Cannot edit access permissions on a module
- Last UpdatedOct 04, 2024
- 2 minute read
- PI System
- PI Server 2018
- PI Server
If you try to edit access permissions on a module and are not allowed to make the change, you are probably missing a required mapping. The AF Link tool in PI SMT generates a security report to help pinpoint the problem, which might be caused by any of the following situations:
-
You are trying to add access for a PI user, identity, or group that does not have an associated mapping. You need the mapping in order to associate the PI identity or account with a Windows account. Create the mapping and then try the edit again.
For example, suppose a module has the following access rights:
PIOperators: A(r,w) | piadmins: A(r) | PIWorld: A(r,w)
PIOperators and piadmins both have associated mappings (PIWorld does not need a mapping). Suppose you have an unmapped PI identity, called PIEngineers. You cannot add access permissions for PIEngineers until you create a mapping for that identity.
-
You deleted a mapping that the module required to associate access permissions with a Windows account. Now, in MDB, you can still edit the module itself, but you cannot edit the access permissions for the module, except to delete the identity associated with that mapping. Create a new mapping for the relevant identity, user, or group. Now you can edit access permissions for the module.
Note: AF Link does not automatically pick up changes in mappings. The change does not take effect until you edit the element in some way; this triggers AF Link to update the settings in MDB.
For example, in the previous example, if you deleted the mapping for piadmins, you would not be able to edit access permissions on the module, except to remove all access permissions for piadmins. To fix this, you would have to create a mapping for piadmins.
Note: In both these cases, you can continue to edit the elements directly in PI AF.