1 Reply Latest reply on Oct 28, 2009 2:58 AM by hanyong

    Pi security in local PI server machine - Cemex EA


      I'm wondering if it is possible to control the access to SMT and other PI tools to a user logged as administrator in local or remote session in the Pi server Windows OS, this is because we need to have to user profiles with access to windows OS like adminsitrator one for PI administratir and other por IT department, and we don't want to IT to have access to PI admin tools.




      Julio Farrera



        • Re: Pi security in local PI server machine - Cemex EA

          Looking at your post, I can think of 2 ways to look at this problem.

          • Control user's access in Windows and prevent them from running the PI client tools or SMT
          • Configure user's access in PI and restrict access to PI objects (like PI point, PI Tables) and prevent the IT group from having access

          Since you mentioned that you do not want users in IT group to have access to PI admin tools, it seems to me that you are more look at this from the 1st perspective. Which would really go down to configuring Windows security to prevent users from access.


          One way would be to restrict software based in group policy. Here's a webpage that talks more about this: http://windowsitpro.com/article/articleid/97128/how-do-i-use-group-policy-to-block-a-specific-application.html.


          If you are looking for an option to restrict user's access to PI, then it would be configuring PI-Trust (or Mapping in PI 3.4.380) to map the IT user group to a particular PI-user (or Identities in PI 3.4.380) and defining their access rights within PI. In this case, you can refer to the Library section for the documents about "Configuring PI Server Security" under "vCampus PI Products Kit -> Server Products -> PI server".