Industrial IT Quality Control 4.0

Similar documents
System 800xA 800xA for Freelance VB Graphics Extension Installation

Engineering Manual Security Lock

COM600 Station Automation Series MNS is Connectivity (OPC) 3.2. User's Guide

Industrial IT. 800xA - System PLC Connect System Version 4.0. Operation

System 800xA Public Address System User Manual

COM600 Station Automation Series External OPC Client Access 3.1. User's Guide

Industrial IT. 800xA - Engineering System Version 4.1. Graphics

System 800xA Engineering

System 800xA Multisystem Integration

VideONet Connect for 800xA User Manual

Device Management Basic HART DTM 6.0 Installation

System 800xA. Engineering and Production Environments. Power and productivity for a better world TM. System Version 5.1

800xA History. Installation. Power and productivity for a better world TM. System Version 6.0

Lesson 1: Preparing for Installation

ms-help://ms.technet.2004apr.1033/win2ksrv/tnoffline/prodtechnol/win2ksrv/howto/grpolwt.htm

System 800xA. 800xA History Installation Manual. System Version 6.0

Industrial IT. 800xA - System System Version 4.1. Post Installation

MicroSCADA Pro SYS

Industrial IT. 800xA - System 800xA for DCI System Version 4.1. Configuration

ChromQuest 4.2 Chromatography Data System

Protection System Simulator SIM600. Installation Manual

Industrial IT. Asset Vision Professional 5.0 SP2. Basic Configuration and Operation

MicroSCADA Pro DMS Operation Manual

Connectivity Packages. User's Guide - ANSI Version

Windows 2000 System Administration Handbook, 1/e

MicroSCADA Pro DMS 600 *4.1. Operation Manual

Xcalibur Global Version Rev. 2 Administrator s Guide Document Version 1.0

Windows Server 2003 Network Administration Goals

MicroSCADA Pro DMS 600 *4.0. Operation Manual

SIMATIC. Process control system PCS 7 Operator Station (V9.0 SP1) Security information 1. Preface 2

System 800xA Device Management FOUNDATION Fieldbus Configuration

USER GUIDE. CTERA Agent for Windows. June 2016 Version 5.5

DDR. User s Guide ND040012E. We reserve all rights in this document and in the information contained therein. Copyright 2014 Newcon Data AB

Sage X3 Intelligence Financial Reporting. Installation and Upgrade Guide

Station Automation COM Logic Processor User's Manual

Last Updated: 14 February 2011 Version 6.5. Page 1

S900 I/O DTM 6.x. System Version 6.0. Power and productivity for a better world TM

Mailbox Manager Getting Started Guide. Licensing Installation Options System Requirements Installation Instructions

Enterprise Vault.cloud CloudLink Google Account Synchronization Guide. CloudLink to 4.0.3

Installation and Administration Guide

Advant OCS AC 100 OPC Server Installation

Windows* 2003 Cluster Implementation Guide for the Intel RAID controller SRCU42X

Aprimo Marketing Studio Configuration Mover Guide

Xcalibur Global Version 1.2 Quick Configuration Guide Document Version 3.0

Compact Product Suite Compact Control Builder AC 800M Planning

bv-control User Guide for NetWare v8.00 BindView Corporation 5151 San Felipe, Suite 2500 Houston, TX 77056

Chapter. Accessing Files and Folders MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER

Industrial IT. Fieldbus Basic PROFIBUS DTM / PROFIBUS DTM Builder Version 4.1. Configuration

MicroSCADA Pro SYS Historian Operation

Inform IT. Enterprise Historian TM and Profile Historian. Release Notes. Version 3.2/1 Patch 4 for History Services

Navision Financials. Installation & System Management

Motor Control and Protection Unit M10x AO Module User Guide

Industrial IT. Topology Designer. 800xA - System. System Version 4.0

Authentication Services ActiveRoles Integration Pack 2.1.x. Administration Guide

One Identity Active Roles 7.2. User's Guide

Evaluation Kit Manual


One Identity Active Roles 7.2. Replication: Best Practices and Troubleshooting Guide

System 800xA 800xA for Freelance Product Guide

Avalanche Remote Control User Guide. Version 4.1

Device Management PROFIBUS DTM Builder 6.0

Quick Setup & Getting Started

DigiVis 500 Getting Started Version 1.0

Quest Enterprise Reporter 2.0 Report Manager USER GUIDE

NDA ISSUE 1 STOCK # MATWorX 32 User s Guide. December, NEC America, Inc.

800xA History 800xA History Rollup 2 Version RU2 Release Notes

Relativity Designer Installation Guide

Operator Station (V8.0) SIMATIC. Process Control System PCS 7 Operator Station (V8.0) Preface 1. The PCS 7 Operator Station

MicroSCADA Pro SYS Operation Manual

x10data Application Platform v7.1 Installation Guide

Agilent Technologies. Connectivity Guide. USB/LAN/GPIB Interfaces. Agilent Technologies

Installation Instructions for SAS Activity-Based Management 6.2

Virtual Recovery Assistant user s guide

ProLiant CL380 Software User Guide. Fourth Edition (December 2000) Part Number Compaq Computer Corporation

VERITAS StorageCentral 5.2


HP StorageWorks Performance Advisor. Installation Guide. Version 1.7A

System 800xA Spanish Language Package Release Notes System Version 6.0

Symantec ediscovery Platform

FAS Asset Accounting FAS Asset Inventory FAS CIP Accounting Network Installation & Administration Guide Version

SIMATIC. PCS 7 process control system OpenPCS 7 (V8.2) Security information 1. Preface 2. Basics 3. Installation and licensing 4. PCS 7 Engineering 5

SC-T35/SC-T45/SC-T46/SC-T47 ViewSonic Device Manager User Guide

Connected to the FP World

AD Summation. Administration Guide. WebBlaze

Published By Imanami Corporation 5099 Preston Ave. Livermore, CA 94551, United States. Copyright 2008 by Imanami Corporation.

Empower 2 Feature Release 5 Upgrade Guide

1.0. Quest Enterprise Reporter Discovery Manager USER GUIDE

SIMATIC. Process Control System PCS 7 SIMATIC Management Console (V9.0) Security information 1. Preface 2. Basics 3

Installation Guide. Tivoli Decision Support 2.0

Lesson 3: Identifying Key Characteristics of Workgroups and Domains

CONFERENCE 911 USER GUIDE NEC

PROMISE ARRAY MANAGEMENT ( PAM) USER MANUAL

MicroSCADA Pro SYS Historian Monitor Configuration

Below is the list of Windows Server Group Policy Interview Questions Asked in Windows System Administrator / L1/l2/l3 Support Engineer Interviews.

PROMISE ARRAY MANAGEMENT ( PAM) FOR FastTrak S150 TX2plus, S150 TX4 and TX4000. User Manual. Version 1.3

MicroSCADA Pro SYS

Upgrading from TrafficShield 3.2.X to Application Security Module 9.2.3

Quest Collaboration Services 3.6. Installation Guide

Dell GPOADmin 5.7. About Dell GPOADmin 5.7. New features. Release Notes. December 2013

IT Essentials v6.0 Windows 10 Software Labs

Transcription:

Industrial IT Quality Control 4.0 powered by 800xA extended automation Administrator's Guide System Version 4.0

NOTICE The information in this document is subject to change without notice and should not be construed as a commitment by ABB. ABB assumes no responsibility for any errors that may appear in this document. In no event shall ABB be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, nor shall ABB be liable for incidental or consequential damages arising from use of any software or hardware described in this document. This document and parts thereof must not be reproduced or copied without written permission from ABB, and the contents thereof must not be imparted to a third party nor used for any unauthorized purpose. The software or hardware described in this document is furnished under a license and may be used, copied, or disclosed only in accordance with the terms of such license. This product meets the requirements specified in EMC Directive 89/336/EEC and in Low Voltage Directive 72/23/EEC. Copyright 2005 ABB All rights reserved. Release: January 2005 Document Number: 3BUS208217 R4001 3BUS208217 R4001

TRADEMARKS Registrations and trademarks used in this document include: Windows is a registered trademark of Microsoft Corporation. Acrobat Reader is a registered trademark of Adobe Systems Inc. Industrial IT is a trademark of ABB. 3BUS208217 R4001

About This Book General This book describes the configuration and maintenance of Industrial IT Quality Control 4.0 for the Windows platform. This book is a supplement to the Industrial IT System 800xA Administrator s Guide. The Industrial IT System 800xA Administrator s Guide contains information on configuring and maintaining the base Industrial IT System 800xA software. As a system administrator you should have a thorough knowledge of using and maintaining Windows software and hardware. In addition, you must have Windows Administrator privileges to be able to perform the tasks described in this book. Intended User The intended user for this book is people who administer networking and configuration to the PCbased systems. Amongst topics covered are: Section 3, Configuration, offers guidelines for the Configuration Wizard, descriptions of the main windows and step-by-step instructions for the procedures involved in system configuration. The chapter also handles miscellaneous configurations that should not normally be performed. Section 4, Operation, describes how to work with the Import and Export Tool, System Messages and System Status and other system tools. Section 5, Maintenance, describes fault finding & user repair and backup/restore procedures. Use of Warning, Caution, Information, and Tip Icons This publication includes Warning, Caution, and Information where appropriate to point out safety related or other important information. It also includes Tip to point out useful hints to the reader. The corresponding symbols should be interpreted as follows: Electrical warning icon indicates the presence of a hazard, which could result in electrical shock. Warning icon indicates the presence of a hazard, which could result in personal injury. Caution icon indicates important information or warning related to the concept discussed in the text. It might indicate the presence of a hazard, which could result incorruption of software or damage to equipment/property. Information icon alerts the reader to pertinent facts and conditions. Tip icon indicates advice on, for example, how to design your project or how to use a certain function. Although Warning hazards are related to personal injury, and Caution hazards are associated with equipment or property damage, it should be understood that operation of damaged equipment could, under certain operational conditions, result in degraded process performance leading to personal injury or death. Therefore, comply fully with all Warning and Caution notices. 3BUS208217 R4001

Document Conventions The following conventions are used for the presentation of material: The words in names of screen elements (for example, the title in the title bar of a window, the label for a field of a dialog box) are initially capitalized. Capital letters are used for the name of a keyboard key if it is labeled on the keyboard. For example, press the ENTER key. Lowercase letters are used for the name of a keyboard key that is not labeled on the keyboard. For example, the space bar, comma key, and so on. Press CTRL+C indicates that you must hold down the CTRL key while pressing the C key. In this case, CTRL+C copies the selected object. Press ESC E C indicates that you press and release each key in sequence. In this case, ESC E C copies the selected object. The names of push and toggle buttons are boldfaced. For example, click OK. The names of menus and menu items are boldfaced. For example, the File Menu. The following convention is used for menu operations: MenuName > MenuItem > CascadedMenuItem. For example: select File > New > Type. The Start menu name always refers to the Start menu on the Windows Task Bar. System prompts or messages are shown in the Courier font. For example, if the user enters a value out of range, the system might reply with the following message: Entered value is not valid. The value must be 0 to 30. User responses or inputs are shown in the boldfaced Courier font. For example, a user may be required to enter the string TIC132 in a field. The string is shown as follows in the procedure: TIC132 Variables are shown using lowercase letters. sequence name Terminology The following is a list of terms associated with the Administrator's Guide that you should be familiar with. The list contains terms and abbreviations that are unique to ABB or have a usage or definition that is different from standard industry usage. ActiveX Aspect Term Description Microsoft standard for integration of user interface components, based on definition of software interfaces. An aspect is a description of some properties of a real world entity. The properties described could be mechanical layout, how the object is controlled, a 3BUS208217 R4001

Term Description live video image, name of the object etc. In the Aspect Integrator Platform is an aspect residing in an Aspect Object. Some examples are circuit diagram, process display, and control logic. Aspect Objects Aspect Server Connectivity Server Industrial IT Industrial IT Quality Control 4.0 Node OPC Operate IT Plant Explorer Process Portal A Property Structure View A computer representation of a real world entity like a pump, a valve, an order or a virtual object like a service. This computer representation is implemented by the Aspect Integrator Platform. An Aspect Object works like an information container for its aspects. PC server that hosts the various QCS Object/Aspects and serves as the primary gateway to external aspects systems. PC server that hosts Measure IT and Control IT applications and serves as the primary connection between the QCS LAN and the outside world. Industrial IT is ABB s solution, that creates a business enterprise where your plant automation, asset optimization, and collaborative business systems are seamlessly linked in real time. ABB s Quality Control Solution consisting of Measure IT Scanners/Sensors, Control IT controllers (AC450, AC800M, and/or PC), Profile IT actuators, Operate IT Process Portal consoles, and Measure IT /Control IT software applications. Integrated with Pulp and Paper Making Suite 3.0. A computer communicating an a network e.g. the Internet, Plant, Control or IO network. Each node typically has a unique node address with a format depending on the network it is connected to. An application programming interface defined by the OPC Foundation. The standard defines how to access large amounts of real-time data between applications. The OPC standard interface is used between automation/control applications, field system/devices and business/office applications. The name for the collection of products for daily operation and supervision of an automated process. An application that is used to create, delete and organize Aspect Objects and Aspects within the Aspect Integrator Platform. The plant explorer organizes the Aspect Objects in structures of the plant. Product containing functionality for efficient control and supervision of an automated process. Key functions are presentation of process graphics, process dialogs and presentation of alarms and trends. A data field on an aspect on Aspect Object that can be accessed through OPC using the standard Aspect Object reference syntax. A data field on an ActiveX control accessible from the Visual Basic editor. A hierarchical tree organization of Aspect Objects. Each structure is used to define a certain kind of relation between Aspect Objects. The functional structure for example, defines how a function can be divided into sub functions, the location structure defines how different objects are executed by tasks, controllers etc. An Aspect Object can be located in several structures, for example both in a functional structure and in a location structure. An Aspect can have several ways to be presented depending on the task performed, like viewing or configuration. Each presentation form is called a view. 3BUS208217 R4001

Abbreviations Term Description CD CPU DHCP DNS DPI GB IP address MB Mbps MHz NetBIOS NTFS OEM OPC OLE OS PC RAM SCSI SVGA TCP/IP WINS Compact Disk Central Processing Unit Dynamic Host Configuration Protocol Domain Name Server Dots per inch GB Gigabyte Internet Protocol address Megabyte Megabits per second Megahertz Network Basic Input Output System NT File System Original Equipment Manufacturing OLE for Process Control Object Linking and Embedding Operating System Personal Computer Random Access Memory Small Computer System Interface Super Video Graphics Adapter Transmission Control Protocol/Internet Protocol Windows Internet Name Services 3BUS208217 R4001

Related Documentation Category Title Description 800xA System Installation 800xA System Administration 800xA Software Industrial IT Quality Control 4.0 Installation Industrial IT, 800xA System Version 4.0, Automated Installation Industrial IT, 800xA System Version 4.0, Installation Industrial IT, 800xA System Version 4.0, Upgrade and Installation Industrial IT, 800xA System Version 4.0, Post Installation Setup Industrial IT, 800xA System, Administration and Security Industrial IT, 800xA System, Automation System Network Design and Configuration Industrial IT, 800xA System, System Guide Industrial IT, 800xA System, Release Notes Industrial IT Quality Control 4.0, Installation Guide Industrial IT Quality Control 4.0, Upgrade Guide Industrial IT Quality Control 4.0, Administrator s Guide Industrial IT Quality Control 4.0, Operations User Guide Industrial IT Quality Control 4.0, Engineering Methods Reference Manual Industrial IT Quality Control 4.0, Theory of Operation Guide 3BSE034679R4001 3BSE034678R4001 3BSE036342R4001 3BUA000156R4001 3BSE037410R4001 3BSE034463R4001 3BSE038018R4001 3BSE038357R4001 3BUS208220R4001 -This book describes how you install the Industrial IT Quality Control 4.0 3BUS208226R4001 -This book describes how you upgrade from Industrial IT Quality Control 3.0 to Industrial IT Quality Control 4.0 3BUS208217R4001 - This book describes how you configure the Industrial IT Quality Control 4.0 application and how you then perform maintenance. 3BUS208221R4001 - This book describes how an operator can control and operate Industrial IT Quality Control 4.0. 3BUS208218R4001 - This book is a guide for plant engineering functions related to Industrial IT Quality Control 4.0. 3BUS208222R4001 - This book describes the theory of operation for Industrial IT Quality Control 4.0 and provides troubleshooting guidance. 3BUS208217 R4001

Category Title Description Industrial IT Quality Control 4.0 Features Industrial IT Quality Control 4.0, CD Tuning Guide Industrial IT Quality Control 4.0, MD Tuning Guide Industrial IT Quality Control 4.0, Service Workstation Getting Started Manual Industrial IT Quality Control 4.0, Coat Weight & Computed Sensors Manual Industrial IT Quality Control 4.0, Color Control Guide Industrial IT Quality Control 4.0, Multi-Ply Controls Tuning Guide Industrial IT Quality Control 4.0, Color Measurement Operations Use Guide 3BUS208224R4001 - This book describes how to setup and tune the Industrial IT Quality Control 4.0 CD Control feature. 3BUS208223R4001 - This book describes how to setup and tune the Industrial IT Quality Control 4.0 MD Control features. 3BUS208230R4001 - This book describes how to install and configure the Industrial IT Quality Control 4.0 Smart Platform Service Workstation 3BUS208229R4001 - This book describes how to configure and verify coat weight, calculated measurements and synchronized scanning. 3BUS208227R4001 - This book describes how to configure, verify and tune Color Controls. 3BUS208228R4001 - This book describes how to configure, verify and tune Multi-Ply Controls. 3BUS208232R4001 - This book describes how to operate Color Measurement. 3BUS208217 R4001

Table of Contents CHAPTER 1 INTRODUCTION...1 1.1 Product Overview...1 1.2 Prerequisites and Requirements...1 CHAPTER 2 INSTALLATION...2 CHAPTER 3 CONFIGURATION...3 3.1 Network Configuration...3 3.1.1 Overview...3 3.1.2 Connectivity Requirements...3 3.1.3 Network Diagram...4 3.1.4 IP Address Configuration...5 3.1.5 Network Verification...5 Performance...5 3.2 System Software User Settings...6 3.3 Active Directory Configuration...6 3.4 Security Policy Configuration...6 3.5 Industrial IT System 800xA System Configuration...6 3.6 License Management...6 3.6.1 License Installation...6 3.6.2 Viewing License Information...7 CHAPTER 4 OPERATION...9 CHAPTER 5 MAINTENANCE...10 5.1 Fault Finding and User Repair...10 5.2 Backup/Restore Procedures...10 5.2.1 Industrial IT Quality Control 4.0 Backup / Restore...10 SQL Database Backup / Restore...10 File Backup / Restore...10 Full Industrial IT Quality Control 4.0...10 Partial Industrial IT Quality Control 4.0...11 Grade Files...11 Shade Files...12 5.3 Windows 2000 Server and Domain Installation...13 5.3.1 Promoting a Windows 2000 Server to a Domain Controller...13 5.3.2 Create Organizational Units (OU)...14 5.3.3 Create Groups...14 5.3.4 Create Users...14 5.3.5 Create Computers...15 5.3.6 Enable Local User to Logon to the PC in which the Domain Controller resides...16 5.4 Windows 2000 Operator Security Policy...17 5.4.1 Creating and Configuring the Group Policies...17 5.4.2 Configuring a Custom Console for a Group Policy...18 Configuring a Custom Console...18 Adding snap-in Active Directory Users and Computers...18 Adding the snap-in Group Policies...18 5.4.3 Linking a Group Policy Object to an Organizational Unit...20 5.4.4 Managing Group Policy...21 3BUS208217 R4001

5.4.5 Editing a Group Policy Object...22 5.4.6 Opening Group Policy from Active Directory Users and Computers...23 5.4.7 Group Policies created for typical ABB Operator and Engineer functions...23 ii 3BUS208217 R4001

List of Figures Figure 3-1 Normal System Configuration...5 Figure 3-2 Industrial IT Quality Control 4.0 License Utility to add, show and delete license...7 Figure 5-1 Use Windows Backup to make a normal backup of directory structure...11 Figure 5-2 Active Directory Users and Computers...15 Figure 5-3 Enabling local logon to the Domain Controller...17 Figure 5-4 Creating a group policy...19 Figure 5-5 Group Policy MMC Console...20 Figure 5-6 Operators Properties...21 Figure 5-7 Group Policy Snap-in...23 Figure 5-8 Desktop Group Policy locks down desktop...24 Figure 5-9 Control Panel Group Policy locks down control panel...25 Figure 5-10 Startup Group Policy locks down Startup Menu and Taskbar...25 Figure 5-11 System Group Policy locks down games, drives, and other PC auxiliary items...26 Figure 5-12 Windows Explorer Component Group Policy locks down Windows Explorer...27 3BUS208217 R4001

List of Tables Table 3-1 Table Network Connectivity...4 iv 3BUS208217 R4001

Chapter 1 Introduction 1.1 Product Overview Industrial IT Quality Control 4.0 is a set of features for measurement and control of the paper making process. Industrial IT Quality Control 4.0 is packaged as an Industrial IT extension. 1.2 Prerequisites and Requirements For information on the prerequisites and requirements for Industrial IT Quality Control 4.0, refer to the corresponding Installation Guide (3BUS208220R4001). This document assumes that you have installed Industrial IT System 800xA Process Portal A following the instructions in the Industrial IT System 800xA Installation Guide (3BSE034678R4001). 3BUS208217 R4001 1

Chapter 2 Installation Refer to the Industrial IT System 800xA Installation Guide (3BSE034678R4001 System Installation). Refer to the Industrial IT Quality Control 4.0 Installation Guide (3BUS208220R4001) installation information. 2 3BUS208217 R4001

Chapter 3 Configuration Refer to the Industrial IT System 800xA Administrator s Guide (3BSE037410R4001) for information on configuring and maintaining the base Industrial IT System 800xA system. 3.1 Network Configuration 3.1.1 Overview The tested networking configuration for Industrial IT Quality Control 4.0 is illustrated in the diagram below. A network switch is used to isolate network traffic. The Industrial IT Quality Control 4.0 Aspect Server and each Connectivity Server (if more than one) are connected to a separate switch port. The AC800M Controller is also connected to a separate switch port. Scanning Platforms and ABB Actuators can share a switch port through a hub. Industrial IT System 800xA PPA Clients may share switch ports. It may be possible to improve performance by limiting the number of clients on each switch port. The diagram shows up to four clients sharing one switch port. To separate AC800M controller, Scanners, Actuators more completely from the client workstations and mill network it may be desirable to use VLAN s (Virtual LAN) or separate network segments isolated by routers or dual-homed PC s. 3.1.2 Connectivity Requirements Consult the table below for the connectivity requirements between the PC nodes and devices. Use the table as guide if you decide to isolate the AC800M Controller, Scanners, Actuators, etc. using VLAN s or separate network segments. 3BUS208217 R4001 3

Table 3-1 Table Network Connectivity AC800M Controller Scanners and Actuators Process Portal Aspect Server QC Connectivity Server AC800M Connectivi ty Server Process Portal Clients AC800M Controller X X Scanners and Actuators Process Portal Aspect Server QC Connectivity Server AC800M Connectivity Server X X X X X X X X X X X Process Portal Clients X X 3.1.3 Network Diagram The following diagram illustrates one possible network configuration for the Industrial IT Quality Control 4.0. 4 3BUS208217 R4001

3Com 3Com Normal System Configuration PPA Clients 100MB 100MB Hub Up to 4 PPA Clients per Switch Port Plant Network Connection via Router or Bridge 100MB AC800M controller on separate switch port 10MB CISCOSYSTEMS 24 Port 10/100 Switch Optional 100/1000MB AC800M ASI Devices may share single switch port Hub 100MB 100MB 100MB Each server on separate port. Large configurations may require a separate AC800M connectivity server. 10MB Smart Platform 10MB Smart Actuator Combined PPA Aspect Server Quality Control Connectivity Server AC800M Connectivity Server Very large configurations may require a secondary Quality Control Connectivity Server for CD Control. Figure 3-1 Normal System Configuration 3.1.4 IP Address Configuration Each PC and device on Industrial IT Quality Control 4.0 must be assigned a unique IP address. 3.1.5 Network Verification Take time to verify the network connectivity before beginning system software configuration. Use the ping command from a command prompt to verify the connectivity in both directions between the PC application nodes and devices marked with an X in the connectivity table in the preceding section. Ping using the computer name rather than the IP address to verify correct DNS (Domain Name Server) operation. The AC800M Connectivity Server and Industrial IT Quality Control 4.0 Connectivity Server usually run in the same PC node. Performance Verify that all PC Network Interface Cards are set for 100MB. This assumes that the devices that operate only at 10MB (Scanning Platforms, ABB Actuators, AC800M Controllers) are connected by way of auto-sensing switches or hubs as described in the Appendix A of this document. 3BUS208217 R4001 5

3.2 System Software User Settings Add users to the Industrial IT groups as documented in the Industrial IT System 800xA Installation Guide (3BSE034678R4001 System Installation). 3.3 Active Directory Configuration Active Directory is used to manage computer and user accounts. Industrial IT System 800xA requires Active Directory except for the case where there is a single PC solution (Aspect Server, Connectivity Server and Client on one PC). Refer to the Industrial IT System 800xA Installation Guide for general information on Active Directory setup requirements and refer to Appendix A for detailed examples. If ABB is providing the Active Directory functionality it can reside in the same PC as the Aspect Server. Windows Server 2003 is required. 3.4 Security Policy Configuration To Lock Down the PC so that the Operator can only access the Operator Workplace a Group Policy must be created. This Group Policy defines Access Controls like what the user sees on the Desktop and what items he/she has access to on the Start Button and Task Bar. There can be multiple Group Policies and each User can be assigned to all or some of these Policies. Refer to Windows 2003 Operator Security Policy, Appendix A for detailed examples on how to create a Group Policy. 3.5 Industrial IT System 800xA System Configuration Refer to the Industrial IT Quality Control 4.0 Installation Guide (3BUS208220R4001) for information on creating a System, adding the System Extensions and adding the AC800M / Quality Control Connectivity node. 3.6 License Management 3.6.1 License Installation Install the Industrial IT Quality Control 4.0 Licenses on the Quality Control Connectivity Server using the License Manager Utility. From the Start menu select the ABB Industrial IT800x ->Quality Control Solutions->License Manager ->Add Show Licenses command to run the utility. To add new licenses select the Add New Licenses command from the Edit menu and browse to the location of the license files (normally floppy diskette) and add the licenses (this can take some time to process depending on the number of features). 6 3BUS208217 R4001

Figure 3-2 Industrial IT Quality Control 4.0 License Utility to add, show and delete license 3.6.2 Viewing License Information The License Manager Utility will display all licenses currently installed on the system 3BUS208217 R4001 7

8 3BUS208217 R4001

Chapter 4 Operation A complete guide to operating the system is located in the Industrial IT Quality Control 4.0 Operation Users Guide (3BUS208221R4001). 3BUS208217 R4001 9

