Security

https://docs.osisoft.com/bundle/pi-server/page/permissions-required-for-tasks.html According to the documentation linked above, when permission to Point Security or Data Security is required, the same permission to PIPOINT is also required. This i...

PI AF Admin would like grant permissions for users that are not level server admins to create and edit non-impersonated linked tables. Currently this only allowed for AF server admins or using impersonated linked tables. User guide: https://liv...

I want to separate the security roles between 1) the ability to run an Auditviewer report and (potentially) associate a change control record to a configuration change and 2) the PI Admin Role in order to minimize security risk.

Currently, there are 2 windows to configure PI AF security, and it is a pain to switch between them: File → Database → Edit Security, which is used to assign permissions to identities File → Server Properties → Identities tab and Mappings tab, whi...

Provide a configurable export of PI Message log to syslog server.

Some Azure Active Directory (Entra ID) administrators will be hesitant to give the registered application for the AIM Server Directory.Read.All privileges. It should be feasible to give the application lesser privileges on the directory while stil...

Use case: We want to give a user read access to a single element. All future elements created inherit the Database level Security, meaning the user will also have read access to all future created elements.

Implement a way to hide the contents of a PI point attribute, specifically the Instrumenttag attribute. With many PI interfaces, the InstrumentTag attribute will store the IP address of the source, and we (as well as many other utilities) have a r...

In many cases analytics should not be visible to everyone having right to view an AF-Database. Should be possible to direct whom should have view access to analytics. This is an extension to the obivious right to change analytics :)

PI System Administrators would benefit from a client or PI SMT extension that supports auditing and modifying user access. This includes mapping Active Directory roles to PI Identities, managing PI Database and Point access, managing AF Database a...