View Source

Security Users (Reference) manages user accounts, authentication, and access control throughout the solution. A SecurityUser defines:

Named user accounts with credentials
Permission group assignments
Security policy enforcement
Access control levels
User lifecycle management

The system includes pre-defined users and supports enterprise authentication methods.

In this page:

Security → Tutorial | Concept | How-to Guide | Standards Compliance | Reference

Pre-Defined Users

Three system users are configured by default:

User	Purpose	Default Password	Notes
Administrator	System control and security management	None	Set password immediately
Guest	Anonymous access and default logout	None	Cannot add password
User	Generic authenticated access	None	Template for new users

<ac:structured-macro ac:name="warning"> ac:rich-text-body Do not delete or modify the row IDs of these built-in users. Do not create duplicate users with these names. </ac:rich-text-body> </ac:structured-macro>

Configuration Properties

Property	Description	Required
Name	Unique username for login	Yes
Permissions	Permission groups (comma-separated)	Yes
Password	Encrypted user password	No
PasswordHint	Password recovery hint	No
Policy	Security policy assignment	No
Deleted	Soft delete flag	No
Alias	Alternative identifier	No
Company	Organization association	No
UserGroup	Department/group assignment	No
Attributes	Custom user properties	No
Level	Hierarchical access level (0-255)	No
Category	User classification	No
LockState	Account lock status	Auto
ContactInfo	Email, phone, details	No

Guest Access

The Guest user provides anonymous access:

Active when no user logged in
Default after logout
No password capability
Cannot be deleted
Permissions define anonymous access level

Configure Guest permissions carefully to secure anonymous access.

Administrator Privileges

Exclusive Administrator capabilities:

Delete users permanently
Block/unblock accounts
Set database passwords
Delete audit trails
Modify security policies
Override permission inheritance

User Lifecycle Management

Creating Users

Navigate to Security → Users
Click first row to add
Required fields:
- Name: Unique identifier
- Permissions: At least one group
Optional security:
- Password: Meet policy requirements
- Policy: Assign security level

Disabling Users

Three methods for removing access:

Method	Effect	Use Case	Reversible
Block	Prevents login	Temporary suspension	Yes
Flag Deleted	Blocks + marks deleted	Audit trail preservation	Yes
Delete	Permanent removal	Complete cleanup	No

Password Management

csharp

// Set password programmatically
@Security.SetPassword("username", "newPassword");

// Force password change
@Security.Users["username"].MustChangePassword = true;

// Check password expiration
if (@Security.Users["username"].PasswordExpired)
{
    // Prompt for new password
}

Runtime Authentication

Login Methods

Form-Based Login:

csharp

bool success = @Security.Login(username, password);
if (success)
{
    @Info.Trace("User logged in: " + @Client.UserName);
}

Windows Authentication:

csharp

@Security.UseWindowsAuthentication = true;
string windowsUser = @Client.WindowsUserName;

External Authentication:

csharp

// LDAP/Active Directory
@Security.AuthenticationMode = "LDAP";
@Security.LDAPServer = "domain.local";

Permission Integration

Users inherit permissions from assigned groups:

User: John
Permissions: Operator, Maintenance
Result: Combined permissions from both groups

See [Security Permissions] for group configuration.

Security Policies

Policies enforce password and session rules:

User: Mary
Policy: Enhanced
Result: Strong password, 90-day expiration, session timeout

See [Security Policies] for policy configuration.

User Properties Access

Runtime Properties

csharp

// Current user info
string currentUser = @Client.UserName;
string permissions = @Client.Permissions;
int level = @Client.Level;

// Check specific permission
bool canEdit = @Security.HasPermission("EditDisplays");

// User session
DateTime loginTime = @Client.LoginTime;
string ipAddress = @Client.IPAddress;

User Management

csharp

// Get user details
var user = @Security.Users["username"];
string company = user.Company;
string group = user.UserGroup;

// Modify user
user.ContactInfo = "john@example.com";
user.Level = 50;

Best Practices

Set Administrator password - Immediately on deployment
Use permission groups - Don't assign individual permissions
Apply security policies - Enforce password standards
Audit user changes - Track modifications
Review Guest permissions - Minimize anonymous access
Document user roles - Clear responsibility matrix
Regular cleanup - Remove inactive users

Troubleshooting

Cannot login:

Verify username/password
Check account not blocked
Confirm permissions assigned
Review policy restrictions

Password issues:

Check policy requirements
Verify not expired
Confirm complexity rules
Test password hint

Permission denied:

Review group assignments
Check permission inheritance
Verify user level
Confirm not Guest user

Account locked:

Check failed login attempts
Review policy lockout rules
Administrator unlock required
Check LockState property

In this page:

Pre-Defined Users

Configuration Properties

Guest Access

Administrator Privileges

User Lifecycle Management

Creating Users

Disabling Users

Password Management

Runtime Authentication

Login Methods

Permission Integration

Security Policies

User Properties Access

Runtime Properties

User Management

Best Practices

Troubleshooting

In this section...