FactoryTalk Security

mjp123gp

Member
Join Date
Mar 2012
Location
Savannah, GA
Posts
94
I'm trying to set up security so that I can give mechanics and other plant personnel view only access to the PLC's. I've got RSLogix 500 and 5000 installed on their laptops and I want them to be able to get online and troubleshoot but not be able to change anything. Right now I've got a server setup with the FactoryTalk directory and the laptops are pointed at that network directory and connecting with no issue.

The issue i'm having is none of the permissions I set for different users are doing anything. I've tried to deny everything but it doesn't prevent them from doing anything either offline or online. I have created a user group called Vi****ly and in then added each user to that group and removed them from al other groups. I've created a permission set and added the Vi****ly group to it. This is where i'm trying to deny the permissions. I've also tried to deny them in the security settings of individual users and also in the network security settings but nothing seems to work.

What could I be overlooking here? Any suggestions? I've contacted Rockwell to get more info but still waiting on a response.
 
Under the security tab for one of the 5000 PLCs you are trying to restrict, what is the security authority set to under the security tab? I believe you need at least v19 on the processor to use security.

Should be set to your network directory name.
 
Most of the devices I want to secure are SLC500. I don't necessarily want to secure the processors them self, I still want anyone to be able to plug in locally and connect. I just want to limit certain peoples PC's so that they can get online over our WiFi network can't make any changes. Is this possible?
 
In the admin console, go to System - Policies - System Policies - Security Policy and then make sure "Require computer accounts for all client machines" is enabled. Then you need to make sure that the computers you want to set up are in the System - Computers and Groups - Computers section.

I still believe you need to turn on the security for each PLC, that's what I did at my last job. Try making a group in admin console and give the security privileges for the computers you add and then try a different PC and see if you can get online.

My last job we secured mostly L7xS processors but we did do a few SLCs, and I turned on the security under the properties section within rslogix.
 

Similar Topics

Hi Guys, Please, how can I apply FactoryTalk View SE security code on a Button object? I tried 'CurrentUserhasCode' expression with Visibility...
Replies
9
Views
2,171
I am trying to evaluate the differences between using FactoryTalk Security and the Service Edition of Rockwell software to limit access to edit...
Replies
3
Views
2,195
So, I have a FactoryTalk ME PVPlus 7 12" panel. I have 2 user groups, Technician and Operator. Technician has UserCode P (ON/Y). Operator has...
Replies
4
Views
2,029
Hello All, I've just restored a version 4.0 app to version 11.0. Everything is working good so far. But when I tried to edit the Runtime...
Replies
0
Views
1,084
I have asked Rockwell (Chat only), and searched Google and the Rockwell KB, and I am still not sure what this means... [$Administrators] This...
Replies
8
Views
2,766
Back
Top Bottom