Understanding Configuration Manager and Assigning Access - PAS Integrity Software Suite - 7.3 - Administration & Configuration - Intergraph

Integrity Administration Guide

Language
English
Product
PAS Integrity Software Suite
Subproduct
Cyber
Search by Category
Administration & Configuration
PAS Version
7.3

In Configuration Manager, you can use your asset hierarchy to allow or deny access to specific users or groups for sets of assets. Review the following considerations when using Configuration Manager for managing access to sets of assets:

  • The administrator can allow or deny individual users access to an Integrity asset.

  • The administrator can allow or deny users who are members of an Active Directory group access to an Integrity asset.

  • The administrator can use Integrity groups to allow or deny multiple Active Directory groups access to an Integrity asset. Users who are members of any of those Active Directory groups can access the asset. Integrity groups can include multiple Active Directory groups.

  • If a user is a member of more than one group with opposing access for a specific asset, the Deny access permission applies. This access can be allowed or denied through Configuration Manager or through custom roles defined in the Admin Utility. For example, a user is a member of GroupA and GroupB. GroupA has Allow access for AssetA. GroupB has Deny access for AssetA. In this example, the user does not have access to AssetA.

In addition to using the asset hierarchy to allow or deny access, the administrator can use custom roles to define sets of assets. For more information, see Configuring Users and Groups†on page 28 and Creating Custom Roles†on page 32.