AADvance-Trusted SIS Workstation software and FactoryTalk Security
AADvance-Trusted SIS Workstation software
and FactoryTalk Security
When used with the
AADvance-Trusted SIS Workstation software
application, FactoryTalk Security
supports securable actions and permission sets. You can configure these FactoryTalk Security
settings in the FactoryTalk Administration Console
.In the
AADvance-Trusted SIS Workstation software
application: - FactoryTalkDirectory provides the security settings.
- It is not possible to use theFactoryTalkLocal directory.
- FactoryTalk Services Platformversion 6.31 or later supports associating the project with a specificFactoryTalk Directory.
- You can add, change, or remove the permission set inTrustedprojects withAADvance-Trusted SIS Workstation softwareproject properties.
- When you archive and restore a project inAADvance-Trusted SIS Workstation software, the permission set associated with the project is maintained.
- You can log on to or log off ofFactoryTalkfromAADvance-Trusted SIS Workstation software. When the single sign-on property is enabled inFactoryTalksecurity policy,AADvance-Trusted SIS Workstation softwareautomatically initiates a sign-in attempt with the Windows user account.
Permission sets identify a set of actions that are granted or denied for user groups or computer groups. Use permission sets to define permissions in the
FactoryTalk Administration Console
and to apply the same permissions to multiple projects.
IMPORTANT:
Users could lose (or gain) permission to open or edit a project, if you
change the permission set. Always check the Effective Permissions in
FactoryTalk Administration Console
to ensure that users have the appropriate access. Before you use
these features, read the FactoryTalk Security System Configuration Guide
, which is
available in the Rockwell Automation Literature Library: rockwellautomation.com/en-us/support/documentation/literature-library.htmlUsers must log off and on to
AADvance-Trusted SIS Workstation software
again to apply the changes made in FactoryTalk Administration Console
.When a user opens a project that is secured with a permission set, the
AADvance-Trusted SIS Workstation software
application checks the Security Authority Identifier, which represents the FactoryTalk Directory
ID, to see if it matches the ID in the project. - A matching ID causes theAADvance-Trusted SIS Workstation softwareto check theFactoryTalk Securityserver for permission sets associated with the project, and to retrieve the permissions for the current user and computer combination.
- An unmatched ID prevents the project from opening.IMPORTANT: Projects that are secured and bound to a specific Security Authority cannot be recovered if the security authority identifier of theFactoryTalkNetwork Directory used to secure the project no longer exists. For more information on backing up aFactoryTalk Directory, seeBack up a FactoryTalk systemin theFactoryTalk Services Platformonline help.
Provide Feedback