Book Contents

Policies in FactoryTalk Security

To see the security policies for FactoryTalk View Studio and any other FactoryTalk-enabled software on the design-time computer, at the bottom of the Explorer, open the folder System/Policies/System Policies and then double-click Security Policy. In the dialog box that opens, you can set up some parameters of the user accounts and passwords, including how often a user can enter an invalid password before being locked out, how long passwords have to be, and how often they must be changed. Definitions of the options appear at the bottom of the dialog box, and detailed FactoryTalk Security help is available by clicking the Help button.

By default, most of these policies are set so they are not in effect. You can enable them or change their values if your system requirements call for it. To ensure that you are not locked out of the FactoryTalk Directory, we recommend that you leave the Account lockout threshold set to 0. It is also advisable to leave single sign-on enabled. If you disable single sign-on, users must not only log onto FactoryTalk each time FactoryTalk View Studio is restarted, but users will also be required to log onto any other FactoryTalk-enabled applications when they are opened.

Important:

Remember that any changes that you make to system security policies will be included as part of the runtime application. It is therefore very strongly recommended that you do not alter the default settings in the Security Policy Properties dialog unless necessary, and unless the implications of the changes are fully understood.

How security policies affect FactoryTalk View run time

  • Logon session lease - applies to FactoryTalk View ME run time for Windows-linked users only.
  • Account lockout threshold - applies to users only and local groups only. Windows-linked users follow the policies set on the domain controller.
  • Keep record of deleted accounts - does not apply. Accounts cannot be deleted at run time.
  • Show deleted accounts in user list - there is no run-time user list.
  • Password Policy Settings - apply only to local users and groups.
  • Single Sign-On Policy Settings - does not apply to run time.

See also

Security in FactoryTalk View Machine Edition

Add users or groups to FactoryTalk Security

Set up ME Runtime 4.00 and later user accounts

Keywords: security