OEM Lock - Allow Future Access
Secpcb said:
...I remember that post from before and did have those settings) and I didn't revert the changes - but I just checked and they were reverted to the defaults listed.
Your answer just acknowledges the fact that those settings were defaulted and you "appear" to be moving on with other questions. But the above is not clear, to me, as to whether Mickey's good advice solved your issue, or not?
Did you change those CIP settings back and did it fix the Online Edits issue?
My guess is it did, or it should have, but you haven't said, either way?
=Secpcb said:
...Does denying future access lock out online edits or is something else going on?
Operaghost said:
No. It just requires that you have the source program on your PC...
That would be correct. You must have a matching offline copy of the program in the controller to view the routines and perform online edits.
Operaghost said:
...It prevents anyone that doesn't have the program from uploading it. It does not affect editing...
I'm sorry, but that would be incorrect.
You can upload the program. You can even download another program, overwriting the existing program. As for editing, with this feature enabled, you cannot perform online edits without a matching offline copy of the program. If you do have a matching copy, then yes, it does not affect online edits and you can perform them as normal.
A slight distinction...
This feature is known as OEM Lock. It is used by a programmer to source protect their routines, not block access to the controller. That is done by using password protection.
When you uncheck
Allow Future Access, under
Controller Properties>Compiler, and download that change into the controller, you are denying future access to the ladder routines for anyone who does not have a matching offline copy of the program.
A user can connect to the controller, upload the program using
Create New File, and go online. While online, they cannot view the ladder routines. As the program normally defaults to
LAD 2 open, this window will be blank with a message stating...
This program has been PROTECTED from user access!
They will get this message for all ladder routines attempted to be opened.
If they try to save the program, so as to have a matching offline copy, they will get a popup message...
This program has been PROTECTED from user access!
Program cannot be saved!
This prevents a user, without a matching copy, from viewing and editing the routines. That is all it is supposed to do.
All other aspects of the online program may be accessed and manipulated. For instance, all Data Files may be opened and their data values changed. Forces can be enabled and set in the Force Files. A user can even open the
Controller Properties>Passwords tab and set a
Password and
Master Password. However, they cannot save any of these changes. Without a save, there is no correlation between the offline image in RSLogix 500 and online image in the controller. And as mentioned, they can even download another program, overwriting the source protected program in the controller. This, again, is because this feature is not meant to prevent a user from doing so.
OEM Lock = Routine Source Protection.
For future denial of controller access, we use passwords...
Secpcb said:
...would denying future access prevent someone that knows the Master Reset To Factory Defaults password from wiping it?
Operaghost said:
Yes I believe so. It won't get to the point where it asks for a password. The only way around this would be to clear the memory of the CPU.
Again OG, I'm sorry, but this is wide of the mark. Because you are slightly mixing up how it works you are a little off with your thinking.
Enabling the OEM Lock, as we now know, just prevents access to the routines, nothing more. It will not prevent access to a
Password protected controller. Only not having the
Password will deny a user access. A user can gain access to the
Password prompt, regardless of whether the OEM Lock is enabled, or not. They can also gain access to the
Password prompt regardless of whether they have a matching copy of the program, or not.
If a user has also set a
Password, and or
Master Password, along with unchecking
Allow Future Access, then a few scenarios may occur...
A user has a matching copy of the program and has the
Password...
When they open the offline copy they are prompted for the
Password and they enter it successfully and may then go online. They now have full access to the online program.
A user has a matching copy of the program but does not have the
Password...
When they open the offline copy they are prompted for the
Password and because they do not have it they cannot gain access to the online program. Alternatively, the user may enter the
Clear Memory Password, resetting the controller to factory defaults.
A user does not have a matching copy of the program but does have the
Password...
The user performs an upload using
Create New File and is then prompted for the
Password. They enter the
Password and may then go online. They are now online with no access to the routines and cannot save the program. Alternatively, the user could enter the
Clear Memory Password, resetting the controller to factory defaults.
A user does not have a matching copy of the program and does not have the
Password...
The user performs an upload using
Create New File and is then prompted for the
Password. Because they do not have the
Password they cannot gain access to the online program. Alternatively, the user can enter the
Clear Memory Password, resetting the controller to factory defaults.
You can see from all these scenarios that in no case, and regardless of the OEM Lock, is a user restricted from attempting to enter an access
Password or a reset
Password.
To truly prevent access, which could result in someone resetting a controller, you would need to look at preventing physical access.
Regards,
George