save it to a network drive.
2. Have the users server side WS ownership changed by a DBA to the user that will access the data.
3. Rename the new owners existing cahe folder
4. Import the target cache folder
All files should now be available (New and Modified) for upload and checkin
5 Delete the cache folder and rename the original
That only works if you can log in to the user's PC. The server side access gives more options, as long as the content has been uploaded.
Regarding systems that are connected to a company LDAP, is there not a way to remove the "Synchronize Name with LDAP"? Once that was done you could change the password and login as that user.In most of the cases where I have needed to get information from a user that is OOTO or has left the company, they have rarely uploaded the data to the server side workspace, so allowing the access requested here would not do much good. In some cases it might be better than nothing, but you would not know whether the files you found are current. I usually just get access to the user's disk and pull the files from the local cache folder, open them locally in the CAD and save them to a new workspace under the new user. If you have to, take the disk out of the machine and put it in yours as a secondary disk. It seems like companies often secure access to others PCs via software, but rarely put locks on cases preventing access to the hardware. They might prevent the OS from adding another disk though.
Can anyone think of good reasons not to allow the admin access to these workspaces? Reasons PTC set it that way on purpose. Maybe to be sure WIP/prototype data never gets introduced. Export compliance perhaps.
I have heard that WC11 has done away with the manual and semi-automatic uploads and that uploads happen whether there is a conflict or not. If that is true, then admin access would be able to get everything and there would not be a point in going to the users computer. There are a lot of secondary advantages to this truly auto-upload if they got it to work right so I hope they did.
Almost 4 years later and 131 up votes and still it's Open for Voting...with no comment from PTC?
This would help all companies where employees have left or when they are on vacation.
I heard once that PTC is redesigning the workspace module of Windchill. At the moment this module is still using the old framework and that could be the reason, why PTC is not answering anything to workspace topics.
Perhaps in view minutes we will see something in the PLM Roadmap at the PLM Forum Europe... Hope dies last...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.