System Access Privileges - Metasys - LIT-1201528 - General System Information - Metasys System - 12.0

Security Administrator System Technical Bulletin

Product name
Metasys System
Document type
Technical Bulletin
Document number
LIT-1201528
Version
12.0
Revision date
2022-08-05

The System Access Privileges have two dialog boxes: one for the role assignment and one for the user assignment. Administrators assign System Privileges directly to a user or role. System Access Privileges apply to the system as a whole, not to individual categories of objects or items. Table 1 describes all the predefined privileges for System Access Permission.

Table 1. System Access-Based Privileges

Permissions

Permission Privileges

Discard All Events

Gives the user permission to discard all events. Applies to all events a user can manage through the Manage Item Events action set. Use this action set carefully because it is a system-wide discard.

Manage Devices & Sites

Gives the user the following privileges: Reset Device, Archive Device, Set Date, Set Time, Force Archive of Local Repository (audits and trends), Change Audit Enabled Level, and Remove from Site (offline devices and servers).

Handles non category-based configuration actions.

Note: To disable the All Items Organizer for a user, you must remove the Manage Devices & Sites privilege from the available privileges for the user.

View Metasys Status 1

Gives the user permission to display and use the Audit Viewer. To display the Audit Viewer, the user must have View permission and View Metasys Status permission. Also, the audit data visible in the Audit Viewer depends on the categories for which the user has View privileges.

Manage Audit History1

Gives the user permission to annotate audit entries.

Clear Audit History1

Gives the user permission to clear the audit log.

Discard Acknowledged Events

Gives the user permission to discard acknowledged events. Applies to all events a user can manage through the Manage Item Events action set. See the Discard All Events permission description for information on discarding all events.

A user who has the Discard Acknowledged Events permission can discard any event that the user has permission to acknowledge, even if it has already been acknowledged. The Discard Acknowledged Events permission provides a one-step shortcut for the two-step process of acknowledging the event and then discarding the event afterward.

Advanced Reporting1

Gives users with Standard Access permission to access the Metasys Advanced Reporting System. In the Advanced Reporting system, users can run reports to view on a web browser. The Advanced Reporting privilege appears in the list of permission privileges only if Metasys Advanced Reporting System is installed. For more information, refer to the Metasys Advanced Reporting System and Energy Essentials Help (LIT-12011312) .

Schedule Reports1

Gives the user permission to create new Scheduled Reports (Query menu), and to run, modify, reschedule, or delete scheduled reports using the Scheduled Reports Viewer. All users, including those without this privilege, may use the Scheduled Reports Viewer to monitor the status of scheduled reports.

Snooze All Events

Applies to all events a user can manage by using the Manage Item Events action set. This action set should be used carefully because it is a system-wide snooze.

System Configuration Tool

Gives users with Standard Access at releases earlier than 7.0 the following privileges: Access to SCT, Configure and Simulate using the SCT, and Import Integration. Tenant Access users do not have access to the SCT.

Note:
  • For a unified ADS, ADX, or OASwith SCT, the SCT system privilege does not provide the user access to SCT when assigned using the ADS, ADX, or OAS Security Administration window. Instead, assign the user to the System Configuration Tool system privilege using the Security Administration window in SCT.
1 This privilege does not apply to users with Tenant Access, and does not appear in the System Privileges for Role/User dialog box for Tenant Access accounts (Figure 1). See Access Type for more information.