Similar documents


Multiuser Engineering in the TIA Portal

Integration of Process Historian / Information Server in a Domain

Configuration of an MRP Ring and a Topology with Two Projects

Configuration of an MRP ring with SIMOCODE and SIMATIC S SIMOCODE pro V PN, SIMATIC S Siemens Industry Online Support




Visualizing Energy Data of a SITOP PSU8600

Determination of suitable hardware for the Process Historian 2014 with the PH-HWAdvisor tool

Display of SINAMICS Error Messages in Runtime Professional


User Login with RFID Card Reader

Display of SINAMICS Fault Messages in WinCC V7.4


SINAMICS G/S: Integrating Warning and Error Messages into STEP 7 V5.x or WinCC flexible

Migration of a Process Historian database



APF report templates based on data from the WinCC User Archive

Communication between HMI and Frequency Converter. Basic Panel, Comfort Panel, Runtime Advanced, SINAMICS G120. Application Example 04/2016

SINAMICS G/S: Tool for transforming Warning and Error Messages in CSV format

Application example 02/2017. SIMATIC IOT2000 Connection to IBM Watson IoT Platform SIMATIC IOT2040



Data Storage on Windows Server or NAS Hard Drives

Exchange of large data volumes between S control system and WinCC

Application example 12/2016. SIMATIC IOT2000 OPC UA Client SIMATIC IOT2020, SIMATIC IOT2040


Automatic Visualization of the Sample Blocks in WinCC Advanced



Moving a Process Historian/ Information Server from Workgroup A to Workgroup B

Checking of STEP 7 Programs for the Migration of S7-318 to S CPU318 Migration Check. Application description 01/2015

Library Description 08/2015. HMI Templates. TIA Portal WinCC V13.

Position Control with SIMATIC S and SINAMICS V90 via IRT PROFINET SINAMICS V90 PROFINET. Application description 03/2016

Check List for Programming Styleguide for S7-1200/S7-1500

SIMATIC NET OPC Server Implementation

SIMATIC Energy Suite Visualization example of the "*.csv"-energy Data Files

STEP 7 Professional V14 SP1, Energy Suite V14 SP1, SENTRON PAC Measuring Devices, Modbus TCP

Key Panel Library / TIA Portal

Setting up 08/2017. Setting up the SIMATIC IOT2000 SIMATIC IOT2020, SIMATIC IOT2040

Generating the Parameters for the Modbus/TCP Communication


Setting up 01/2017. Setting up the SIMATIC IOT2000 SIMATIC IOT2020, SIMATIC IOT2040



Setting up time synchronization of Process Historian and Information Server

Integration of SIMATIC PCS 7 Asset Management into existing projects




X-Tools Loading Profile Files (LPF)

Calculating the expected PH storage requirements of SIMATIC BATCH batches

Windows firewall settings for X-Tools Server Pro. CMS X-Tools / V / CPU PN/DP. Application description 6/2016

Report operator actions with the WinCC WebNavigator

Production feedback via WinCC Data Transfer with XML file

House Control with Touch Panel


Transmitting HMI data to an external monitor

SIMATIC Visualization Architect (SiVArc) Getting Started


Single Message Report for the Information Server. SIMATIC PCS 7, SIMATIC Information Server Siemens Industry Online Support

S Data Transfer with SEND/RECEIVE Interface

Setting up a secure VPN connection between two SCALANCE S Modules Using a static IP Address

PNDriver V2.1 Quick Start Guide for IOT2040 SIMATIC IOT

Applications & Tools. Individual Access to Stored PDF- and HTML-Documents via Comfort Panel. WinCC Comfort V11. Application Description May 2012

Networking a SINUMERIK 828D

Acyclic communication between S and V90PN via PROFINET. Application example 12/

RAID systems within Industry


Message Cycle Report for the Information Server. SIMATIC PCS 7, SIMATIC Information Server Siemens Industry Online Support


Improving the performance of the Process Historian



Applications & Tools. Service Concept: Auto Backup for the Comfort Panels. WinCC (TIA Portal) V12. Application Description May 2013


TeleService of a S station via mobile network


Setting up a secure VPN Connection between the TS Adapter IE Advanced and Windows 7

Tabular SIMATIC BATCH report for the Information Server. SIMATIC PCS 7 / SIMATIC Information Server 2014 / Customized Reporting

Customizing of WinCC Controls. TIA Portal WinCC Runtime Professional. Application Description July Applications & Tools. Answers for industry.

PCS 7 Configuration Changes in RUN with Active Fieldbus Diagnosis

Time Synchronization with an HMI Operator Panel and a SIMATIC PLC

PCS 7 Process Visualization on Mobile Devices with RDP


Plant Data Interface for the Food & Beverage Industry in SIMATIC PCS 7. Interface description based on Weihenstephan Standards

SIMATIC PDM - Central access to MODBUS RTU devices




Setting up a secure VPN Connection between SCALANCE S and SSC Using a static IP Address. SCALANCE S, SOFTNET Security Client

STEP 7 function block to control a MICROMASTER 4 or SINAMICS G120/G120D via PROFIBUS DP

Application on Control Technology

Applications & Tools. Configuration of Direct Starters with the APL Channel Block FbSwtMMS in SIMATIC PCS 7 SIMATIC PCS 7 V8.0

Sending and Receiving SMS Messages via a SCALANCE M Router SCALANCE M874/M876, S7-1200/S CPU / V1.0. Application Example 06/2016

WinCC Runtime Professional S7-Graph Overview and PLC Code Viewer

Applikationen & Tools. Network Address Translation (NAT) and Network Port Address Translation (NAPT) SCALANCE W. Application Description July 2009

Transcription:

User Login with RFID Card Reader WinCC Advanced V14 SP1, SIMATIC IPC https://support.industry.siemens.com/cs/ww/de/view/99808171 Siemens Industry Online Support

Warranty and Liability Warranty and Liability Note The Application Examples are not binding and do not claim to be complete regarding the circuits shown, equipping and any eventuality. The Application Examples do not represent customer-specific solutions. They are only intended to provide support for typical applications. You are responsible for ensuring that the described products are used correctly. These Application Examples do not relieve you of the responsibility to use safe practices in application, installation, operation and maintenance. When using these Application Examples, you recognize that we cannot be made liable for any damage/claims beyond the liability clause described. We reserve the right to make changes to these Application Examples at any time without prior notice. If there are any deviations between the recommendations provided in these Application Examples and other Siemens publications e.g. Catalogs the contents of the other documents have priority. We do not accept any liability for the information contained in this document. Any claims against us based on whatever legal reason resulting from the use of the examples, information, programs, engineering and performance data etc., described in this Application Example shall be excluded. Such an exclusion shall not apply in the case of mandatory liability, e.g. under the German Product Liability Act ( Produkthaftungsgesetz ), in case of intent, gross negligence, or injury of life, body or health, guarantee for the quality of a product, fraudulent concealment of a deficiency or breach of a condition which goes to the root of the contract ( wesentliche Vertragspflichten ). The damages for a breach of a substantial contractual obligation are, however, limited to the foreseeable damage, typical for the type of contract, except in the event of intent or gross negligence or injury to life, body or health. The above provisions do not imply a change of the burden of proof to your detriment. Any form of duplication or distribution of these Application Examples or excerpts hereof is prohibited without the expressed consent of the Siemens AG. Security information Siemens provides products and solutions with industrial security functions that support the secure operation of plants, systems, machines and networks. In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement and continuously maintain a holistic, state-of-the-art industrial security concept. Siemens products and solutions only form one element of such a concept. Customer is responsible to prevent unauthorized access to its plants, systems, machines and networks. Systems, machines and components should only be connected to the enterprise network or the internet if and to the extent necessary and with appropriate security measures (e.g. use of firewalls and network segmentation) in place. Additionally, Siemens guidance on appropriate security measures should be taken into account. For more information about industrial security, please visit http://www.siemens.com/industrialsecurity. Siemens products and solutions undergo continuous development to make them more secure. Siemens strongly recommends to apply product updates as soon as available and to always use the latest product versions. Use of product versions that are no longer supported, and failure to apply latest updates may increase customer s exposure to cyber threats. To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed under http://www.siemens.com/industrialsecurity. Entry ID: 99808171, V1.0, 06/2017 2

Table of Contents Table of Contents Warranty and Liability... 2 1 Introduction... 4 1.1 Overview... 4 1.2 Mode of Operation... 5 1.3 Components used... 6 1.4 Assumed knowledge... 6... 7 2.1 Hardware configuration... 7 2.1.1 RF1060R installation on mounting plate... 7 2.1.2 RF1060R installation in extension unit... 7 2.2 Installation... 8 2.2.1 Installation requirements... 8 2.2.2 Installation of PM-Logon Basic on industrial PC... 8 2.3 Configuring SOAP connection... 13 2.3.1 Setting up Soap service... 13 2.3.2 Enabling Web service... 14 2.3.3 Configuring PM-Logon... 16 2.4 Creating a user... 18 2.4.1 Determination of UID... 18 2.4.2 Adding user statically in the TIA Engineering... 20 2.4.3 Adding users dynamically via user view... 22 2.4.4 Log in a user in WinCC via VB Script... 27 3 Operating the Application... 31 3.1 Commissioning the example project... 31 3.2 Operating the example project... 31 4 Error Handling... 38 4.1 Wrong SOAP user name and password... 38 4.2 WinCC Runtime has not started... 38 5 Valuable Information... 39 5.1 Basics... 39 5.2 Tips and tricks... 39 5.2.1 Securing user administration... 39 6 Annex... 42 6.1 Service and Support... 42 6.2 Links and literature... 43 6.3 Change documentation... 43 Entry ID: 99808171, V1.0, 06/2017 3

1 Introduction 1 Introduction Automation plants are highly-developed and complex technical plants. The operation of unauthorized personnel makes operating errors and thus faults in the production process possible. In order to prevent this, it is recommended to set up an access restriction to functions of the plant so that only authorized personnel has access. To realize plant access protection, WinCC (TIA Portal) offers you the option to implement such a concept in your plant with integrated user administration and the RF1060R card reader. 1.1 Overview Figure 1-1 SIMATIC RF1060R Operator USB PM-Logon Card UID: 46127508000104E0 Basic Entry ID: 99808171, V1.0, 06/2017 4

1 Introduction 1.2 Mode of Operation Using PM-LOGON Basic, a user administration is realized via RFID cards. To do this, the user holds their card against a reader and is then logged onto WinCC Advanced Runtime. The card UID is used as password. PM-LOGON Basic is available for the following products 1.) WinCC TIA Advanced Runtime (PC): PM-Logon Basic Runtime PM-Logon connects itself with the RFID reader and reads the card UID as soon as it is near. The read UID is written in a Runtime tag using SOAP service. A script in Runtime has to respond to the tag change and the transferred UID has to be used as password for login. Figure 1-2 User administration WinCC Runtime PM-Logon VB Script SOAP Service USB SIMATIC RF1060R Advantages Automatic user login on the operator panel. This is how errors are avoided when entering username and password. Easy login even under unfavorable conditions, for example, when the user is wearing work gloves. High flexibility (e.g., changing user data) Topics not covered by this application This application does not contain a description of user administration in Windows operating systems. Entry ID: 99808171, V1.0, 06/2017 5

1 Introduction 1.3 Components used This application example has been created with the following hardware and software components: Table 1-1 Component Numbe r Article number Note Programming unit, e.g. SIMATIC FIELD PG M5 1 6ES7717-..-0 Engineering Station SIMATIC Memory Card 1 6ES7954-8LL02-0AA0 256 Mbyte SIMATIC IPC477D PRO 1 6AV7250-..-.. Alternatively, any other IPC can also be used SIMATIC RF 1060R 1 6GT2831-6AA50 RFID card 2 6GT2600-4AD00 Alternatively, any other RFID card can also be used Card holder for RF 1 6GT2890-0CA00 1060R SIMATIC WinCC 1 6AV2102-0AA04-0AA5 For installation on the ES Advanced V14 SP1 SIMATIC WinCC Runtime Advanced V14 SP1 1 6AV2104-0.A04-0AA0 For installation on the OS This application example consists of the following components: Table 1-2 Component File name Note 99808171_Card_Reader.pdf 99808171_Card_Reader.zip This document. This zip file contains the WinCC project. 1.4 Assumed knowledge To implement the solution described in this document, basic knowledge of the following topics is required: Automation technology User Administration in WinCC (entry ID: 109738532) Entry ID: 99808171, V1.0, 06/2017 6

2.1 Hardware configuration For the installation of the RF1060R card reader, please refer to the following manuals. Connect the card reader to a free USB slot of your HMI operator panel. 2.1.1 RF1060R installation on mounting plate More information on the installation can be found in the manual SIMATIC Ident RFID systems SIMATIC RF1060R (entry ID: 109745368). 2.1.2 RF1060R installation in extension unit More information on the installation can be found in the manual SIMATIC system components for PRO devices extension units (entry ID: 109742323). Entry ID: 99808171, V1.0, 06/2017 7

2.2 Installation The following installation instruction are SIMATIC Industrial PC. 2.2.1 Installation requirements RF1060R card reader Free USB port on IPC Engineering PC with TIA V14 SP1 2.2.2 Installation of PM-Logon Basic on industrial PC To be able to operate the PM-Logon software on SIMATIC IPC, WinCC Runtime Advanced V14 SP1 has to be installed. Entry ID: 99808171, V1.0, 06/2017 8

Table 2-1 1. Select "PM-LOGON Basic Runtime Setup" and install it on your PC. 2. Select the installation language. Click Next. Entry ID: 99808171, V1.0, 06/2017 9

3. PM-Logon Basic Runtime requires Visual C++ Redistributable for Visual Studio 2012 and NET Framework 4.0. These components are automatically installed if required. Click Next. 4. The PM-Logon setup wizard opens. Click Next. Entry ID: 99808171, V1.0, 06/2017 10

5. Click on "Install" to start the installation. 6. PM-LOGON Basic Runtime is installed. Entry ID: 99808171, V1.0, 06/2017 11

7. Click "Finish" to finish the setup wizard. Entry ID: 99808171, V1.0, 06/2017 12

2.3 Configuring SOAP connection 2.3.1 Setting up Soap service The procedure for setting up the SOAP service for a SIMATIC IPC is explained below. The UID of the card is transferred via Web SOAP service into the WinCC tag of Runtime. Table 2-2 No. 1. Select die Runtime settings. 2. Enable the SOAP Web service in Services. 3. Transfer the project to your operator panel. Entry ID: 99808171, V1.0, 06/2017 13

2.3.2 Enabling Web service SIMATIC IPC The following settings are to be configured on the IPC for the Web server. Table 2-3 1. Open the Control Panel. Select WinCC Runtime Advanced Internet (Settings). 2. Go to "Web Server" and then to the "User Administration" tab. 3. Create a new user via the "New" button. The user "PMLogon" with the password "PMLogon" was created in the application example. Entry ID: 99808171, V1.0, 06/2017 14

