Effective permission icons

Security Settings
indicate which permissions are in effect for an action.

Icon	Description
	Cleared box beside an action means that no permissions are assigned. If both Allow and Deny are cleared beside an action, Deny is implied for the action. A cleared option shown beside the name of a group of actions, for example, All Actions or Common , means that some of the actions within that group do not have permissions assigned. If collapsed, expand the group to see which actions do not have permissions assigned.
	A black check mark means that Allow or Deny permissions were assigned explicitly.
	A gray check mark means that Allow or Deny permissions were inherited.

These examples show how the Allow and Deny
columns indicate what permissions were set for the resource.

Inherited permissions

The gray check marks show that Allow
permissions are inherited for all actions.

Explicit permissions

If Allow
is selected beside All Actions
, black check marks appear. This means the inherited values are overridden and Allow
on All Actions
is explicitly granted. If the inherited permissions change later, the change does affect this security setting.

Explicit Deny permissions without inheritance

In this example, the resource does not inherit permissions from its parent (this illustration shows configuring security for the

FactoryTalk

network directory, which has no parent). If all actions are set to Allow
, and then Deny
beside Read is
selected:

All Actions
and Common
are cleared. Because they represent groups of actions, the cleared options beside All Actions
and Common
mean that not all of the actions within those groups are selected in the Allow
column. Expand the group to see which actions do not have Allow
permissions.

For the Read
action, Allow
is cleared.

Explicit Deny permissions with inheritance

In this example, the resource inherits permissions from its parent (for example, an area might inherit permissions from an application). If all actions are set to Allow
, and Deny
beside Read
is selected:

All Actions
and Common
are cleared, but because these options previously inherited permissions, they now contain gray check marks. Expand the group to see which actions do not have Allow
permissions.

For the Read
action, Allow
is cleared, but because it previously inherited permissions, Read
now contains a gray check mark. Because explicit permissions take precedence over inherited permissions, these selections indicate that
Read
access is denied.

Using "Do not inherit permissions"

Select Do not inherit permissions
to remove all inheritance from the resource. Set permissions for the resource as shown in the previous example.

Secure resources

Allow a resource to inherit permissions

Prevent a resource from inheriting permissions

Secure resources

Provide Feedback

Have questions or feedback about this documentation? Please submit your feedback here.