Default Security Groups
This topic provides a list of the default security groups created in Historian, along
with the default user, ihCloudHistAdmin, for the ih_security_admins group. The
password for this user is the one you enter in the Proficy Authentication
Configuration field while deploying Proficy Historian for AWS.
- ih_security_admins
- Historian power security users. Security administrators have rights to all Historian functions. By default, a user named ihCloudHistAdmin is added in this group.
- ih_collector_admins
- Allowed to add collector instances and change their destination.
- ih_tag_admins
- Allowed to create, modify, and remove tags. Tag-level security can override rights given to other Historian security groups. Tag admins can also browse collectors.
- ih_archive_admins
- Allowed to create, modify, and remove archives.
- ih_unaudited_writers
- Allowed to write data without creating any messages.
- ih_unaudited_logins
- Allowed to connect to Data Archiver without creating login successful audit messages.
- ih_audited_writers
- Allowed to write data and to produce a message each time a data value is
added or changed.
Tag, archive, and collector changes log messages regardless of whether the user is a member of the ih_audited_writers group.
- ih_readers
- Allowed to read data and system statistics. Also allowed access to Historian Administrator.
The following table provides the types of user groups you must create based on your
requirement.
| Function | iH Security Admins | iH UnAudited Writers | iH UnAudited Login | iH Audited Writers | iH Readers | iH Archive Admins | iH Tag Admins | iH Collector Admins |
|---|---|---|---|---|---|---|---|---|
| Manage tags | X | X | ||||||
| Create archive | X | X | ||||||
| Read data | X | X | ||||||
| Write data (unaudited) | X | X | X | |||||
| Write data (audited) | X | X | ||||||
| Modify data | X | X | X | X | ||||
| Update tag security | X | |||||||
| Migrate | X | |||||||
| Login connection messages | X | X | X | X | X | X | X | |
| Recalculate data | X | X | X | X |
Note: Regardless of the security group to which a user belongs,
the user has full privileges to the Web Admin console.
For instructions
on creating and managing users, refer to Managing Users and Groups.