Siemens SIMATIC S7-1500 System Manual page 246
Drive controller
Hide thumbs
Also See for SIMATIC S7-1500:
- System manual (523 pages) ,
- Function manual (402 pages) ,
- Manual (188 pages)
Table of Contents
Advertisement
Protection
11.3 Local user management
Restrictions on continued use of the access levels
When using the "Legacy access control" option, you cannot select the access level directly in
the table for setting the access levels. This selection can only be set for the new local user
management in one way: Via the access protection function rights of the "Anonymous" user.
The local user "Anonymous" is created in a project by the system by default. With the help of
this user, you determine the behavior of the CPUs in the project for someone who logs in
without a user name and password. For security reasons, the anonymous user is deactivated
and needs to be activated before use.
The area where you set the access levels leads you via a link to the editor for the required
settings for the "Anonymous" user.
Examples:
• If the "Anonymous" user is deactivated or if the "Anonymous" user is activated and no
function rights are assigned to that user, then nobody can log in without a user name and
password (corresponds to the access level "No access (complete protection").
• If the "Anonymous" user is activated and the "Full access" function right for a CPU is
assigned to that user via a corresponding role, the result of this setting is "No protection".
You can achieve the same effect with regard to access protection by setting "No access
protection" in the "Protection & Security" area of the CPU properties.
Procedure
To activate the "Legacy access control" and set the required access level, follow these steps:
1. In the CPU properties, go to "Protection & Security > Access control".
2. Select the option "Activate access control" and, in addition, select the check box "Use legacy
access control via access levels" check box.
The access level selection cannot be used in this setting. You have to set the access level
via the "Anonymous" user of the CPU.
The "Anonymous" user is disabled in the default setting. This means that the resulting
access level for users without a password is "No access (complete protection)" (default
setting).
3. Go to "Security settings > Users and roles" in the project tree.
4. Activate the "Anonymous" user, if you want to set a different access level than "No access
(complete protection)". You can assign a role with function rights that grants access to the
CPU without password input, only to the activated "Anonymous" user.
5. You cannot assign function rights for a CPU directly to a user. You must first assign a role:
Therefore switch to the "Roles" tab and add a new role. Assign a meaningful name, e.g.
"PLC1-Read-Access-Role". If you assign this role to a user, this user should have read access
to PLC1 during operation.
244
SIMATIC Drive Controller
System Manual, 11/2023, A5E46600094-AD
Advertisement
Table of Contents
