Configurations Checklist to use Proficy Authentication Security Groups
In Configuration Hub, the Global Security section in the system DETAILS section enables you to specify the authorization for Historian security groups. To use Proficy Authentication security groups, you must perform the configurations listed in this topic.
This topic intends to be a checklist for you to perform the configurations that are needed to use Proficy Authentication security groups for authorization.
- Access Configuration Hub using ch_admin as
the username.
- In the NAVIGATION pane, expand Proficy Authentication, and then select Security.
- Add the same Windows Login user (For example, if you logged in as Administrator, use Administrator), and then map the user with all admin groups. For more information on adding users and mapping the users to groups, refer to Create groups, Add or remove users in a group and Map groups. For more information on Historian security groups, refer to Overview of Historian groups in Proficy Authentication.
- In the Users tab, from the list of users, select the predefined user, that is <hostname>.admin, and then map it to ih_security_admins. For more information, refer to Map groups.
- Add the users defined in Proficy Authentication using the same password to
Local users & Group. This will enable you to access thick clients
(VB admin, iHSQL). For more information on how to add a user to Local users
& Group, refer to Adding Users to
Windows Security Group.Alternatively, you can add the users by adding registry entries.
- In the HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Intellution,
Inc.\iHistorian\Servers and
Inc.\iHistorian\Servers registry paths, add the following
Name Type Data Proficy Authentication REG_SZ https://hostname.domain:433/uaa/oauth/token For example,
UseProficy AuthenticationAuthentication REG_DWORD 0x00000001. - Save the registries.
- In the HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Intellution,
Inc.\iHistorian\Servers and
Inc.\iHistorian\Servers registry paths, add the following
- Now, you can Access Configuration Hub using the predefined username, that is, <hostname>.admin and password.
- In the NAVIGATION pane, in the Configuration Hub plugin
for Historian, access Systems, and then select the system as needed.
The system appears in the main section. The system details appear in the DETAILS section.
- In the GLOBAL SECURITY section, select Use Proficy Authentication.
- On the top-right corner, select Save.
- Restart all the services, including the Remote Collector Management (RCM) service.
Now you can use the Proficy Authentication security groups for authorization.
- The CollectorManager.shw status must be Connected.
- The DataArchiver.shw security settings must be as shown below.