Security

https://docs.osisoft.com/bundle/pi-server/page/permissions-required-for-tasks.html According to the documentation linked above, when permission to Point Security or Data Security is required, the same permission to PIPOINT is also required. This i...

PI AF Admin would like grant permissions for users that are not level server admins to create and edit non-impersonated linked tables. Currently this only allowed for AF server admins or using impersonated linked tables. User guide: https://liv...

Currently, it is a 5-step process to get authenticated. After the first authentication, it is only a 3-step process, but still clunky.

I want to separate the security roles between 1) the ability to run an Auditviewer report and (potentially) associate a change control record to a configuration change and 2) the PI Admin Role in order to minimize security risk.

Provide a configurable export of PI Message log to syslog server.

In many cases analytics should not be visible to everyone having right to view an AF-Database. Should be possible to direct whom should have view access to analytics. This is an extension to the obivious right to change analytics :)

PI System Administrators would benefit from a client or PI SMT extension that supports auditing and modifying user access. This includes mapping Active Directory roles to PI Identities, managing PI Database and Point access, managing AF Database a...

Maximum security by default would help encourage security best practices by: Making the best decision for customers that do not know or care about security "Rewarding" security-conscious customers with not having to expend effort to maximize secur...

Some Azure Active Directory (Entra ID) administrators will be hesitant to give the registered application for the AIM Server Directory.Read.All privileges. It should be feasible to give the application lesser privileges on the directory while stil...

Hello, whenever Osisoft identifies security issues on PI / PI AF, they deliver fixes through the next release of these applications. This is not convenient as upgrading to a new release is a risk that we don't like to be forced to take and has a ...