Citect SCADA provides the ability to integrate Windows™ user accounts into the security model for a runtime system. You can achieve this by linking a Windows user group to a role defined within Citect SCADA. This allows each user within the Windows user group to log in to Citect SCADA with the permissions defined for the associated role.
To associate a Windows user group with a role, you use the Windows Group Name property. You can enter a group name on its own (for example, "PlantOperators"), or you can restrict the group's accessibility by including a local computer name or domain name (for example, "ComputerName\PlantOperators" or "DomainName\PlantOperators").
If you include a domain path with a Windows group name, the Citect SCADA computer where login occurs will need to belong to that domain for the login to be successful. Similarly, if you specify a Windows user group that is local to a particular computer, a Citect SCADA login will only be successful on that computer.
If the Windows Group Name property does not specify a local computer name or domain name, any domain computer can be used to authenticate users.
If the same user name exists in both the Citect SCADA users database and an associated Windows user group, authentication will firstly be attempted against the account in the Citect SCADA user database.
For more information on Windows user accounts across a number of different login scenarios, see Windows Security Usage Scenarios.
For information on how to add groups and users to Windows, refer to the Windows documentation appropriate to your operating system.
Note:
• The AutoLogin capability has also been extended to include Windows users that are associated with a role. In order to invoke this functionality for a Windows user you need to set the
• Integrated Windows security can be used with the
• CtAPI operations are not supported when using Windows security.
See Also
Published June 2018