Use this portal to submit your innovative ideas to make Geo SCADA Expert and Devices such as SCADAPack, Trio and Realflo of greater value to you and to the SCADA & Telemetry community. Every idea will be individually reviewed by our team for merit and will be marked Under Consideration.
Search in
 BevanWeiss
		
		
		
		
		
		
		
		
	
			 on 
    
	
		
		
		2021-01-15
	
		
		04:45 PM
		
			BevanWeiss
		
		
		
		
		
		
		
		
	
			 on 
    
	
		
		
		2021-01-15
	
		
		04:45 PM
	
	
	
	
	
	
	
	
	
	
	
	
	
	
		
	
				
		
	
		In the majority of our customer's ClearSCADA / GeoSCADA databases there are a collection of SYSTEM objects to call various batch files, or perform other data handling external to ClearSCADA / GeoSCADA.
Some of these only need light privileges (like network activity, and .NET API for GeoSCADA) others need 'heavy' privileges (like to overwrite backup files, or access secure file servers to store secure records).
As such, only being able to have a single service account configured under which ALL SYSTEM objects execute is a bit too coarse in security permissions, and doesn't fit into a best practise 'role-based' privilege model.
What would be nice is if on the SYSTEM object it were possible (though not required, to prevent breaking existing systems) to enter a specific username/domain/password in which case each execution of this SYSTEM object would use these credentials rather than the global Server Configuration credentials.
Link copied. Please paste this link to share this article on your social media post.

Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.