Hi, we are facing a problem with PI archive security, we were asked to have a group of persons with read access only to a few tags, since we have a mapping for all domain users, creating a new one for those persons is not helping to prevent them to see all the tags, since they get the "all users" mapping too. What should we do? , Ask IT to create a new AD group with all users except the ones with restricted tag access? and then ask them to create another AD group just for them?
Request your IT department to create new AD group e.g. PI Read Only and add users who needs access to that group. Add new identity in PI and AF and map this PI Read Only group. In PI Point security and data security remove all access by removing all users mapping in PI point and map new identity.
Note : New Identity should be given appropriate PI database access.