Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Production Management

TABLE OF CONTENTS

About users

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedMar 25, 2025
  • 3 minute read

The User management feature enables you to secure your AVEVA™ Production Management system by assigning sets of permissions to users based on their role. These permissions include defining which areas of the plant hierarchy a user can access, and what actions they can perform.

Default administrator group

When you create a project, the default administrator group is already added with certain properties configured.

  • The default administrator group

    Studio project hierarchy view showing an expanded Users folder under System Configuration with defaiult Administrator group.

User management system

AVEVA™ Production Management controls and manages users, roles, and permissions through the following user types.

User group

User group configuration in AVEVA™ Production Management defines the allowed set of permissions given to the associated Active Directory users when logging into the application. With User groups, any valid Active Directory user can log into AVEVA™ Production Management, provided they are a member of one or more User groups configured in AVEVA™ Production Management Studio. The permissions and settings are configured at the group level.

  • An Active Directory user is a member of an Active Directory group.

  • The Active Directory group is associated with a Production Management User group.

  • The permissions and settings for Active Directory users are assigned to the User group they are associated with.

Studio project hierarchy view showing an expanded Users folder under System Configuration with the list of user groups, Administrator, Basic User, User Group, Webservice user.

Basic user

This user is primarily intended for use as the RunAs user for Studio integration items such as SubmitData through Service Bus. This user is also used for Web service calls.

Security recommendation: The permissions of the Basic user should be restricted to only the required locations in the hierarchy to reduce scope of access to minimize attack surface.

User folders

You can organize Basic Users and Group definitions into folders within AVEVA Production Management Studio.

  • Folder structure does not impact any other user or group behaviors.

  • User names must be unique across all folders.

  • Group names must be unique across all folders.

    Studio project hierarchy view showing the Users folder grouping structure.

Authentication types

See, Types of Authentication in AVEVA Production Management.

Production Analyst login screen showing the Credential options available.

Users and Shared Favorites

For more information, see User Management and Shared Favorites.

Security roles

A role authorizes a user to perform certain in the plant hierarchy, such as adding records or viewing information. An assignment is a role associated with a location in the plant hierarchy. This assignment regulates which users have access to which locations and which operations they can perform.

Studio project hierarchy view showing an expanded Security configuration item with an expanded Roles folder.

For more information, see Set up security role-based user management.

Related topic

In This Topic
TitleResults for “How to create a CRG?”Also Available in