Domain Users Logging Into Windows

If you are using Windows user names and passwords within iFIX Security, be aware that Windows user accounts must have the policy "Access this computer from the network" applied under "Local Security Settings". By default, this policy is assigned to the groups "Users" and "Everyone" on the local machine. If the domain policy overrides the local policy settings by removing these groups, then the Windows user names and passwords will fail with insufficient rights when trying to log in from iFIX. If domain administrators wish to restrict this right, then they must do one of the following tasks in order to continue to use Window user names and passwords within iFIX:

• Create a Domain Group that contains all the Domain Users that will be used within iFIX Security, add this group to the domain policy "Access this computer from the network", and deploy this policy to all machines running iFIX.
• Add the Domain Users group to the domain policy "Access this computer from the network", and then deploy this policy to all machines running iFIX.
• Add Authenticated Users to the domain policy "Access this computer from the network", and then deploy this policy to all machines running iFIX. Be aware that this group requires  each user to log on to the domain at least once to be considered an authenticated user.
• Leave at least the Users group in the domain policy "Access this computer from the network". If you choose this option, be aware that the Anonymous user and the Guest user are not part of the Users group.

Be aware that when configuring your Windows users in iFIX Security, the Domain Name entry needs to be your domain's NetBIOS name.