Remote Automation Solutions Guide: Security Configuration Guide-OpenEnterprise v2.83 Manuals & Guides
Reference Guide
D301530X412
April 2012
OpenEnterprise Security Configuration
Reference Guide (V2.83)
Remote Automation Solutions
Website: www.EmersonProcess.com/Remote
Reference Guide
D301530X412
APRIL 2012
Security Configuration
Contents
1 Security Configuration Overview........................................................................................... 1
1.1 Security Manager................................................................................................................1
1.2 Login Client .........................................................................................................................1
1.3 Security and Workstation Views .........................................................................................1
1.4 Security and the Toolbox ....................................................................................................2
1.5 The Security Configuration Tool .........................................................................................2
1.6 Access to the Login Client...................................................................................................2
1.7 Security settings applied.....................................................................................................2
2 Security Concepts................................................................................................................... 2
2.1 Users and Groups...............................................................................................................2
2.1.1 Users ............................................................................................................................3
2.1.2 Groups..........................................................................................................................3
2.1.3 Default Group ...............................................................................................................3
2.1.4 User and Group Hierarchy............................................................................................3
2.2 User and Group Hierarchy..................................................................................................3
2.3 Tokens ................................................................................................................................4
2.3.1 Application Tokens.......................................................................................................4
2.3.2 File Tokens...................................................................................................................4
2.3.3 OPC Item Token Types................................................................................................4
2.3.4 Custom Tokens ............................................................................................................5
2.3.4.1 Custom Token Examples.......................................................................................5
2.3.4.2 Disabling Custom Menus.......................................................................................5
2.3.4.3 Hiding Toolbox Components..................................................................................5
2.3.4.4 Disabling Toolbox Table Mode ..............................................................................6
2.3.4.5 Limiting Toolbox Table Mode.................................................................................6
2.3.4.5.1 Disable Inserting of Objects..............................................................................6
2.3.4.5.2 Disable Modifying of Objects............................................................................6
2.3.4.5.3 Disable Deleting of Objects.............................................................................. 6
2.3.4.6 Protecting Windows ...............................................................................................6
2.3.5 Token Wildcards...........................................................................................................7
2.3.6 Token Pattern Matching ...............................................................................................7
2.3.6.1 Wildcards ...............................................................................................................7
2.3.6.2 File Tokens.............................................................................................................8
2.3.7 Token Security Hierarchy.............................................................................................8
2.4 Access Areas ......................................................................................................................9
2.5 Database Privileges............................................................................................................9
3 Security Config Tool Interface..............................................................................................10
3.1 Menu Bar...........................................................................................................................10
3.1.1 File Menu....................................................................................................................11
3.1.1.1 Export...................................................................................................................11
3.1.1.2 Import...................................................................................................................11
3.1.1.3 Exit .......................................................................................................................11
3.1.2 Edit Menu....................................................................................................................12
3.1.2.1 Creating New User Groups..................................................................................12
3.1.2.2 Creating a New User............................................................................................13
- i -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
3.1.2.3
3.1.2.4 Creating New Token Groups ...............................................................................14
3.1.2.5 Creating New Access Areas ................................................................................15
3.1.3 Tools Menu.................................................................................................................16
3.1.4 Help Menu ..................................................................................................................16
3.2 The Tree Pane ..................................................................................................................16
3.2.1 The Tree Pane............................................................................................................16
3.2.2 Default Group Node....................................................................................................17
3.2.3 Users Node.................................................................................................................17
3.2.3.1 Creating a New User............................................................................................17
3.2.3.2 Paste User ...........................................................................................................18
3.2.4 User Nodes.................................................................................................................19
3.2.4.1 Context Menu.......................................................................................................19
3.2.4.2 Properties.............................................................................................................19
3.2.4.3 Copy.....................................................................................................................19
3.2.4.4 Delete...................................................................................................................19
3.2.4.5 Remove From Group ...........................................................................................20
3.2.5 Groups Node ..............................................................................................................20
3.2.5.1 Creating New User Groups..................................................................................20
3.2.5.2 Adding the Default Groups...................................................................................21
3.2.5.3 Paste Group.........................................................................................................21
3.2.6 Group Nodes ..............................................................................................................22
3.2.6.1 User Group Properties.........................................................................................22
3.2.6.2 Add New User to Group.......................................................................................22
3.2.6.3 Copy Group..........................................................................................................22
3.2.6.4 Delete Group........................................................................................................22
3.2.7 Tokens Node ..............................................................................................................22
3.2.7.1 Token Groups Node.............................................................................................23
3.2.7.2 Application Tokens Node.....................................................................................24
3.2.7.3 Custom Tokens....................................................................................................25
3.2.7.4 File Tokens...........................................................................................................25
3.2.7.5 OPC Item Tokens.................................................................................................26
3.2.8 Access Areas Node....................................................................................................27
3.2.8.1 Creating New Access Areas ................................................................................27
3.2.9 Access Area Nodes....................................................................................................27
3.3 The List Pane....................................................................................................................28
Creating Custom, File and OPC Item Tokens .....................................................13
3.2.7.1.1 Token Group Nodes.......................................................................................23
3.2.7.1.1.1 User Configured Token Groups...............................................................24
3.2.7.2.1 Application Token Component Types.............................................................24
3.2.7.2.2 Drag-dropping Application Tokens.................................................................25
4 Security Config Tool Tasks................................................................................................... 29
4.1 Creating Security Objects .................................................................................................30
4.1.1 New Users and Groups..............................................................................................30
4.1.1.1 Creating a New User............................................................................................30
4.1.1.2 Creating New User Groups..................................................................................31
4.1.1.3 Adding the Default Groups...................................................................................31
4.1.2 New Tokens................................................................................................................32
4.1.2.1 Creating New Token Groups ...............................................................................32
4.1.2.2 Creating Custom, File and OPC Item Tokens .....................................................33
- ii -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
4.1.2.3
4.1.3 Creating New Access Areas.......................................................................................34
4.2 Modifying Security Objects................................................................................................34
4.2.1 Modifying Users and Groups......................................................................................34
4.2.1.1 Modifying Default Group Settings........................................................................34
4.2.1.2 Modifying User Account Settings.........................................................................35
4.2.1.3 Adding a New User to a Group............................................................................35
4.2.1.4 Removing All Users from a Group .......................................................................36
4.2.2 Modifying Tokens .......................................................................................................36
4.2.2.1 Modifying Token Groups......................................................................................36
4.2.2.2 Linking Tokens with a Token Group ....................................................................37
4.2.2.3 Linking Tokens or Token Groups with Users or Groups......................................37
4.2.2.4 Modifying Custom, File and OPC Item Tokens....................................................37
4.2.2.5 Viewing and Breaking Token Links......................................................................38
4.2.3 Modifying Access Areas.............................................................................................38
4.2.4 Deleting Security Objects...........................................................................................39
5 Security Configuration Dialogs............................................................................................39
5.1 User Property Pages.........................................................................................................40
5.1.1 The User Properties Page..........................................................................................40
