Access Control Lists for FSA
ACLs store security, configuration, and administrative information for workflows and documents; configuration management; and the Windchill RV&S server. They work in conjunction with your network’s authentication system to provide control over features and functions.
Permissions to log in to the Windchill RV&S server and proxy are controlled by the mks:si ACL. Permissions regarding FSA are considered server related permissions. The permissions are designed to allow access to the server and proxy for administrative and debugging tasks.
The following server permissions are for PTC Technical Support use only and are disabled by default. Do not modify them unless directed by a PTC Technical Support representative.
Permission
|
Description
|
AdminProxy
|
Allows user to perform administrative functions on proxy.
|
AdminServer
|
Allows user to perform administrative functions on server.
|
DebugProxy
|
Allows user to perform diagnostic functions on proxy.
|
DebugServer
|
Allows user to perform diagnostic functions on server.
|
A Windchill RV&S client configured for configuration management is required to carry out administrative tasks related to FSA.
Once connected, users must also have the Login and OpenProject permissions to access the source code projects for the operations they want to perform. Individual permissions then enforce additional authorization constraints as configured. You can use permissions to limit the availability and access to certain servers or proxies, and also to limit access to operations on those servers or proxies.
If you are also using workflow and document functionality, the Login permission must be granted to all users in the mks:im ACL, and they must have visibility to all process and control projects.
For information on configuring permissions, see the
“User and Group Permissions: Access Control Lists”.