The security system provides restricted access to functions based on the concept of a logged-in user. A security system administrator configures the system by adding users and assigning them specific privileges. In addition, administrators may associate users with certain administrator-defined groups that also have assigned privileges. Thus, a user has the effective rights of all the groups to which he or she belongs plus his or her own private rights.
This topic describes the first two steps of defining security in GENESIS64:
Several layers of policy are enforced in order to apply security. You must define these layers of security by setting up:
Security settings for the server are altered in the Security Server configuration forms, an example of which is shown in the figure below. You can launch the Security Server from the Start menu or from the Workbench. The following documentation discusses using Security Server in the Workbench.
To Open the Security Server:
Open the Workbench, then expand the current project to show the Security provider node, as shown below.
Security Provider Selected within the Workbench
When you first open the Security Server settings, there are no users or groups defined. You should create the first account as an Administrator account and, by default, all actions for a newly created account are allowed when the account is created. When you create the Administrator account, the Security Server is disabled and requires that you log back into the server to continue.
Therefore, when you create a more limited account with fewer privileges, you need to go into the Application Actions for either the user account or the group account and uncheck the different applications and actions that you want to deny this user and group. For information on creating users and groups, refer to Users and Groups, which describes security settings for application actions, points, alarms, files, stations, or a custom string.
Application Actions Highlighted in New User Settings in the Security Provider in the Workbench
See also: