AnsweredAssumed Answered

PI RTQP and User Authentication

Question asked by Julian.Beresford on Mar 27, 2020
Latest reply on Mar 30, 2020 by gregor

     I am having trouble configuring our RTQP server and user authentication the way i want to.  In reading through the admin guide it only provides instructions for adding a mapping/trust for the full RTQP server, which best i can tell would mean

that any users that connect to the RTQP server then automatically get access to the PI Data Archives.     


What i am looking for is more along the lines of the delegation method used by PIVision and the Web PI where the context of the connecting user is passed all the way through to target the PI Data server. 


I have set a machine level mapping to get it running, but i see no indication of the connecting user in the logs..


Successful login  ID: 578. Address: 10.###.###.###. Name: PISqlDas.RTQP.exe(3756):remote. Identity List: AllSites_RO | PIWorld. Environment Username : CORP\AUSYDAPD2Z2$. Method: Windows Login (SSPI,NTLM,HMAC-MD5,RSADSI RC4,128)


New Connection ID: 578 ; Process name: PISqlDas.RTQP.exe(3756):remote(3756) ; User: AllSites_RO | PIWorld ; OS User: CORP\AUSYDAPD2Z2$ ; Hostname: ; IP: 10.###.##.### ; AppID: 737 , 773 ; AppName: AF PI Point Data Reference , PI SQL Data Access Server (RTQP Engine)


Does anyone have any ideas if this is possible? I don't like having blanket mappings for full servers, as it means anything else on that server gets the same access right away, and you loose the ability to control individual user access levels.


We are running PI RTQP server 2018 SP2, with the AF/RTQP server and PI Data Archives server on separate machines.