Windows-linked accounts are missing permissions after restore

If using local workstation accounts as part of a
Windows
 workgroup,
Windows
-linked user accounts will be missing their security settings after:
  • Setting up a new
    Windows
     workgroup, setting up a new
    FactoryTalk Directory
    , and then adding
    Windows
    -linked user accounts, or
    Windows
    -linked user group accounts.
  • Backing up the
    FactoryTalk Directory
    .
  • Installing or reinstalling
    Windows
     on a new computer.
  • Recreating user and group accounts in
    Windows
     on the new computer.
  • Restoring the
    FactoryTalk Directory
    , including its
    Windows
    -linked user accounts and
    Windows
    -linked user group accounts.
The
Windows
-linked user and group accounts will appear in
FactoryTalk Administration Console
, but the permissions associated with these accounts will not work.
This happens because all user and group accounts are identified by means of a unique identifier that is separate from the account name. When you create an account with the identical name on a new computer, the new account will not automatically have access to the same resources that the old one did. This happens because the unique identifier associated with the account cannot be attached to an existing account for security reasons. After recreating the
Windows
-linked account, permission must also be recreated.
To prevent this problem from occurring, use
Windows
 domains instead of workgroups.
IMPORTANT:
Security settings are completely separate in the Network Directory and Local Directory. Changes made to the security settings in the Network Directory do not affect the Local Directory and vice versa. If using both a Network and a Local directory, set up security in each directory separately.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal