Organize your Users and User Groups

As User accounts, User Groups and (if applicable) User Patterns are a key element of ClearSCADA security, it is important that you try to protect them from unauthorized use. By restricting access to the individual Users, User Groups and User Patterns, you reduce the chance of a user being able to change the access permissions of their own user account or that of other system users.

We recommend that you store your Users, User Groups and User Patterns in a single ClearSCADA Group folder. You can then configure the security settings for the Group folder so that the folder and its contents can only be accessed by a select few members of staff.

NOTICE

SECURITY THREAT

On systems on which ClearSCADA can Create users automatically from group membership, the incorrect assignment of security permissions on User Patterns and User Groups can compromise the security of the system. Always restrict the security permissions that are allocated to User Patterns, and to User Groups that are integrated with Windows domain groups or LDAP user groups. Only assign those permissions that are actually required, to help prevent the automatic creation of new user accounts that allow Windows or LDAP users to perform high-level tasks, such as shutting down the server.
Failure to follow these instructions can result in equipment damage.

Disclaimer

ClearSCADA 2017 R3