Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ PI Server Installation and Configuration (PI Server 2018)

TABLE OF CONTENTS

Built-in PI identities, users, and groups

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedFeb 12, 2025
  • 2 minute read

Data Archive includes several built-in PI identities, users, and groups. The most important are:

  • piadmin — A PI user with super-user access

    Note: To maintain a secure environment, we do not recommend use of piadmin.

  • piadmins — A PI group with administrative access

  • PIWorld — A PI identity with general access

    PI users, groups, and identities

    Description

    piadmin user

    A PI user with super privileges. The piadmin user has complete read/write access to all Data Archive resources. You cannot modify the access permissions for piadmin. In most cases, do not map piadmin to any AD group or user. At most, map piadmin to a small group of administrators. Though you cannot delete the piadmin user, you can disable it to varying degrees.

    piadmins group

    A PI group intended to represent Data Archive administrators. Use piadmins for all routine administrative tasks.

    This pre-configured group has read and write access to all Data Archive resources and default points.

    You can map piadmins to the AD group that represents your Data Archive system administrators and you can adjust the piadmins access permissions to meet your needs. You cannot delete the piadmins group.

    piusers group

    A built-in PI group with no pre-configured access permissions.

    PIOperators, PIEngineers, and PISupervisors identities

    Sample identities that have no pre-configured access permissions. You can configure or delete these PI identities.

    PIWorld identity

    A PI identity with default access permissions for read-only access to most PI resources. The PIWorld identity represents the "everyone" concept of Windows; it specifies the rights of non-explicit users or groups. By default, PIWorld is granted read access to most Data Archive databases and objects. All authenticated Data Archive users are given at least PIWorld privileges.

    You can rename and change the access permissions of the PIWorld identity. You cannot delete PIWorld. You cannot map PIWorld to an AD group or use PIWorld in a trust.

    Note: There is also a hidden user and a hidden group: PIUserIncompatible and PIGroupIncompatible. Data Archive uses them to display an owner and group in older administrative tools that do not support Windows authentication. They do not appear in the list of identities by default. To show them, use the Options button.

TitleResults for “How to create a CRG?”Also Available in