User rights assignment policies

In
FactoryTalk
, administrators control the rights that users have to access the system. Settings that apply to the entire
FactoryTalk
 directory are especially important to secure. User rights assignment policies specify which users are permitted to perform:
  • Back up or restore
    FactoryTalk Directory
    , the System folder, or applications.
    The default setting allows all users to back up and restore the directory and its contents. Securing backup and restore operations prevents an unauthorized user from:
    • Copying applications or user account information in the
      FactoryTalk
       system
    • Intentionally or inadvertently overwriting the contents of
      FactoryTalk Directory
      , including applications, user, computer, and group accounts, passwords, policy settings, and security settings
  • Change the
    FactoryTalk Directory
     server computer.
    The default setting allows administrators to change the directory server. The policy appears in only
    FactoryTalk
     network directory. Verify the permissions to change the directory on the current computer and the computer being switched to.
  • Switch between primary and secondary servers in a redundant pair
    . In the
    FactoryTalk
     network directory, the default setting allows all users to switch between primary and secondary servers (such as HMI servers or data servers). Because redundancy is available in only the
    FactoryTalk
     network directory, this policy setting appears in only the
    FactoryTalk
     network directory.
  • Modify the security authority identifier.
    The default setting allows all users to modify the identifier.
Policy settings are completely separate in the network directory and local directory. The network directory and local directory also have different default policy settings.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal