Advantages Of The Local User Administration And Access Control - Siemens SIMATIC S7-1500 System Manual
Redundant system
Hide thumbs
Also See for SIMATIC S7-1500:
- Function manual (402 pages) ,
- System manual (393 pages) ,
- Manual (188 pages)
Table of Contents
Advertisement
11.3.2
Advantages of the local user administration and access control
The advantages of the new local user management for R/H-CPUs and the changes associated
with it are described below.
Quick activation/deactivation of the local user administration
The options for user administration are located in the "Protection & Security > Access control"
tab:
• Access control deactivated: Every user has full access to all functions of the R/H-system.
• Access control enabled: The configured users with their assigned roles and concomitant
linked function rights become effective after loading.
Access protection for PG/HMI accesses, now with user authentication
Where it was possible to assign passwords for access levels for CPUs with firmware versions
<V3.1, you can configure users with corresponding function rights for the current CPUs.
All in one place
Irrespective of the service for which you configure users, roles and rights for a CPU: You have
to manage the data at the same location.
All users, no matter if you manage their engineering rights for the project or their local
runtime rights for each CPU in the project, can be found in the editor for users and roles in
the project navigation.
Powerful password functions
• Support for compliance with complexity rules for password creation:
Right from the password creation stage, you can have the TIA Portal check compliance
with complexity rules (such as the password length, uppercase/lowercase letters) (project
navigation, "Security settings > Settings" area).
The complexity rules are also saved in the CPU upon loading the user administration.
When the password is changed online, the CPU determines and considers these rules. This
prevents a user from overriding the complexity rules set by the configuration engineer
and assigning a non-secure password.
• The period of validity of passwords is adjustable:
To ensure that a user does not have access to the CPU with a compromised password for
an unlimited time, you can parameterize a period of validity. Before the period of validity
expires, the remaining time is then displayed on login so that each user has the possibility
to change their password in time.
S7-1500R/H redundant system
System Manual, 01/2024, A5E41814787-AF
DANGER
Disabled access control carries the risk of unauthorized access and thus the risk of
personal injury and property damage.
Only use this setting in a protected environment, for example during commissioning.
Protection
11.3 Local user management
345
Advertisement
Table of Contents
