0

Enable/Disable Users

Forum / Questions & Answers

Hello

I am unable to find in documentation or Canary system anything that allows Canary administrators to enable/disable users (by users I refer to Axiom users) - but I may be wrong here!

I assume that such functionality could potentially be done by denying Logon access in the ACL to either users specifically, or having a group called Disabled users that prevents users to logon into Axiom. 

Did anyone implementing similar functionality? 

Thanks 

10 replies

null
    • Real-Time Manager at CSE ICON
    • damon_vinciguerra.1
    • 3 wk ago
    • Reported - view

    Which version of Canary Axiom are you using? If you're on 24 or later, you can use https://helpcenter.canarylabs.com/t/g9yfxk5/identity-tile-version-25#access-control-lists to white-list Canary Users or Canary Groups to log in.

    • apermag
    • 3 wk ago
    • Reported - view

    Hey   thanks! yeah, that's what I was considering (we're on v24 right now). Yet, wanted to ask the experienced group here how they have addressed such need. Looks like the ACL and Axion Logon blacklist is the way to go, unless I'm hearing otherwise...

      • Real-Time Manager at CSE ICON
      • damon_vinciguerra.1
      • 3 wk ago
      • Reported - view

       agreed. In my experience, Axiom is generally open to anyone in the company. Do you have sensitive data in your Historian?

      • apermag
      • 3 wk ago
      • Reported - view

       no, we don't have sensitive data, but we need to keep records of users who have been in the system. Axiom users are a type of users, but mostly concerned about configurators, for which I would need to figure out how to "reduce" the ability to do stuff in the Canary Admin. 

      Looking forward to hearing suggestions here 🙂

      • Real-Time Manager at CSE ICON
      • damon_vinciguerra.1
      • 3 wk ago
      • Reported - view

      Ah, that' the fun part right now. Not a lot of nuance. https://helpcenter.canarylabs.com/t/p8ymd3r/identity-tile-version-24#:~:text=group%20is%20allowed.-,Admin%2DLogon,-Controls%20who%20can

      If you're in Admin, you can do admin stuff. As you can see from the article, most of the nuance in security is around Axiom. 

      • apermag
      • 3 wk ago
      • Reported - view

       Thanks!. That's exactly what I found... good to know I'm not very deviated!! 

      Thanks Damon for the interaction here!

      • Real-Time Manager at CSE ICON
      • damon_vinciguerra.1
      • 3 wk ago
      • Reported - view

       Of course, let me know when you post it and I'll vote/comment.

      Also, I highly recommend v25.3, lots of new things since v24!

      • apermag
      • 3 wk ago
      • Reported - view

       Actually waiting for 25.4 by end of August, looking forward to some batch related functionality :)

      • Real-Time Manager at CSE ICON
      • damon_vinciguerra.1
      • 3 wk ago
      • Reported - view

       That's going to be a big one! What industry are you in, if you don't mind me asking.

      • apermag
      • 3 wk ago
      • Reported - view

      Life sciences / biotech.

Login to reply

Content aside

print this pagePrint this page
  • 3 wk agoLast active
  • 10Replies
  • 31Views
  • 2 Following