5.1.1.1 User Name...........................................................................................................41
5.1.1.2 Full Name.............................................................................................................41
5.1.1.3 Description ...........................................................................................................41
5.1.1.4 Password .............................................................................................................41
5.1.1.5 Verify Password...................................................................................................42
5.1.1.6 Access Area.........................................................................................................42
5.1.1.7 Change Password at Next Logon........................................................................42
5.1.1.8 User Cannot Change Password ..........................................................................42
5.1.1.9 System Administrator...........................................................................................42
5.1.1.10 Account Disabled................................................................................................42
5.1.1.11 Account Lockout.................................................................................................42
5.1.1.12 Grantor................................................................................................................43
5.1.1.13 Configure Group Privileges.................................................................................43
5.1.1.14 Parent Group......................................................................................................43
5.1.1.15 OK Button...........................................................................................................43
5.1.1.16 Cancel Button.....................................................................................................43
5.1.1.17 Apply Button........................................................................................................43
5.1.1.18 Login Checkbox..................................................................................................43
5.1.1.19 OEDesktop Login - Logout File Precedence......................................................43
5.1.1.20 Logout Checkbox................................................................................................44
5.1.1.21 Logged in OEDesktop Filename.........................................................................44
5.1.1.22 Logged out OEDesktop Filename ......................................................................44
5.1.1.23 OED File Browse Button.....................................................................................44
5.1.2 User Group Properties Page......................................................................................45
5.1.3 The User Account Page .............................................................................................45
5.1.3.1 Expires In .............................................................................................................46
5.1.3.2 Expiry Warning.....................................................................................................46
5.1.3.3 Refuse Login When Password Expires for OE Components ..............................46
5.1.3.4 Refuse Login When Password Expires for ODBC or SQL Components.............47
5.1.3.5 Password Length Section ....................................................................................47
On Creating New Application Tokens..................................................................34
- iii -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
5.1.3.6
5.1.3.7 Minimum Length...................................................................................................47
5.1.3.8 Password Age Section.........................................................................................47
5.1.3.9 Minimum Age.......................................................................................................47
5.1.3.10 Account Lockout.................................................................................................47
5.1.3.11 Lockout Duration.................................................................................................48
5.1.3.12 Number of Failed Logon Attempts Before Lockout.............................................48
5.1.3.13 Auto Logout Section...........................................................................................48
5.1.3.14 Logout Fixed Period............................................................................................48
5.1.3.15 Logout After Inactivity.........................................................................................48
5.1.3.16 Apply Logout Per Database Connection............................................................48
5.1.4 The User Summary Page...........................................................................................48
5.1.4.1 Summary List .......................................................................................................49
5.1.4.2 OK Button.............................................................................................................49
5.1.4.3 Cancel Button.......................................................................................................49
5.1.4.4 Apply Button.........................................................................................................49
5.1.5 The User Access Areas Page ....................................................................................49
5.1.5.1 Available Access Areas .......................................................................................50
5.1.5.2 Add Access Area Button......................................................................................50
5.1.5.3 Remove Access Area ..........................................................................................50
5.1.5.4 Associated Access Areas ....................................................................................50
5.1.5.5 OK Button.............................................................................................................50
5.1.5.6 Cancel Button.......................................................................................................50
5.1.5.7 Apply Button.........................................................................................................51
5.1.6 The User Application Token Page..............................................................................51
5.1.6.1 Available Tokens..................................................................................................51
5.1.6.2 Include Button ......................................................................................................51
5.1.6.3 Remove Button ....................................................................................................51
5.1.6.4 Exclude Button.....................................................................................................52
5.1.6.5 Test String............................................................................................................52
5.1.6.6 String Accessed ...................................................................................................52
5.1.6.7 OK Button.............................................................................................................52
5.1.6.8 Cancel Button.......................................................................................................52
5.1.6.9 Apply Button.........................................................................................................52
5.1.7 The User Custom Token Page...................................................................................52
5.1.7.1 Available Tokens..................................................................................................53
5.1.7.2 Include Button ......................................................................................................53
5.1.7.3 Remove Button ....................................................................................................53
5.1.7.4 Exclude Button.....................................................................................................53
5.1.7.5 Include List...........................................................................................................53
5.1.7.6 Exclude List..........................................................................................................54
5.1.7.7 Test String............................................................................................................54
5.1.7.8 Accessed Check Box ...........................................................................................54
5.1.7.9 OK Button.............................................................................................................54
5.1.7.10 Cancel Button.....................................................................................................54
5.1.7.11 Apply Button........................................................................................................54
5.1.8 The User File Token Page..........................................................................................54
5.1.8.1 Available Tokens..................................................................................................55
5.1.8.2 Include Button ......................................................................................................55
5.1.8.3 Remove Button ....................................................................................................55
Maximum Length..................................................................................................47
- iv -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
5.1.8.4
5.1.8.5 Include List...........................................................................................................55
5.1.8.6 Exclude List..........................................................................................................56
5.1.8.7 Test String............................................................................................................56
5.1.8.8 Accessed Check Box ...........................................................................................56
5.1.8.9 OK Button.............................................................................................................56
5.1.8.10 Cancel Button.....................................................................................................56
5.1.8.11 Apply Button........................................................................................................56
5.1.9 The User OPC Item Page...........................................................................................56
5.1.9.1 Available Tokens..................................................................................................57
5.1.9.2 Include Button ......................................................................................................57
5.1.9.3 Remove Button ....................................................................................................57
5.1.9.4 Exclude Button.....................................................................................................57
5.1.9.5 Include List...........................................................................................................57
5.1.9.6 Exclude List..........................................................................................................58
5.1.9.7 Test String............................................................................................................58
5.1.9.8 Accessed Check Box ...........................................................................................58
5.1.9.9 OK Button.............................................................................................................58
5.1.9.10 Cancel Button.....................................................................................................58
5.1.9.11 Apply Button........................................................................................................58
5.1.10 The User Token Group Page..................................................................................58
5.1.10.1 Available Tokens ................................................................................................59
5.1.10.2 Include Button.....................................................................................................59
5.1.10.3 Remove Button...................................................................................................59
5.1.10.4 Exclude Button....................................................................................................59
5.1.10.5 Include List..........................................................................................................59
5.1.10.6 Exclude List.........................................................................................................60
5.1.10.7 Test String...........................................................................................................60
5.1.10.8 Accessed Check Box..........................................................................................60
5.1.10.9 OK Button...........................................................................................................60
5.1.10.10 Cancel Button...................................................................................................60
5.1.10.11 Apply Button......................................................................................................60
5.2 Token Group Property Dialog ...........................................................................................60
5.2.1 Token Group Name....................................................................................................61
5.2.2 Token Access Area ....................................................................................................61
5.2.3 Token Group Description............................................................................................61
5.2.4 Token Type Section....................................................................................................61
5.2.5 Available Tokens........................................................................................................61
5.2.6 Component Column....................................................................................................61
5.2.7 Configured Tokens List - Token Groups ....................................................................62
5.2.8 Add Button..................................................................................................................62
5.2.9 Remove Tokens Button..............................................................................................62
5.3 Token Properties Dialog....................................................................................................62
5.3.1 Token Name...............................................................................................................62
5.3.2 Token Access Area ....................................................................................................63
5.3.3 Token Description.......................................................................................................63
5.3.4 OK Button...................................................................................................................63
5.3.5 Cancel Button.............................................................................................................63
5.4 Token Summary Dialog.....................................................................................................63
5.4.1 Token Summary.........................................................................................................63
Exclude Button.....................................................................................................55
- v -
Reference Guide
D301530X412
APRIL 2012
Remove All Links Button ............................................................................................63
5.4.2
5.4.3 Token Summary Cancel Button..................................................................................64
5.5 SQL Import-Export File Dialog..........................................................................................64
5.5.1 File Name ...................................................................................................................64
5.5.2 File Browse Button .....................................................................................................64
5.5.3 OK Button...................................................................................................................65
5.5.4 Cancel Button.............................................................................................................65
5.6 File Import Dialog..............................................................................................................65
5.6.1 Import Button..............................................................................................................65
5.6.1.1 Import Warning.....................................................................................................65
5.6.2 Save to File Button.....................................................................................................66
5.6.3 Status Pane................................................................................................................66
5.6.4 Status Message..........................................................................................................66
5.6.5 Close Button...............................................................................................................66
5.6.6 Help Button.................................................................................................................66
5.7 Options Dialog...................................................................................................................66
5.7.1 Token Drag to Include List..........................................................................................67
5.7.2 Token Drag Exclude...................................................................................................67
5.7.3 Options Dialog - Messages Tab.................................................................................67
5.7.3.1 Removing SYSTEM User from Access Area.......................................................68
5.7.3.2 Already a Member of this Group..........................................................................68
5.7.3.3 Removing User from Access Area.......................................................................68
5.7.3.4 Deletion of Access Area.......................................................................................68
5.7.3.5 Moving User from Current Group.........................................................................68
5.7.4 Options Dialog - Password Tab..................................................................................69
5.7.4.1 Password Visible..................................................................................................70
5.7.4.2 Enabling the Password Tab.................................................................................70
Security Configuration
6 Application Tokens Reference.............................................................................................70
6.1 Alarm View Tokens ...........................................................................................................70
6.1.1 Acknowledge ..............................................................................................................71
6.1.2 Acknowledge All .........................................................................................................71
6.1.3 Adjust Historical Time Range.....................................................................................71
6.1.4 Alarm Client Demand Printing....................................................................................71
6.1.5 Alarm Client Properties...............................................................................................71
6.1.6 Column Alias...............................................................................................................71
6.1.7 Create Event...............................................................................................................72
6.1.8 Disable Audio Alert.....................................................................................................72
6.1.9 Event Log Editing (High).............................................................................................72
6.1.10 Event Log Editing (Medium)....................................................................................72
6.1.11 Event Log Editing (Low)..........................................................................................72
6.1.12 Exceed Current Historical Time Range...................................................................72
6.1.13 Export Data .............................................................................................................72
6.1.14 Modify Filter.............................................................................................................72
6.1.15 Refresh....................................................................................................................72
6.1.16 Resize Columns......................................................................................................72
6.1.17 Silence.....................................................................................................................72
6.1.18 Silence All................................................................................................................73
6.1.19 Suppression ............................................................................................................73
6.1.20 Suppression All .......................................................................................................73
- vi -
Reference Guide
D301530X412
APRIL 2012
Timed Mute .............................................................................................................73
6.1.21
6.1.22 Timed Suppression.................................................................................................73
6.1.23 Unsuppress.............................................................................................................73
6.1.24 Unsuppress All........................................................................................................73
6.2 Trend View Tokens ...........................................................................................................73
6.2.1 Add Pen......................................................................................................................74
6.2.2 Adjust Refresh Interval...............................................................................................74
6.2.3 Adjust Time Range (Simple).......................................................................................74
6.2.4 Adjust Time Range (Advanced)..................................................................................74
6.2.5 Export Trend Data to File ...........................................................................................74
6.2.6 Hide Details ................................................................................................................75
6.2.7 Hide Global X-Axis for a Trend...................................................................................75
6.2.8 Hide Global Y-Axis .....................................................................................................75
6.2.9 Hide Marker................................................................................................................75
6.2.10 Hide Pen..................................................................................................................75
6.2.11 Hide X-Axis for Pen.................................................................................................75
6.2.12 Hide Y-Axis for Pen.................................................................................................75
6.2.13 Modify Pen ..............................................................................................................75
6.2.14 Refresh Trend Against Original Settings.................................................................75
6.2.15 Remove All Pens.....................................................................................................75
6.2.16 Remove Pen............................................................................................................75
6.2.17 Show All Data..........................................................................................................75
6.2.18 Show Details ...........................................................................................................75
6.2.19 Show Global X-Axis for a Trend..............................................................................75
6.2.20 Show Global Y-Axis for a Trend..............................................................................76
6.2.21 Show Marker...........................................................................................................76
6.2.22 Show Pen................................................................................................................76
6.2.23 Show X-Axis for a Pen............................................................................................76
6.2.24 Show Y-Axis for a Pen............................................................................................76
6.2.25 Trend - Properties...................................................................................................76
6.2.26 Trend View - Demand Printing................................................................................76
6.2.27 Zoom In...................................................................................................................76
6.2.28 Zoom Out ................................................................................................................76
6.2.29 Zoom Out Full..........................................................................................................76
6.2.30 Zoom to 100%.........................................................................................................76
6.2.31 Zoom to 150%.........................................................................................................76
6.2.32 Zoom to 25%...........................................................................................................76
6.2.33 Zoom to 250%.........................................................................................................76
6.2.34 Zoom to 50%...........................................................................................................77
6.2.35 Zoom to 75%...........................................................................................................77
6.2.36 Zoom to Custom......................................................................................................77
6.2.37 Zoom Undo..............................................................................................................77
6.3 OEDesktop Tokens...........................................................................................................77
6.3.1 Change a Windows File..............................................................................................78
6.3.2 Change Child Frame Type .........................................................................................78
6.3.3 Change Workspace File.............................................................................................78
6.3.4 Configure Mode..........................................................................................................78
6.3.5 Create Alarm Banner..................................................................................................78
6.3.6 Create Alarm Client....................................................................................................78
