AADvance-Trusted SIS Workstation software
 and
FactoryTalk Security

When used with the
AADvance-Trusted SIS Workstation software
 application,
FactoryTalk Security
 supports securable actions and permission sets. You can configure these
FactoryTalk Security
 settings in the
FactoryTalk Administration Console
.
In the
AADvance-Trusted SIS Workstation software
 application:
  • FactoryTalk
     Directory provides the security settings.
  • It is not possible to use the
    FactoryTalk
     Local directory.
  • FactoryTalk Services Platform
     version 6.31 or later supports associating the project with a specific
    FactoryTalk Directory
    .
  • You can add, change, or remove the permission set in
    Trusted
     projects with
    AADvance-Trusted SIS Workstation software
     project properties.
  • When you archive and restore a project in
    AADvance-Trusted SIS Workstation software
    , the permission set associated with the project is maintained.
  • You can log on to or log off of
    FactoryTalk
     from
    AADvance-Trusted SIS Workstation software
    . When the single sign-on property is enabled in
    FactoryTalk
     security policy,
    AADvance-Trusted SIS Workstation software
     automatically initiates a sign-in attempt with the Windows user account.
Permission sets identify a set of actions that are granted or denied for user groups or computer groups. Use permission sets to define permissions in the
FactoryTalk Administration Console
 and to apply the same permissions to multiple projects.
IMPORTANT: Users could lose (or gain) permission to open or edit a project, if you change the permission set. Always check the Effective Permissions in
FactoryTalk Administration Console
 to ensure that users have the appropriate access. Before you use these features, read the
FactoryTalk Security System Configuration Guide
, which is available in the Rockwell Automation Literature Library: rockwellautomation.com/en-us/support/documentation/literature-library.html
Users must log off and on to
AADvance-Trusted SIS Workstation software
 again to apply the changes made in
FactoryTalk Administration Console
.
When a user opens a project that is secured with a permission set, the
AADvance-Trusted SIS Workstation software
 application checks the Security Authority Identifier, which represents the
FactoryTalk Directory
 ID, to see if it matches the ID in the project.
  • A matching ID causes the
    AADvance-Trusted SIS Workstation software
     to check the
    FactoryTalk Security
     server for permission sets associated with the project, and to retrieve the permissions for the current user and computer combination.
  • An unmatched ID prevents the project from opening.
    IMPORTANT: Projects that are secured and bound to a specific Security Authority cannot be recovered if the security authority identifier of the
    FactoryTalk
     Network Directory used to secure the project no longer exists. For more information on backing up a
    FactoryTalk Directory
    , see
    Back up a FactoryTalk system
     in the
    FactoryTalk Services Platform
     online help.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal