2 of 2 people found this helpful
Few things come to my mind :
- Is Kerberos configured properly? I am assuming you are using Windows Integrated Security and not Basic Authentication
- Do not use piadmin mapping. Is this your Dev system? Even then, I would recommend against using piadmin identity
- You will see a lot of logs in EventViewer that should point you towards a potential root cause
- Just worth checking AuthenticationMethods :
We have fixed the problem by adding the hostname of the instance in the PI Trusts. As soon as we added this, everything went back to normal.
Thank you for your response!
Oh yeah, we have two entries for each trust - IP and the hostname. Glad you got this resolved!
1 of 1 people found this helpful
If your PI Vision users are authenticating to the PI Data Archive via trust then you are not really taking advantage of the added security benefits of Windows Security/Kerberos/delegated authentication. I would really recommend you reconsider your security model to make sure your users can authenticate using Kerberos. Please don't hesitate to contact our Tech Support team if you need assistance doing this.
Also, I want to point out that mapping \Everyone to piadmin is not a good idea. This basically gives unlimited administrative access to your PI Data Archive to literally everyone across your domain, any trusted domains, and even some built-in security identifiers and guest accounts. I highly recommend removing this mapping as soon as possible and tightening down access to piadmin only to those users who absolutely require it.