Securing the historian server – Rockwell Automation FactoryTalk Historian SE 3.01 Installation and Configuration Guide User Manual
Page 62
Chapter 6 Configuring FactoryTalk Historian
62
Rockwell Automation Publication HSE-IN024A-EN-E–December 2012
2. Follow the instructions displayed in the wizard to configure
your activations.
NOTE
Click Help for more information, or refer to the instructions from
the Activate Rockwell Software Products leaflet, available with your
FactoryTalk Historian SE installation package.
FactoryTalk Historian SE allows you to manage the Historian server
authentication through Windows and Microsoft Active Directory
(AD). This solution improves the Historian server security, reduces
your management workload, and provides users with a single sign-on
experience.
With Windows authentication for the FactoryTalk Historian SE
Server, users log on to their Windows accounts and are
automatically authenticated on the Historian server. The Historian
server comes with a set of preconfigured security components
created to reflect particular roles that may be adopted by users to
access the Historian server resources. Each user comes with
predefined trusts and is assigned to one or more groups, depending
on the scope of privileges they should have. Each group is defined
with a different scope of privileges. The users and groups are
assigned to individual database tables, creating in this way a system
of permissions for accessing the Historian server database resources.
The users are the central components that connect the Windows
authentication functionality with the Historian server security
model. They determine which Windows users are authenticated on
the Historian server and what access permissions they have there
(for example, whether the user is allowed to create a point or run a
backup).
The connection between the Windows users and/or groups and the
Historian server security users is established through mappings. If
you want to grant a Windows user or group access to a Historian
server resource (such as a point or a module), you need to create on
the Historian server mappings between the Windows users and/or
Securing the Historian
Server