×

Supercharge your GE solution! Download a free trial of Proficy Operations Hub, CSense analytics, and more. Learn more about the Proficy 2022 releases, by signing up for one of our upcoming events.

Home
Proficy Authentication
Windows Auto-login
This topic describes how to configure the Windows system so that the currently logged-in user is automatically log into Proficy products when launched.
Configure Security Policy
This topic describes how to configure security policy setting associated to Kerberos authentication.

Configuration Hub Products Documentation

Proficy Authentication
- Set up Authentication
  Set up authentication for Configuration Hub.
- Log in to Configuration Hub
  Log in as a user or client.
- Proficy Authentication Overview
  Proficy Authentication provides identity-based security for Proficy based applications and APIs.
- Enable SAML
  This topic describes how to configure SAML identity providers for Proficy Authentication.
- Manage Identity Providers
- Manage Groups
- Manage Users
- Windows Auto-login
  This topic describes how to configure the Windows system so that the currently logged-in user is automatically log into Proficy products when launched.
  - Configure Security Policy
    This topic describes how to configure security policy setting associated to Kerberos authentication.
  - Create Service Principal
    Create a service principal name.
  - Generate Keytab File
    Generate the Kerberos keytab file.
  - Update YAML File
    Update the Proficy Authentication .yml file.
  - Configure Browser
    Configure the browser settings for Kerberos authentication.
  - Troubleshooting Error Logs
    This topic describes Windows Auto-login success/failure scenarios.

Configure Security Policy

This topic describes how to configure security policy setting associated to Kerberos authentication.

It is possible that you may not have access to your computer’s local security policy settings, if it is governed by a group policy (controlled by your domain administrator). In any case, make sure that these security options are enabled for your computer.

If your environment is not governed by a group policy, then follow these steps to configure local security policy:

To access Local Security Policy, enter secpol.msc in Windows Run dialog and select OK.
Navigate to Security Settings > Local Policies > Security Options.
Double-click and open Network security: Configure encryption types allowed for Kerberos security policy setting.
Select the valid encryption types that you want to use as shown in the figure. Ensure that the selection is same across all the participating nodes.

Note: In our current documentation, we use AES256_HMAC_SHA1 encryption type in our example code to generate the keytab file.

For more information refer to Microsoft documentation on security policy settings.