I have a request where particular user want to see PI archives via PI SMT. What level of access required so that he/she will be able to view PI archives from PI SMT.
You could do these multiple ways. Please refer the thread How can I secure PI SMT to allow use of parts of SMT by user roles?
The following task needs to be performed by a PI Admin with read / write authority over database security. Open PI SMT. Navigate in the System Management Tools pane to 'Security'. There click on the 'Database Security'. This will list the PI Data Archive series of "databases". In this case you are interested in the settings for 'PIARCADMIN'. The key is to grant specific Identities, Users, or Groups the read access to this database. Right click on 'PIARCADMIN' and select [Properties] on the shortcut menu. The Security for PIARCADMIN dialog you can add or remove Identities, Users, or Groups. You can modify the Read or the Write access for a selected Identity, User, or Group as shown here:
The only other important thing to note is the user in question has to be a member of that Identity, User, or Group as defined in the [Identities, Users, & Groups] tool pane in PI SMT. From what you described you want to only grant Read access for this individual to prevent him/her from performing tasks reserved for PI Admins, but still allow them to see the attribute values associated with the pi archives.
Just to clarify James Devine's answer above, I would encourage you to check out the following LiveLibrary article: Access control for basic Data Archive admin tasks
If this user is just interested in seeing the archive list, PIARCDATA is probably what you are looking for. Note that PIARCADMIN controls the ability for other tasks, such as archive creations/force shift/registrations,etc.
Thanks for the repsonse. As a testing I have tried with piadmin and piadmins identity but still particular team is not able to view piarchives.
as of team particular team is connecting pi server via FGO group with PIread_basic identity.
any clue on this issue?
Can you please clarify whether the team you are mentioned is part of either PIadmin or PIadmins group. Since you have mentioned like "Particular team is connecting pi server via FGO group with PIread_basic identity"
Particular team is connecting via FGO with pi read_basic identity but I tried with piadmin/piadmins but still not working.
Retrieving data ...