Configure security for new PI AF databases

Configure default List of access permissions for all identities that need access to databases on a PI AF server.

1. On the toolbar, click the Database button.

2. In the Select Database window, click the Edit Security button.

   In the Items to Configure list of the Security Configuration window, the server and every collection is selected.

3. In the Items to Configure list, clear the server and the following collections: Contacts, Notification Contact Templates, Identities, and Mappings. Databases and all Database - Collections should be selected.

4. In the Identities list, review existing identities and validate their permissions. You can also add and remove identities, as needed.

   To ...	Do this ...
   Add or modify permissions of existing identities	Select an identity in the Identities list. In the Permissions for Identity list, select or clear the Allow or Deny check box beside each permission you wish to set. Repeat for each identity.
   Add another identity to the Identities list	Click Add. In the Select Identity window, select the identity you wish to add. Click OK. The identity is added to the list. In the Permissions for Identity list, set the access permissions as needed (the default setting is all are checked). Tip: If you need to create a new identity and mapping, click New Identity. For more information, see Manage identities in PI AF.
   Remove an identity from the Identities list	Select an identity in the Identities list. Click Remove.

5. In the Child Permissions section, choose one of the permission inheritance options. For more information, see Understand permission inheritance of element objects.

6. Optional. To view all of a user's access permissions on items in PI AF based on his or her current PI AF identity mappings, click the Effective Access tab.

7. Optional. In the Domain User field, enter a user's Windows domain name whose permissions you want to view.

8. Optional. Press Tab or Enter to validate your entry.

9. Click OK.