Chapter 11. security, Historian server v3.3 and higher, Security configuration using piconfig – Rockwell Automation FactoryTalk Historian SE 3.0 H2H Interface User Guide User Manual

FactoryTalk Historian To Historian Interface User Guide

99

Chapter 11.

Security

The Historian Firewall Database and the Historian Proxy Database must be configured so that
the interface is allowed to write data to the Historian Server. See “Modifying the Firewall
Database” and “Modifying the Proxy Database” in the Historian Server manuals.

Note that the Trust Database, which is maintained by the Base Subsystem, replaces the Proxy
Database used prior to Historian version 3.3. The Trust Database maintains all the
functionality of the proxy mechanism while being more secure.

See “Trust Login Security” in the chapter “Managing Security” of the Historian Server
System Management Guide.

If the interface cannot write data to the Historian Server because it has insufficient privileges,
a -

10401

error will be reported in the

pipc.log

file. If the interface cannot send data to a

PI2 Server, it writes a

-999

error. See the section

Appendix A: Error and Informational

Messages

for additional information on error messaging.

Historian Server v3.3 and Higher

Security configuration using piconfig

For Historian Server v3.3 and higher, the following example demonstrates how to edit the
Trust table:

C:\PI\adm> piconfig
@table pitrust
@mode create
@istr Trust,IPAddr,NetMask,PIUser
a_trust_name,192.168.100.11,255.255.255.255,piadmin
@quit

For the above,

Trust

: An arbitrary name for the trust table entry; in the above example,

a_trust_name

IPAddr

: the IP Address of the computer running the interface; in the above example,

192.168.100.11

NetMask

: the network mask;

255.255.255.255

specifies an exact match with

IPAddr

PIUser

: the PI user the interface to be entrusted as;

piadmin

is usually an appropriate user