Defining privilege classes, Defining privilege classes -3 – Rockwell Automation 1785-Lxxx Enhanced and Ethernet PLC-5 Programmable Controllers User Manual
Page 215
Publication 1785-UM012D-EN-P - July 2005
Protecting Your Programs 12-3
•
Node C has Class 3 access to channel 2A, based on the node privilege
the controller has assigned it
Follow these guidelines when using the passwords and privileges:
•
You must define the passwords and privileges information for each
controller in your system.
•
You cannot assign default class privileges to channels configured as
scanner or adapter. The read/write privileges you see on the channel
privileges screen apply to read/write access of the channel configuration
screen of that channel. The read/write privileges for each channel’s
diagnostic file (channel status screen) must be set up through the data
table privileges screen. The default privilege fields on the channel
privileges screen determine the privilege class of all stations/nodes that
are attached through that channel.
•
Tell all of the users of your software which privilege class they can use
and the appropriate password. If they want to change to a different class
(other than the one for which the personal computer is configured), they
must enter the new class and password.
•
The passwords and privileges feature helps prevent unauthorized or
accidental changes to the system. However, the passwords and privileges
feature has limitations; it will not prevent acts of malicious tampering
nor can it ensure that changes made by an individual with the password
will be appropriate for a particular application.
Defining Privilege Classes
You can define four privilege classes (class 1-4), each with its own password.
Within each class, you then can assign access to certain operations in the
software (such as modifying program or data files, or channel configurations).
These privilege classes are the upper level organization for your password
structure.
You can define Class 1 to have all privileges, equivalent to a system manager.
Then, define the remaining three classes to have fewer privileges.
IMPORTANT
If node privileges had not been assigned in this example,
the node would have had the same privilege class as that
assigned to its channel.