Users & Roles

The server provides a system of access rights and privileges to ensure security. Its main function is verification of authenticity (authentication) and giving the client access to certain rights (authorization). The authentication mechanism provided by the client authenticates the username and password provided by the client compared to the user existing in the system, which is authorized according to the specified role.

User represents the server user with the specified login, password and role set. User lists are used for authentication of OPC UA clients and clients that administer the server. By default, the server has a blank password for the admin. You cannot rename, delete or modify the admin user, but you can change its password.

To reset the administrator password to the default (blank), you must run the utility resadmpwd from the server root folder and restart server service/process/daemon

User name is case-sensitive

Role represents the set of rights available to the user. Roles restrict the rights associated with server administration and data access. The following are the categories of rights and their description.

Category

Permissions

General

Connect, data synchronization and read server information (licenses, time, etc)
Download configuration
Reinitialize server
Upload configuration
Upload licenses

Security

Create role
Create user
Delete role
Delete user
Update role
Update user

Devices

Create device
Delete device
Update device
Run command