Configure User Access for an Industrial Graphics Web Client
- Last UpdatedJul 13, 2023
- 2 minute read
Security Roles are used to manage authentication for Industrial Graphics applications. Any user that requires access to the Industrial Graphics Server via the Web Client needs to be associated with an Industrial Graphics security role.
Two Industrial Graphics security roles are created locally by Plant SCADA when you install an Industrial Graphics Server:
-
Industrial Graphics Users — provides read-only access to a Plant SCADA system.
The Windows® User Groups "AIGUsers" is created and associated with this role.
-
Industrial Graphics R/W Users — provides read and write access to a Plant SCADA system.
The Windows® User Groups "AIGUsersRW" is created and associated with this role.
For more information about write access, see Enable Tag Writes for Industrial Graphics Applications.
To enable access for Industrial Graphics Web Client users:
-
Add the required users to the AIGUsers (read only) or AIGUsersRW (read and write) domain group on the Industrial Graphics Server.
Or:
Add the required users to a Windows domain group you have created, and then associate this group with the appropriate Industrial Graphics security role.
For further instructions, see Modify the Members of a Security Role.
Note: To allow authorization in a distributed system, only add domain groups to an Industrial Graphics security role. You should avoid adding individual users to these roles.
-
Any users also need to be a member of a Windows group that is mapped to a valid role within your Plant SCADA project. This is required to enable I/O server requests. See Roles.
Note: Additional configuration is required if you want to allow Industrial Graphics users to write to variable tags in your Plant SCADA system. See Enable Tag Writes for Industrial Graphics Applications.