4. Assign the SoapUser rights for the newly created PMLogon user. Entry ID: 99808171, V1.0, 06/2017 15

2.3.3 Configuring PM-Logon The procedure for setting up the PM-Logon configuration for a PC station is explained below. SIMATIC IPC Table 2-4 1. Start PM-LOGON Basic Runtime. The window can be minimized for Runtime operation. Depending on the configuration, the program is already started minimized. If the window is minimized, it is made visible again by double-clicking the tray icon. 2. Open the configuration. Entry ID: 99808171, V1.0, 06/2017 16

3. Assign the same SOAP username and password as described in chapter 2.3.2 (Username: "PMLogon" password: "PMLogon"). Confirm your entry. The following additional properties can be set: Property, when card leaves player Set password on password prompt of User view Set credentials in open login window Access HMI Runtime via Set password in password prompt of User Administration Description If the "Log off current user" option is switched on, a logged on user is logged off when the previously read card is removed from the reader. To do this, value "-1" is written into the UID tag. If users are managed in HMI Runtime with the help of the "User view" control, the UID of the user is entered in the open password dialog, provided this check box was enabled. If this checkbox is enabled, the read UID of a card is written in the currently open login dialog. The logon dialog is always shown by HMI Runtime when the action is to be carried out that requires special user authorizations."pm-logon Basic Runtime" enters the UID automatically into the password field and closes the dialog. Here, it is specified how the UID is written in the HMI Runtime tag. This can be done via SOAP. At the same time "PM-Logon Basic Runtime is a tool for assigning cards to users in the HMI engineering system. If this checkbox is enabled, the read UID of a card is entered in the password dialog of the engineering system, if it is currently open, which means the read card is assigned to the user. 4. To start "PM-LOGON Basic Runtime" after configuration has taken place, click the green "Play" button. Entry ID: 99808171, V1.0, 06/2017 17

2.4 Creating a user You have the option to add users statically via WinCC TIA Engineering or to do so dynamically in running operation. 2.4.1 Determination of UID This chapter explains how UID of the respective card is determined. It will be required later in the engineering for the configuration of the password in HMI. Determination of UID via BRP RFID Reader Configuration Figure 2-1 Workflow 1.) Initial situation: Card UID unknown Administrator Operator Card UID:??? Card UID:??? 2.) Use of the PM-Logon Basic program for IPCs to determine the UIDs. Card UID: 797D7183 480108E0 USB SIMATIC RF1060R PM-Logon Basic 3.) Accepting determined UIDs in TIA Portal Engineering. Administrator Operator Card UID: 797D7183480108E0 Card UID: 46127508000104E0 TIA WinCC User administration Name: Administrator Password: 797D7183480108E0 Name: Operator Password: 46127508000104E0 Entry ID: 99808171, V1.0, 06/2017 18

Table 2-5 1. Open PM-Logon Basic Runtime. 2. Click on "File Configuration". 3. Click on the "BRP RFID Reader". Select the "Connect" button to read the card UID. The button then changes its name to "Disconnect". 4. To read out the card UID again, put the new card onto the reader. The newly determined UID of the second card is displayed. 5. For card 1 (administrator) the following UID was determined: 797D7183480108E0. For card 2 (user) the following UID was determined: 46127508000104E0. Entry ID: 99808171, V1.0, 06/2017 19

2.4.2 Adding user statically in the TIA Engineering Table 2-6 1. Open the Runtime settings. 2. Select the Logon only with password" function in the Runtime settings of the user administration. If the check box is enabled, an authentication of the user via the password takes place. The username is not required. To enable an assignment, passwords must not be configured twice. Note: When the option "Logon only with password" is enabled, the system resets the passwords for already created users. This is why it is recommended to always enable "Logon only with password" before the user is created. When you transfer the user data from earlier device versions in which the "Logon only with password" option was disabled, it is possible that several users have been stored with identical passwords. They will be listed in the user view. However, only the person whose user name comes first in the alphabetical sorting can login to Runtime. 3. Open the user administration on the engineering PC. Entry ID: 99808171, V1.0, 06/2017 20

4. Create the following 2 users with access data via the card. Name: Operator1 Password: 797D7183480108E0 Group: Administrator Name: Operator2 Password: 46127508000104E0 Group: User Create a user for later dynamic user administration in addition to the card users. Name: Siemens Password: Siemens Group: Administrator Note Please note that your RFID cards have different UIDs. This is why the passwords of your users differ from the application example. Entry ID: 99808171, V1.0, 06/2017 21

2.4.3 Adding users dynamically via user view Users can be added quickly and easily during plant operation via the "User view" control. Depending on the user group affiliation, you can enter different settings in the user display. Administrators All users groups with the authorization User administration (default setting for the Administrator group ) therefore can: Add and delete users Release blocked users Edit all usernames and passwords Change group affiliations Adjust all logout times Below, 2 variants for logging on new users are introduced. The variants differ whether the "Log off current user when card leaves reader" function is enabled or not. Entry ID: 99808171, V1.0, 06/2017 22

Variant 1 "Log off current user when card leaves reader" and "Set password in password prompt of User view" are enabled. Figure 2-2 Workflow 1 1.) To login new user, no card must be placed on the reader! SIMATIC RF1060R USB 2.) Log in as administrator via the Log in new user Name: Siemens Password: Siemens 3.) Add a new username in WinCC Control User view. Name Password Name: New user 4.) Place the card onto the card reader to enter the password. Name Password USB SIMATIC RF1060R Name: New user Password: Card UID Entry ID: 99808171, V1.0, 06/2017 23

Configuration The following table explains the configuration of the dynamic user administration. An example for logging on a new user can be found in chapter 3.2. Table 2-7 1. Enable the following settings "Set password prompt of User view" and "Log off current user when card leaves reader" in PM-LOGON Runtime. 2. Add a user view and a button in your HMI screen using drag-and-drop. 3. Configure the button with the system function ShowLogonDialog". Note Alternatively, there is also an additional "Log in" system function available. This is where 2 internal tags have to be created for username and password of the WString data type. The entry is via I/O fields. Entry ID: 99808171, V1.0, 06/2017 24

Variant 2 "Log off current user when card leaves reader" is disabled and "Set password in password prompt of User view" is enabled. Figure 2-3 Workflow 1 1.) Place a card with administrator rights onto the card reader. Name Password Name: Administrator Password: 797D7183480108E0 2.) Add a new username in WinCC Control User view. Name Password Name: New user 3.) Place a new card onto the card reader to enter the password. Name Password Name: New user Password: Card UID Configuration The following table explains the configuration of the dynamic user administration. An example for logging on a new user can be found in chapter 3.2. Entry ID: 99808171, V1.0, 06/2017 25

Table 2-8 1. Enable the following setting "Set password prompt of User view in PM-LOGON Runtime. 2. Add a user view in your HMI screen using drag-and-drop. Entry ID: 99808171, V1.0, 06/2017 26

2.4.4 Log in a user in WinCC via VB Script The log on of the user via card reader is via VB Script in Runtime. A tag (PMLOGON_UID) from Runtime is written via PM-Logon using SOAP service. If there is a change in value, the newly described tag is processed via VB script. The following 3 different cases exist: - Card not available - Card available (user stored in system) - Card available (user not stored in system) Below, it is described what has to be observed during the creation in WinCC Engineering. Table 2-9 1. Open the HMI tag table. 2. Create the following tags. Name: PMLOGON_UID UserName Status CurrentUser Data type WString UserName Int WString 3. Create the "PMLOGON_UID_Changed" script. Entry ID: 99808171, V1.0, 06/2017 27

4. Add the following code in the script. The script reads from the PMLOGON_UID tag. PMLOGON_UID supplies the value "-1" when the card is removed from the reader. To do this the "Logon of Current User when Card leaves" property has to be enabled in PMLOGON Basic. If the card is removed, the user is logged off from the operator panel with the "Logoff" function. Via the "Status" tag, the information that no card is available is saved. If a card is available, it is tried to log on the user with the "Logon" function. Via the "Status" tag, the information that a card is available is saved. If the user is not available in the user administration of the device, the "GetUserName" function does not supply any results. With the If condition it is tested whether the string of the GetUserName function is empty. Via the "Status" tag the information that no user is available is saved. Entry ID: 99808171, V1.0, 06/2017 28

5. Apply the created script "PMLOGON_UID_Changed" to the PMLOGON_UID tag. Entry ID: 99808171, V1.0, 06/2017 29

6. The status information is displayed via text fields and I/O fields in the project. For this purpose, the texts are switched to visible. Status 1: Card not available Status 2: Card available (user stored in system) Status 3: Card available (user not stored in system) Entry ID: 99808171, V1.0, 06/2017 30

3 Operating the Application 3 Operating the Application Before you start the configuration, check the wiring of the components. 3.1 Commissioning the example project Table 3-1 1. Install the PM-Logon on your HMI operator panel. 2. Unzip the "99808171_Card_Reader.zip" file. 3. Start the TIA Portal. 4. Set a SOAP Web service as well as a username and a password in PM Logon (see chapter 2.3.2 and 2.3.3). 5. Adjust the user passwords to the UIDs of your card in the project (see chapter 2.4.1 and 2.4.2). 6. Download the WinCC project onto your IPC. 3.2 Operating the example project WinCC screen Card available" Figure 3-1 1 3 4 2 5 Entry ID: 99808171, V1.0, 06/2017 31

3 Operating the Application Table 3-2 1. Via the IO field the currently logged on user can be displayed. 2. The text field shows whether a card is inserted or not. 3. Via the button, the current user can be logged on in the system via the keyboard. 4. Via the button, the current user can be logged off from the system via the keyboard. 5. Via the button you receive further information on the "Card available" and "Card not available" function. Creating WinCC screen user Using the WinCC screen "Creating a user", you can add or remove new users to the system (see chapter 2.4.3). You can also change passwords and group affiliations as long as you are logged on as administrator in the system. Figure 3-2 Entry ID: 99808171, V1.0, 06/2017 32

3 Operating the Application Variant 1 "Log off current user when card leaves reader" and "Set password in password prompt of User view" are enabled. Table 3-3 1. For the following instruction create user dynamically via user view" to work, the settings below have to be enabled in PM LOGON Runtime. 2. Click on the Log in user" button. 3. Logon with a user with administrative rights. Use the screen keyboard for logon. In the application example the user "Siemens" with the password "Siemens" was created. Entry ID: 99808171, V1.0, 06/2017 33

3 Operating the Application 4. Create a new "Operator3" user. Entry ID: 99808171, V1.0, 06/2017 34

3 Operating the Application 5. Click on the password field of the new user. Place the card of the new user onto the card reader. The card UID is automatically used as password. Entry ID: 99808171, V1.0, 06/2017 35

3 Operating the Application Variant 2 "Log off current user when card leaves reader" is disabled and "Set password in password prompt of User view" is enabled. Table 3-4 1. Enable the following setting "Set password prompt of User view in PM-LOGON Runtime. 2. Place a card with administrator rights onto the card reader. All created users are displayed in the "User view" control. Entry ID: 99808171, V1.0, 06/2017 36

3 Operating the Application 3. Add a new user name in the User view" WinCC Control. 4. Place a new card onto the card reader to enter the password. Entry ID: 99808171, V1.0, 06/2017 37

4 Error Handling 4 Error Handling With the help of the diagnostic window in PM-Logon you can localize error sources easier during the set up of IPC. The last 1000 messages are displayed with their type (error, warning, info) in the diagnostic window. 4.1 Wrong SOAP user name and password The wrong SOAP user name and password were specified. Please check the set user in the web service as well as PM-Logon Basic Runtime again. Figure 4-1 4.2 WinCC Runtime has not started PM-Logon cannot write in the specified tag (username or password) since WinCC Runtime has not started. Figure 4-2 Entry ID: 99808171, V1.0, 06/2017 38