Chapter 5 Maintenance Refer to the Industrial IT System 800xA Administrator s Guide (3BSE037410R4001) for maintenance procedures for the base Industrial IT System 800xA system. 5.1 Fault Finding and User Repair Refer to the Industrial IT Quality Control 4.0, Theory of Operation Guide (3BUS208222R4001) for information on Fault Finding and User Repair. 5.2 Backup/Restore Procedures Refer to the Industrial IT System 800xA Administrator s Guide (3BSE037410R4001) for general backup and restore information including complete system backup and Industrial IT System 800xA backup strategies. The following section contains those backup and restore procedures related to the Industrial IT Quality Control 4.0 5.2.1 Industrial IT Quality Control 4.0 Backup / Restore Refer to the Industrial IT Quality Control 4.0, Engineering Methods Reference Manual (3BUS208218R4001) for guidelines on navigating the Industrial IT Quality Control 4.0 file system structure and the location of key configuration files. SQL Database Backup / Restore Refer to the Industrial IT Quality Control 4.0, Engineering Methods Reference Manual (3BUS208218R4001) for information on SQL database Backup/Restore procedures. File Backup / Restore The Industrial IT Quality Control 4.0 configuration files, including the grade, shade, coldstart, OPC Transport configuration and Tag Lookup configuration files should be backed up on regular basis. The Windows Backup tool can be used for this purpose. The Windows Backup tool can backup files to a tape or to a file. A common method is to backup the files to folder on a separate physical disk drive and to then periodically copy the backup files to a CD-R. The backup tool is normally started from the Start menu as follows: Start->Programs->Accessories->System Tools->Backup Windows Backup has options for performing full, incremental or differential backups and for scheduling the backups. Refer to the Windows Backup help and to Microsoft documentation for more information on using Windows Backup. Full Industrial IT Quality Control 4.0 The following figure illustrates using Windows Backup to make a normal (full) backup of the entire Quality Control directory structure: 10 3BUS208217 R4001

1 2 3 Figure 5-1 Use Windows Backup to make a normal backup of directory structure 1. Chose all applicable files to be backed up from Windows Backup pop-up above. 2. After choosing the files, browse for the backup media or file name desired then 3. Chose Start Backup to begin backing up the software. Partial Industrial IT Quality Control 4.0 Grade Files Routine maintenance of the grade code files is possible in an offline environment or on PC s other than the Quality Control server. The mechanism for doing this is to copy the grade code files to a removable medium (diskette or CD-R) and subsequently to the target PC where the offline maintenance utility has been installed (refer to the Engineering Methods Reference Manual). Restoring newly modified grade code files is the reverse of this procedure. Copy all of the following files as a complete set, as the maintenance utility requires each of them to reside in a common directory. All grade code.xml files (minimum of 3 consisting of one grade file, one model file, and one directory file) QCSGradeCodeDirectory.xsd QCSGradeCodeModel.xsd QCSGradeCode.xsd 3BUS208217 R4001 11

Shade Files Routine maintenance of the color shade files is possible in an offline environment or on PC s other than the Quality Control server. The mechanism for doing this is to copy the shade files to a removable medium (diskette or CD-R) and subsequently to the target PC where the offline maintenance utility has been installed (refer to the Engineering Methods Reference Manual). Restoring newly modified shade files is the reverse of this procedure. Copy all of the following files as a complete set, as the maintenance utility requires each of them to reside in a common directory. All color shade.xml files (minimum of 4 consisting of one shade file, one shade help file, one model file, and one directory file) QCSGradeCodeDirectory.xsd QCSGradeCodeModel.xsd QCSGradeCode.xsd Identifying Software Versions 12 3BUS208217 R4001

Appendix A Active Directory and Security Policy Examples 5.3 Windows 2000 Server and Domain Installation This chapter walks you through the setup of a Domain Controller and the generation of Group Policies. It is these Group Policies that define what access to the PC a given User has. NOTES 4. The System Volume (C Drive) MUST be a NTFS Partition BEFORE a Windows 2000 Server system can be promoted to a Domain Controller. To convert to NTFS, at the Command Prompt type: CONVERT C: /FS:NTFS /V 5. DO NOT UPGRADE THE PARTITIONS TO A DYNAMIC DISK. This procedure cannot be reversed and imposes restrictions like you cannot resize the partition with Partition Magic and use Ghost to backup the partition. If the PC has a second drive, use this drive as a backup of the active drive. 6. The Server MUST be connected to a Hub/Switch and have static TCP/IP address setup for the Mill Lan Network Interface Card (NIC) BEFORE it can be promoted to a Domain Controller. 5.3.1 Promoting a Windows 2000 Server to a Domain Controller To Convert a Windows 2000 Server Machine to a Domain Controller walk through the Configure Your Server Wizard. Invoke this wizard from Start Button, Programs, Administrative Tools, Configure Your Server Now navigate this wizard as follows: 1. Select This is the only Server on My Network. 2. Answer Next, 3. Answer Next, 4. Enter the Domain Name ABB-QCS-PM1 5. Enter Internal Domain Name local 6. Answer Next 7. Answer Next. 8. Setup Active Directory To setup and administer accounts on a Domain Controller you must install and configure an Active Directory. Configure the Active Directory by invoking: Start Button Programs Administrative Tools Active Directory Users and Computers. 3BUS208217 R4001 13

5.3.2 Create Organizational Units (OU) To create organizational units (OU), follow the following procedure: 1. Right Click On ABB-QCS-PM1.local 2. Select New 3. Select Organizational Unit 4. Enter Name Accounts 5. Right Click On Accounts 6. Select New 7. Organizational Unit 8. Enter Name Customer Name Paper Machine One. Repeat the above to create the following OU s under Customer Name Paper Machine One: Engineering Operator Service These OU s will later be associated with the corresponding Group Policies. 5.3.3 Create Groups To create groups, use the following procedure: 1. Right Click on Users, 2. Select New 3. Select Group. 4. Enter the Group Name IndustrialITUser. Repeat for IndustrialITAdmin. 5.3.4 Create Users 1. Right Click on the OU Operator, 2. Select New 3. Select User. 4. Enter Full Name Operator1, 14 3BUS208217 R4001

5. Enter User Logon Name Operator1. 6. Enter the password. 7. Select Password Never Expires 8. Select User Cannot Change Password. Repeat for the User Engineer1 in the OU Engineering. These Users now need to be added to Groups. Right Click on the OU Operator, click Add Members to a Group. Select the group IndustrialITUser, OK, Yes. Repeat by adding Engineering to the group Industrial IT Admin. Figure 5-2 Active Directory Users and Computers 5.3.5 Create Computers Drill down to ABB-QCS-PM1, Computers. Right click on Computers and select New Computer. Enter the computer name to be added to the domain. (i.e PM1SVR21). 3BUS208217 R4001 15

5.3.6 Enable Local User to Logon to the PC in which the Domain Controller resides When the Domain Controller PC doubles as an Engineering Station it is necessary to enable the PC so that local users (Not the Domain Administrator) can log on. The use of the Domain Controller PC as an Operator Station is NOT recommended. (see figure 3.3): Open the Domain Controller Security Policy MMC by clicking on: 1. Start Button 2. Programs 3. Administrative Tools 4. Domain Controller Security Policy 5. Next, drill down to Security Settings Local Policies User Rights Assignment 6. Double click on Log On locally 7. Drill Down to Add Browse 8. Select Engineer1. 9. Close PopUps. 10. At the Command Line Prompt enter the command: Secedit /refreshpolicy user_policy /enforce 11. Test the local logon by logging on to the Domain Controller PC as Engineer1. 16 3BUS208217 R4001

Figure 5-3 Enabling local logon to the Domain Controller 5.4 Windows 2000 Operator Security Policy To Lock Down the PC so that the Operator can only access the Operator Workplace a Group Policy must be created. This Group Policy defines Access Controls like what the user sees on the Desktop and what items he/she has access to on the Start Button and Task Bar. There can be multiple Group Policies and each User can be assigned to all or some of these Policies. Use the Group Policy Snap In to the Machine Management Console (MMC) to create these Group Policies. 5.4.1 Creating and Configuring the Group Policies Group Policy is tied to the Active Directory service. The Group Policy snap-in extends the Active Directory management tools using the Microsoft Management Console (MMC) snapin extension mechanism. The Active Directory snap-ins set the scope of management for Group Policy. The most common way to access Group Policy is by using the Active Directory User and Computers snap-in, for setting the scope of management to domain and organizational units (OUs). You can also use the Active Directory Sites and Services snap-in to set the scope of management to a site. These two tools can be accessed from the Administrative Tools program group; the Group Policy snap-in extension is enabled in both tools. Alternatively, you can create a custom MMC console, as described in the next section. These Policies will be created on the Domain Controller. These policies are invoked by each PC on the Domain when a user belonging to the Group IndustrialITUser logs on. 3BUS208217 R4001 17

5.4.2 Configuring a Custom Console for a Group Policy The examples in this document use the custom MMC console that you can create by following the procedure in this section. You need to create this custom console before attempting the remaining procedures in this document. Configuring a Custom Console 1. Log on to the ABB-QCS-PMX.local domain controller server as an administrator. 2. Click Start, 3. Click Run, 4. Type mmc, and 5. Then click OK. Adding snap-in Active Directory Users and Computers 1. On the Console menu, click Add/Remove Snap-in 2. Click Add. 3. In the Available standalone snap-ins list box, click Add, 4. Click Active Directory Users and Computers, and 5. Then click Add followed by Close. Adding the snap-in Group Policies 1. On the Console menu, click Add/Remove Snap-in, 2. Click Add. 3. In the Available standalone snap-ins list box, click Group Policy, and then click Add. 4. In the Select Group Policy object dialog box, Local computer is selected under Group Policy object. Click Browse, 5. Select the domain that you want in the Look in box. 6. Click the New Group Policy Button or right Click in the list box and select New. 7. Name the Policy (e.g. Desktop Group Policy Object). Repeat this until you have the following policies to be created: Desktop Group Policy Object Windows Components Group Policy Object Startup Group Policy Object 18 3BUS208217 R4001

Control Panel Group Policy Object System Group Policy Object Now, while in the Browse for a Group Policy Object Window, you will have your five GPO s plus the Default Domain Policy. Select the first GPO and click on Ok, Finish. Repeat this sequence (Add, Browse, Select, Ok and Finish) until you have all GPO s in the Add / Remove Snap-in Window. Click on Close followed by Ok. Saving console changes Figure 5-4 Creating a group policy In the MMC console, on the Console menu, click Save As. In the Save As dialog box, drill down to C:\Winnt\System32\Group Policy and in the File name text box, type Multiple Group Policies, and then click Save. Create a Desktop Shortcut to this file. The console should appear similar as in Figure 3.4.1.1b below: 3BUS208217 R4001 19

Figure 5-5 Group Policy MMC Console 5.4.3 Linking a Group Policy Object to an Organizational Unit The Group Policy settings you create are contained in a Group Policy Object (GPO) that is in turn associated with selected Active Directory objects, such as sites, domains, or organizational units (OUs). To Link a GPO to an Organizational Unit, open the Multiple Group Policy s MMC console. 1. Drill down to Active Directory Users and Computers ABB-QCS-PMX.local Accounts Customer Paper Machine One. 2. Next Right-click Operators 3. Select Properties from the context menu. 4. In the Operators Properties page, click the Group Policy tab. 5. Click Add, 6. Select Customer Paper Machine One in the Look in drop down box. 7. Select Desktop Group Policy Object from the list box, then Ok. Repeat for each GPO. The Operators Properties page should appear as in Figure 3.4.2 below: 20 3BUS208217 R4001

Figure 5-6 Operators Properties If you have more than one GPO associated with an Active Directory folder, verify the GPO order; a GPO that is higher in the list has the highest precedence. Note that GPOs higher in the list are processed last (this is what gives them a higher precedence). GPOs in the list are objects; they have context menus that you use to view the properties of each GPO. You can use the context menus to obtain and modify general information about a GPO. This information includes Discretionary Access Control Lists (DACLs, which are covered in the Security Group Filtering section of this document), and lists the other site, domain, or OUs to which this GPO is linked. Do the same for the Engineer OU, but do not include the Control Panel and Desktop GPO s. Best Practice You can further refine a GPO by using user or computer membership in security groups and then setting DACLs based on that membership. This is covered in the Security Group Filtering section below. 5.4.4 Managing Group Policy To manage Group Policy, you need to access the context menu of a site, domain, or OU, select Properties, and then select the Group Policy tab. This displays the Group Policy Properties page. Please note the following: This page displays any GPOs that have been associated with the currently selected site, domain, or OU. The links are objects; they have a context menu that you can access by right-clicking the object. (Right-clicking the white space displays a context menu for creating a new link, adding a link, or refreshing the list.) This page also shows an ordered GPO list, with the highest priority GPO at the top of the list. You can change the list order by selecting a GPO and then using the Up or Down buttons. To associate (link) a new GPO, click the Add button. 3BUS208217 R4001 21

To edit an existing GPO in the list, select the GPO and click the Edit button, or just double-click the GPO. This starts the Group Policy snap-in, which is how the GPO is modified. This is described in more detail later in this document. To permanently delete a GPO from the list, select it from the list and click the Delete button. Then, when prompted, select Remove the link and delete the Group Policy object permanently. Be careful when deleting an object, because the GPO may be associated with another site, domain, or OU. If you want to remove a GPO from the list, select the GPO from the links list, click Delete, and then when prompted, select Remove the link from the list. To determine what other sites, domains, or OU s are associated with a given GPO, rightclick the GPO, select Properties from the context menu, and then click the Links tab in the GPO Properties page. The No override check column marks the selected GPO as one whose policies cannot be overridden by another GPO. Note: You can enable the No Override property on more than one GPO. All GPO s that are marked as No override will take precedence over all other GPO s not marked. Of those GPO s marked as No override, the GPO with the highest priority will be applied after all the other similarly marked GPO s. The Disabled check box simply disables (deactivates) the GPO without removing it from the list. To remove a GPO from the list, select the GPO from the links list, click Delete, and then select Remove the link from the list in the Delete dialog box. It is also possible to disable only the User or Computer portion of the GPO. To do this, right-click the GPO, click Properties, click either Disable computer configuration settings or Disable user configuration settings, and then click OK. These options are available on the GPO Properties page, on the General tab. The Block policy inheritance check box has the effect of negating all GPO s that exist higher in the hierarchy. However, it cannot block any GPO s that are enforced by using the No override check box; those GPO s are always applied. Note Policy settings contained within the local GPO that are not specifically overridden by domain-based policy settings are also always applied. Block Policy Inheritance at any level will not remove local policy. 5.4.5 Editing a Group Policy Object To edit a Group Policy Object (GPO) Click Start, point to Programs, click Administrative Tools, and then select Multiply GP s. Click the + next to Active Directory Users and Computers, click the ABB-QCS- PMX.NET domain, and then click the Accounts OU. Right-click Operators, select Properties, and then click the Group Policy tab. Desktop GP in the Group Policy object links list box should be highlighted. Double-click the Desktop GP GPO (or click Edit). 22 3BUS208217 R4001

This opens the Group Policy snap-in focused on a GPO named desktop GP, which is linked to the OU named Operators. It should appear as in Figure 5 below: Figure 5-7 Group Policy Snap-in You can use the appropriate Active Directory tools to access Group Policy while focused on any site, domain, or OU. 5.4.6 Opening Group Policy from Active Directory Users and Computers In the console tree in the MMC console, click the + next to Active Directory Users and Computers. In the console tree, right-click either the ABB-QCS-PMX.local domain or the OU for which to access Group Policy. Click Properties, and click Group Policy. To access Group Policy scoped to a specific computer (or the local computer), you must load the Group Policy snap-in into the MMC console namespace targeted at the specific computer (or local computer). There are two major reasons for these differences: Sites, domains, and OU s can have multiple GPO s linked to them; these GPO s require an intermediate property page to manage them. A GPO for a specific computer is stored on that computer and not in the Active Directory. 5.4.7 Group Policies created for typical ABB Operator and Engineer functions The following policies can be applied to all or can be disabled so that only certain policies apply to certain OU s. 3BUS208217 R4001 23

In fig 4 above, for the Operator Policy, you will notice that I have these policies all enabled and I have the Operator GP disabled. The reason here is that the operator GP had all of these policies rolled up all in to one before I decided to split it up. For an Engineer policy you may decide to disable the System GP so that you can access the games. Otherwise if you keep the same setting as the Operator the engineer will have the same authority as the operator. Figure 5-8 Desktop Group Policy locks down desktop 24 3BUS208217 R4001

Figure 5-9 Control Panel Group Policy locks down control panel Figure 5-10 Startup Group Policy locks down Startup Menu and Taskbar 3BUS208217 R4001 25

Figure 5-11 System Group Policy locks down games, drives, and other PC auxiliary items 26 3BUS208217 R4001

Figure 5-12 Windows Explorer Component Group Policy locks down Windows Explorer 3BUS208217 R4001 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback