View effective permissions

To determine what permissions are currently in effect for a resource, use the
Effective Permissions
 tab in
Security Settings
. View the permissions in effect for:
  • a user or group of users, and
  • a computer or group of computers
For example, in
Security Settings
for an area, the
Effective Permissions
 tab can show whether the selected users and computers can read the contents of the area.
To view the permissions in effect for a computer or group of computers, use a
FactoryTalk
 network directory, because a
FactoryTalk
 local directory is restricted to a single computer.
Prerequisites
Viewing effective permissions requires these security permissions for the resource (for example, an application) or the container (for example, an area) the resource is located in:
  • Common > Read
  • Common > Configure Security
To view effective permissions
  1. In
    FactoryTalk Administration Console
    Explorer
    , expand the
    FactoryTalk
     network or local directory tree until the resource is visible.
  2. Right-click the resource and select
    Security
    .
  3. In
    Security Settings
    , select the
    Effective Permissions
     tab.
  4. To test the permissions for a user or user group, under
    User or group
    , select
    Browse (...)
    and browse for the user or user group.
  5. To test the permissions for a computer or a computer group, under
    Computer or computer group
    , select
    Browse (...)
    and browse for the computer or computer group.
  6. Select
    Update Permissions List
     to show the permissions currently in effect for the selected users and computers.
    The Effective permissions list does not show separate columns for
    Allow
     and
    Deny
     permissions and does not distinguish between explicit and inherited permissions. Instead, the presence or absence of a check mark in the
    Allowed
     column indicates the permissions in effect on the resource for the selected user and computer, or group:
    • If a check mark appears beside an action, the action is allowed, whether explicitly or by inheritance.
    • If a check mark does not appear beside an action, the action is denied, whether explicitly or by inheritance.
    • If an action category (for example, Common or Alarming) shows a gray check mark, one or more–but not all–of the actions inside the category are allowed. Expand the category to see which actions are allowed or denied.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal