Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

Asset Framework and PI System Explorer (PI Server 2024 R2)

TABLE OF CONTENTS

View effective access by user

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedMay 29, 2025
  • 3 minute read

Use the Effective Access page of the Security Configuration window to view details about a user's access permissions on PI AF objects.

To display a user's access permissions, you need the user's Windows domain name.

  1. Choose one of the following methods to open the Security Configuration window:

    To open from ...

    Do this ...

    PI AF Server Properties window

    1. On the toolbar, click .

    2. In the PI AF Server Properties window, click the Security link.

    Select Database window

    1. On the toolbar, click the Database button.

    2. In the Select Database window, click the Edit Security button.

    PI System Explorer browser

    1. Right -click an object or collection and click Security.

    2. In the PI AF Server Properties window, click the Security link.

  2. In the Security Configuration window, select the Effective Access tab.

  3. In the Domain User field, enter the Windows domain name of the user whose permissions you want to view.

    Note: This option is only available for domain users. If you are using OpenID Connect (OIDC), the Effective Access tab only displays the current user's permissions on PI AF objects. The OIDC User field and the icon are grayed out.

  4. Select the Enter key.

    The user's permissions are shown.

    Note: Select next to the Domain User field to search for a user's Windows domain name. Searching for other OIDC user's effective access is not supported. Viewing an OIDC user's permissions is restricted to individual users.

    The fields and lists on the Effective Access page are populated with the following information:

    • User SID field: Displays the user's security identifier

    • Identities list: Lists all the PI AF identities that are mapped to the Windows domain user account entered in step 3

    • Items to View Access list: Displays the item(s) selected for security configuration. This list is reflective of the item(s) shown in the Items to Configure list on the Permissions card.

    • Permissions list: Displays the access permissions for the currently selected item in the Items to Configure list.

      Note: If you are using OpenID Connect (OIDC) for claims-based authentication and role mapping, the Effective Access tab shows the OIDC user's permissions on PI AF objects. The User SID field is not shown.

  5. Click-and-drag the horizontal splitter bar up or down to adjust the amount of information shown in the list boxes.

  6. Select a different item in the Items to View Access list.

    The user's access permissions for the selected item are displayed in the Permissions list. To learn more about access rights, see List of access permissions.

  7. Repeat step 6 as needed to view access permissions for other items.

  8. Select OK to exit the Security Configuration window.

Related Links
TitleResults for “How to create a CRG?”Also Available in