Add a New User to the Plant Applications Web Client

About this task

Previously, when a user logged into the Web Client for the first time, the user was not added to Plant Applications Administrator automatically. Now, when a new user who is part of a UAA group and has access to Plant Application Web Client applications will be automatically created in Plant Applications. For providing access to a Plant Application Web Client Application, see Add or Delete Applications from Groups. However, a Role-based user is created by default with timestamp as password. Hence, the user cannot be added to any group and is not able to login into Plant Applications Administrator or Plant Applications Thick Client.

Use this procedure to create a user and provide access to the Plant Applications Web Client.

User required to login to Plant Applications can be a part of an LDAP server group or a UAA group (non-LDAP user). The mapping management of LDAP and non LDAP users can be done using the UAA/LDAP/SAML Connectivity Tool.

For LDAP user, see Map LDAP Groups With Proficy Authentication.

When a new user (non-LDAP) logs into the application for the first time, the user credentials are created in the Plant Applications Administrator. However, you must update user properties in the Edit User page.

Procedure

  1. Log in to https://OpshubHostname/iqp or the Operations Hub designer page using Operations Hub Admin credentials.
  2. From the main navigation menu, select Manage, and then select App users.

    The New Account page appears.

  3. Enter the required information in the following fields.
    Field Description
    Username Enter the user name the user will use to log in to Operations Hub. The value must be unique.
    E-mail Enter the email ID of the user. The value must be unique.
    First Name Enter the first name.
    Last Name Enter the last name.
    Password Enter a password that the user will use to log in to Operations Hub.
    Repeat Password Enter the password to confirm.
    Groups Select the UAA group that you want to assign to this user. Select iqp.user.
    Apps Select Plant Applications and other applications you want the user to have access to.
  4. Select Create.
  5. Log in to the Plant Application Web Client with the newly created user.
    Note: At this point, this user in Plant Applications Web Client is created automatically in Plant Applications but as a role-based user. Hence, the user cannot log in to Plant Applications Thick Client. To allow this user to log in successfully to Plant Applications Thick Client, you must follow additional steps.
  6. Log in to the Plant Applications Administrator - [Server Manager].
  7. Under Security Management, from the list of users, select the user you created in Operations Hub, and then right-click, and select Edit <user name> Properties.

    The Edit <user name> Properties page appears.

  8. Do the following:
    1. In the Password field, update the password. By default, the password is displayed in the timestamp format.
    2. Clear the Role-Based checkbox.
    Note: For LDAP users, you must update the WindowsUser Info field in Users_Base column in SQL directly. For example, update Users_Base for the following details: SET WindowsUserInfo = ‘xyzdomain.com\pa22user1’, where Username = ‘pa22user1’
    Note: For the first-time login, the LDAP user must log in to the Plant Applications Thick Client first and then log in to the Plant Applications Web Client.
  9. Select Save.
    Note: From Step 9 onwards, the procedure is specific only to the security configuration.
  10. Right-click on the user again, and then select Edit <user name> Membership.
  11. Select the Security Groups you want the user to belong to, and then from the Access Level list, select the appropriate access level, for example, Admin, then select the right arrow to populate the Member column.
  12. Close the window.
    Note: Save operation is not required.