TOPServer_257w_76h

You're in Control
Secure Your Configurations

SWTB_logo_93w_76h

clearpixel

SWTB_7Button_BlueLine_900w

Security Built In

NOTE Event Log Security

When security is Enabled, by requiring a Configuration Log in, only the Administrator log in can clear the saved event log.  User Accounts can only clear their view of the Event Log

The TOP Server security features are accessed through the User Management Options which are part of the TOP Server V5 Administration system. The server includes a built-in User Manager that allows complete control over which users can access the runtime and what privileges they have once connected. This will be more critical when the server’s remote configuration features are added in the future and more than one account can be connected at a time. The Administrator account is used to add multiple users, each with their own set of rights for server access. Any user action that can influence or disrupt server operation is logged to server's event logging system. By default, all server operations are available at all times. The User Manager functions are available only when a password is enabled for the Administrator account.

 

Using the TOP Server Security Settings

User Manager Configuration
User Properties (Starting V5.8)
User Properties (V5.7 and Previous)
Configuration Security
Administrative Settings Security
Event Log Tracing

User Manager

Starting in V5.8, TOP Server User Manager settings have been enhanced to provide greater control over access to specific runtime and configurations tasks by users.  The User Manager settings have been relocated to the Administration Settings.

Start by Right Clicking on the Administration icon in the system tray (shown below).

V5_Administation_ICON_w45_h42_sharp

Choose Settings from the pop up menu and then the User Manager tab (shown below).

V5_UserManager_AdminSettings

Legacy V5.7 or Previous:

Access the TOP Server User Manager by Right Clicking on the Administration Icon in the system tray (shown below).

 V5_Administation_ICON_w45_h42_sharp

Choose User Manager from the pop up menu.  This will open the User Account dialog.

V5_UserManager_Registed_Users

User Accounts

There have always been two user accounts available by default: the Administrator account and the Default User account. Starting with V5.8, there is also a Data Client account that governs client application access.  Only the Administrator account can be used to add additional users to the system or to change the settings of existing accounts. By default, the password for the Administrator account is blank, as this disables the security settings for connecting the Configuration. Setting the password will enable the User Management System. Although the Administrator account cannot be deleted, its name and password can be changed. More information

The Default User account is used when no other account is active. This is the normal condition of the server. Like the Administrator account, the Default User account cannot be deleted; and its name and password are fixed. The account can only be disabled when the Administrator denies the Default User all privileges. Setting the Privileges in the User Properties can be used to control Configuration Security.

The Event Log will log the Windows user name of the currently logged in Windows user when User Accounts are made active.  For example, when you log in to the PC with a user name of Joe Operator then log in to the TOP Server as the Default User, the TOP Server Event Log will show: “Configuration session assigned to Joe Operator as Default User.”  See what it looks like.

Click on the icons to edit an existing user or create a new one.

User Properties (Starting V5.8)

V5_UserProperties_Update
  • Name: This parameter is used to specify a name for the user. The name can be up to 31 characters in length.
  • Description: This parameter is used to briefly describe each user account. This can be particularly helpful for ensuring that operators log in to the proper account.
  • Password: This parameter is used to specify the password that the user must enter in order to log in to the system. The password can be up to 15 characters in length. Users must enter it correctly in both the Password and Confirm fields for the change to be accepted. Each time a user account is edited, the password must be re-entered. If the field is left blank, the password will be removed from the account.
  • Privileges: These parameters are used to control what actions a given user account can access. There are multiple options available, as shown in the screenshot above.  For more details on specific options, please refer to the TOP Server Help File.

V5_UserManager_UserPropertiesUser Properties (V5.7 and previous)

  • Name: This parameter is used to specify a name for the user. The name can be up to 31 characters in length.
  • Description: This parameter is used to briefly describe each user account. This can be particularly helpful for ensuring that operators log in to the proper account.
  • Password: This parameter is used to specify the password that the user must enter in order to log in to the system. The password can be up to 15 characters in length. Users must enter it correctly in both the Password and Confirm fields for the change to be accepted. Each time a user account is edited, the password must be re-entered. If the field is left blank, the password will be removed from the account.
  • Privileges: These parameters are used to control what actions a given user account can access. There are three selections.
     
    • Make changes to project files selection allows the user to modify the server project freely. If disabled, the user will not be able to make any changes to the project.
    • Make changes to application settings selection allows an operator to make changes to the Server Options or Runtime Settings.
    • Perform functions that will cause active clients to be disconnected selection allows the user to perform actions that may cause clients to be disconnected from the server. When it is disabled, the user cannot disrupt currently active clients.  Using this along with Windows access permissions will prevent users from being able to shut down the service, but they will be able to restart it if needed.

 

Configuration Security

v5_Tools_Options_RuntimeConnection_RuntimeUserIf you want to require a password before anyone opens the Runtime configuration, go to the TOP Server Configuration and click Tools | Options and select the Runtime Connection as shown.  When you click the Show user login dialog, the Runtime Connection User name and password request below will be required. 

The User name and Password used are configured in the User Manager.

V5_Runtime_RuntimeConnection_passwordIf you have the “Show user login dialog” box checked, the Runtime Connection dialog will open requesting a User Name and Password before the configuration-runtime window will open.

The Privileges are set in the User Properties.
 


 

Administrative Settings Security

V5_Administrative_Settings_passwordIf you set the Administrative Account password in the User Manager, the “Authentication Required” dialog will open requiring a password before you can open the TOP Server Administrative Settings or User Manager. Only the TOP Server Administrator Account will be able to log in to the Administrative Settings.

Event Log Tracing

V5_Event_Log_Traceablity_withNotes

 

 | TOP SERVER HOME  | PRODUCT DETAILS  | DRIVERS LIST  | FREE TRIAL  | ORDERING TOP SERVER  | SUPPORT  | NEWS

P: 1-888-665-3678 (US-Sales) or +1-704-849-2773 (Support & International), F: +1-704-849-6388
148A East Charles Street, Matthews, North Carolina, USA 28105
Copyright Software Toolbox, Inc., 1996-2009, All Rights Reserved Worldwide.

Wonderware, InTouch, and Invensys are registered trademarks of Invensys plc.  All  other marks are the property of their respective owners.
The Software Toolbox name and logo are registered trademarks of Software Toolbox Inc.