Additional User Group Administration Procedures

Prerequisites:

  • System Manager is in Engineering mode.
  • System Browser is in Management View.
  • Project > System Settings > Security is selected.
  • The Security tab is selected.

 

Remove a User from a User Group
  1. Select the appropriate user group.
  1. In the Group Configuration expander, select User Members list, and then select the appropriate user.
  1. Click the Remove button.
  • The user is removed from the User Members list and added to the Configured Users list.
  1. Click Save .

 

Copy a User Group
  1. Select the user group to copy.
  1. Click Save As .
  1. Enter a new name for the user group.
  1. Click Save .
  • The new user group, with the same rights as the original user group, is saved.

 

Configure User Inactivity Timeout

Desigo CC is locked if there is no user activity for a set period of time, so that the user has to log on again.

  1. Select the appropriate user group.
  1. Open the Group Configuration expander.
  1. Select the Inactivity timeout [minutes ] and enter a timeout period in minutes.
    NOTE: 0 = no timeout is set. If a user belongs to more than one user group or management group, the lowest time greater 0 becomes active as an inactive timeout time.
  1. Click Save .

 

Creating Full Local Scope Rights
  • A local user group is selected.
  1. In the Scope Rights expander, click Add.
  1. In the Scope column, right-click the first row and select the local system.
  1. Configure the Scope entry as follows for the user group to have all rights:
  • Discipline: * ALL
  • Subdiscipline: * ALL
  • Object Type: * ALL
  • Object Subtype: * ALL
  • Property Groups: Status = W, Configuration = W, Diagnostic = W
  • Select the Command Groups, Create, Delete, Supervise and Vis. check boxes.
  1. In the Event Rights expander, select the event rights check boxes.
  1. In the Application Rights expander, select the Applications check box.
  • All check boxes are selected to get full access as local user.
    NOTE: If another system is integrated later, you must check if you need to activate additional application rights.
  1. Click Save .
  • A local user group is defined with all rights.

 

Creating Full Scope Rights for Global Administrator
  • A global user group is selected.
  • In a distributed system, select the master system for global user groups.
  1. Select Project > System Settings > [security of the master system].
  1. Click the Security tab.
  1. In the Scope Rights expander, click Add.
  1. In the Scope column, right-click the first row and select Global.
  1. Configure the Scope entry as follows for the user group to have all rights:
  • Discipline: * ALL
  • Subdiscipline: * ALL
  • Object Type: * ALL
  • Object Subtype: * ALL
  • Property Groups: Status = W, Configuration = W, Diagnostic = W
  • Select the Command Groups, Create, Delete and Supervise check boxes.
  1. In the Event Rights expander, select the event rights check boxes.
  1. In the Application Rights expander, select the Applications check box.
  • All check boxes are selected to get full access as global administrator.
    NOTES:
    - The data master system shows all application rights of all distribution participants.
    - If another system is integrated at a later point in time, you must check if you need to activate additional application rights.
  1. Click Save .
  • A global user group is defined with all rights.

 

Assigning Pre-defined Local Scope Definitions
  • A local user group is selected.
  • You have created a Scope definition (see Scopes).
  1. Select Project > System Settings > Scope > [your Scope definition].
  1. Drag the selected Scope definition to the Scope Rights expander.
  • Only the objects or applications that were created in the Scope definition display.
  1. Configure the Scope entry as follows for a user group with restricted rights:
  • Discipline: Select an option.
  • Subdiscipline: Select an option.
  • Object Type: Select an option.
  • Object Subtype: Select an option.
  • Property Groups: Status = -/R or W, Configuration = -/R or W, Diagnostic = -/R or W.
  • (Optional) Select the Command Groups, Create, Delete and Supervise check boxes (Information).
  1. Repeat Steps 2 through 4 for another Scope entry.
  1. In the Event Rights expander, select the event rights check boxes.
  1. Click Save .
  • A user group is created using Scope definitions with restricted rights.

 

Creating Reduced Local Scope Rights
  • A local user group is selected.
  1. Select Project > System Settings > Security.
  1. Select the Security tab.
  1. In the Scope Rights expander, click Add.
  • In the Scope column, right-click the first row and select the desired system.
  1. Configure the Scope entry as follows for a user group with restricted rights:
  • Discipline: Select an option.
  • Subdiscipline: Select an option.
  • Object Type: Select an option.
  • Object Subtype: Select an option.
  • Property Groups: Status = -/R or W, Configuration = -/R or W, Diagnostic = -/R or W.
  • (Optional) Select the Command Groups, Create, Delete and Supervise check boxes (Information).
  1. Repeat Steps 3 and 4 to add another Scope entry.
  1. In the Event Rights expander, select the event rights check boxes.
  1. In the Application Rights expander, select the Applications check box.
  1. Click Save .
  • A user group is defined with restricted rights.

 

Information

NOTE:
After you change or assign Scope rights to a user group, you must stop and restart the client application for the new Scope rights to take effect.
If you are working in closed mode, contact the system administrator to change the settings from another station. The client application cannot be shut down on a client station that is running in closed mode.

 

Set the Filter Criteria for Data Point Information

The example shows the filter settings in the Object Configurator.

  1. In System Browser, select Management View.
  1. Select [Project] > Field Networks > [BACnet network] > Hardware > [device] > [data point].
    NOTE: The filters for discipline and object type impact every data point for a project.
  1. Select the Object Configurator tab.
  1. Open the Main expander and then Classification settings.