5 Valuable Information 5 Valuable Information 5.1 Basics PM-Logon allows the logon via RFID card on the HMI operator panel. Here, it is distinguished between PM-Logon Basic and PM-Logon. PM-Logon Basic (local user administration) PM-Logon Basic is released for SIMATIC IPC and SIMATIC HMI PRO devices with WinCC RT Advanced V14 SP1. There are no license fees for PM-Logon Basic. PM-Logon Basic only supports the SIMATIC RF1060R card reader. The PM-Logon Basic functions are described in this application example. PM-Logon (central user administration) PM-Logon is released for SIMATIC IPC as well as SIMATIC Comfort Panels with WinCC RT Advanced, WinCC RT Professional, WinCC V7.X, PCS7 and SIMATIC Logon. There are license fees for PM-Logon. PM-Logon supports numerous card readers such as RF1060R, Admitto Leser, Omnikey. Further information on PM-Logon is available at the following Link. 5.2 Tips and tricks 5.2.1 Securing user administration The created users that were created dynamically during Runtime via user view are overwritten by the engineering computer during the transfer of the project. This is why it is recommended to secure the created users with the "ExportImportUserAdministration" function. "ExportImportUserAdministration" function Exports the user administration of the project into the specified file or import it from the txt file into the project. Note that there are read and write rights available for the file. Entry ID: 99808171, V1.0, 06/2017 39

5 Valuable Information Table 5-1 1. Create a "User Administration" txt.file. 2. Create an internal tag "Filename" of data type "WString". Make sure that the tag is able to contain a sufficient length of characters. 3. Create a "Import User Administration" button. Add the functions "OpenFileBrowser" and "ExportImportUserAdministration" to the click event of the button. Entry ID: 99808171, V1.0, 06/2017 40

5 Valuable Information 4. Create a "Export User Administration" button. Add the functions "OpenFileBrowser" and "ExportImportUserAdministration" to the click event of the button. Entry ID: 99808171, V1.0, 06/2017 41

6 Annex 6 Annex 6.1 Service and Support Industry Online Support Technical Support Do you have any questions or need support? Siemens Industry Online Support offers access to our entire service and support know-how as well as to our services. Siemens Industry Online Support is the central address for information on our products, solutions and services. Product information, manuals, downloads, FAQs and application examples all information is accessible with just a few mouse clicks at https://support.industry.siemens.com/. Siemens Industry's Technical Support offers quick and competent support regarding all technical queries with numerous tailor-made offers from basic support to individual support contracts. Please address your requests to the Technical Support via the web form: www.siemens.en/industry/supportrequest. Service offer Our service offer comprises, among other things, the following services: Product Training Plant Data Services Spare Parts Services Repair Services Field & Maintenance Services Retrofit & Modernization Services Service Programs & Agreements Detailed information on our service offer is available in the Service Catalog: https://support.industry.siemens.com/cs/sc Industry Online Support app Thanks to the "Siemens Industry Online Support" app, you will get optimum support even when you are on the move. The app is available for Apple ios, Android and Windows Phone. https://support.industry.siemens.com/cs/ww/en/sc/2067 Entry ID: 99808171, V1.0, 06/2017 42

6 Annex 6.2 Links and literature Table 6-1 \1\ Siemens Industry Online Support https://support.industry.siemens.com Topic \2\ https://support.industry.siemens.com/cs/ww/de/view/99808171 6.3 Change documentation Table 6-2 Version Date Modifications V1.0 06/2017 First version V1.1 07/2018 Separation software in PM-Logon (Runtime Advanced) and Option+ (Runtime Comfort) Entry ID: 99808171, V1.0, 06/2017 43

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback