Table 942: Default users
User name User rights
SuperUser Full rights, only presented in LHMI. LHMI is logged on by default until other users are defined
Guest Only read rights, only presented in LHMI. LHMI is logged on by default when other users are
defined (same as VIEWER)
Administrator Full rights. Password: Administrator. This user has to be used when reading out disturbances
with third party FTP-client.
Table 943: Predefined user roles according to IEC 62351-8
User roles Role explanation User rights
VIEWER Viewer Can read parameters and browse the menus from LHMI
OPERATOR Operator Can read parameters and browse the menus as well as perform control
actions
ENGINEER Engineer Can create and load configurations and change settings for the IED and
also run commands and manage disturbances
INSTALLER Installer Can load configurations and change settings for the IED
SECADM Security
administrator
Can change role assignments and security settings. Can deploy
certificates.
SECAUD Security auditor Can view audit logs
RBACMNT RBAC
management
Can change role assignment
ADMINISTRATOR Administrator
rights
Sum of all rights for SECADM, SECAUD and RBACMNT
This User role is vendor specific and not defined in IEC
62351–8
Changes in user management settings do not cause an IED reboot.
The PCM600 tool caches the login credentials after successful login for 15 minutes.
During that time no more login will be necessary.
The successfully activation of Central Account Management will disable built-in users or remove all
local created users from PCM600.
Management of user credentials and roles is handled on the central Account Management server
e.g. SDM600 The IED employs two strategies to ensure availability of the authentication system
even if there is a problem with the network or authentication server:
1MRK 502 066-UUS B Section 20
Security
1223
Technical manual
To Next Page
Loading...