6.3.7 Create Alarm Printer...................................................................................................78
- vii -
Security Configuration
Reference Guide
D301530X412
APRIL 2012
Create OEControl Display..........................................................................................78
6.3.8
6.3.9 Create Graphic View ..................................................................................................78
6.3.10 Create Notes View..................................................................................................78
6.3.11 Create Signal View..................................................................................................78
6.3.12 Create SQL Viewer.................................................................................................78
6.3.13 Create Trend View..................................................................................................79
6.3.14 Create or Close Window.........................................................................................79
6.3.15 Customize Dialog....................................................................................................79
6.3.16 Exit Desktop............................................................................................................79
6.3.17 Move Menu or Toolbar............................................................................................79
6.3.18 Open Alarm Banner ................................................................................................79
6.3.19 Open Alarm Client...................................................................................................79
6.3.20 Open Alarm Printer .................................................................................................79
6.3.21 Open Control Display..............................................................................................79
6.3.22 Open Graphic View.................................................................................................79
6.3.23 Open Notes Client...................................................................................................79
6.3.24 Open Signal View....................................................................................................79
6.3.25 Open SQL Viewer...................................................................................................79
6.3.26 Open Trend View....................................................................................................79
6.3.27 Save Alarm Banner.................................................................................................80
6.3.28 Save Alarm Client ...................................................................................................80
6.3.29 Save Alarm Printer..................................................................................................80
6.3.30 Save OEControl Display .........................................................................................80
6.3.31 Save Graphic View..................................................................................................80
6.3.32 Save Notes Client ...................................................................................................80
6.3.33 Save Signal View....................................................................................................80
6.3.34 Save SQL Viewer....................................................................................................80
6.3.35 Save Trend View.....................................................................................................80
6.3.36 Toggle Status Bar ...................................................................................................80
6.3.37 Toggle Toolbar........................................................................................................80
6.4 Signal View Tokens...........................................................................................................80
6.4.1 Close Detail Windows.................................................................................................81
6.4.2 Security Level 1 - 6.....................................................................................................81
6.4.3 Signal View - Demand Printing...................................................................................81
6.4.4 Signal View - Properties.............................................................................................81
6.5 Notes View Tokens ...........................................................................................................81
6.5.1 Delete .........................................................................................................................81
6.5.2 Forward.......................................................................................................................81
6.5.3 Modify.........................................................................................................................81
6.5.4 New Note....................................................................................................................81
6.5.5 Notes - Demand Printing............................................................................................81
6.5.6 Notes - Print................................................................................................................81
6.5.7 Notes - Properties.......................................................................................................81
6.5.8 View............................................................................................................................82
6.6 Graphics View Tokens ......................................................................................................82
6.6.1 Exit Application...........................................................................................................82
6.6.2 GenTray AutoStart......................................................................................................82
6.6.3 GenTray AutoStop......................................................................................................83
6.6.4 Menu: Change Language...........................................................................................83
6.6.5 Menu: Display Back/Forward......................................................................................83
- viii -
Security Configuration
Reference Guide
D301530X412
APRIL 2012
Menu: Exit Runtime....................................................................................................83
6.6.6
6.6.7 Menu: File Open.........................................................................................................83
6.6.8 Menu: Help Functions.................................................................................................83
6.6.9 Menu: Hide Layers .....................................................................................................83
6.6.10 Menu: Print Functions.............................................................................................83
6.6.11 Menu: Set Scrollbar Visibility...................................................................................83
6.6.12 Menu: Set Tooltip Visibility......................................................................................83
6.6.13 Menu: Set Working Directory..................................................................................83
6.6.14 Menu: Show Statistics.............................................................................................83
6.6.15 Menu: Zoom Functions ...........................................................................................84
6.6.16 Pick: Alias Dialog ....................................................................................................84
6.6.17 Pick: Custom Command .........................................................................................84
6.6.18 Pick: Display Back/Forward ....................................................................................84
6.6.19 Pick: Drag Drop Data Sources................................................................................84
6.6.20 Pick: Drag Drop Load Display.................................................................................84
6.6.21 Pick: Embedded Window........................................................................................84
6.6.22 Pick: Launch Application.........................................................................................84
6.6.23 Pick: Layer Visibility ................................................................................................84
6.6.24 Pick: Load Display...................................................................................................84
6.6.25 Pick: Popup Window...............................................................................................84
6.6.26 Pick: Run Script.......................................................................................................84
6.6.27 Pick: Set Aliases .....................................................................................................85
6.6.28 Pick: Switch Language............................................................................................85
6.6.29 Start Application......................................................................................................85
6.6.30 Tab Load Display....................................................................................................85
6.6.31 Graphics View File Token: Layers ..........................................................................85
6.7 SQL View Tokens .............................................................................................................85
6.7.1 SQL Viewer - Demand Printing ..................................................................................85
6.7.2 SQL Viewer - Properties.............................................................................................85
6.8 Alarm Banner Tokens ....................................................................................................... 85
6.8.1 Access Area................................................................................................................86
6.8.2 Alarm Banner - Demand Printing................................................................................86
6.8.3 Alarm Banner - Properties..........................................................................................86
6.9 Secure Desktop Tokens....................................................................................................86
6.9.1 Full Desktop Access...................................................................................................86
6.9.2 Gentray: Automatic.....................................................................................................86
6.9.3 Gentray: Autostart ......................................................................................................87
6.9.4 Gentray: Autostop.......................................................................................................87
6.9.5 Gentray: NT Service...................................................................................................87
6.9.6 Gentray: Start .............................................................................................................87
6.9.7 Gentray: Stop .............................................................................................................87
6.9.8 Keygroup 1 .................................................................................................................87
6.9.9 Keygroup 2 .................................................................................................................87
6.9.10 Keygroup 3..............................................................................................................87
6.9.11 Keygroup 4..............................................................................................................87
6.10 Report Selector Tokens.................................................................................................87
6.10.1 Edit Report Aliases..................................................................................................88
6.10.2 Email Report............................................................................................................88
6.10.3 Native Viewer..........................................................................................................88
6.10.4 Navigate Reports ....................................................................................................88
- ix -
Security Configuration
Reference Guide
D301530X412
APRIL 2012
Print Report.............................................................................................................88
6.10.5
6.10.6 Report Selector - Properties....................................................................................88
6.10.7 Run and Publish Report..........................................................................................88
6.10.8 Run Report..............................................................................................................88
6.10.9 Save Report ............................................................................................................88
6.10.10 Select Report .......................................................................................................88
6.10.11 Select Report Date...............................................................................................88
6.10.12 Select Report Format...........................................................................................89
7 Index .......................................................................................................................................90
Security Configuration
- x -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
1 Security Configuration Overview
This diagram reveals how Security is implemented between the OpenEnterprise Server and
Workstation.
1.1 Security Manager
The Security Manager is a server component, which runs in the background on the Workstation. The
Security Manager acquires User Account details for the currently logged in User from the Database
and performs Database transactions to generate journal messages. It also informs Workstation View
components of the logged in User's security Token privileges, such as Application, File, OPC Item
and Custom Tokens.
1.2 Login Client
The Login Client is used to enable a User at an OpenEnterprise Workstation to log on to the
database. The Login Client connects to the Security Manager, and the Security Manager requests the
log in from the database. The User can also change their password via the Login Client.
1.3 Security and Workstation Views
All Workstation View components are sourced with Application Token information directly from the
OpenEnterprise Security Manager. The functionality available to the User when using these
components is controlled by what Application Tokens have been assigned to that User.
- 1 -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
1.4 Security and the Toolbox
To access the Toolbox editors, Users must login using the Login Client, which can be invoked from
the Security menu of the Toolbox. Once the user is logged in, Workstation security ensures that Users
are only able to see the editors in the Toolbox window for which they have the necessary String
Token access. The Toolbox also makes a connection with the database via ODBC to provide its
Table mode functionality.
1.5 The Security Configuration Tool
The Security Configuration tool is one of the OpenEnterprise configuration editors that are accessed
from the Toolbox. Only Administrative users may access the Security Configuration tool. If changes
are made using the Security Configuration tool, the Toolbox executes the transaction and writes this
transaction to the 'Security Config.SQL' file, which is located in the Toolbox default folder location.
1.6 Access to the Login Client
Access to the Login Client is provided from the Security menu of the OEDesktop or the Toolbox. Once
a user is logged in via the Login Client, all aspects of Workstation Security are applied through the
Security Manager.
1.7 Security settings applied
Security settings are applied to the OpenEnterprise HMI and the Toolbox via the Security Manager.
2 Security Concepts
Security configuration applies to - Users and User Groups. It is important to understand how Users
and User Groups relate to each other in OpenEnterprise.
Security is applied to Users and User Groups in three main ways:-
1. Tokens - Tokens determine Workstation security. Specific Human Machine Interface (HMI)
functionality is allowed or denied through tokens. Tokens are required for file access, OPC
write access, built in application context menus and custom menus. Token security is
configured using the security configuration tool.
2. Access Areas - Every device, plant area and signal in the OpenEnterprise database belongs
to an access area. Access Area security controls what objects within a table can be viewed by
the User. Users must be granted the access area of an object in order to view it in the HMI.
Access area security is configured using the security configuration tool.
3. Database Privileges. Database privilege security grants access to whole tables or views
within the OpenEnterprise Database. Without this, a User can neither see, nor manipulate
the data within the Database. Database privileges are configured using a different tool from
the toolbox - the security group privileges editor. Each User inherits Database privileges from
their parent User Group.
2.1 Users and Groups
There are important differences between Users, created Groups and the Default Group. Users and
Groups are stored in the Users table. In the Database, Users and Groups are treated like different
types of Users. The following is a definition of all three security object types.
- 2 -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
2.1.1 Users
A User is an individual who is able to log on to the OpenEnterprise application from an
OpenEnterprise Workstation to view and update data. In the Database, a real user is given a type
number of 0 (zero).
2.1.2 Groups
A Group is essentially a collection of Users having similar security settings. A User Group acts like a
Security Template for Users. Any User assigned to a parent Group inherits the Security settings of
that Group. Each User may be allocated to one other Group in addition to the Default Group. All
Users belong to the Default Group, and may belong to one other Group created by an Administrative
User. In the Database, a Group created by an Administrative User is given a type number of 1.
2.1.3 Default Group
All Users including Administrative Users automatically belong to the Default Group. All Users
automatically inherit the security settings of the Default Group. Users cannot be removed from this
Group. In the Database, the Default Group is given a type number of 2.
2.1.4 User and Group Hierarchy
User and Group Security Hierarchy - this hierarchy determines how account settings will be inherited
on a User and Group level.
2.2 User and Group Hierarchy
Security account options may be configured at any one of the three levels: Default; Group; User.
When a User or Group is first created they inherit the security account settings of the Default Group. If
a User is included in a Group, then it inherits the Group's account settings. A Group may change
some settings to suit particular requirements. These will override the Default Group settings. Likewise,
a User may override its Group (if it belongs to a Group) as well as its Default Group settings.
To summarize with a diagram:
- 3 -
Reference Guide
D301530X412
APRIL 2012
In the example shown the Group's settings for Passwords are: Max Length: 8; Min Length: 6; Expiry:
7days. The User's settings are Max Length: 12; Min Length: 6; Expiry: 7 days. Note: If a User only
belongs to the Default Group, the middle Group level would not apply.
Security Configuration
2.3 Tokens
Users can be granted or denied access to Workstation functionality by inserting Tokens into the
User's Include or Exclude Token list. This is done using the User or User Group's Application,
Custom, File and OPC Item Token Tabs. Templates can be set-up for all Tokens by creating a new
Token Group within the Security Configuration tool . These Token Group templates can then be
assigned to Users and User Groups through their Token Group Property Tab. Individual Users can
still be granted extra privileges by using their Application Tokens Tab.
1. Application Tokens - used to disable View functions (such as changing to Configure Mode).
2. Custom Tokens - used to disable Custom Menus, or to 'protect' named windows from being
closed.
3. File Tokens - used to control User access to View files on the Workstation.
4. OPC Item Tokens - used to control write access to process points on OpenEnterprise Graphic
displays.
5. Token Groups - used as templates to grant or deny access to a range of View component
functions to Users or User groups.
2.3.1 Application Tokens
These define actions that a User may perform within an OpenEnterprise Component. They cannot be
created or edited by an Administrative User, although they can be assigned or denied individually to
Users or Groups. They represent functions available from menu items within the component
application, such as the "Acknowledge All" context menu available within the Alarm View component.
It may be desirable to remove this option from the Alarm View for some Users. This is done by adding
this Token to the User's Excluded list of Application Tokens. Each OpenEnterprise Component has its
own set of Application Tokens.
2.3.2 File Tokens
File Tokens are strings that are used to deny access to files on the Workstation. The String
represents the name of the file.
For example, a File Token could be created with the name *.GDF. If the Token were then to be placed
in a User's Excluded Token list, the User would not be able to load any Graphics View files into the
OEDesktop (since Graphics files have an extension of *.GDF)
2.3.3 OPC Item Token Types
OPC (Object Linking and Embedding for Process Control) Tokens are strings that allow or deny write
access to OPC points displayed on the Workstation. The String may represent part or all of the OPC
string. When using a part of the OPC string, asterisks must be used as wildcard s.
For example, an OPC Token is created with the name *RTU1* (note the asterisk wildcards at each
end of the string), representing the name of an RTU. If no OPC Tokens are given to the Default User,
then all other Users or Groups need to have the OPC Token for that RTU actively granted to them to
be able to write to signals belonging to it from a data entry point on a Graphics View display.
- 4 -
Reference Guide
D301530X412
APRIL 2012
If the Token were then placed in a User's Included OPC Token list, the User would find that they
would now be able to change the value of any data entry process points on OpenEnterprise Graphics
displays which reference RTU1. Note that:-
• Although a User is not able write to a data entry OPC point without the necessary OPC Token
, it can still be viewed, but it is greyed out and cannot be selected.
• OPC Tokens do not affect writes made through the OEMenus Message Bus using the
OEData Server
Security Configuration
2.3.4 Custom Tokens
Custom Tokens are strings that can be security protected via Tokens. Here are some examples of
how Custom Tokens can be used to provide Workstation secu rity.
2.3.4.1 Custom Token Examples
Disabling Cu
Hiding Toolbox Components
Disabling Toolbox Table Mode
Limiting Toolbox Table Mode
Protecting Windows in OEDesktop
2.3.4.2 Disabling Custom Menus
OpenEnte
name of the Custom Menu into the Custom Token Exclude list for that User.
2.3.4.3 Hiding Toolbox Components
Config
the Editor's Program ID into the Excluded list on the Custom page of the User Properties dialog for a
User or User Group.
To find the Program ID of an editor, find the key of that editor under the following key : -
HKLM\SOFTWARE\
BristolBabcock\OpenEnterprise\Tasks\OEToolBox\Editors\<Editor>
rprise Custom Menus may be disabled for a User by inserting a string that matches the
uration tools within the Toolbox may be hidden on a per User or User Group basis by inserting
stom Menus
On each Editor's key will be a string value named ProgramID. This string should be inserted into the
Exclude list for the User or Group for which this editor should be excluded.
Example:
String = BristolBabcock.OEConfigAlarmConditions
Inserting this string into the Custom Token Exclude list for a User or Group would suppress this Tool
from appearing in the Toolbox window when that User or a member of that Group is logged onto a
Workstation.
- 5 -
Reference Guide
D301530X412
APRIL 2012
Note: An Editor can also be removed from the Toolbox on a per Workstation basis by first removing
its key from under the Editors key, if present, and then removing its Program ID from the list of editors
found in the Editor string value on the Editors key, if present.
2.3.4.4 Disabling Toolbox Table Mode
Security Configuration
The Cu
a User's Custom Token Exclude list, the User is not able to access the Toolbox's Table mode, since
the menu item is disabled.
2.3.4.5 Limiting Toolbox Table Mode
Once in table
selecting a context menu. Any of these context menu items may be disabled in the following ways.
2.3.4.5.1 Disable Inserting of Objects
If the string "OEConfig
add items to the database using the Toolbox in Table mode.
2.3.4.5.2 Disable Modifying of Objects
If the string "OEConfig
add items to the database using the Toolbox in Table mode.
2.3.4.5.3 Disable Deleting of Objects
If the string "OEConfig
add items to the database using the Toolbox in Table mode.
2.3.4.6 Protecting Windows
Users ca
this, the Window name must first be included in the Protected Windows list on the Windows t ab of the
OEDesktop Security Options dialog. This list is accessed from the OEDesktop Security/Configure
menu.
stom Token that controls this feature is OEConfig_Table_Mode. If this string is inserted into
mode, a User may add, modify or delete objects by right clicking on a table and
_Insert_Items" is placed in the User's Excluded list, the User will be unable to
_Modify_Items" is placed in the User's Excluded list, the User will be unable to
_Delete_Items" is placed in the User's Excluded list, the User will be unable to
n be stopped from closing protected windows within the OEDesktop environment. To do
Then, to complete the security configuration, the name of the protected window must be entered into
the User's Custom Token Exclude list. This list is accessed using the OESecurity Config Tool.
The Token Groups node has a context menu which enables the user to create new Token G roups.
See the Creating New Token Groups topic for more information.
When the Token Groups Node is expanded, it exposes the Token Group Type nodes. For more
information on Token Group Nodes see the Token Group Nodes topic.
Token Groups are collections of Tokens, which may form a Template of Tokens to be associated with
a User or User Group. User generated Token Groups may consist of a combination of any of the four
types of tokens.
There are also several special Application Token Groups that are maintained independently of the
Administrative User and are grouped by their Component name. They are the Alarm Banner, Alarm
Client, Alarm Printer, OEDesktop, Graphics, Notes Client, Signal View, SQL Viewer and Trend View
Token Groups. These Token Groups cannot be edited.
- 6 -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
2.3.5 Token Wildcards
Individual Token Types (with the exception of Application Tokens and Token Groups) may contain
wildcard characters, defined by the asterisk (*), or the question mark (?). The asterisk is a multiple
character wildcard, and the question mark is a single characte r wildcard.
2.3.6 Token Pattern Matching
At runtime, the Include/Exclude lists are string compared as follows for each active User and Group
until access is denied.
1. The Token string is compared with each string in the Include list until a match is found. If no
match is found, access is denied.
2. If a match is found in the Include list, the Token string is compared with every string in the
Exclude list. If no match is found in the Exclude list, access to the point is granted, and no
further testing of active Groups and Users is performed.
Note: An Exclude list may only remove rights granted in the same item's corresponding Include list.
For example if User Larry belongs to Group Operators and Operators grants access to OPC point
"xyz", adding point "xyz" to Larry's Exclude list has no effect.
2.3.6.1 Wildcards
The entri
comparisons. The pattern-matching features allow use of wildcard characters, character lists, or
character ranges, in any combination, to match strings.
The following table shows the characters allowed in patterns and what they match :
A group of one or more characters (charlist) enclosed in brackets ([ ]) can be used to match any
single character in string and can include almost any character code, including digits.
Note: The special characters left bracket ([), question mark (?), number sign (#), and asterisk (*) can
be used to match themselves directly only by enclosing them in brackets. The right bracket (]) can't be
used within a group to match itself, but it can be used outside a group as an individual character.
In addition to a simple list of characters enclosed in brackets, charlist can specify a range of
characters by using a hyphen (-) to separate the upper and lower bounds of the range. For example,
[A-Z] in a pattern results in a match if the corresponding character position in string contains any of
the uppercase letters in the range A through Z. Multiple ranges are included within the brackets
without any delimiters.
es in the Include and Exclude lists allow pattern matching to provide a versatile tool for string
Character(s) in pattern Matches in string
? Any single character.
* Zero or more characters.
# Any single digit (0 - 9).
[charlist] Any single character in charlist.
[!charlist] Any single character not in charlist.
The meaning of a specified range depends on the character ordering valid at run time (as determined
by the locale setting of the system the code is running on). The range [A - E] matches A, a, À, à, B, b,
E, e. Note that it does not match Ê or ê because accented characters fall after unaccented characters
in the sort order.
Other important rules for pattern matching include the following:
- 7 -
Reference Guide
D301530X412
APRIL 2012
• An exclamation point (!) at the beginning of charlist means that a match is made if any
character except the ones in charlist is found in string. When used outside brackets, the
exclamation point matches itself.
• The hyphen (-) can appear either at the beginning (after an exclamation point if one is used)
or at the end of charlist to match itself. In any other location, the hyphen is used to identify a
range of characters.
• When a range of characters is specified, they must appear in ascending sort order (from
lowest to highest). [A-Z] is a valid pattern, but [Z-A] is not.
• The character sequence [ ] is ignored: it is considered a zero-length string.
2.3.6.2 File Tokens
ntime processing and wildcard pattern matching for the Point Property Page apply here as well
The ru
with the following differences:
• The pattern matching is done on the file extension, separate from the file name to match the
DOS wildcard semantics. For example the wildcard string to indicate all files is "*.*"
Security Configuration
• A match is considered to have occurred if both the file name and extension match the given
pattern.
• File names entered without a path are considered a match no matter what directory they are
in.
2.3.7 Token Security Hierarchy
This differs significantly from User and Group Security Hierarchy in that what is Included at one level
may not be overridden by being Excluded at a different level. There are two rules to remember when
configuring OpenEnterprise Component Security: -
1. Everyone inherits from the Default Group. Users belonging to another Group also inherit
settings from that Group.
2. What is Included at one level cannot be Excluded at a different level.
This may be illustrated with a diagram: -
- 8 -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
2.4 Access Areas
Each object has an Access Area with which it is associated. In the AccessArea table, each User is
granted or denied the appropriate Access Areas for their operational needs. The User can only
access objects belonging to the Access Areas which they have been granted.
This is implemented through the creation of database views when the User logs on to the
Workstation. Database views have the same name as the table from which they were created, but do
not have the "_table" extension. These database views only include objects that the logged in User
has access to according to the AccessArea table. To complete the implementation, all the
Workstation View components (e.g. Trend View, Alarm View etc.) are configured to retrieve objects
from the database views, rather than the tables.
2.5 Database Privileges
Database privileges on tables (Read-Only or Read-Write) are granted to User Groups through a
special configuration editor called the Security Privileges Editor. Access to this Editor can be gained
from the User Properties Dialog, or from the Toolbox.
The User Groups have to be created first before the Security Privileges Editor can do its work. The
Database Project Builder creates the following Groups, which have been found to cater for most
functional requirements: -
1. Administrators - have unrestricted access to all OpenEnterprise functionality.
2. Engineers - need configuration acess to all system features except those related to controlling
security privileges of other users.
3. Operators - are expected to be able to change set points, acknowledge alarms and perform
basic Workstation configuration but no Server configuration.
- 9 -
Reference Guide
D301530X412
APRIL 2012
4. Dispatchers - require read-only access to all operational and process data and the ability to
acknowledge alarms. They are not required to change set points.
5. Guests - require read-only access to all operational and process data and the ability to
acknowledge alarms. They are not required to change set points.
Then, Users must be assigned to the appropriate User Group to inherit the correct privileges for their
required level of access.
Security Configuration
3 Security Config Tool Interface
This is the Security Configuration tool interface. It enables the Administrative User to configure all
aspects of OpenEnterprise security.
3.1 Menu Bar
The Security Configuration tool Menu Bar provides access to all of its functions.
- 10 -
Reference Guide
D301530X412
APRIL 2012
3.1.1 File Menu
This menu contains Import, Export and Exit options .
3.1.1.1 Export
Security Configuration
The Export o
file, which can be used to restore your Security settings at a later date.
When the Export option from the File drop down menu is selected, you will be presented with the SQL
Import-Export File Dialog. This enables you to use the default SQL Export file, or to specify another
file.
When the Export is completed, you will be informed by this message.
You must select the [Close] button to dismiss this dialog.
3.1.1.2 Import
The Impo
database to restore your Security settings.
When you select the Import option from the File drop down menu, you will be presented with the SQL
Import-Export File Dialog. This will enable you to accept the default Import filename, or to specify
another file.
ption enables you to save the current database Security Configuration to an SQL script
rt option enables you to import a previously saved (Exported) SQL script file into the
Once you click the [OK] button on the SQL Import dialog, the File Import dialog will be displayed,
which initiates and monitors the Import process.
3.1.1.3 Exit
This optio
n exits the Security Configuration tool, returning the focus back to the Toolbox window.
- 11 -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
3.1.2 Edit Menu
Items under this menu enable the Administrative User to create new Groups, Users, Tokens, Token
Groups and Access Areas. There is also an option to edit settings for the Default Group.
3.1.2.1 Creating New User Groups
A new Group
• Using the Edit-New Group menu item from the Security Configuration Tool menu bar.
• Using the New Group menu item from the Tree Pane:
• Using the floating New Group context menu from the List Pane when the Groups node is
may be created by any of the following methods:
selected in the Tree Pane.
- 12 -
Reference Guide
D301530X412
APRIL 2012
Entering of the name, and display of the Group Properties dialog is very similar in operation to
creating a new User, except that the List pane displays configured Groups.
3.1.2.2 Creating a New User
Security Configuration
A new Use
• Using the Edit-New User menu item from the Security Configuration Tool menu bar.
• Using the New User context menu from the Users icon in the Tree Pane.
• New User floating context menu from the List Pane with Users icon selected in Tree Pane.
r may be created by any of the following methods:
Once the New User menu item has been selected, the List Pane will automatically display all
the currently configured Users. A new entry with a blank name field is inserted at the top of the
list.
A valid name should be entered, and the Enter key selected. This will invoke the User
Properties dialog, which will allow more detailed editing of the User.
Note: Once the new User name has been entered, it is not possible to edit it at a later time.
3.1.2.3 Creating Custom, File and OPC Item Tokens
stom Tokens, File Tokens and OPC Item Tokens are created in the same way:
Cu
• Select the Edit>New Token menu item from the Security Tool menu bar. Then select the
desired option from the list (e.g. Custom, File or OPE Item).
- 13 -
Reference Guide
D301530X412
APRIL 2012
• Select New Token menu item from the expanded Tree Pane.
Security Configuration
• Select the floating New Token context menu from the List Pane when the Custom, File or
OPC Item node is selected in the Tree Pane.
Once this menu item has been selected, editing may proceed in a similar way as described in the
section Adding a New Token Group. The name should be unique among other Custom Tokens, and
is case-sensitive. Once the name has su ccessfully been entered, the Custom Token Properties dialog
will be displayed. Note: it is not possible to edit the Token name once it has been entered.
3.1.2.4 Creating New Token Groups
A new To
ken Group may be created by any of the following methods:
• Selecting the Edit>New Token>New Token Group menu item from the Security Tool menu
bar.
- 14 -
Reference Guide
D301530X412
APRIL 2012
• Selecting the New Token Group menu item from the expanded Tree Pane:
Security Configuration
• Selecting the floating New Token Group context menu from the List Pane whilst the Token
Group icon is selected in the Tree Pane:
Once this menu item has been selected, the List Pane will automatically display all the currently
configured Token Groups. A new entry with a blank name field is inserted at the top of the list. A valid,
unique name should be entered, and the Enter key selected. This will invoke the Token Group
Properties dialog, which will allow more detailed editing.
Note: once the new name has been entered, it is not possible to edit the name at a later time.
3.1.2.5 Creating New Access Areas
A new Acce
• Selecting the Edit>New Access Area menu option from the Security Configuration Tool
ss Area may be entered either by
menu bar
- 15 -
Reference Guide
D301530X412
APRIL 2012
• By selecting the New AccessArea context menu option from the Access Areas node.
Security Configuration
Selecting either of these options will result in prompting for an Access Area name in the right hand list
and, upon successfully entering a unique name, the Access Area Properties dialog will be displayed.
Note: Access Area names are case-sensitive and must be unique within Access Areas only.
3.1.3 Tools Menu
This menu provides access to the Options dialog which enables the User to configure how certain
functions within the Security Configuration tool behave.
3.1.4 Help Menu
Selection of the Help option displays this help file. Selection of the About... option displays
information about the OpenEnterprise version, build number and contact details.
3.2 The Tree Pane
3.2.1 The Tree Pane
The Tree Pane provides an overview of the current configuration by means of a tree structure.
The tree consists of a number of object type nodes (Users, Groups, Tokens and Access Areas),
which display configured Security objects of that type underneath.
Most object type nodes have a context menu, activated with a right mouse click, which enables a
new object of that type to be created under the node.
- 16 -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
All configured object elements in the Tree Pane have a context menu, providing access to the
Property Pages for that object, as well as other options, depending on the type of object selected.
3.2.2 Default Group Node
The Default Group node has one context menu option. This opens the property pages for the Default
Group. The Default Group settings apply to every user, so they must be set at the lowest possible
token and access area security level.
3.2.3 Users Node
The users node has a context menu that provides two options.
3.2.3.1 Creating a New User
A new Use
• Using the Edit-New User menu item from the Security Configuration Tool menu bar.
r may be created by any of the following methods:
- 17 -
Reference Guide
D301530X412
APRIL 2012
• Using the New User context menu from the Users icon in the Tree Pane.
• New User floating context menu from the List Pane with Users icon selected in Tree Pane.
Security Configuration
Once the New User menu item has been selected, the List Pane will automatically display all
the currently configured Users. A new entry with a blank name field is inserted at the top of the
list.
A valid name should be entered, and the Enter key selected. This will invoke the User
Properties dialog, which will allow more detailed editing of the User.
Note: Once the new User name has been entered, it is not possible to edit it at a later time.
3.2.3.2 Paste User
The Paste o
copied user's security configuration details to a new user. If no user has been copi ed, the Paste
option is disabled.
Before the new user is created, the User Name Entry dialog appears, prompting for a name for the
new user. The name must be unique. When the [OK] button is selected, the new user is added,
complete with all of the security configuration of the copied user.
ption, when selected from the Users icon begins the process of pasting a previously
- 18 -
Reference Guide
D301530X412
APRIL 2012
Security Configuration
3.2.4 User Nodes
Individual User nodes indicate the administration level of the User. They may be either:
Red
Blue
Only Administrative Users are able to configure security within Open Enterprise. Only an
Administrative User may grant Users administrative rights. The SYSTEM User is an Administrative
User by default.
3.2.4.1 Context Menu
A context menu is availa
3.2.4.2 Properties
Open
s the Property pages for the selected user. See the User Property Pages topic for more
information.
Standard, non-administrative User
Administrative User
ble when the user right clicks on any user in the list.
3.2.4.3 Copy
Copi
es the selected user's configuration details ready for pasting the same configuration to a new
user.
3.2.4.4 Delete
s the selected user. A warning message will appear before deleting the user.
Delete
- 19 -
Loading...