Creating and editing access rights group sets (Object Protection Level)

	Allow operating system access for authorized users only The content of the user database is protected against manipulation with a signature. The names of groups, object protection levels and users are not encrypted and could be read. Access to the IPC should be restricted to authorized users via the operating system.

	Download link: Planning table for group rights and Object Protection Level An Excel table for the simple planning of group rights and access rights group sets (Object Protection Level) can be downloaded here.

User database can only be created or edited if no project is open. Close any open projects.

The Software protection configurator is opened.

1. Select the Object Protection tab.

2. Click on Add.

The Edit Object Protection Level dialog opens.

3. Assign the individual user rights, by ticking the respective check boxes, for all the groups defined under Security Management for this specific Object Protection Level.

The following example shows the definition of the "Public" Object Protection Level:
Creating and editing access rights group sets (Object Protection Level) 3:

Creating and editing access rights group sets (Object Protection Level) 3:

The "Guest" user group can read a TwinCAT object that is assigned this Object Protection Level but cannot change it.
The "Service" user group can read and modify a TwinCAT object that is assigned this Object Protection Level but cannot delete it.
The "Developers" user group has full access.

In the following example only the "Developers" user group has access to the TwinCAT object. The other user groups have no rights at all.

4. Confirm the dialog with OK.

The Object Protection Level with the user rights is created in the system and is displayed in the overview on the Object Protection tab in the software protection configurator.

5. Assign the required user rights for further user groups in an Object Protection Level accordingly.

6. To edit an Object Protection Level, select the corresponding column and click Edit.
Creating and editing access rights group sets (Object Protection Level) 5:

Creating and editing access rights group sets (Object Protection Level) 5:

7. To remove an Object Protection Level, click Remove.

8. To change the position of the selected Object Protection Level in the overview, click on Move up or Move down.

All changes are only finally confirmed and valid on saving and signing the user database.