Available Permissions
There are the following types of permissions available: PTC RV&S server, workflows and documents, configuration management, ViewSet, and Solution.
To revise the Admin permission using the PTC RV&S Administration Client
1. From the PTC RV&S Administration Client, open the PTC RV&S view, and click to expand the Permissions section. The display pane shows the global permission information for the mks:im ACL.
The default ACL entry for mks:im is a group named everyone. Remember, ACL entries consist of principals and permissions. In this case, the assigned permission is Admin.
* 
In the default condition, the Admin permission is allowed for the everyone group.
You should first add a new ACL entry that gives you, or your group, full login access to workflows and documents. To add a new ACL entry, highlight the Global mks:im ACL, and right click to choose New from the shortcut menu. The Select ACL Entries to Add dialog box displays.
2. From the Principal list, select the group or user you want to add the new ACL entry for. For example, you could select the user or group names for the individuals who manage workflows and documents on your system. For information on filtering data and selecting items in the Select ACL Entries to Add dialog box, see the Filtering Data topic in the Getting Started documentation.
3. To change the mks:im Admin permission, click the indicator box and toggle through the condition indicators until the box displays a green plus sign indicating the allowed condition.
* 
Once you add a principal, you can edit the associated permissions at any time by selecting the required option from the ACL menu or by right clicking and choosing the required option from the shortcut menu. Menu options include Allow Permission, Deny Permission, and Clear Permission.
4. Click OK to return to the main PTC RV&S Administration Client interface. The display pane shows the new ACL entry for the selected principal and the Admin permission is enabled for that principal.
The next step is to clear the Admin permission for the everyone group.
When setting mks:im ACL permissions for the everyone group, be careful that you only clear the Admin permission.
* 
Do not deny the Admin permission to the everyone group—this effectively denies the administration permission to all users, including any administrator included in that group. Users who are denied administrative access cannot set up workflows and documents.
5. To clear the mks:im Admin permission for the everyone group, click the indicator box and toggle through the condition indicators until a blank box displays indicating a cleared condition.
6. To accept the changes, click OK. The Admin permission is now cleared for the everyone group and explicitly allowed only for the selected administrative user or group.
Admin Permission for PTC RV&S server Administrators
* 
You must have the Admin ACL permission to configure PTC RV&S through the PTC RV&S Administration Client. To administer PTC RV&S, be sure your user name is listed in the appropriate group or you have that permission explicitly defined to your user name.
The user assigned the Admin permission in PTC RV&S is known as the super administrator. The PTC RV&S server administrator has access to all administrative objects in PTC RV&S, including users, groups, dynamic groups, projects, states, types, fields, and triggers. The super administrator can also delegate responsibilities for managing projects and types by assigning project administrators and type administrators.
The Admin ACL also allows you to import users and groups from MKS Domain. There are no individual ACLs associated with this function. It only available through the global Admin permission.
The following table details the permissions attributed to the Admin ACL:
Component
Admin Permission
Workflows and Documents
ViewAdmin
TimeTrackingAdmin
CreateType
CreateProject
CreateCPType
CreateQuery
CreateSharedAdmin
ShareToEveryone
ViewMyNotification
ModifyMyNotification
TimeTrackingAdmin
CreateProject
CreateCPType
CreateQuery
CreateSharedAdmin
ShareToEveryone
ViewMyNotification
ModifyMyNotification
Configuration Management
ChangePackageAdmin
The ChangePackageAdmin ACL permission also allows you to close change packages initiated by another user.
You can review and revise the Admin ACL permission in mks:im ACL through the CLI. For additional details, see User and Group Permissions: Access Control Lists.
* 
You may want to assign all available workflow and document permissions to the user or groups that administer PTC RV&S.
PTC RV&SPTC RV&S server Permissions
Server related permissions in the mks ACL restrict the user’s ability at the root level of the PTC RV&S server to perform administrative functions on the server.
To assist in partitioning administrative tasks, the ViewAuditLog permission grants the assigned user access to view the server audit log files. With this permission, you can assign review tasks to users, without allowing any other type of access to the PTC RV&S Server.
There are additional permissions associated with FSA, including AdminProxy, AdminServer, DebugProxy, DebugServer. These permissions are designed to allow access to the server and proxy for administrative and debugging tasks. The FSA permissions are disabled by default and should not be modified unless directed by PTC Technical Support.
The following table lists the default permission provided in the mks ACL shipped with PTC RV&S.
Permission
Description
AdminProxy
Allows user to perform administrative functions on proxy.
Do not modify unless directed by PTC Technical Support.
AdminServer
Allows user to perform administrative functions on the server. Do not modify unless directed by PTC Technical Support.
Users granted AdminServer permission may also view the server audit log files.
DebugProxy
Allows user to perform diagnostic functions on proxy.
Do not modify unless directed by PTC Technical Support.
DebugServer
Allows user to perform diagnostic functions on server.
Do not modify unless directed by PTC Technical Support.
Login
Allows user to log in. Without this permission, users cannot perform any other operations.
No prerequisite.
ViewAuditLog
Allows user to view the audit logs that track server operations for configuration management, and workflows and documents.
Requires Login permission.
Was this helpful?