|
<< Click to Display Table of Contents >> Navigation: Security and Maintenance > Security levels for Mechworks PDM |
This is the default security level after installing MechworksPDM.
At this level the MechworksPDM must be considered as a data viewer for external reference and not an operative tool.
This configuration is typical of an external administrator who does not work directly with the CAD but coordinates the work of a designing team.
The DBWARM has full control of authorizations. Ensure that the DBWArm Default group is set correctly, and that the users normally working with the Standalone (with no admin priviledges) are declared in the proper DBWArm groups.
In order to be granted such rights, the user must belong to the special group DBWorks Standalone Power Users (or set environment variable DBWORKS_STANDALONE_POWER_USER=1).
If so, MechworksPDM Standalone Client is granted the same permissions as if it was the integrated version;
Some examples:
•modify the database by opening it with Open for update
•data editing of any single record
•revision actions
•execution of scripts that modify the database.
•options full visualization
•project creation
•document addition
This special group is automatically created by MechworksPDM on the first run and can be viewed with the standard Administrative Tools, User manager functionality
It goes under the responsibility of the network administrator whether to assign a user to this group.
Standalone Client checks for the existence of a global group named "DBWorks Power Users" on the current domain controller server, and if the current user belongs to this global group, Standalone starts in Administrator mode; in case of DBWARM active, no check is performed on the global group and the control is passed to DBWARM.
Mechworks PDM currently allows two security levels:
This is the default security level after installing MechworksPDM. There is no limitation to what an adminstrator can do: he can approve revisions or undo other users' modifications as well as modify the documents directly.
There are a certain number of operations that a Simple User cannot perform for security reasons:
•Creation and approval of a revision for a given document
•Rejection of modifications brought about by other users
These operations imply making decisions that affect the final release of the CAD documents and the manufacturing process of the company.
starting from build 20140430, a behavior change has been applied for denying the use of the following functionalities:
•Open for Updating
•Full editing of the Options
if the following Windows Environment Variable:
MECHWORKSPDMADMINMODE
is not existing or it is existing and not set to the value "1".
The MechWorks PDM Setup program automatically creates and set this environment variable when the option for installing the 'Administration Tools' is checked during the setup procedure.
When in "non admin" mode:
1.the "Open for Updating" is not available as menu entry for the SolidWorks integration; for all the other integrations the menu entry is available but a message pops up stating that the functionality is allowed only to the PDM Administrators.
2.the "Options" functionality permits the editing only of the USER and PLOT options