AnsweredAssumed Answered

How to completely deny access to PI data

Question asked by jdjohnstn on Nov 14, 2016
Latest reply on Dec 23, 2016 by knightk

We suddenly have a new need: We would like to be able to create a PI Security Identity eg: "Nobody" that would NOT be granted PIWorld access to data.

 

There are Windows Server Administrators that are not supposed to have any access to PI data.

Currently, the PI Trust to 127.0.0.1 allows anyone who can log on to the PI server to have "PIAdmin" access.

We can set up a Mapping so that local users are mapped to an identity eg: "ServerOperators", but that identity automatically can access all PI data that has PIWorld access. Is there some way to set an PI Identity to NOT include PIWorld access? There are settings to enable or disable a identity, allow mappings, allow trusts, and we can disable PIWorld for the entire server, but we would like to disable PIWorld for only identity "ServerOperators."

Outcomes