Security Setup Example
About this task
The following example takes you through the process of establishing your security needs and defining and setting up the levels of security.
User | Needs | Added to Security Group |
---|---|---|
USER1 | Power user. Needs total access to security. | iH Security Admins |
USER2 USER3 USER5 USER6 USER8 |
|
|
USER4 USER7 |
|
|
USER9-14 | Read Data. | iH Readers |
Procedure
- Establish the needs of your users. For this example, assume the user needs in a plant of 14 users, as described in the previous table.
- Add and define the iH Security Admins Group. Once you determine that you want to establish a security structure, you must create and define the iH Security Admins group. This group of users is typically the "power users" of the Historian. Security Administrator rights allow them to manage configuration and give them free rein to the entire system. For this example, only USER1 would be added to the iH Security Admins group.
- Establish and create any other Historian Security Groups as needed.Note: Any user with Windows administrative permissions can add or remove Windows groups and users. As such, an administrator on a Windows computer, can add himself to any Historian security group.
Set up the functional security groups as needed. For this example, Write, Tag, Archive, and Collector security is required, so the groups associated with those functions should be added and defined. There is no need for Audited Writers and all valid users can read data, so neither the iH Audited Writers Group nor the iH Readers Group need to be added.
- Define any individual Tag Level security.
In addition to defining iH Tag Admins that have the power to create, modify, and remove tags, you can also define individual tag level security to restrict access to sensitive tags. You can grant read, write, or administrative privileges per tag. For more information on setting Tag Level security, refer to the Implementing Tag Level Security section.