1 Reply Latest reply on Mar 26, 2018 2:23 PM by jru

    PI manual logger user access control - can it be linked to AD??


      I have an installation of Pi Manual logger which currently has individual users configured for access. The user name is entered on the Manual Logger login screen and away they go. I also have a PIML PI Identity setup which has various users allocated to it using the networks active directory user names. I'm a little confused as to why there is a Manual Logger username and then there is a PI Identity which authenticates people. Is the Manual Logger login just to get users in to the PI Manual Logger software, and then the PI Identity authenticates whether a user can upload data in to the PI system, or am I missing something??


      I also have a "pimluser"  user account which has a trust to a specified PC name, and a Labadmin user which has nothing associated with it? I'm guessing that the pimluser and Labadmin accounts are left overs from before PI identities were available, but I don't want to be changing things that may break our lab entry setup.

        • Re: PI manual logger user access control - can it be linked to AD??

          Hi Colin,


          Those are excellent questions.  Your assumptions are correct.


          The PIML Logins are for allowing users to use PIML software, specifically, the PIML PC and PIML Mobile software (I'll get to PIML Web in a second).


          The connection to the PI Server is determined by your AD Credentials.  PIML will attempt to use your windows login to connect to the PI Server.  If it fails, it will fall back to use a trust.  If it fails using a trust, it will fall back to PI User Login.  When we send data to PI Using PIML PC, we are using that connection.


          Now, we can also configure the PIML Windows Service which will automatically send data to the PI Servers.  This service is running as a service account but overall the connection is handled just like your usual windows accounts.  (Windows Authentication>Trust>PI User)


          In summary, PIML Logins, determine if the user can use PIML Software and what tours/permissions they have for PIML.  The PI Identity is the permission identity that the user has on the PI Server which determines if they can send data to PI or not.


          PIML Web is a little different in that you can configure PIML Web to utilize your Windows AD Credentials to authenticate and use the PIML software AND connect to the PI Server using the same Windows AD Credentials.


          Finally with regards to your question about PIMLUser and LabUser.  My assumption is that PIMLUser is the Windows identity for all PIML PC Users on that particular machine.  It is the identity given to all connections made by PIML PC for any user stemming from that machine.  LabUser, if it has nothing associated with it, must be some unused identity which has no use for PIML.


          Please let me know if you have any questions or need further clarification.