We created this site to hear your enhancement ideas, suggestions and feedback about CONNECT products and services. All of the feedback you share here is monitored and reviewed by the CONNECT product managers.
To start, take a look at the ideas in the list below and VOTE for your favorite ideas submitted by other users. POST your own idea if it hasn’t been suggested yet. Include COMMENTS and share relevant business case details that will help our product team get more information on the suggestion. Please note that your ideas and comments are visible to all other users.
This page is for feedback specifically for CONNECT data services. For links to our other feedback portals, please see RESOURCES below.
Definetly a good idea.
Related idea here
https://pisystem.feedback.aveva.com/ideas/PIADAPTERS-I-13
for now the only way to achieve limiting the users accessing the adapter config that I can think of would be to carefully manage the membership of the Windows RDP users and prevent console access in the machine. That is assuming that only PI services are hosted there, and only the piadmins will need to get into the machine. An assumption which may not always be valid e.g. if the adapter is installed in the same machine as the SCADA server.
I think one roadblock in depending on checking windows group memberships (like PI Connector Admins) is that the adapter design intent is to be cross-platform. I don't know enough bout *nix to say if the query "does user X belong to the OS group "Adapter Admins?" can be coded with the same bits, or if it will require a code fork. If a fork is needed, then likely the authorisation mechansm will be different and not be deeply integrated in the OS. That then means that AVEVA will have to come up with their own scheme, which will likely leverage ADH and leave the PI Server 2018 users up a creek.