After you get all of your users into Samanage it is important to set up everyones roles and permissions. This is where you will be able to designate who can see what and who can edit certain things. There is a lot that you can do with this section by setting up as many roles as you would like.
This process is started by first creating a role and naming it whatever you need it to be called. Once this is done you will select the add permissions button found on the top right corner of each role section as seen here:
When adding a role there are a few different fields to fill in. These are Action, Subject, and Scope. The action refers to what you do or do not want the user to do, things like read, manage, edit, etc. The only action that is not self explanatory is Manage which encompasses all of the other actions. Subject refers to just that and is related to the action. The subject can be things like Computers, Other Assets, Incidents, etc. Finally you will select scope which is a two part selection. You will first select either site or department which will populate your second selection of exactly which site or which department.
Once you have created a permission you can then create restrictions. You will fill out the same selections as you do for the permissions but in this instance it would be filled out with what you do not want a user to do or see. The button for this is located in the actions column and will appear when you hover your cursor over it as shown in this screen shot:
These selections allow you to drill down and get specific when designating who can do what in the application.
For more information, take a look at this video tutorial: