Create User Management buttons
These buttons work for any user that can access them, except DEFAULT user. DEFAULT user cannot operate these User Management buttons.
HMI designers must be careful to use security to limit access to the User Management buttons in the application(s).
The administrator mentioned below is any user that has access to the display(s) containing the User Management buttons.
Click the links for more information.
Add User/Group button
- The administrator can use the Add User/Group button to add a FactoryTalk security user, a Windows-linked user, or a Windows-linked group to the current running application.
- A newly added user does not belong to any user group and has no run-time security code. The user cannot log in the system before the user is moved to an existing group that is configured with run-time security code(s).
- On PanelView Plus 6, and PanelView Plus 7 terminals, there is a five-minute threshold when adding a Windows-linked user, or a Windows-linked user group.
- When you add a Windows-linked user, or a Windows-linked user group for the first time, a window prompts you to enter an authorized user name and password.
- Within five minutes after a Windows-linked user, or a Windows-linked user group is successfully added, you can add another Windows-linked user, or Windows-linked user group without entering an authorized user name and password.
- Beyond five minutes after a Windows-linked user, or a Windows-linked user group is successfully added, a window will prompt you to enter an authorized user name and password again before you can add another Windows-linked user, or Windows-linked user group.
Delete User/Group button
- The administrator can use the Delete User/Group button to delete a FactoryTalk security user, a Windows-linked user, or a Windows-linked group from the current running application.
- The last FactoryTalk administrator, and current logged-in user cannot be deleted.
- If a Windows-linked user is deleted, the user will be removed from the current running application, but will not be removed from Windows.
Modify Group Membership button
- The administrator can use the Modify Group Membership button to change a FactoryTalk user, a Windows-linked user, or a Windows-linked group membership in the current running application.
- When a user is added to a group, the user will inherit the A-P security code(s) of the group.
- When a user is deleted from a group, the user will not have the A-P security code(s) of the group
- If a user is a member of multiple groups
- The user will inherit the A-P security code(s) shared by the multiple groups. For example, if a user belongs to both Group One and Group Two; Group One has the security codes of A, B, C, and Group Two has the security codes of B, C, D; the user will only inherit the security codes of B, C.
- When the user is removed from one group, the user is still a member of other groups.
Unlock User button
- The administrator can use the Unlock User button to unlock a FactoryTalk user account, which has been locked.
- When a FactoryTalk user exceeds incorrect password login attempts, the user account will be locked. When the user account is locked, the user cannot log in to the system even with correct password before the user account is unlocked.
- You can adjust the account lockout threshold and account lockout auto reset settings in FactoryTalk Security Policy Settings. For more information on FactoryTalk Security Policy Settings, refer to "Setting up security policies" in FactoryTalk Help.
- You cannot use this button to unlock a Windows-linked user. Only a Windows Domain administrator can unlock a Windows-linked user from a domain computer.
Enable User button
- The administrator can use the Enable User button to enable a disabled FactoryTalk user account from the current running application.
- When a disabled user is enabled, the user can log in the system again.
- You cannot use this button to enable a Windows-linked user. Only a Windows Domain administrator can enable a Windows-linked user from a domain computer.
Disable User button
- The administrator can use the Disable User button to disable a FactoryTalk user account from the current running application.
- When a user is disabled, the user cannot log in the system.
- You cannot use this button to disable a Windows-linked user. Only a Windows Domain administrator can disable a Windows-linked user from a domain computer.
Login button
Logout button
- When a logged in user presses the Logout button, the user will log out of the system.
- When a user logs out, the DEFAULT user is logged in.
Password button
- At run time, the Password button allows the currently logged-in user to change the current password, or the logged-in administrator to change any FactoryTalk user password.
- The passwords for Windows-linked users can only be changed in Windows.
- The passwords for domain users can only be changed on domain servers.
Change User Properties button
Keywords: user management