Issue
What functions can you do in I/NET if you change the Windows users rights?
Environment
All versions of I/NET Seven Software
Cause
Changing the Windows users rights affects the way I/NET functions.
Resolution
| User Account | |||
| I/NET Seven Operation | Administrator | Power User | User |
| Install I/NET | Yes | Yes | No |
| Remove I/NET | Yes | Yes | No |
| Upgrade I/NET | Yes | Yes | No |
| I/NET Configuration | Yes | Yes | Yes |
| DBCreate Functions | |||
| Create db | Yes | Yes | Yes |
| Import I/NET 2X | Yes | Yes | Yes |
| Verify existing db | Yes | Yes | Yes |
| Remove existing db | Yes | Yes | Yes |
| Backup db | Yes | Yes | Yes |
| Restore db | Yes | No | No |
| Import Docutrend Archive | Yes | Yes | Yes |
| Upgrade db | Yes | Yes | Yes |
| Seven Reports | |||
| View | Yes | Yes | Yes |
| Run | Yes | Yes | Yes |
| Configure | Yes | Yes | Yes |
| Save | Yes | Yes | Yes |
| Print Report | Yes | Yes | Yes |
| Mount Archive | Yes | Yes | Yes |
| View Archive | Yes | Yes | Yes |
| Run Archive | Yes | Yes | Yes |
| Print Archive Report | Yes | Yes | Yes |
| Archive Configuration | |||
| Event Archive Configuration | Yes | Yes | Yes |
| Run | Yes | Yes | Yes |
| Trend Archive Configuration | Yes | Yes | Yes |
| Run | Yes | Yes | Yes |
| View | Yes | Yes | Yes |
| I/O Server Configuration | |||
| Promote Filemaster | Yes | No | No |
| Demote Filemaster | Yes | No | No |
| Promote Client | Yes | No | No |
| Demote Client | Yes | No | No |
There are two components of security available to users of I/NET Seven: I/NET Seven passwords and Microsoft Windows user accounts. I/NET Seven passwords are specifically aimed at limiting a user’s access to features and functions within the I/NET Seven system. The restrictions imposed by I/NET Seven passwords are application-specific (i.e., they only affect the I/NET Seven system) and do not provide a replacement for domain security methods.
Microsoft is very clear about the importance of limiting permissions to users in a network environment. The user account permissions that are standard in Windows 2000 and Windows XP allow full management of the computer to users with “Administrative” group membership or any group containing administrative permissions. The “Power User” group permissions allow users to install programs but restrict what these users can do to the operating system. The “User” group is the most secure because its operators cannot modify operating system settings or other users’ data. Microsoft clearly states that operators assigned to the User group may have trouble running legacy programs. This should pose no problem for I/NET users since I/NET Seven has been specifically developed to run on the Windows 2000 and XP operating system.
Most functions of I/NET Seven including general system operation, AMT (alarms, messages, and transaction) processing, reporting (Seven Reports), and archiving are available to an operator assigned to the User group or any group with those permissions. However, these operators cannot install I/NET Seven or delete or upgrade its database. Seven Reports is password-protected but can be configured within I/NET Seven to allow automatic logon to operators of a Host PC.
The above spreadsheet shows the functions/operations that can be performed by members of the Administrator, Power User, and User groups.
For further information about Windows security, please refer to Microsoft Windows online help for more information about user accounts, permissions, and Microsoft Management Console best practices". https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc750076(v=technet.10)
