Directory Security
- Last UpdatedFeb 06, 2024
- 1 minute read
The user and data directories that are installed by Plant SCADA (by default, under "%PROGRAMDATA%\AVEVA Plant SCADA <VersionNumber>") are protected by Windows® access control lists (ACLs) to avoid unauthorized access.
During installation, access permissions for these directories will be granted (with certain operational restrictions) to the members of the following Plant SCADA Security Roles.
|
Directory |
Security Role |
Permission |
|---|---|---|
|
Config |
Configuration Users, Runtime Users and Server Users |
Read/Write Access |
|
Data |
Configuration Users, Runtime Users and Server Users |
Read/Write Access |
|
Logs |
Configuration Users, Runtime Users and Server Users |
Read/Write Access |
|
User |
Configuration Users, Runtime Users and Server Users |
Read/Write Access |
|
Starter |
Configuration Users |
Read Access |
|
Deployment\Client |
Configuration Users, Runtime Users and Server Users |
Read/Write Access |
In addition to the above table, the required permissions will be granted to the service accounts for Plant SCADA's services. Full Control permission will also be granted to the local Administrators group and the System account.
Note: You can specify a different location for these directories following installation using Citect.ini parameters. If you do this, you need to manually configure the access control lists for the new folder locations so that they match the permissions that were applied to the original directories during installation. See Configure Directory Security for Modified Folder Locations in the installed Plant SCADA documentation.