Hi All,
I am trying to wrap my head around the whole groups and Keys thing and finding it a little difficult, I have managed to set up my groups as follows :-
All of my operators belong to the operate group who have the following keys assigned Control and Alarms.
I then have for example Operator 1 who has operate for Area A assigned and has keys Alarms for Area A assigned.
I also have for example Operator 2 who has operate for Area B assigned and has keys Alarms for Area B assigned.
When in run time I open the faceplate for the control PLM and Area A operator pushes the start button I am getting the following error
"Access was denied for operation. Possible reasons are the modules area is not assigned to the workstations Alarms and event subsystems, or you do not have parameter/field security access."
I have checked that the modules for Area A and B are found in the Alarms and Events for my specific workstation and have been downloaded....
The question is am I missing a key somewhere to allow the operator to start the PLM?
GaryL. The basic concept is straight forward, but I understand your frustration. In addition to the User security, there is also the Workstation Scope, and one thing that almost always gets me is with RDP sessions/Remote Clients. The Plant Areas must be assigned to each Remote Client session.
One tool that is very useful for security rights trouble shooting is "Watchit". You can enter the path to the parameter.Field and select the option to write to it. On that dialog there is a "May I" button. Pressing this button will show you the security profile of the parameter. That is, it shows you the Parameter and field write locks needed and whethe the current user and workstation have the required keys in the designated Plant Area
Now you can see what the Parameter and Field security is configured to. In this case the Control lock. Just below the Field/Parameter, it indicates the path is "within Woskstation areas, and tells you the default Lock, and which Key is required, in this case Control. Below it tells you the User security information as to the Keys they have, and the Plant Area needed. At the bottom is "Write Check Results in" RT_SUCCESS, or not. Now you can clearly see what is preventing you from writing to this parameter.
If a Parameter or Field is not explicitly assigned a lock, the default lock is applied. Changing this affects all parameters not explicitly assigned a lock.
Your User Group has a defined set to keys, and you've assigned this user to have access to specific Areas. The Areas must also be assigned to the workstation and/or Remote client session.
Hope this helps.
Andre Dicaire
In reply to Andre Dicaire:
In reply to GaryL: